Slashdot Mirror
What Questions Would You Ask An RIAA 'Expert'?
NewYorkCountryLawyer asks: "In UMG v. Lindor, the RIAA has submitted an 'expert' report (pdf) and 26-page curriculum vitae (pdf), prepared by Dr. Doug Jacobson of Iowa State University who is the RIAA's expert witness in all of its cases against consumers, relating to alleged copyright infringement by means of a shared files folder on Kazaa, and supposed analysis of the hard drive of a computer in Ms. Lindor's apartment. The RIAA's 'experts' have been shut down in the Netherlands and Canada, having been shown by Prof. Sips and Dr. Pouwelse of Delft University's Parallel and Distributed Systems research group (pdf) to have failed to do their homework, but are still operating in the USA. The materials were submitted in connection with a motion to compel Ms. Lindor's son, who lives 4 miles away from her, to turn over his computer and music listening devices to the RIAA. Both Ms. Lindor's attorney (pdf) and Ms. Lindor's son's attorney (pdf) have objected to the introduction of these materials, but Dr. Jacobson's document production and deposition are scheduled for January and February, and we would love to get the tech community's ideas for questions to ask, and in general your reactions, thoughts, opinions, information, and any other input you can share with us. (In case you haven't guessed, we are the attorneys for Ms. Lindor.)"
How old are you?
You see, I'm doing a research paper on how long a human can live without a brain.
It was a joke! When you give me that look it was a joke.
to have your soul removed?
Why?
Sometimes, life itself is sarcasm...
What steps would you take to prove that a screenshot is 'authentic'? If I doctored a screenshot to include a list of songs, how would you discover the doctoring? How would establish that the song names contained the correct songs and not something else? Are all screenshots unalterable?
Describe the process of 'proving' that someone's home computer used a given IP address at a given time. Anywhere.
"We are all geniuses when we dream"
- E.M. Cioran
To take one for Steven Jay Page of the Bare Naked Ladies
Have you _ever_ (and I mean EVER) made a "mix" tape? Did you give it to your SO/love interest?
Steven's argument being that effectively EVERY person in the music industry has done this at one time or another, and to be punishing their customers from doing effectively the same thing is hypocritical.
Like - did you listen to the alleged data to see if it was actually a copyrighted work? Does the copyright on those works all belong to the planitiffs?
Can they verify what IP address the alleded copyrighted work was uploaded from? (Eg: did it come from a single source only?) Go back a little further; can they produce anything that verifies Ms. Lindor's computer had the IP address they uploaded from at the time in question?
"History doesn't repeat itself, but it does rhyme." Mark Twain
Why do you hate freedom?
I'll just use my special getting high powers one more time...
On SOVIET LIMEWIRE, PORN FINDS YOU!
Come /.! NewYorkCountryLawyer is trying to do something good here.
Can we get serious for a minute? Please?
1. What measures will be taken to safeguard the integrity of the data and the data storage devices. You don't want your property destroyed in the process of investigation.
2. Ask for extensive access to all the equipment that will be used during the investigation to verify that the said equipment may not accidently harm your devices and data.
3. Ask for a comprehensive review of all the privacy-safeguarding mechanisms that the plaintiffs have in place for the retrieved data. Further, ask for an audit of the feasibility of the privacy safeguards as well as their effectiveness in actually protecting the privacy of the data.
Any guest worker system is indistinguishable from indentured servitude.
May work over here. Prof. Sips and Dr. Pouwelse expert witness statement seems to be what anybody being sued by the RIAA would want to find. The inability to prove they were involved in actual contribution. I think if you can get an intelligent judge or at least be able to explain what their findings mean; you should be able to get alot of cases thrown out. If not then appeal until you get the right judge. It seems that they have to go on hunting expeditions to try to even build a case otherwise they are close to slander by false accusations. I may understand it wrong, but their analysis shows you can't prove if anyone was involved by using the tools they do.
I eat Karma for breakfast, lunch, and dinner. That's why I don't have any.
Ask them why they retain the services of a company found to have conducted unlawful electronic searches of an individuals computer, to provide their evidence of infringement.
Do not try to read the dupe, thats impossible. Instead, only try to realize the truth
What truth?
There is no dupe
I saw at least one false statement in one of the filings. It's not a lie so much as a total lack of understanding of how IP networks really work and how far they can be pushed. Combine that with the fact he's been discredited in Canada and it should make the court ask questions.
In particular the statement that he was able to determine there was no wireless router in use at the time cannot be substantiated. It is possible to have a wireless router that NATs you right back to your public IP. In fact, I've done it (with out the wireless part) at least twice for different reasons.
If I were you, I would set up a demo that shows this and rub his nose in it.
The differences is most readers of /. are not lawyers, so asking questions about law on /. is kind of pointless.
/. are technically adept, so asking questions about technical issues (like is this 'technical assessment' valid?) can be rewarding. Even if you are a lawyer.
Inversely, most readers of
-Rick
"Most people in the U.S. wouldn't know they live in a tyrannical state if it walked up and grabbed their junk." - MyFirs
That is an easy question to answer
The RIAA sucks because it is an association that is designed to protect the interests of large music corporations by ensuring that their broken buisness model continues to exist.
The reality of the situation is that current technology is scary to RIAA members because a band/artist doesn't need a label quite like they used to (and as time goes on and the technology advances they don't need a label at all). Consider:
Being that merchandise (like T-Shirts/posters) can easily be produced and ordered online (to be sold on your web-store and at your show), and you can self promote your shows, a hard-working band can make a decent living without needing a label; they may never get to the same level of fame that a label will get you, but you also don't need the same size of an audience to make playing music your life.
* How do you prove that the contents of the "shared" folder were actually shared with third parties? (I have a "shared" folder with music on my PC, to stream to my other PCs and my stereo)
* How do you prove the "shared" folder was not created automatically by the P2P software?
