Social Media Evidence Requires Higher Authentication Standard in Maryland

Practitioners face a higher than usual standard when authenticating social media evidence and posts in Maryland courts. In Griffin v. State, the Court of Appeals emphasized the necessity of distinctive characteristics in order to overcome the possibility of manipulation and hacking. More recently, in Sublet v. State, the Court adopted the “reasonable juror” standard. Sublet v. State, 442 Md. 632 (2015). The reasonable juror standard requires only that evidence be “sufficient to support a finding that the matter in question is what its proponent claims.” MD. RULE § 5-901 (2015). This is usually a low bar that requires only circumstantial evidence for authentication with documents and email. Despite adopting the “reasonable juror” standard in Sublet v. State, the Court of Appeals articulated a higher threshold requirement for Maryland practitioners when authenticating social media posts. In Sublet v. State,1 the purported author’s denial of making the post, combined with the fact that other individuals possessed her password, did not meet this higher standard. In Harris and Monge-Martinez, however, special software, proximity to the incident, and direct testimony regarding authorship, convinced the Court that a reasonable juror would have authenticated the posts.

In Sublet, the defense tried to introduce a Facebook printout suggesting someone else, not the defendant, instigated an assault. Sublet, 442 Md. at 700. The purported author denied making the entry, explaining that she gave her username and password to other individuals, and that people would commonly hack her page and post under her name. The Court was not convinced that a reasonable juror could have authenticated the printout because the alleged author denied making it, and the defense failed to establish other distinctive characteristics proving authorship.

The Court distinguished Harris, holding that sufficient distinctive characteristics existed for a reasonable jury to determine that Harris was the one who posted the tweets and messages. Sublet, 442 Md. at 674. A detective used special software to retrieve the social media posts to confirm that Harris authored the posts. Additionally, a number of other circumstantial facts existed that the Court found persuasive:(1) the direct messages were sent at a time when only a few people could have made the posts in question (2) a witness with personal knowledge testified that Harris authored the direct messages and (3) the tweets were authored during the same timeframe as the direct messages. Id.

Similarly, distinctive characteristics existed in Monge-Martinez sufficient to authenticate the messages. Sublet, 442 Md. at 675-76. Like Harris, the messages were received in close proximity to the event when only a few people knew about the incident, and the victim personally testified to Monge-Martinez sending the messages. The messages were also sent by a Spanish speaker, which was Monge-Martinez’s first language. The Court found that the distinctive characteristics and circumstantial evidence provided far more assurance against falsification than Sublet. See id. at 677-78.

The decisions in Sublet have major implications for admitting evidence at trial. Using photographs, birthdays, phone numbers, or other common identifying information is not enough to meet the standard. Knowledge that other individuals have access to social media accounts, without additional evidence demonstrating authorship, would seem to ensure that the standard will not be met. The more circumstantial evidence that exists, the more comfortable the Court appears to be with authentication of social media evidence. Meeting one of the three methods established in Griffin v. State would probably be enough for authentication: (1) ask the purported creator if they created the profile or made the post, (2) examine the computer’s history to see if it was used to generate the post, and/or (3) obtain information directly from the social networking site linking the posts to the person. Griffin v. State, 419 Md. 343, 363, 364 (2011). While the standard in Griffin was higher than what the Court now requires after Sublet, using one of these three methods would be the safest approach for authenticating social media posts.

It should be noted, however, that these methods are non-exclusive. A limited pool of people who could have made the post or testimony from other witnesses concerning authorship, would probably satisfy the standard, as the court determined in Harris and Monge-Martinez. Sublet, 442 Md. at 674, 677. Additionally, posts providing distinctive characteristics about an individual or situation not commonly known, such as speaking in a different language or other written communications relating to the social media posts, also appear to meet this standard.

Sublet has discovery implications as well; the choice to depose a purported author on whether they made the post or to subpoena records from a site could be critical to authentication at trial. If the purported author denies making the post and admits to providing others with their social media passwords, subpoenaing records from the site or the author’s computer may be the only way to confirm that they made the post. Deposing an individual who overheard the purported author discussing the post or witnessed the author making the post could also be critical to authentication. As demonstrated in Sublet, merely printing a social media post or pointing out non-unique characteristics at trial will not be sufficient. Practitioners must use a great deal of foresight when authenticating social media posts. Because the “reasonable juror” standard is unclear, erring on the side of offering more makes courts less wary of falsification and manipulation.