Sophos Cloud Optix
Do you, Facebook user, take your privacy, as stated in Terms of Service, to have and to hold, from this day forward, for better, for worse, through scams and through flirtations with high school sweethearts, in viral malware and in health, to love and to shield your adulterous licentiousness, till death do you
part?
Forget about it. The courts have no compunction about parting us from our supposed privacy, regardless of what social media privacy terms of service seem to promise us vis-a-vis confidentiality.
That was made evident in the case of Stephen and Courtney Gallion, a Connecticut couple who’ve been ordered to turn over their social networking passwords in their impending divorce.
As reported by Forbes’s Kashmir Hill, Judge Kenneth Shluger at the end of September ordered that the attorneys for each Gallion exchange their clients’ Facebook and dating website passwords.
As Hill points out, social networking privacy settings (depending on what state you live in and how a particular judge interprets case law) don’t necessarily matter if you get sued. In one case, a woman who claimed serious injury after falling off an office chair was forced to grant access to Facebook after attorneys grew suspicious that she was actually enjoying life just fine, as evidenced by photos from a trip to Florida.
It’s one thing to get discoverable material by visiting someone’s page or requesting that evidence from that page be turned over. But judges are bypassing that formality and asking for user names and passwords so that the entirety of one’s social media persona can be scoured, as opposed to a cherry-picked selection of evidence.
Stephen Gallion’s divorce lawyer, Gary Traystman, told Hill that his client “saw a few incriminating things on the computer he shares with his wife at home that made him suspect that there would be more evidence in her social networking accounts,” Hill writes. That evidence included how his wife feels
about her children and her ability to take care of them. Mr. Gallion’s lawyer felt such material would help his client get full custody.
Ms. Gallion had evidently already joined dating sites Match and eHarmony and was asked for those passwords as well. She initially refused and texted a friend, asking that friend to change her passwords and delete some messages. The judge jumped in, issuing an injunction to prevent deletion of material and ordering attorneys to exchange passwords for both spouses to aid the discovery process.
Is there anybody reading this who still believes that they can fiddle with privacy or tracking controls on Facebook, Twitter, Google +, Firefox or Internet Explorer, et al., in order to protect their privacy and shield their social media postings from prying, vengeful and/or litigious eyes?
If you do, you should take a look at how the courts are feeling about such matters when it comes to plaintiffs who might benefit by uncovering the personal zeitgeist of an individual’s social media updates and musings.
In this post, Venkat Balasubramani, lawyer and technology blogger, writes about discovery of social networking evidence in recent civil suits.
The case in question is that of a stock car driver who sued the track owners and another driver after he was rear-ended during a cool-down lap, suffering what he alleged were substantial injuries that marred his quality of life.
During discovery, the defendants requested the plaintiff’s social network names, user and login names, and passwords in order to obtain material about his recreational activities—namely, a fishing trip and attendance at the Daytona 500 race.
The plaintiff refused on the grounds that this was all confidential information, but his assertion was rejected. Note how dismissive the court’s opinion is of the notion that anything posted on social media sites might be considered confidential:
“Facebook, MySpace, and their ilk are social network computer sites people utilize to connect with friends and meet new people,” the opinion reads. “That is, in fact, their purpose, and they do not bill themselves as anything else. Thus, while it is conceivable that a person could use them as forums to divulge and seek advice on personal and private matters, it would be unrealistic to expect that such disclosures would be considered confidential.” [emphasis added]
You might think that Facebook Terms of Service would help shield our private information in such cases. You would be wrong.
“No person choosing MySpace or Facebook as a communication forum could reasonably expect that his communications would remain confidential, as both sites clearly express the possibility of disclosure,” the opinion reads. “Confidentiality is not essential to maintain the relationships between and among social network users, either. The relationships to be fostered through those media are basic friendships, not attorney-client, physician-patient, or psychologist-patient types of relationships, and while one may expect that his or her friend will hold certain information in confidence, the maintenance of one’s friendships typically does not depend on confidentiality.” [emphasis added]
As the court points out, social media sites do guarantee “a modicum of privacy.” Users can choose what information and posts to make public and which to share only with friends.
Yet reading terms of service and privacy policies “should dispel any notion that information one chooses to share, even if only with one friend, will not be disclosed to anybody else,” the opinion reads.
The court went on to quote Section 3 of Facebook’s Privacy Policy, in which Facebook cautions users regarding sharing information, as follows the (current policy is here; the wording doesn’t match what the court quotes in its ruling, so Facebook must have updated the policy after the court wrote this):
"Some of the content you share and the actions you take will show up on your friends’ home pages and other pages they visit...."
"Even after you remove information from your profile or delete your account, copies of that information may remain viewable elsewhere to the extent it has been shared with others, it was otherwise distributed pursuant to your privacy settings, or it was copied or stored by other users. You understand that information might be reshared or copied by other users...."
"When you post information on another user’s profile or comment on another user’s post, that information will be subject to the other user’s privacy settings."
The moral of the story: Don’t assume that people can’t get to anything you say or do online, and don’t assume that it won’t be used against you in a court of law.
Make sure that you keep informed about the latest scams spreading fast across Facebook and other internet attacks. Join the Sophos page on Facebook, where over 140,000 people regularly share information on threats and discuss the latest security news.
The old saw still applies: Don't put anything in writing you wouldn't want read in front of a grand jury.
But if we join your facebook page, then the others will know
then my lawyers will tell my wife's lawyers, it will just snowball
Social Media is a joke. Just place your diary online, etc… Better yet, don't cheat on your husband or wife.
I usually am an open book, since its easier that way. No lies or deceits so I don't have to remember all that much. But from what I am reading, even an innocent person could be made to look guilty of anything by selectively picking from social media. I stay completely away from social media, mostly because it is a colossal waste of my time and a shallow imitation of real relationships. Now I have an even better reason for avoidance.
Does anybody else remember life before Facebook? Somehow we got along just fine. Anybody that conducts a significant portion of their life online should have no expectation of privacy. Deep inside, some people really want to be in the spotlight and they shouldn't complain when the results of that desire comes back to haunt them.
I value privacy. Maybe that's why I've checked my Facebook account maybe a dozen times in the last 2 1/2 years and have not written much there. There is more to life than clicking away on a mouse and keyboard.
Never, ever kiss and tell.
What you post on your wall is one thing, I think the lawyers and judges missed big on this one. Your login and password gives access to private messages – and there should be every expectations that person to person messages are not public.
Perhaps such messages are no more confidential than an email or letter – but that is not the same thing as a message posted to a wall. These sites are now a hybrid of social and private communication channels, and thus laws and rulings should reflect this nuance.
I am a divorce lawyer. We have asked for emails from opposing clients in discovery for years without any problem. I can’t open your emails or your mail, but I can ask in discovery for you to give them to me in a divorce case, or I can subpoena them from an email provider. Many things that are private in the absence of litigation, like what you do in your bedroom with your lover, are not private at all in family law litigation. This mandated disclosure would probably be upheld unless a federal law or state law provides a superior right a privilege. This will be interesting.
You can get my emails, but you have no reason to have my email credentials. You can search my car, but you don’t need my keys. My passwords are always confidential, and since Facebook tracks what I look at, logging in as me to look at my profile is impersonation, just like spoofing my phone number to call a suspected mistresses.
agreed, passwords are personal information, for banking or for facebook.
If they, the courts, want full access, find another way without divulging specific login information.
The primary issue was the wife’s attempt to spoliate evidence. Her bad act lead to an atypical but necessary remedy. Big picture, when you sue someone, you may have to waive certain privileges or withdraw the lawsuit. Your choice.
When I was going through my divorce a few years back, my husband would not move out of the house so we could start our separation which is required in our state for 12 months before filing for divorce. He had a girlfriend in another state that he took some compromising pictures with that I made copies of to use in court to get an order for him to move out. Those pictures were not public and were private between the two of them. I see no difference between that and private messages, emails, texts, letters, etc.
How does “you already made the information public” translate to “give us your password so we can read it”? If you think it’s public then you should be able to read it without needing the password. Otherwise it’s not public.
You hit the nail on the head. The courts are leading us down a bad path with this and with the order to Ramona Fricosu to decrypt her hard drive. If the courts want the data, then go find another way – it’s certainly possible. If it’s within the court’s power to get the data, then they don’t need the password any more than they’d need the keys to my house in order to search it with a warrant.
I think it's wonderful! This means that liars and thieves who prey on people, wreck homes and marrages can't keep thier dirt under the rug anymore. Those plotting maniplative conversations they had Tweeted, or private messaged to each other will damm them in a court of law. It untimatly will proteck thoses who weren't aware they were the victum of a evil plot against them.
Does.that mean I have to share my secret squirrel, Wallter Mitty login and password too?
The important distinction that is glossed over is the difference between what you and I consider "private" and what is protected from discovery in a lawsuit. Generally (very generally) anything that is likely to lead to admissible or relevant evidence is discoverable; therefore, an opposing party may obtain information that while itself is not admissible or even relevant, is likely yo lead to evidence that is either admissible or relevant. That law may vary slightly by state but that is the general idea in most jurisdictions. The article references certain privileges that would protect discussions, i.e., attorney-client, physician-patient, and mental health, but those privileges typically do not apply if disclosed to a third-party. A conversation I have with my friends is almost never protected from discovery. Think about it as if you were sending an email or letter. Although not a public commentary, it would still be discoverable. Social networking sites simply aggregate several communication that generally center around various areas of one's life. There may be some arguments to prevent discovery, but because of the risk of someone destroying evidence it would be difficult for a judge to limit access.
The court can also prevent publication of the material using a protective order retaining a modicum of privacy.