* How do you prove that the user was computer savvy enough to prevent the software from creating the folder?
Typical that a lawyer would be the first person to work out how to bill for their time while reading Slashdot...
I am TheRaven on Soylent News
You might get a better response there (i.e., less noise than /.), especially since Groklaw is about legal issues surrounding tech.
#5 is easy. If you don't pay for unlimited rights, you don't have them when you're licensing media. You know the disclaimers about "licensed for home use" and so on? You're buying limited access to someone else's property. It's a license in perpetuity, as opposed to a "rental" (being temporary), but you don't have any more rights than the ones you buy.
The problem here is the philosophy that you start with every right except those denied to you. That's good and perfectly true for laws, but when you're buying something from someone else, it's a complete non-sequitur. You start with nothing--zero rights to the product--and purchase some of those rights from the creator.
The mere exchange of money does not imply complete ownership over anything more than that for which you've paid. When you buy an airline seat, you don't own the seat itself; when you buy a book, you don't own the words. If all you're buying is the right to use something, all you own is that set of transferred rights (and any vehicle of expression if applicable, i.e. a CD, the paper composing a book, the canvas and paint molecules of a painting).
A lawyer posting an "Ask Slashdot" question?
Is he going to bill us?
Seven puppies were harmed during the making of this post.
What he should have said was:
The plaintiff wants to compel $person to surrender his computer for forensic analysis. For the judge to order this, their evidence must meet $standard.
Their evidence is $evidence. How can I show, from a technical perspective, that $evidence does not satisfy $standard?
They don't grade fathers, but if your daughter's a stripper, you fucked up. --Chris Rock
My father is an attorney, and he once told me that you never ask a question you don't already know the answer to, unless the answer cannot possibly hurt you. There are a few possible answers here:
1) I don't know.
If he doesn't know, he's not an expert on MediaSentry.
2) None.
At this point you enter into evidence a copy of The Mythical Man-Month or some similar tome, and quote figures on bugs per lines of code. You have now discredited him.
3) Lots, for example...
This will go over *great* with a jury.
This guy claims that the hard drive provided must be the wrong hard drive because it doesn't show any evidence of file sharing whatsoever, and MediaSentry claims there was file sharing. Maybe it's a bug in MediaSentry.
There's no failure quite as dissatisfying as a complete and total solution to the wrong problem.
Did none of you read the PDF? The expert report says that the hard drive provided to him was *not* the one used to share the files. He doesn't discuss his methodology in any detail, but it's reasonable enough. He states that, based on his analysis of the hard drive that the machine was directly connected to the internet (not via a router), which is easy enough to tell from the IP address assigned, and that it does not and did not have Kazaa (apparently the p2p program used) on it. From the other links, it sounds like they're claiming that his isn't the hard drive they wanted, from the machine they wanted, and that they're trying to get access to the sons hard drive based on that. Assuming that the expert isn't totally incompetent and/or lying, he's right. If this hard drive is from the machine that had the IP addresses in the subpoena from Verizon (he says he has access to the Verizon information, but not whether or not the IPs match up), then you have a pretty airtight dismissal - no evidence of sharing, lets go home. If they're trying to claim that the son probably brought his machine over, you're going to have to rely on legal arguments rather than technical ones. It's certainly possible that he did, but I don't know enough about the law to say whether that matters in a case like this. The case is against her, not her son, so can't you argue for dismissal on that alone? If they're claiming that you gave them some totally unrelated drive, you're going to need to document where that drive came from. I assume you have all your ducks in a row with regards to the chain of documents and evidence for that drive. If you don't, then someone screwed up along the way and someone is going to pay for it - probably your client and her family. That's not something interrogation of this witness will help you with - his analysis of the drive is probably correct. What he's saying is that he didn't find the evidence the RIAA wants on the drive, so prove that's the drive they asked for and go home.
I read the PDF report from the RIAA's expert.
Seems that he's saying that the hard drive he examined contained NO TRACE of Kazaa ever being installed, and no trace of any "shared files". He goes on to say that the hard drive appeared to be hardly used, since there were very few user-created files. The implication is that the hard drive he examined is not the hard drive that was used to share music, or that it had been completely erased at some point.
I would ask him about the possibility that the hard drive was reformatted in the process of re-installing Windows, via an normal Windows CD or especially a "restore CD". And I would also ask him if it is possible that Ms. Lindor re-installed Windows because she was having other problems with the computer, and a re-install was the simplest way to fix those problems. I would also ask him if formatting the drive and re-installing Windows is a common way to repair computers that have become unusable due to viruses and spyware. I would also ask him how common spyware and viruses are, and how a user such as Ms. Lindor would be able to fix a machine infected with spyware and/or viruses without resorting to formatting her hard drive and re-installing Windows.
Basically, reformatting the drive is a perfectly legitimate thing to do when Windows, or any operating system, becomes "unusable" due to corruption of system files by malicious software. Just because her drive is "empty" doesn't mean she is trying to hide evidence. She may have done it simply to get her computer working again.
Can you prove that the user was not licensed to possess the file? Does he, a neighbor, a friend or otherwise own a license? Was this license temporarly used on this computer? if so then there is always going to be a trace of the file.
For example, I own a copy of Artist A's cd. I share this CD on a P2P network so that I can play it for my friend at his house (FairUse). I then delete the file when we're done.
Nothing unethical took place in the above scenario.
Technical side. Public IP? Was it static of dynamic? Can you prove he was the possesor of the IP address at the time of the alleged use?
As for Lindor's son's computer. No way in hell should they be allowed to have access to it. Prove that that computer was ever in the house of Mr. Lindor. Plantif's aren't allowed to go on wild goose chases for evidence when their cases start to fall apart.
It seems to me that the RIAA has way too much to prove here. Even in civil proceedings, it's just idiotic. Can they even prove that Mr. Lindor has caused them harm?
