“Spoken words disappear after they’re heard. But what you say online remains forever. With confidential messages that self-destruct, Confide lets you avoid the Cloud, and takes you off the record.”
The above quote is from the website getconfide.com, which offers an off-the-record messenger application that can be installed on a smartphone. All you need to surreptitiously communicate with another party is their email address or phone number. There are a quite a few of these apps floating around, and apparently, many users are flocking to them to conduct under-the-radar communications.
Why? I am sure there are myriad reasons, but I stumbled across Confide when I was reading an article about the Sony data breach. Not only did the data breach get everyone talking about the movie “The Interview” and the discrepancies in pay between female and male movie stars, but it also reminded us all that there is no such thing as “private” when it comes to email. If you recall, a number of embarrassing messages were released between Sony executives commenting on everything from Angelina Jolie to what President Obama’s favorite movies may be.
I downloaded Confide to test it out and was quite impressed with its function and capabilities. Of course, I tried to get around the security features. I invited a few colleagues and started exchanging messages and photos.
Feeling a bit like a modern day James Bond, I created my first message. The app was fairly straightforward and seemed pretty typical. I typed a message and hit send, but that’s where the similarities ended. As soon as the message was sent, it disappeared. A sent items folder or outbox doesn’t exist. The app did record the fact that I sent a message and the time it was sent, but that was it.
When my colleague viewed the message or picture, the app recorded that activity. My colleague then sent me a message. It was a multi-lined message, which was only readable one line at a time after I swiped my fingers north to south on the screen. I took a screenshot to capture one line and was immediately kicked out of the application! Foiled!
Then my colleague in the next office shouted to me that he just received word that I took a screenshot! Very cool, but I still had the photo of the one line I captured in my photo library on my iPhone. However, when I looked at the photo it was stripped of any data that would indicate who sent it. Foiled once again!
When I went back in to Confide, the message had disappeared and in its place was a notice that I took a screenshot. During my few hours of testing, every message or picture that I sent, received or read was immediately destroyed. What about all that cool forensic stuff you have read about and that data never disappears? I thought the same thing and forensically imaged my phone to conduct an exam. I could find no traces of any conversations, pictures or history of me using Confide. I did not search too hard, so it’s possible there may be some remnants, but a cursory exam revealed nothing. The only evidence I could find was that Confide was installed on my iPhone.
What does this have to do with e-discovery?
It is one more of a growing number of ways that clients can use to communicate “off-the-grid.” And it’s just one more type of technology attorneys need to be aware of when meeting with and advising clients on preservation of ESI. I am not an attorney, but if I were and had a client who was using Confide, I would want to know why. I would ask with whom they are communicating and whether any conversations or other data would be relevant in a pending or current matter. I might advise that they should stop and use a form of communication that can be properly preserved.
But would that be proper advice? The website states – “Spoken words disappear after they’re heard. But what you say online remains forever.” If your client informed you he or she was having spoken word conversations that were relevant would you advise them to stop talking and instead write down everything in an official memo or email so it could be preserved? That doesn’t sound reasonable.
Therefore, does the fact that this app essentially acts as the digital equivalent of the spoken word relieve a party from preserving communications in the same fashion as email or other ESI? Do we simply rely on a party to recall and provide information on what they may remember was read or sent on Confide? Or does the mere existence of one of these apps raise the level of suspicion to that of this person must be doing something really bad or they wouldn’t need this app in the first place?
Smartphones and devices are full of applications that can potentially contain ESI needing to be preserved. The possibilities go well beyond emails and simple text messages. Find out from your client how they use these devices, what apps are being used, and for what purposes. If you don’t understand how an app works or what it is used for then download it for yourself, visit the website, ask your colleagues or find out from your kids! However, don’t assume that your client is only using email and creating Word documents that are stored on network drives. It’s not 2014 anymore.
Peter Coons is a senior vice president at D4, providing eDiscovery and digital forensics consulting services to clients. Peter is a Certified Information Systems Security Professional (CISSP), an EnCase Certified Examiner (EnCE), an Access Data Certified Examiner (ACE), and a Certified Computer Examiner (CCE). He belongs to various digital investigation and information security based organizations. Peter holds a master’s degree in Digital Forensics Management from Champlain College and a bachelor’s degree in Economics from the State University of New York at Oneonta.