News broke Thursday that White House senior adviser Jared Kushner allegedly uses the Facebook-owned instant messaging platform WhatsApp for official government correspondences, takes screenshots of those messages, and sends them to his government email address to comply with record-keeping laws.

While public records attorneys said screenshots are sufficient to comply with record-keeping laws, e-discovery experts said they may pose authentication challenges if needed as evidence.

Yesterday, U.S. Rep. Elijan Cummings, chairman of the Committee on Oversight and Reform, sent a letter to White House Counsel Pat Cipollone detailing accusations that Kushner and other White House staff are using non-government devices for work communication.

Kushner's attorney, Winston & Strawn partner Abbe Lowell, confirmed Kushner uses WhatsApp for official White House business, according to the letter. Lowell noted that Kushner preserves records by taking screenshots of his WhatsApp communications and forwarding them to his government email account or the National Security Council.

Forwarding screenshots of government communication is in compliance with record-keeping laws, said lawyers contacted by Legaltech News.

“In my view, taking a screenshot of a message sent on WhatsApp and forwarding it for preservation to a government email archive or other record-keeping system is an appropriate way to comply with one's record-keeping obligations,” said Jason R. Baron, of counsel at Drinker Biddle & Reath and former director of litigation for the U.S. National Archives and Records Administration.

Baron cited a 2014 amendment to the Presidential Records Act that allows White House staff to forward or copy messages made on non-government devices to an official White House account within 20 days.

Still, while screenshots comply with records laws, e-discovery attorneys said they can pose challenges if entered as evidence.

“The screenshots may reflect information about the message itself but won't retain metadata that can be extremely important for archival purposes—including validating the authenticity of messages, dates and times sent and received, keeping communication chains in order, etc.,” said Reed Smith records and e-discovery group chair David Cohen in an email. Cohen stressed he had no specific knowledge of Kushner's situation.

To be sure, while the original content's metadata can contain valuable details, a screenshot offers scant specifics. Through computer forensics, the type of phone or tool used to make a screenshot can be deduced, along with when the screenshot was taken. But details about the message would be meager.

“There's not really a whole lot of potential useful information other than what phone Jared Kushner was using when he took [the screenshot],” said Michael Maschke, CEO of digital forensics provider Sensei Enterprises Inc.

A screenshot, likely any discoverable content, will face admissibility hurdles before being admitted as evidence. Generally, however, presenting electronically stored information in its native format is preferred.

“A screenshot of social media or text message isn't sufficient; it could be doctored and other metadata you would [need] to document its integrity,” said Philip Favro, a lawyer and consultant at information governance and e-discovery provider Driven Inc. “That's why there's such a premium being placed on getting the actual data off the phone so you can discern if the information is what it purports to be.”

Those contacted by Legaltech News for this article also questioned if the transfer of screenshots to Kushner's official government email address could raise cybersecurity concerns.

“Taking that screenshot and storing it locally in your phone, there are some consequences of doing that,” Maschke said. “Some of that is the auto-synchronizing to multiple devices.”

He also added that WhatsApp is owned by Facebook Inc., a company that has been mired in data privacy scandals.

“When you are dealing with a secure communication app like WhatsApp, it's only secure in the application,” Maschke said. “Again, it's who do you trust to secure data [and] evaluating that risk and the type of content that you are sending across the platform.”