Using Screenshots as Evidence? Authenticate Them First

In the world of ediscovery, complex data sources — such as chat messages and SaaS user interfaces — are called complex because it’s challenging to reproduce that data so it’s useful for attorneys and investigators. In recent case law, there have been a number of examples of courts requesting screenshots as a way to present evidence for these complex data sources. The question is, do screenshots meet the “best evidence” rule? In fact, the Federal Rules of Evidence (FRE) — in Rules 1001, 1002, and 1003 — has expanded the definitions of best evidence and admissible copies when it comes to discovery, and opened the door to using duplicates. 

As case law has demonstrated, there are many ways to capture the dynamic nature of complex data sources. Screenshots may definitely be used, but they must be authenticated. Production requires authenticating evidence to ensure defensibility. That’s why, as more and more complex data sources continue to be requested as part of discovery, attorneys will need to use technology that collects and stores these dynamic data sources in a forensically-sound, unalterable way, providing a complete audit trail (including the hash value for collection in the metadata) and demonstrating a defensible process.