top of page

The Grimm Guide to Authenticating ESI


Judge Paul Grimm of the District of Maryland, is widely known in the e-discovery world for his influential decisions, in Victor Stanley v. Creative Pipe, 250 F.R.D. 251 (D. Md. 2008) where he ruled that a privilege claim on inadvertently produced privileged documents was waived because a party could not explain the method of its review for privileged material, and in Lorraine v. Markel, 241 F.R.D. 534, 563 (D. Md. 2007) in which he provided guidelines for the admission of electronic evidence.

Judge Grimm collaborated with Dan Capra and Gregory Joseph on a 2016 West Academic publication, Best Practices for Authenticating Digital Evidence, which is available online here. It discusses how to authenticate emails, text messages, social media postings, web pages, and other social media direct messages.

Emails are deemed authenticated because their actual production is the statement of party opponent, but authentication can also accomplished with the testimony of the author or a records custodian; the jury's comparison of an email with other authenticated emails; or other circumstantial evidence. A key point that Grimm makes is that, "Authentication has also been found when an adversary produces in discovery a third party’s email received by the producing party in the ordinary course of business, and the email is offered against the adversary."

Text messages can be authenticated in the same manner as email messages, but also by establishing that they are the product of a system which records them accurately. Grimm cites to a decision by the United States District Court for the Eastern District of Michigan that texts where authenticated by a showing that, "they are automatically saved on SkyTel’s server with no capacity for editing."

Government and newspaper websites are self-authenticating, and web pages generated in the ordinary course of business of a company may quality as self-authenticating business records.

Social media posts are usually authenticated when it can be proven that, "the pages and accounts can be tracked through internet protocol addresses associated with the person who purportedly made the post."

Chatroom conversations, or social media direct messages are difficult to authenticate because users often communicate with aliases. Testimony may be necessary from participants in the conversations as to the identity of a person using an account, and the accurateness of a transcript of the communications.


bottom of page