Divorcing couple must swap Facebook and dating site passwords


Do you, Facebook user, take your privacy, as stated in Terms of Service, to have and to hold, from this day forward, for better, for worse, through scams and through flirtations with high school sweethearts, in viral malware and in health, to love and to shield your adulterous licentiousness, till death do you

Forget about it. The courts have no compunction about parting us from our supposed privacy, regardless of what social media privacy terms of service seem to promise us vis-a-vis confidentiality.

That was made evident in the case of Stephen and Courtney Gallion, a Connecticut couple who’ve been ordered to turn over their social networking passwords in their impending divorce.

As reported by Forbes’s Kashmir Hill, Judge Kenneth Shluger at the end of September ordered that the attorneys for each Gallion exchange their clients’ Facebook and dating website passwords.

As Hill points out, social networking privacy settings (depending on what state you live in and how a particular judge interprets case law) don’t necessarily matter if you get sued. In one case, a woman who claimed serious injury after falling off an office chair was forced to grant access to Facebook after attorneys grew suspicious that she was actually enjoying life just fine, as evidenced by photos from a trip to Florida.

It’s one thing to get discoverable material by visiting someone’s page or requesting that evidence from that page be turned over. But judges are bypassing that formality and asking for user names and passwords so that the entirety of one’s social media persona can be scoured, as opposed to a cherry-picked selection of evidence.

Stephen Gallion’s divorce lawyer, Gary Traystman, told Hill that his client “saw a few incriminating things on the computer he shares with his wife at home that made him suspect that there would be more evidence in her social networking accounts,” Hill writes. That evidence included how his wife feels
about her children and her ability to take care of them. Mr. Gallion’s lawyer felt such material would help his client get full custody.

Ms. Gallion had evidently already joined dating sites Match and eHarmony and was asked for those passwords as well. She initially refused and texted a friend, asking that friend to change her passwords and delete some messages. The judge jumped in, issuing an injunction to prevent deletion of material and ordering attorneys to exchange passwords for both spouses to aid the discovery process.

privacy tagIs there anybody reading this who still believes that they can fiddle with privacy or tracking controls on Facebook, Twitter, Google +, Firefox or Internet Explorer, et al., in order to protect their privacy and shield their social media postings from prying, vengeful and/or litigious eyes?

If you do, you should take a look at how the courts are feeling about such matters when it comes to plaintiffs who might benefit by uncovering the personal zeitgeist of an individual’s social media updates and musings.

In this post, Venkat Balasubramani, lawyer and technology blogger, writes about discovery of social networking evidence in recent civil suits.

The case in question is that of a stock car driver who sued the track owners and another driver after he was rear-ended during a cool-down lap, suffering what he alleged were substantial injuries that marred his quality of life.

McMillen vs Hummingbird SpeedwayDuring discovery, the defendants requested the plaintiff’s social network names, user and login names, and passwords in order to obtain material about his recreational activities—namely, a fishing trip and attendance at the Daytona 500 race.

The plaintiff refused on the grounds that this was all confidential information, but his assertion was rejected. Note how dismissive the court’s opinion is of the notion that anything posted on social media sites might be considered confidential:

“Facebook, MySpace, and their ilk are social network computer sites people utilize to connect with friends and meet new people,” the opinion reads. “That is, in fact, their purpose, and they do not bill themselves as anything else. Thus, while it is conceivable that a person could use them as forums to divulge and seek advice on personal and private matters, it would be unrealistic to expect that such disclosures would be considered confidential.” [emphasis added]

You might think that Facebook Terms of Service would help shield our private information in such cases. You would be wrong.

“No person choosing MySpace or Facebook as a communication forum could reasonably expect that his communications would remain confidential, as both sites clearly express the possibility of disclosure,” the opinion reads. “Confidentiality is not essential to maintain the relationships between and among social network users, either. The relationships to be fostered through those media are basic friendships, not attorney-client, physician-patient, or psychologist-patient types of relationships, and while one may expect that his or her friend will hold certain information in confidence, the maintenance of one’s friendships typically does not depend on confidentiality.” [emphasis added]

As the court points out, social media sites do guarantee “a modicum of privacy.” Users can choose what information and posts to make public and which to share only with friends.

Facebook_ScrabbleYet reading terms of service and privacy policies “should dispel any notion that information one chooses to share, even if only with one friend, will not be disclosed to anybody else,” the opinion reads.

The court went on to quote Section 3 of Facebook’s Privacy Policy, in which Facebook cautions users regarding sharing information, as follows the (current policy is here; the wording doesn’t match what the court quotes in its ruling, so Facebook must have updated the policy after the court wrote this):

"Some of the content you share and the actions you take will show up on your friends’ home pages and other pages they visit...."

"Even after you remove information from your profile or delete your account, copies of that information may remain viewable elsewhere to the extent it has been shared with others, it was otherwise distributed pursuant to your privacy settings, or it was copied or stored by other users. You understand that information might be reshared or copied by other users...."

"When you post information on another user’s profile or comment on another user’s post, that information will be subject to the other user’s privacy settings."

The moral of the story: Don’t assume that people can’t get to anything you say or do online, and don’t assume that it won’t be used against you in a court of law.

Make sure that you keep informed about the latest scams spreading fast across Facebook and other internet attacks. Join the Sophos page on Facebook, where over 140,000 people regularly share information on threats and discuss the latest security news.