The $25 Billion Email: Open Memo to Mark Zuckerberg

The $25 Billion Email: Open Memo to Mark Zuckerberg, CEO, Facebook

June 08, 2011 / in Registered Email™ / by Zafar Khan, RPost CEO

(The memo was written in response to a recent lawsuit filed by Paul Ceglia where he claims to have emails from 2004 which show Mark Zuckerberg allotted him 50% of Facebook equity. Read Facebook’s response to the lawsuit.)

Memo To: Mark Zuckerberg, Chief Executive Officer, Facebook

From: Zafar Khan, Chief Executive Officer, RPost

Re: Grounds for Early Dismissal of Ceglia’s Claims — Paul Ceglia’s $25 Billion Mistake

Reviewing recent coverage of the case filed by Paul Ceglia, it would appear that some of the same questions have arisen that were settled in a landmark electronic case law decision that defined the legal requirements for the admissibility of email into court evidence where the authenticity of the email is being challenged – see Lorraine v Markel, detailed below.

What follows is basic but the field of electronic law is new to most and continues to evolve with each new court decision.  Having spoken regularly on the topic of “legal electronic messaging” as it relates to admissibility, I thought that my basic message may be of interest given the magnitude of Ceglia’s claims. In addressing business executives and lawyers involved in all levels of electronic business communication, I am constantly surprised at their lack of understanding of the key principles of email.

The core principle of my company, RPost, is built around RPost’s Registered Email™ service that protects the sender with a legal electronic messaging capability at a minimum, while our additional service offerings expand upon that basic protection in the deployment of other electronic transaction efficiencies.  Consequently, we have studied the relevant authentication / admissibility legal questions and issues for years and have assisted in establishing international standards for what constitutes a legally valid and court admissible record of who said what to whom, by email and at what point in time.

You may find the following information useful in “educating” the court and if we can assist your team in any way we would be happy to help.

With the instant case it is important to focus on two relevant points of background information:

1. The Need to Instruct the Court on the Common Misconceptions of Email

2. The Need to Reference Landmark Case Law Defining Court Admissibility Standards for Email and the Burden of Proof

The Common Misconceptions of Email:

While the following points may seem obvious to some, it is useful to remind the court of these key issues. I have found in many presentations to attorneys and business men and women at companies of all sizes and activities, regardless of their technical sophistication, that a quick graphical or live demonstration of these points often makes people very uncomfortable. The audience quickly and clearly learns that what was thought to be adequate proof of “who said what to whom by email,” is easily defeated and oftentimes legal advice provided to clients in the past is shown to be wrong or at least inadequate.

1. Printed email: A printed email (from ones’ sent folder, inbox, or archive) can easily be denied admission into evidence by simply challenging content authenticity, time of sending, or whether the email was in fact delivered. With a few mouse clicks, one can easily change anything in an email or drag it to any folder – or the other party can easily claim alteration of the email after the fact.

2. Email copy: A copy of an email sent to yourself or another person has no bearing as to whether a copy was also delivered to your intended recipient. Email systems are often configured such that internal copies never reach the Internet and are simply moved from one file directory to another on the sender’s email server. Also, if one recipient of a message sent is considered to have received the message, this does not provide any useful information about whether or not  the other recipients addressed in that same message have in fact received the email.

3. Electronic archive: Electronically stored copies of email in an archive of the sender or recipient only provide a record of what the archiving party ‘claims’ to have happened.  Even if the archiving parties can forensically prove the content in their archive is authentic, they will be unable to prove delivery or timing of receipt should the recipient claim non-receipt; or authenticity of the sender should the receiver claim to have received a certain email (note, it is very easy, for example, for any receiver to create a false email from any sender and send it into an archive at a specified point in time).

4. Bounce notices: Reliance on bounce notices provide a false sense of security — most recipient servers have turned off bounce notice functions due to “Directory Harvest Attacks” and “Backscatter Blacklisting” concerns. Therefore, if senders do NOT receive a bounce notice, they cannot rely on that fact to presume and demonstrate successful delivery.

5. Text records have little evidentiary value on their own: When the stakes are high one cannot rely on simple text records – text of server logs, text of read receipts, text of message body or attachments, text in PDF files, text on screen shots, etc. Text records (a) can be edited with a few mouse clicks, and (b) are difficult to retrieve and associate — for example, what server logs were associated with what specific message content, months or years after sending?

6. Authentication: IT departments often overlook the complexity of “packaging” ones evidence for presentation to other parties in a manner that can withstand legal scrutiny.  If there is a dispute, how does one present the information to the arbitrator, mediator, judge or jury?  How does one show what has been produced is the authentic information – authentic internet records associated with precise content and uniform times of sending and receiving?  Litigators can simply point to public research and claim their clients never received the email or request the sender to authenticate that the email was in fact received, what the received content said, and when it was received.  For example, Ferris Research, a leading messaging analyst, reports, “3% of non-bulk, business-to-business Internet email goes undelivered to its intended recipient.”  How do you prove that your critical email notification was not within than 3%?  Having this published research validates any claim of non receipt of email where the sending party cannot prove that the recipient received the message.

Note: Some of these defensive points have been published or discussed in some manner in The Legal Technology Journal of London January 2009 poll referencing the common misconceptions related to email. These defensive points are further detailed in the paper entitled, “Converting Legal and Contract Notices from Paper to Electronic Delivery: a Corporate Counsel Guide,” prepared by Stan Gibson, a law partner at Jeffer Mangels Butler Mitchell LLP.

Landmark Case Law Defining Court Admissibility Standards for Email and the Burden of Proof

Background: For email evidence, the burden of proof lies with the party who wishes to employ an email record as evidence of an electronic transaction and therefore such records must be in a court-admissible format.  This will require independent verification of the components mathematically associated — (a) the original message content (and all attachments), (b) the uniform time (not the sender’s desktop computer time) of transmission (sending and receipt) of the message, and (c) the underlying transmission metadata that for court purposes serves as the recorded digital snapshot of both servers’ sender / recipient / collection transaction data that under terms of electronic law meet the test of legal delivery.

Note: The court admissibility standards are discussed in great detail in the Locke Lord Bissell & Liddell LLP legal analysis entitled, “Legal Review of RPost Registered Email™ service in context of Electronic Law relative to Authentication / Admissibility Requirements.”  This document is available for download at in the RPost website legal opinion section.

Know more: Secure Email Encryption

Case Law: The decision found in Lorraine v. Markel American Insurance Company, 2007 WL 1300739 (DMd May 4, 2007) by United States Magistrate Judge Paul W. Grimm is an excellent guide for the careful steps that must be taken when parties choose to offer electronic information in evidence – the Judge went the extra step of providing a legal primer in an attempt to put to rest basic questions of evidentiary proof within the new field of electronic law. A legal brief discussing this Lorraine v. Markel court opinion prepared by Locke Lord Bissell & Liddell LLP serves as an expanded “electronic primer” on the issues of electronic records and signatures, legal delivery, record authentication, etc.

The court opines, for example, that authentication is a subset of relevancy—evidence which is not authentic cannot be relevant. Therefore, issues of authenticity are essentially questions of conditional relevancy involving a factual determination by the jury and admissibility. Because determining if scanned documents are authentic is a matter of conditional relevancy, a court must engage in a two-step process. First, before admission of the evidence, the court must determine if there is a sufficient foundation for a jury to reasonably find that the proffered evidence is authentic. Second, the jury must resolve the question of whether the evidence is what the proponent claims.

In the instant case, Ceglia’s email records appear to be simple records of what was claimed to have been sent (or claimed to have been received by him).  Is there a record that the specific claimed content was delivered (received), at what time was it delivered (received), can Ceglia prove the content received (which is not necessarily the same as the content sent), and is there transmission metadata to support this?  Importantly, showing the text of a reply to an originally sent message does not prove that the recipient replied with specific content – it proves nothing unless that reply message text can be authenticated in the same manner, as well as with some method of authenticating origin (sender) email account. It is just as easy to fake the content of a reply message – the message content, reply sender name/email address, times or reply, etc.

The forgoing underscores the need for the maintenance of email records in a form that would not only mitigate disputes but also stand up to likely challenges of court admissibility.  If simple email is employed, as it was for the Ceglia’s alleged email correspondence and contract, the data provided by the simple email records cannot necessarily be verified, is not easily irrefutably associated with the message content, and official times of sending/receiving may not be able to be proven to be authentic. The case law discusses that for an underlying email record (sent email or received reply email) to be court admissible in a situation where the integrity of content or time of receipt is challenged, the record must be capable of third-party verification of delivery / receipt times, associated content, and associated transmission meta-data, with each capable of independent verification.

If Ceglia had used a service like those provided by RPost – if he had sent his correspondence by RPost Registered Email™ service, he would have automatically received a returned a Registered Receipt™ email record for each Registered Email™ message sent, that provides the sender with verifiable legal and court-admissible records that serve as proof of delivery, content with an official time stamp.  Additional options provide for the recording of receivers’ reply emails.  RPost’s technology was readily available in 2003 – the timeframe of Ceglia’s alleged correspondence.  Moreover, RPost’s Registered Email™ service was used commercially at that time and was easy to find through internet search.  One might ask whether the neglect to use commercial off the shelf technology with limited free use plans to create a verifiable and court admissible record of such important contract and email correspondence was deliberate or naïve.  In either case, it was available and it was the responsibility of the party that wants to rely on that evidence to ensure it is maintained and packaged in a form that can be trusted.  Ceglia chose not to protect himself and therefore must accept the consequences.

In this case, Ceglia chose not to treat these important messages in a manner that would protect him and serve as legally valid proof.  I trust that the issues discussed in this memo are of interest as your legal defense proceeds with the case.

Facebook’s June response in this case, United States District Court Western District of New York: Paul D. Ceglia, Plaintiff, v. Mark Elliot Zuckerberg and Facebook, Inc., Defendants. Civil Action No. 1:10-cv-00569-RJA is online at: