Facebook Password Exchange Between Parties to Litigation Results in Spoliation Debacle – Gatto v. United Airlines

[By Venkat Balasubramani with comments from Eric]

Gatto v. United Air Lines, 10-cv-1090-ES-SCM (D.N.J. Mar. 25, 2013)

Background: Gatto brought a personal injury action against United and Allied arising out of an accident at the airport. Defendants sought a range of social networking evidence and disagreed over what Gatto was required to produce. During a settlement conference, a magistrate judge ordered Gatto to execute an authorization for the release of documents from Facebook. shutterstock_121405225.jpg Presumably in response to this, plaintiff “agreed to change his account password to ‘alliedunited’”.

It’s unclear from the court’s order the parties’ understanding regarding defendants or defense counsel’s access to the Facebook account:

While the parties dispute whether it was agreed that defense counsel would directly access Plaintiff’s account, the parties do not dispute that the password was provided to counsel for the purpose of accessing documents and information from Facebook.

On the other hand, Gatto thought he had been given assurances that “there would not be unauthorized access to the Facebook account online.”

Things spiraled downward from there. Counsel for United accessed the account and printed out some materials. Gatto received an alert from Facebook that his account had been accessed via an unfamiliar IP address. Gatto claimed he received this alert after he received assurance from defense counsel that they would not access the account, and he proceeded to deactivate the account. Although counsel for defendants tried to get Gatto to reactivate his account, apparently 14 days had passed and the parties understood that account was permanently deleted. (But see Romano v. Steelcase.)

Discussion: The key question was whether Gatto should be on the hook for spoliation. The court says there are four elements to this charge: (1) the evidence has to be within a party’s control; (2) an actual suppression or withholding; (3) of relevant evidence; (4) where it was reasonably foreseeable that the evidence would be discoverable. The court focuses on the key question of whether there was an “actual suppression or withholding.”

Gatto argued that he had been through contentious divorce proceedings and his account had been “hacked into,” so it was reasonable for him to deactivate the account. Coupled with the fact that he was never personally advised that it was defense counsel who accessed his account, he said there was no intentional destruction or actual suppression.

The court disagrees and says that:

Even if plaintiff did not intend to permanently deprive the defendants of the information associated with his Facebook account, there is no dispute that plaintiff intentionally deactivated the account. In doing so, and then failing to reactivate the account within the necessary time period, plaintiff effectively cause the account to be permanently deleted. Neither defense counsel’s allegedly inappropriate access of the Facebook account, nor plaintiff’s belated efforts to reactivate the account, negate the fact that plaintiff failed to preserve the relevant evidence.


This fiasco was entirely avoidable, and everyone—the parties, and even the court—deserves some blame. Starting with cases such as McMillen v. Hummingbird Speedway, we’ve flagged before how the “password exchange” is a poor terrible solution to Facebook discovery issues, and this is just one more example of how things can go down the wrong path. I’m also surprised that the court signed off on this and that counsel treated access of a party’s Facebook account by another party’s lawyer so casually.

Maybe a good side project for someone to undertake may be to come up with procedures or model standing orders to deal with this issue and educate courts and litigants of the pitfalls associated with these types of decisions.


Eric’s Comments Ermahgerd, stahp. Please, stahp exchanging social media passwords. There is no situation where Litigant A should be given the login credentials to Litigant B’s social media account. It’s never a good idea for either side, it’s never necessary, and it can lead to goofy unintended consequences like this. I can’t imagine any circumstance where litigants would turn over the keys to their houses to let their litigation opponent rummage around freely. Handing over social media login credentials is at least as invasive, which makes it a concept that needs to be stomped out ASAP.

Other coverage:

Deletion of Facebook page found to be spoliation of evidence (Mary Pat Galagher / NYLJ)

Delete at Your Own Risk: Spoliation of Social Media Evidence (Brian Wassom)

Related posts:

Social Media Evidence Roundup – January 2013 Edition

Court Orders Password Turnover and In Camera Review of Social Media Accounts – EEOC v. Original Honeybaked Ham Co.

Social Media Discovery Case Update and Tips for Those Seeking Discovery

Social Media Discovery Roundup

Court Orders Production of Five Years’ Worth of Facebook and MySpace Posts – Thompson v. Autoliv

Court Orders Disclosure of Facebook and MySpace Passwords in Personal Injury Case — McMillen v. Hummingbird Speedway

Judge Offers to Facebook ‘Friend’ Witnesses in Order to Resolve Discovery Dispute — Barnes v. CUS Nashville

Facebook Messages/Wall Posts, Civil Discovery, and the Stored Communications Act — Crispin v. Audigier

Plaintiff Can’t be Forced to Accept Defense Counsel’s Facebook Friend Request in Personal Injury Case — Piccolo v. Paterson

Court Orders Plaintiff to Turn Over Facebook and MySpace Passwords in Discovery Dispute — Zimmerman v. Weis Markets, Inc.

[image credit: “>Shutterstock/morphart – “man shredding documents”]