Discovery Related to Web-Based Email Abuse

Mark E. Bale, Esq.
Schwartz Semerdjian Cauley & Moot, LLP
Published:  11.1.19

Borrowing from the classic TV show Dragnet: "Ladies and gentlemen: the story you are about to hear is true. Only the names have been changed to protect the innocent." 

Imagine you are defending your client “John Doe” at deposition in a litigation matter in which he is a party.  The deposition has been going for hours and your client has been questioned about several documents that have been marked as exhibits.  Owing to your masterful efforts preparing your client for the deposition, however, your client remains razor sharp and focused.  Shortly before you are set to break for lunch, the client is presented with yet another document for review and questioning.  Upon reviewing the document, and to your chagrin because no question was pending, (so much for that masterful deposition preparation…) your client says:

“I don’t know what this is…that’s not me.” 

When actually questioned by counsel about whether the exhibit was a document he prepared, your client responds by saying:

“Absolutely not.  I don’t recognize it at all.  I wouldn’t have the technical capacity to write this document.”

And then your client says the following:

“And I’ve never had an email address”

The deposition breaks for lunch so you are able to dive into the subject with your client during the break.  The document in question was an email from the address “” with an attached document setting forth legal analysis which seemed to be attempting to induce reliance by the recipient of the email on the conclusion in the legal opinion.  The email in question also requests that the recipient respond back via email “…as I am currently out of the country without cell phone service” and is concluded “Regards, John Doe.” 

While your client does have a email address, your client confirms that the email address appearing on the document in question was not his address and was never created by your client.  In addition, your client is not a lawyer.  The email is clearly intended to appear to be from your client but requests a response only via email to the phony email address to conceal from your client that it has been sent in the first place and to perpetuate the ruse.  Your client is perplexed but has a gut instinct.  Based on his experience with one of the opposing parties in the litigation (who happens to be a lawyer) your client believes the email was created by that person masquerading as him. 

Setting aside the possibility that the use of the phony email address containing your client’s name could constitute fraud, identity theft and criminal activity, it is potentially advantageous to your client’s case to try to establish that the document in question was actually created by the opposing party.  Now what?

You do what anyone would do these days…you Google it.  The Google search “Subpoena to Google” produces a link to a page on Google’s website that contains instructions and guidance on serving civil subpoenas on Google, including the address for the registered agent for service of process in California.  Figuring it is a longshot, you nevertheless issue a subpoena for production of business records to Google requesting information related to the identity of the person creating the “” address and the specific email in question, the IP address from which the email account and specific email were created, the date of creation of the account, and copies of all emails sent from that email account, among other things. 

To your surprise, you receive an email response from Google Legal Investigations Support a mere two days after the subpoena was served.  What’s not surprising is that the response contains numerous objections to the subpoena.  As you learn, there are legitimate privacy and legal constraints on the type and amount of information Google is permitted to disclose, even in response to a legal subpoena.  For example:

  • Google provides its users at least 21 days to object to the subpoena or to inform Google of their intent to file a motion to quash; and
  • Section 2702(a) of the federal Stored Communications Act (“SCA”) prohibits Google from disclosing the content of electronic communications or content stored on behalf of the user pursuant to a subpoena.  18 U.S.C. § 2702(a) see also e.g., Suzlon Energy Ltd. v. Microsoft Corp, 671 F.3d 726, 730 (9th Cir. 2011); Theofel v. Farey-Jones, 359 F.3d 1066 (9th Cir. 2004); Mintz v. Mark Bartelstein & Assocs., Inc. 885 F. Supp. 2d 987, 993-94 (C.D. Cal. 2012); In re Subpoena Duces Tecum to AOL, LLC., 550 F.Supp.2d 606, 611 (E.D. Va. 2008); Flagg v. City of Detroit, 252 F.R.D. 346, 366 (E.D. Mich. 2008); Viacom Int'l Inc. v. YouTube Inc., 253 F.R.D. 256 (S.D.N.Y. 2008); O'Grady v. Superior Court of Santa Clara, 139 Cal. App. 4th 1423, 1441-43 (2006).

Google suggests that the appropriate way to seek such content is to direct your subpoena to the account holder who has custody and control of the data in the account, is not bound by the SCA, and is the party to whom discovery requests should be directed, citing Suzlon, 671 F.3d 726, 730-31; Mintz, 885 F. Supp. 2d at 993-94; and O’Grady, 139 Cal. App. 4th at 1446-47.  However, you also see your opening in a portion of the response which states: “Google may be willing to produce responsive data, to the extent it exists and is available…” subject to the limitations cited. 

It becomes clear you need to be able to explain to someone at Google the details of what has occurred and that you cannot subpoena the account holder because you don’t know who the account holder is.  You respond directly to the Legal Investigations Support representative at Google via email with an explanation of the circumstances.  Again, to your pleasant surprise, that same day you receive a reply inviting a phone conversation to discuss the situation.  After being afforded the opportunity to explain that you have reason to believe an adversary in the litigation may have created the account to masquerade as your client, and that you are primarily interested in just the information about who created the account, Google agrees to produce “available non-content responsive documents” after the expiration of the 21 day period for the account creator to object to the subpoena or to inform Google of their intent to file a motion to quash. 

On the date of the expiration of the 21 days, you receive the production from Google.  It consists of “Google Subscriber Information” details about the account as follows:

Recovery e-Mail:
Created on:
Terms of Service IP:
Google Account ID:
Last Logins:

While the account was opened in your client’s name by the rogue, and while you already knew of the phony email address, the “recovery email” associated with the account is revealed to be an e-mail address belonging to the adverse party your client suspected was behind the creation of the phony email.  Bingo!  Even had it not already been established through discovery that the recovery email address for the phony account belonged to the adversary party, obtaining the recovery e-mail and the IP address would have provided you with valuable additional information that could have been explored further with additional discovery to identify the creator of the phony account.  Also, the information about the last login to the account showed that the account had not be used since around the time the email in question was sent, which assuaged concerns of your client about potential rampant use of the phony email address. 

The evidence you obtained regarding the identity of the creator of the phony email account in your client’s name ended up being very valuable.  It exposed the opposing party as untrustworthy and damaged his credibility irreparably.  It also established that your client was not responsible for creating the email and attached document which would have damaged his case.  Ultimately, these factors assisted you in settling the case before trial to your client’s considerable relief.