An order to disclose your Facebook password?

June 2, 2011

social media graphicIt looks like case law on Facebook privacy is starting to catch up to reality.

No, there aren’t any new privacy rights being recognized.

Instead, many courts are now looking into Facebook privacy concerns in relation to the discovery process.

Pennsylvania has seen a slew of them in recent succession, starting with 2010’s McMillen v. Hummingbird Speedway.

That was a personal injury case where Bill McMillen, the plaintiff, was rear-ended after a stock car race.

The defendant sought to prove that McMillen was overstating the extent of his injuries.

After discovering publicly viewable comments about McMillen’s fishing trip and attendance at the Daytona 500, the defendant sought to compel McMillen to release his passwords for his Facebook and MySpace accounts.

The court ruled for the defendant, stating that information on one’s social networking account is not privileged.

The court went on to say that these sites give no expectation of complete privacy, since the sites policies themselves state as much.

Fortunately for McMillen, the order restricted access to the accounts to “read-only,” and didn’t compel disclosure of his passwords.

The next case out of Pennsylvania, Piccolo v. Paterson, goes the other way.

As reported by The Legal Intelligencer, after the plaintiff stated during a deposition that she had a Facebook page, which defense counsel was subsequently unable to view because of the plaintiff’s privacy settings, defense counsel filed a motion to compel her to accept his friend request.

The motion was denied with no further explanation.

Two weeks later on May 19, 2011, another case went another way.

The case, Zimmerman v. Weis Markets, although referencing Piccolo, followed McMillen‘s lead and actually went a step further.

Zimmerman is another personal injury case in which the defense sought evidence to prove the plaintiff’s overstating of those injuries.

Defense counsel found publicly viewable photos on the plaintiff’s Facebook page suggesting that the plaintiff was indeed overstating his injuries, and the court compelled the plaintiff to turn over his username and password.

The court was careful, though, to delineate boundaries.

There has to be some evidence from the publicly available portions of a Facebook page that further digging would produce relevant evidence.

So the trick to immunize your Facebook page from discovery is simply cranking up the privacy settings.

This isn’t only in Pennsylvania, either.

There have been several New York cases (for example, McCann v. Harleysville Insurance and Progressive Insurance v. Herschberg) that go the same way.

And since people will continue to divulge all sorts of personal information to the world through social networking, it will continue to be a prime target for discovery, and case law on the issue will continue developing.

But what’s to stop future courts from allowing “fishing expeditions” of someone’s Facebook page, even when no public information is available?

Right now, only the Rules of Civil Procedure, which are still subject to different interpretations on the matter.

However, the privacy issue probably concerns the vast majority of Facebook users who don’t want to worry about how any little thing they post could be used against them in the future.

And since we live in a democracy, and the already high number of Facebook users continues to grow every day, things may change.

It may be only a matter of time until we see online privacy protections far beyond existing court rules.