All they've got is someone, with a certain IP, may have downloaded a file that they may not have had a license for. There's a lot of maybes there.
More technical...
Had he ever used any anonymizing software?
Could their have been a worm or a trojan causing the sharing on his computer?
****HOW EASY is it for someone to spoof an IP address through one of these services?**** (very)
Given they've already searched his harddrive... Was it a used computer? Who else had access to said computer? Was a good faith effort made to correct any unauthorized licenses?
Here's one for you:
Is it possible that the defendands computer was compromised in some way by a third party without their knowledge, and that the third party was the one who put the music on the computer and set it up to be shared?
I was at my brothers house over the xmas weekend and he was complaining about odd behavior on his Windows PC. The mouse simply stopped functioning properly in a number of applications, etc. He's on a DSL line but behind a router/firewall, with a software-based firewall and virus scanner installed. I decided to do a thorough check myself, however, and discovered that there was a directory containing over 2 gigabytes of porn that he knew nothing about. It was quite obvious that some sort of malicious software had made it onto his PCand turned it into some sort of porn file server, probably for some P2P network. Now my brother is no Windows expert but he's fairly savvy technically (college grad with a computer science major, MBA from a well respected business school). If he couldn't detect this going on with his own computer then how could a computer-illiterite person be expected to?
How much of the money RIAA claims goes back to artists who created the music?
A bad analogy is like a leaky screwdriver.
... but you probably shouldn't:
Isn't your client's stupid business model costing him far more money than the file sharing is?
Stuff that might actually be useful to ask:
- As someone else said, how do you prove that the screen shots have not been altered?
- If the screen shots are backed up with packet captures, how do you prove that those were not altered?
- Given that both IP and MAC addresses can be spoofed, how do you prove that the defendant's computer was actually the source of the packets?
- Given that the titles of stuff on a file sharing network may have no relationship to the contents of the file, how do you prove that the file actually contained material copyrighted by the plaintiff?
- Each song that the plaintiff says that the defendant illegally shared/distributed was not actually written or recorded by the plaintiff, but by an artist. The copyrights were assigned to the plaintiff as part of a contract with the artist. For each song, prove that the plaintiff has valid control of the copyright by having met all the terms of the contract with the artist.
I really like this last one. If the RIAA has been stiffing the artists on their royalties or with funny accounting, they're going to have to run the funny accounting past a judge, and justify why they get to sue for copyrights where they are ripping off the artists. Even if they can give an accounting that passes the laugh test, it enormously increases their workload in the case.
Item 5 is too vague, I can set my router to say whatever IPs I want, good net citizen doesn't do this but non-reputable... IP addresses are not.
Item 6 is simply a fishing expedition, IANAL but last time I checked this is legal but HIGHLY contestable. The rest of the content isn't very good as it's akin to saying that since *you* own a gun you may know who shot someone else *ANYWHERE IN THE WORLD* with a gun.
Item 7 isn't that good either but it *does* show that the person in question is related to the person there.
All in all I'd say what you have to overcome is the CSI/Law and Order effect of IPs being traced like a phone call to the exact address because that's what you're up against.
Also what are they using to take these screenshots, did they have a warrant (RIAA tends to forget they're NOT law enforcement). "We use encryption" is not a valid answer for that as both MD5 and SHA-1; standard hashing functions used to prove that data has not been tampered with have BOTH been proven to have collision domains (places where different data can have the same hash).
Ok, on to the questions. Since you didn't say the field of the
First off I'd ask about the screenshots and then if he brought out the encryption statement, I'd tear him apart on that, Stealing the Network: How to own the box, (a great book on network security, stories are fictional but the technology is VERY real), has some great layman's explanations for this. If they say it's proprietary then you can tear that apart with enough ammo for NSA people and such. (no one rolls their own crypto it's just too hard, just because *you* can't break it means absolutely nothing, CSS, Apple DRM, Comcast crypto anyone?)
Then I'd ask how they got the numbers for the values of their songs and I'd then rip apart the logic on that as I heard it's something like 730 a song, so then that means that a Vanilla Ice song makes as much money as something from The Game.
Then I'd ask about the full enforcement of the copyright laws and then if they felt exceptions should be given, and demand a yes or no from them. Then point out that the children of the CEO of Time Warner stole music and just leave it at that.
That's all I could come up with in five minutes. I tend to equate the RIAA lawyers to humans (but not *AS* humans) in two words "Mostly Harmless".
"Chinese Amazons, power armor, laser swords.... things just meant to be." - Shampoo, A Very Scary Bet
On initial analysis, the gentleman does appear to be qualified to render "expert testimony". I assume that his bona fides are in order. The fact that jurisdictions outside the US don't acknowledge his expertise is irrelevant - this gentleman's qualifications appear (unfortunately) to be impeccable.
Many of my associates here on /. to the contrary, the plaintiff will probably have little to no difficulty establishing whether or not the suspect computer in this case was using the IP address from which the plaintiff alleges the copyright infringement took place. Likewise, based on the ISP records, the plaintiff will probably have little difficulty proving that their record of the shared content as identified from the plaintiff's computer is an accurate and correct representation of that IP address' activity. Attacking the accuracy of their data (showing a computer at the defendant's IP address was sharing files via P2P technology) will probably likewise prove unproductive; and as I'm sure you're aware, making allegations of misconduct without evidence on your part to support your allegations could be very bad for your professional situation. To my /. fellows, remember that this is a civil case - the standard is not "proof beyond a reasonable doubt" but rather "a preponderance of evidence". With that end in view, rather than attacking the assertion that illegal file sharing took place from that IP address you should try to establish whether or not Ms. Lindor's computer contains evidence of this illicit activity.
While Ms. Lindor has been named as the defendant, I would suspect that the plaintiff's case hinges not on alleging that Ms. Lindor actually performed the acts in question, but rather that by providing internet connectivity and/or computer equipment which was used to ostensibly perform this act, Ms. Lindor is liable for damages caused by this act. However, the plaintiff's entire case rests on proving that the physical connection used to perform this act terminates with Ms. Lindor's residence and computing equipment (areas under her control). You should have little difficulty finding your own expert in the IT field, one who can demonstrate ideas such as MAC and IP address spoofing to gain illicit access to a network. Your expert should also be able to establish that (barring an extremely involved investigation which did not take place at the time) these items, while intended to be unique to a single computer connected at a single point to the network, are in fact easily forged. It should then prove trivial to explain why these items can not be used to positively and uniquely identify Ms. Lindor's computer and network connection.
Finally, you might consider analyzing the state of Ms. Lindor's equipment. If she was using any version of wireless networking, that would imply an even greater likelihood that the acts in question were performed with neither the knowledge or consent of Ms. Lindor. Insecurity in wireless networks has been a problem practically since their inception; and while Ms. Lindor may still have some liability (much like the registered owner of an automobile may be liable for damages caused by a thief who stole that automobile), this may be a factor in mitigation or extenuation of the alleged infringement.
Incidentally, you should ensure that UMG is fully aware of what the news will make of all this after a verdict is rendered. "Single mother loses home, life savings to music industry" would make a great headline, and I'm sure you could find more than a few sympathetic journalists to write an appropriately scathing article to go with it. As you're well aware, the courts aren't the only courts in this country; the court of public opinion can be a monstrous thing to those unwary enough to stand in its path!
5) it is his belief this computer was connected to the internet with a valid public IP address _based on data recovered from the computer's registry_
.. unless you count a resume.
.. quickly. ... that'll be US$4000.00 please
6) this is the not same hard drive used to share copyrighted sound recordings. The hard drive displayed a "lack of user created files"
7) yet the disk did manage to contain a resume (generally, that's a user created file).
Doesn't seem like they know a whole lot and are just fishing. They have a computer IP address that was involved in file sharing, and (I'm assuming) Verizon's logs show it to be Ms Lindon's IP at the time. They have a hard drive image (how was that obtained, btw? legally?) that wasn't used to share files, in fact wasn't used for much of anything
If Ms Lindon has a wireless router, they'll never find the hard drive of the computer actually used. If they manage to confiscate a computer just on a fishing trip, some laws need to be changed
"Why do you think that US copyright laws apply to Russian businesses?"
I'm referring to the RIAA 1.65 Trillion dollar lawsuit against AllofMP3, of course.
Since this is the discovery phase, I'd ask plaintiff to produce documentation substantiating the validity of the copyright for each claimed infringement, along with a complaint from each rights-holder or designated representative for each instance of alleged infringement.
I'd ask for specific evidence that establishes the defendant as the perpetrator of the alleged infringements, especially evidence that excludes the possibility of defendant's computer having been used, perhaps unknowingly, by an outside party - friends, hackers, etc. The presence of an 802.11 connection could make this especially tricky. It shouldn't be too hard to come up with numerous examples of people's PCs being taken over for illegal purposes, thus decreasing the strength of the 'preponderance' that shows defendant committed alleged infringements.
I'd ask for information supporting plaintiff's allegations of damage. Given the high likelihood that all of the infringed properties are available anytime, from any internet connection, by any subscriber willing to pay $6/month to Yahoo! Music Unlimited, any claims for damages beyond $6 per month total (or, more precisely, whatever fraction of the $6 the rights-holders would actually receive from Yahoo), are obviously egregious.
Maybe the legal staff needs a little explanation as to why these questions are *so* important and hopefully clarifying things.
1. Screenshot http://en.wikipedia.org/wiki/Screenshot
There is *no* way to prove where a screenshot came from. There is *no* audit trail, no chain of custody, no way to verify where the screenshot came from. NOTHING. Practically speaking it is *very* simple to completly fabricate screenshots. I'm not saying prosecution would do that, but very substantial doubt is easily established by asking the parent's questions.
2. Chain of custody on the PCs in question
Has the chain of custody been established and verified? Do you know the PC hasn't been tampered with by prosecution? Obviously you can't say that outright, but what they are claiming is almost impossible to verify.
3. What were prosecution's discovery techniques?
Substantial doubt can be established by punching holes in their discovery methods. Screenshots is a good example. Easily faked. Or maybe it's just a case of "the wrong man" because it's not clear who did the stealing which doesn't question the prosecution's standing as good lawyers so much. There will be many holes you can drive a bus through and slashdot is just the place to clarify/verify. I for one will be happy to volunteer if it sets some precedent. mpapetATyahoo.com.
4. Chain of custody on the files in question
It's possible that the files were transferred to them lawfully. Can prosecution establish a chain of custody on the files in question? Files on a computer is impossible to establish as fact the time/date the file was written. The opposite example is how easy it is to establish the time/date a shoplifter was in a store. A store employee would testify, "Because I saw them there" or "I caught them." There's no such analogy in file sharing.
5. Doctrine of First Sale
Check out the doctrine of first sale. That's a long-established precendence that may help you.
I'm shooting in the dark, but I want to help. I have a good server and some bandwidth, if you need a way to collect expert advice from the techies in maybe a wiki or slashdot style site let me know. It'll take a couple of days to set up. I'll do it for peanuts just to establish some precedent.
http://www.maxineudall.com/2010/02/should-economists-be-sued-for-malpractice.html
So much for not asking Slashdot for legal advice :P
Well fine there is a lot of thoughts here if you find something use full good. For the rest of you please pick this a part if I am wrong (because I would like to know to).
He is a Professor of Electrical and Computer Engineering. Ask him what experience he has with software in general, electrical and computer engineering deal with the hardware not software in general. Ask him at those security conferences what he spoke about? In all likely hood it has to do with network security that is all this guy dose. He has no credential to analyze the disk image of your client. What he can and did tell you is that yes the computer was linked to the internet and yes it was possibly using the p2p client program. It dose not indicate that any copyright material was transferred to or from the computer. Actually the Wikipedia article gives a pretty clear idea of MediaSentry (http://en.wikipedia.org/wiki/MediaSentry) and the unreliability of the evidence they give.
Odd thought to MediaSentry is hired by the RIAA what integrity do they have? A good analogy would be: A Shop owner realizes that he has been robed. He hires someone to point the finger and find who did it. They look at what is there and see 10 people in the store but can not figure out who did what so they say they all involved and provided evidence to such e.g. they were all in the store and here is a photo to prove it. The shop owner goes on to sue all of them.
Now it gets better. In section/point 6 of the 'expert' report he states that this is "not the same hard drive that was used to share copyrighted sound recordings". By that no amount of analysis will show stolen files. (I found a gun in your home, it was not the one used in the murder but further investigation might show something!) Now he might be referring to the fact that the defended formatted his computer. (Think using an eraser to clean a page, this information is gone but if you look really hard you might still be able to read it) In ether case if this is true then the information he used to like the ip address of the computer would be a lie since the logs and anything else on the computer at the time of the crime would have been erased.
Next: Cleaning up the blood. As anyone hear can tell you if you have ever tried to remove Kazaa or any other file sharing program it is near impossible to do. If Kazaa was on the computer there should be some evidence unless A) it was formatted or B) you paid a vary skilled computer technician to clean it up or C) it is a different hard drive.
Last but not lest there is the who done it clause. They can show that it was his computer but can not show that it was him. On that same note if there are no loges from the system unless they have the Mac address (This is a unique id assigned to every peace of network hardware. Though in reality it is not and can be copied) from the computer they can not even say that it was that computer that was hocked up.
Are there or have there ever been any operating system exploits that could allow someone to remotely connect and allow said "hacker" to upload and share copyrighted material? I know very well of one small business that had a virus that set up a hidden FTP server of French porn. Would the small business be liable in this case?
Priceless.
Ray Beckerman +5 Insightful
Obviously, we know several things:
* Screenshots are unreliable. They're easy to fake. I suggest you have a few fakes on hand.
* Thus, the chain of evidence *IS* the evidence and the only evidence. Make sure you know EVERY detail about it.
* You can't really prove which person was at the computer without something else to corroborate it, only the owner of the computer.
These are the biggest apparent gaps. You need to know everything about them and to dump as much as you can into the public record for us. You also need to document all the "I don't know" answers, because those will be the ones where you might hurt them the most.
Therefore, you should question him in detail on at least the following points:
* How are the screenshots taken. Who has access to them? What's the chain of evidence? How and where are all of these things stored? Are they stored in a secure manner? How would you know if they were altered?
- Make doctored screenshots. Have him "authenticate" the fakes. Bonus points if you do this in front of the jury. Double bonus if the infringing IP is that of riaa.com, sony.com or similar. WARNING: This is a public site. He may VERY well be reading this.
* Describe, in detail, the exact process by which you find those allegedly infringing upon your copyrights. Be methodical. You want to know the exact version of the OS they're running (not just "win XP" or "various"). You want to know EVERY program they use, even if it's MS Paint. You want them to produce the source code of any custom programs for analysis by outside experts. You want to know about any known flaws. You want to see any and all release or design notes, ESPECIALLY any bugs, source/versioning control, changelogs, etc. You want to know which exact version of their custom program found the infringement for this case. That does NOT let them off the hook on letting you examine prior versions or newer versions--old bugs DO stick around even when they've been "fixed" and you need to see both newer and older versions. I.E. if the bug has been fixed twice, you know it was there in the interim. Yes, they may put out protective orders and whatnot, but the more information about this you can get into the public record, the more they'll squirm and the more we'll reveal the sloppiness they're hiding. And I know they have things to hide, unless they're so clueless as not to know their own weaknesses. You can work both alternatives to your advantage.
* Describe how the ISP identifies the person associated with the IP. You may actually have to subpoena the ISP on this point, I suspect they'll just produce the letter and say that that's sufficient. It's not. We both know that even if the IP belonged to a computer using their internet service, they don't have any idea who's at the screen at any given time, only which account is active. And even this may be unreliable. You NEED to get every last detail about how they log the IPs leased out, how they associate them with their customers, where the data is stored, how long it is stored for, who has access to it, on what computers it's stored, how reliable those computers are (e.g. any records of maintenance, program changes or downtime), etc. You're the lawyer here. You know better than I how important being methodical in discovery is, and every detail may be significant. I suspect they'll have trouble producing everything. Records may not exist for some things, but this is also important--every gap is a gap in their chain of evidence. It takes only one broken link to destroy a chain... Get EVERY detail you can from this into the record and make sure it gets sealed or redacted as little as possible. All these details about software, hardware, and the human processes that work with them are of vital importance to us for technical analysis, just like case law, venue and precedents are to your case. Even the programs they don't use directly, like antivirus or firewall software may be important, not to mention the topology of thei
Stick to the fundamentals...
How does that RIAA know that a given computer was under the sole control of the current owner? A badly secured Windows PC may be under control of somebody a thousand miles away.
Or, more interestingly, "Where do you sleep at night, and are you a sound sleeper?"
This space intentionally left (almost) blank.
Point 5 in the experts paper, is that he establishes that the computer wasn't connected to the Internet via a wireless connection:
"Based on how IP addresses are assigned, it is not difficult to determine whether a computer was connected to the Internet via a wireless router."I assume this is to counter the argument that anyone could have been using the connection. It seems that from looking at a hard-drive it would be problematic to find how a computer was connected to the Internet at a specific point in the past. DHCP means nothing need be set, so I find it strange that the lack on an internal IP address would be proof against it. Ask the expert if there would be a record of an IP change on a specific date, and where that record is located.
In point 6, he mentions
"...that this hard drive was not the same hard drive that was used to share copyrighted sound recordings as shown by the MediaSentry materials"How can you be sure it's not physically the same hard-drive? Did MediaSentrys information include serial codes for the hardware? Had the hard-drive been formatted to repair a spyware-ridden Windows installation (addressed in an earlier post in this discussion). How invasive can spyware and trojans be?--Could someone externally have been using the defendants computer as a proxy if this was the case?
Perhaps the most compelling quote from the expert is
The hard drive that was provided and that I inspected, showed little usage at all, as evidenced by the lack of user created files and e-mails, and did not reveal the evidence noted above, which I believe the correct hard drive would certainly have shown.How much is enough user content? I know people who use their machine for Internet, including webmail. They don't have any office products installed, nor do they go to uni, or use the machine for work, their entire content floats around their temporary internet files directory, which can be wiped with a few clicks.
It may seem unlikely to an expert who is so engrossed in technology that he simply doesn't consider that someone might use a machine for simple leisure.
Also, what timestamps are shown for the system files, that should more accurately date the installation time, but even so, dates can be very easily changed. Keep hammering home how very malleable data is, it will help to give the defendant wiggle-room, but also make MediaSentrys information all the less solid.
Above all the specifics, ask how can MediaSentry be sure that the client was aware they were sharing files (I know people who have had horrific experiences using and getting rid of P2P programs) and that any infringement took place. How can they be positive that the files they recorded as being shared by the user had indeed been shared (transference of data), and were infact the songs they were named after (A rose by any other name...). If MediaSentry downloaded the file to check, how can they be sure others did? Especially in a world of P2P, where one downloader might get one file from a hundred sources, perhaps that if files were downloaded from the user, the user actually contributed 0 bytes.
There is such an incredible amount of doubt in anything like this. Use it to your advantage.
You might try asking your question on Groklaw, where there is a natural convergence of lawyers and techs.
Slashdotters tend to be long on unsupported opinion and short on facts. In court I think you will need to be long on fact and short on unsupported opinion.
Change of subject. As an engineer, I would need to know more about the facts and opinions of the expert to give any helpful suggestions. We need specific facts to give relevant observations. I am guessing you have your own team of experts to tell you this though.
Everybody knows 3 people with my name.
First I'd use their own witness to establish a possible defense for the alleged infringement. Then I'd point out how weak the argument for claiming the hard drive he examined is not the correct one. Finally, I'd establish that there is no evidence that the hard drive they're trying to subpoena contains any evidence of infringement and portray the whole thing as a big fishing expedition. Let me walk through these 3 in a little more detail.
1. The witness claims the computer was not connected to a router because of the IP addresses he observed in the registry. The addresses you'd typically use for a home router are non-routable ip addresses like 192.168.*, 172.*, or 10.*. These are special address ranges that don't appear on the public internet. Routers use them because you can guarantee that the IP addresses assigned to computers by the router will not conflict with any other address. While it is possible to configure most routers to use a different routable address, the assumption the defendant makes is probably reasonable. However, if no router is being used as the witness claims, then the attached computer did not have the protection a router's NAT provides from outside attacks. I would grill him on this. The theory I would push is that since the computer was insecure, someone else did the infringement but used the defendant's vulnerable computer to run proxy software to hide their illegal activities. This sort of thing actually happens quite frequently. If you search, you can find lots of software for doing this. Further, proxy software isn't that difficult to write. Anyone with a good programming background could easily write one, and anyone with a good understanding of networking who wanted to do something online without it being traceable back to them would likely use this exact technique. Virus scanners already detect many of these programs, but there are many, many more that the virus scanners don't know about yet. I would get him to admit this. There are many, many ways to hide software like this, so even if you look for it and don't find it, you can never be completely sure it isn't there. That's why many experts will tell you that if a system has been compromised, the only sure way to restore it to a secure state is to wipe it and reinstall everything. There's just too many ways to hide malicious software to be sure you found everything the attacker did.
2. I'd point out the many other conclusions one could draw other than, "this must be the wrong hard drive." One possibility is the proxy explanation I gave in #1 - kazaa wouldn't be on the computer in this case. Another explanation for the lack of files on the computer is that the defendant just didn't use the computer very much. Another explanation would be that the computer recently had the hard drive formatted and the software reinstalled - I believe this is undisputed. An explanation for the lack of kazaa files is that kazaa was never there in the first place. Essentially he's saying, "I was told the person using this hard drive was using P2P software to share files. I don't find any evidence of that on this hard drive, so this must be the wrong hard drive." Another explanation is that it's the right hard drive, but that kazaa was not being used and the defendant didn't even use the computer that much. If you try to say a format and reinstall would wipe away all evidence of kazaa, he might try to claim that the forensic software he used could still detect it as not all the data gets overwritten. This is true, but to counter this, ask "Is it possible the data you were looking for could have been overwritten when the operating system was reinstalled?" His answer will be yes. "Could your forensics software detect that data after it has been overwritten by other files or when the operating system was reinstalled?" His answer will be no.
3. Finally, portray the whole thing as a fishing expedition. Ask him about how widespread the problem of illegally sharing files with kazaa is. Ask him if you randomly just
Gave me a funny mental image...
:)
Imagine serenading your love interest, and calling her out to the balcony and holding up the radio to her room, hit play, and get a "Authorization Required, please contact RIAA"
Sorry entertainment on a boring work day, my apologies
The price is always right if someone else is paying.
I'm reading over the PDFs and typing this up as I read them, so it may seem a bi unorganized.
1) You state that because you found the resume of Gustave Lindor, Jr. on the defendants machine that this "document indicates he was living and working in Brooklyn, New York during the dates that the copyrighted music was being shared."
Point 7, Page 5 of the 'expert' report
a) How does this prove that Gustave Lindor, Jr. was using the machine and that he had not, for instance, e-mailed the resume to his mother (the defendant) for advice or recommendations of modifications to the resume.
b) How does this prove that Gustave Lindor, Jr. was actually at the machine, that the file was initially create on the machine or that Gustave Lindor, Jr. had ever touched this machine? (i.e. couldn't the file at least have been dictated)
c) Does this not mean that the case should be dropped against the defendant due to the lack of evidence found on machines that she owns?
d) How can you prove who was using the computer at the time of the alleged infringement?
2) From the 26-page curriculum vitae (I glanced over this one)
a) Are there any EE/ECE/CS courses that you did not include in this? Why?
b) Have you ever received a failing grade in any EE/ECE/CS course?
c) When was the last time you enrolled in aa EE/ECE/CS course? Course Name? Type? Grade?
d) Have any disciplinary actions ever been taken against you or have you ever been rebuked/censured (Note: no typo, I do not mean censored), by any University or Professional Organization such as the IEEE.
e) Have you ever cheated/plagarized on homework or a test?
3) What possible evidence could there be on Gustave Lindor, Jr.'s computers that would implicate the defendant in any of the charges against her? How would any evidence on Gustave Lindor, Jr.'s computers implicate the defendant and not Gustave Lindor, Jr.? How can the defendant be held responsible for any relevant activities by Gustave Lindor, Jr.?
4) What proof do you have that Gustave Lindor, Jr.'s computer was ever at the residence of the Plaintiff? Ever possessed on of the IP's in question? Has ever had KAZAA or any other file sharing program on it? etc... (I'd suggest having some fun and running with this one out of malicious mischief if nothing else)
5) How is this not harassment of the defendant and/or her family?
6) How can you positively completely 100% prove that any single computer ever possessed a specific IP address in the past?
Fly me to the moon Let me sing among those stars Let me see what spring is like On jupiter and mars
Scott,
I have some great news for you. This'll probably relieve the other Slashdotters too who are suffering from the same misconception:
The lawsuits are about people uploading music on networks that are designed to pass the music onto (potentially) millions of anonymous strangers. They are NOT about listening to the music.
So you can breath easy. You will NOT be sued for listening to your Beegees collection. Your copy of The Birdie Song will not get you into trouble (unless you rip it and allow people on Kazaa to download it from your PC.) You can retrieve your REM CD from that little nook on the wall you also use to store the catnip someone told you was dope, and the Confederate money which, I'm delighted to tell you, isn't illegal to possess either (you just can't use it.)
I hope this helps.
Your pal,
S.
You are not alone. This is not normal. None of this is normal.
Unfortunately you have your facts wrong. The RIAA doesn't have a shred of evidence of any uploading. to anybody.
Ray Beckerman +5 Insightful
No limit is placed by copyright on your ability to listen to the music. Copyright limits your legally permitted ability to make copies of the work.
Now, express and implied consent to copy can be granted. If inherent in a playing medium is digital file transfer from one location to another, and the copyright holder produces a format for that medium, and grants purchasers the right to use that format on that medium, than he has implicitly granted permission to copy for use in that medium. That does not mean that he's granted permission to copy that file willy-nilly and distribute whereever.
Right or wrong, copyright is very limiting, especially when applied to a digital domain where even intended use often involves creating a copy of the data somewhere. Nonetheless, even in a digital format, and whether or not digital copying is possible/easy/trivial, the same limits apply as in the brick and mortar world.
The law of the land does not need to be explicitly spelled out in a contract. You are in no way limited to listening to the copy of the work that you paid for. You may be limited in producing other copies of that work, as limited by the law of the land. Fair use was specifically allowed way back when for specific cases. As it hasn't been specifically applied to newer cases in any court of law, any assumption of fair use rigths in other circumstances is just that: an assumption. Assumptions very well may get smacked down in a court of law. If there's a 'you should have known better' tied to that smack-down, expect penalties. IIRC part of that fair use allowance involved the fact that it didn't detract (much) value from the original product. That was typically tied to the fact that copies couldn't be perfect. Now, that is no longer the case, so applicability of fair use may very well be legally very different in newer cases.
No one says copyright is perfect, but it is what it is, and the law (and penalties) is based on that. If you think it's unreasonable, fine. I think a ticket for going 74 in a 65mph zone is unreasonable. I still pay the ticket, as I was willingly operating in the wrong. Given the opportunity I might argue for a change. But until the change comes to pass, I still recognize that going 74 in a 65 is outside the law.
In paragraph 5 he claims that the machine that downloaded the songs was not connected via a wireless connection based solely on IP address. That's some magic trick! I have a wireless router in between a pair of firewalls at my house. If someone were to get on it and download IP, they would show up to the entire world as the same IP as my cable modem.
Also in paragraph 5 he sites the computer's Registry as additional proof that the machine was not connected to a wireless router. Which I suppose might have some validity, as a wireless driver would likely have some reference in the registry.
But then in paragraph 6 he states that he believes that the hard drive he reviewed is NOT the same one as the one that downloaded the IP. So if this hard drive is NOT the one that downloaded the IP, what does it matter that there is no proof in the registry?
The guy is a sham, throwing together half baked and highly biased inspections that don't even pass a rudimentary review.
-Rick
"Most people in the U.S. wouldn't know they live in a tyrannical state if it walked up and grabbed their junk." - MyFirs
If you don't pay for unlimited rights, you don't have them when you're licensing media.
Extra points to everyone who saw the bus-sized hole in this statement.
ANY media I purchase is subject to the doctrine of first sale. That means, when I buy it it's mine to do with what I want within limits we all know and follow.
The media conglomerates want to pretend the doctrine of first sale doesn't exist by pretending digital media is somehow radically different than an LP/VHS or even the CD.
On its face that is ridiculous and you either are astroturfing for the media conglomerates or woefully misinformed. In case it is the latter, you have given away your personal freedoms for absolutely nothing and opened the door to even more abuse.
Mod parent down.
http://www.maxineudall.com/2010/02/should-economists-be-sued-for-malpractice.html
I don't have an 'employer,' and nothing is being rewritten. Please see 17 USC 109 and all applicable case law. There are numerous protections in place for derivative works and an extensive and rich history of case law to support and define those works. Regardless of anything else, you, like most other Slashdotters, have lost sight of what a license truly is: it is a limited transfer of rights from an originator (author, owner) to a customer (licensee, purchaser). Again, like I posted earlier, purchase of the book does not imply purchase of the copyright nor ownership of any of its contents; license to the contents does not, likewise, imply license of the physical carrier.
It cuts both ways, which is something you have utterly failed to understand. When you buy a book, you own the paper and the ink and that's it. You don't own the contents, you never have, and you never will until the book enters public domain, at which time you own it in trust along with every other living human. Insofar as it is protected by copyright, you hold a license to the contents. That's it and all there is to it, and if you believe otherwise, cite a case. You'll find none. The distinction in copyright law is an explicit separation of ownership between copies and copyrights--you can't do whatever you want with the copyrighted portion of your purchase; the copyright holder can't do whatever it wants with your copy of it.
Where there is a different arrangement made beforehand, for example via the terms of sale of an online music service (which explicitly requires the acceptance of DRM), those terms are valid (Wall v. LA et al). Where no other terms are attached, you're free to act within the confines of applicable law. Any of it can be reused in core form--the owners of Harry Potter copyrights and trademarks do not possess control over wizards and magic and child heroes. They control the wizards, magic spells, and child heroes specific to Harry Potter (their names and arrangements). If you want to write a similar story, that's perfectly fine (Wizard's Hall is an older, shorter Harry Potter, for example)--but you don't get to reuse characters or verbatim segments of Rowling's novels. You are broadly and erroneously overapplying the restrictions and control granted by law for your dramatic tirade.
DFS perfectly clarifies the distinction: individual owners may not rent or lease their copies (cf. 1984), and copyright holders may not disallow the resale of copies using their rights under copyright, trademark, and commercial codes. It does not specify any additional rights (or any additional restrictions, beyond the rent/lease prohibition which arguably merely codifies prior case law) to the contents of any purchases under the law containing copyrighted works. Furthermore, it is not categorically applicable, but merely held prima facie failing any appropriate consideration to the contrary.
I also see that you failed to observe the intent of the airline metaphor--mere payment does not imply ownership in any context (i.e. it is not unique to the realm of "intellectual property"). Payment for access is not a stipulation for complete control; buying a book does not give you complete control over the author's work, but rather gives you complete control over the purchased portion (the paper and the ink and the binding) and partial access to the intangible portion.
The IP address of record is associated to the MAC address of the cable/dsl router/modem/gateway. This does not imply anything about which device on the client side (private)of the network actually was conected at the time of the alleged transfer. If there was a wireless router it could be anyone. Or may a friend connected a laptop for a little while... Finally, maybe the IP address was highjacked on the public side of the network. Anyway... good luck.
Digitronically yours, Saltheart Foamfollower
ever used a wireless access point that you plugged a network cable into? wireless access, no drivers.
Enjoy Every Sandwich
Thus, the idea that the disk is from a different computer that had the same IP address is unlikely, at least with my ISP.
The real "Libtards" are the Libertarians!
Maybe I saw it on the sidebar at freshmeat or something. I think it was the sco-diebold truthiness generator v. 0.95 beta! Good stuff! Posix compliant!
"If they have ever run tests to see if the file matching can be fooled into false-positive matches (especially if they have not actually listened to the downloaded files), and what the accuracy rate is."
Good question, proving correctness, even for trivial software is an expensive task and the RIAA are penny pinchers.
If they do have test results then question what quality standards (eg: IEEE, CMM) were used to conduct the testing. Ask for past and present "bug lists" or anything else that displays the shakey nature of our chosen proffesion. Having a bug list can introduce doubt about the software, not having a bug list can introduce doubt about the QA.
I assume they have logs from the ISP, otherwise how the hell can they be sure it was her computer.
PS: I have noticed NYCL's informative posts on other slashdot stories, I hope he finds what he is looking for.
And did you exchange a walk on part in the war for a lead role in a cage? - Pink Floyd.
Oh, I get it... mod me down b/c you think I posted the original and was complaining about the moderation of "my" post. Well, whatever you'd like to think. Just know I'll see you in MetaMod.
The standard is a balance of the probabilities. That is, whatever the jury thinks most likely happened
This point has been made a lot in these comments and in theory it's absolutely right, but (as ever) theory and practice are different environments. Given a sympathetic jury (not an unlikely occurence) and the mis-matched resources of the plaintiff and defendant, substantial doubt might well be enough to tip the scales in many jurors minds.
Is it really worth it, for the priviledge of a few for the use of exacting payment for content, to legislatively mandate ignorance of this technology?
Today, viruses are rampaging our networks. Supposedly "top secure" ways of selling somebody something without giving it to them, are cracked and made public within days of release. Our top business systems are violated within days of release. Aren't we chasing after wind? Ignorance only makes us vulnerable to others with wisdom. People who are not compelled to live under our law reign free, unfettered by our laws. Only the law abiding citizenry will adopt ignorance.
While our wisest minds in Washington ponder law to restrict knowledge of our computational infrastructure, other equally brilliant minds in countries eager to collapse us by rendering our technologies useless can use our ignorance to their advantage.
A typical instance of this in history is how Alexander the Great rendered a far more powerful adversary helpless by causing his adversaries infrastructure ( his elephants ) to malfunction ( by blinding and stampeding them ). His adversary now had his hands full with his problem elephants while Alexander took control.
When we do not understand our own technology, our business leaders are going to be completely powerless to control anything if their communications infrastructure has just about the same effectiveness as giving a child a toy steering wheel in a car.
I hate to see so much of our technologies being so centered aroung hanging itself up if something isn't just right. All this secret-keeping. