Disappearing Messages, Permanent Consequences: Ephemeral Messaging in Discovery

Whereas email began to dominate offices ten years ago, employees today communicate through an array of platforms.  This has changed the discovery of electronically stored information (“ESI”) and created new challenges for litigators and compliance professionals.  Among new communication tools, ephemeral messaging platforms like Signal have emerged as a particular concern for courts and regulators.  These applications are designed to automatically and permanently destroy messages after they are read (or after a specified period).  They have become popular in corporate environments—ostensibly for their robust encryption and privacy features—but raise serious questions about ESI preservation obligations when litigation arises (or is in reasonable contemplation).

How Ephemeral Messaging Works

Signal, Snapchat, Telegram and WhatsApp are just some of the platforms that allow users to send self-destructing messages that vanish after being viewed or after a predetermined period.  Because these applications often combine automatic deletion with end-to-end encryption (the data is encrypted on the sender’s device and only decrypted on the recipient’s device), a message that has “disappeared” cannot be recovered, even by the platform provider.

Signal, in particular, has become synonymous with ephemeral messaging.  Signal first grew in popularity as a secure communication tool for journalists to contact sources (to this day, outlets like The Washington Post and The Guardian solicit confidential tips on Signal), then gained mainstream attention during the 2020s as executives and government officials adopted it for sensitive discussions on both company-issued and personal devices.

Auto-delete is not the default setting on Signal; messages are indefinitely preserved unless a participant enables the “disappearing messages” feature.  Once activated, Signal displays the selected interval (as short as 30 seconds to as long as four weeks) at the top of every chat.  Any participant can modify or disable the setting at any time, and all participants receive a notification of the change.  This design makes it difficult for users to claim ignorance after their messages are destroyed.

Federal Agencies Put Companies on Notice Over Ephemeral Messaging

In recognition of the growing use of ephemeral messaging, the Department of Justice (“DOJ”) and the Federal Trade Commission (“FTC”) issued joint guidance on January 26, 2024.  The agencies announced they were updating their standard preservation and voluntary access letters (and compulsory processes) to warn explicitly that failure to preserve ephemeral messages could result in civil spoliation sanctions or even obstruction of justice charges. 

The warnings were not empty threats.  In April 2024, the FTC brought discovery motions accusing senior Amazon executives (including Jeff Bezos) of using Signal’s auto-delete features while discussing an FTC antitrust investigation.  In response, a Washington District Court ordered a Rule 30(b)(6) deposition of an Amazon corporate representative and invited further motion practice.  The matter is due for trial in March 2027.  Later in 2024, the FTC accused Albertsons Companies executives of intentionally deleting text messages during the FTC’s investigation of Kroger’s proposed $24.6 billion acquisition of Albertsons.   The court permitted the FTC to continue investigating whether Albertsons was withholding key communications and allowed questioning of witnesses at trial about their deleted texts.  The companies terminated the deal after the FTC won a preliminary injunction. 

Companies Cannot Afford to Ignore Ephemeral Messaging Risks

It appears that the Trump Administration (for now) has paused federal agency enforcement of recordkeeping and ephemeral messaging policies; while DOJ and FTC policies remain in place, agency actions have ground to a halt since the January 2025 inauguration.  Yet it would be a mistake to interpret this as permission for companies to relax their internal policing.  The risks of inadequate message preservation extend far beyond federal penalties.

First, companies face enforcement risks from state and international regulators.  In particular, the issue has taken on heightened political significance in Europe.  In June 2024 the European Commission levied a €15.9 million fine against a French company whose senior employee deleted WhatsApp messages he had exchanged with a competitor.  In explaining the decision, Margrethe Vestager, then the person in charge of competition policy, emphasized that companies undergoing regulatory inspections must “ensure that employees do not delete or manipulate business records,” including “communications on mobile phones.”  In July 2025, the European Commission was forced to acknowledge that it destroyed or lost Signal messages exchanged between its president Ursula von der Leyen and Pfizer’s chief executive while negotiating the purchase of Pfizer’s coronavirus vaccine. 

Second, danger still lies in civil litigation, where parties can face serious repercussions if employees have been found to use ephemeral messages.  Federal Rule of Civil Procedure 37(e)(2) allows federal courts to impose sanctions where “[ESI] that should have been preserved in the anticipation or conduct of litigation is lost because a party failed to take reasonable steps to preserve it.”  See Pable v. Chicago Transit Auth., 145 F.4th 712 (7th Cir. 2025) (affirming dismissal because inter alia the plaintiff had intentionally deleted his Signal messages discussing the case and his justification “evolved over time” and was contradicted by evidence); Fed. Trade Comm’n v. Noland, 2021 WL 3857413, at *1 (D. Ariz. Aug. 30, 2021) (granting an adverse inference instruction for similar misconduct); In re Google Play Store Antitrust Litig., 664 F. Supp. 3d 981, 994 (N.D. Cal. 2023) (where Google failed to preserve chats, delaying sanctions until the end of fact discovery but declining terminating sanctions and noting courts “exercise caution” before granting “severe measures”); but see Hunters Cap., LLC v. City of Seattle, 2023 WL 184208, at *12 (W.D. Wash. Jan. 13, 2023) (no spoliation where plaintiffs used Signal but did not turn on the disappearing messages feature).

Practical Implications

When mishandled, ephemeral messaging can result in financial penalties, litigation sanctions, and damaged credibility.  For companies and their counsel, the implications are substantial and immediate.

One critical lesson is that standard-form litigation hold notices for “email” and “electronic documents” are no longer sufficient.  These notices need to encompass all platforms that employees use for business communications.  Ideally, notices should flag and provide clear instructions on how to disable auto-delete features, recognizing that many employees may not understand the technical settings on their devices.

Further, ignorance is not a defense: cases increasingly suggest an affirmative duty for companies to understand and police non-workplace communications tools.  For example, Albertsons faced sanctions despite litigation holds that reminded custodians of their obligation to disable cell phone auto-delete settings.  In cases such as Pable where counsel involves itself with alleged spoliation, the consequences can be even more severe.  Companies should consider technical controls such as mobile device management software, regular audits of employee communication practices, and monitoring to ensure compliance with policies.