Ephemeral Messaging Applications—What’s In and What’s Out?

The Bencher—May/June 2020

By Kevin F. Brady, Esquire

According to a recent survey of 20 United States federal district and magistrate judges conducted by legal software vendor Exterro, ephemeral messaging applications will likely become a significant challenge for in-house legal teams in the near future. What is ephemeral messaging? The term refers to the mobile-to-mobile transmission of multimedia messages that are deleted or otherwise not made available after a certain, relatively short time period. Many applications—including WhatsApp, Snapchat, Instagram, Wickr, Telegram, and Signal—include these features.

The challenge has to do with the recent proliferation of ephemeral messaging applications and their adoption for bona fide business reasons and the degree to which judges expect and may mandate that relevant information contained in ephemeral messaging applications be preserved, as is the case for other messaging tools such as email and texting.

Benefits of Ephemeral Messaging Applications

While use of this technology has suggested a sinister purpose, there are several reasons for and benefits of using ephemeral messaging. The technologies employ end-to-end encryption of messages—both while in transit and at rest. This enhances confidentiality and privacy. For this reason, some businesses are deploying ephemeral messaging applications as a means of complying with data privacy regulations and data security obligations such as data minimization under the European Union’s General Data Protection Regulation. Ephemeral messaging applications also offer benefits to companies in terms of security by significantly reducing the amount of electronic information that needs to be protected. Such tools also facilitate the information governance objective of limiting the retention of information that has no business value and is not subject to regulatory or preservation obligations, which in turn may help reduce the costs of e-discovery.

Risks of Ephemeral Messaging Applications

There are also risks associated with such technologies. As the Supreme Court observed in its 2005 Arthur Andersen decision, an organization is free to manage information as it likes absent unusual circumstances. But litigation or investigation, or the existence of a regulatory retention obligation, all qualify as unusual circumstances that require preservation. Because ephemeral messages are short-lived or no-lived, and the data is eliminated from the devices of those who either sent or received the messages, the applications present obvious risks. Not the least of these risks is that a court or jury might think the applications were used to hide something, which obviously can impact a party’s reputation.

In one recent case—Herzig v. Arkansas Found. for Med. Care, Inc., No. 2:18-CV-02101, 2019 WL 2870106 (W.D. Ark. July 3, 2019)—the court found that the plaintiffs improperly used an ephemeral messaging application, Signal, to prevent the plaintiffs’ communications from being subject to discovery. Plaintiffs had been ordered early in discovery to produce relevant text messages after they initially refused to divulge those communications to defendant. After reluctantly producing communications that were responsive to the defendant’s request, the plaintiffs started using the Signal application to communicate with each other. Signal allows users to send and receive encrypted text messages accessible only to sender and recipient and to change settings to automatically delete these messages after a short period of time. The plaintiffs in Herzig set the Signal app to automatically delete their messages and did not disclose their use of Signal until near the close of discovery. The court stated, “Based on the content of [plaintiffs’] earlier communications, which was responsive to the requests for production, and their reluctance to produce those communications, the Court infers that the content of their later communications using Signal were responsive to [defendant’s] requests for production.” Id. at *5. Based on that observation and other factors, including that the plaintiffs were IT professionals and knew their preservation obligations, the court concluded that the decision to employ Signal was intentional and done in bad faith and warranted a sanction.

The use of ephemeral messaging applications, however, is not limited to individuals and, given the several benefits noted earlier, some organizations are bringing the application into the enterprise. It is axiomatic that data that does not exist at the time the duty to preserve is triggered is not subject to e-discovery, including preservation obligations. The question is: What should the organization do if it has deployed ephemeral messaging when it was not involved in litigation or investigation and then becomes subject to preservation obligations for reasonably anticipated litigation or investigation?

Kevin F. Brady, Esquire, is of counsel in the firm of Redgrave LLP in Washington, DC. He is a member of the Richard K. Herrmann Technology American Inn of Court in Wilmington, Delaware.

© 2020 Kevin F. Brady, Esquire. This article was originally published in the May/June 2020 issue of The Bencher, a bi-monthly publication of the American Inns of Court. This article, in full or in part, may not be copied, reprinted, distributed, or stored electronically in any form without the written consent of the American Inns of Court.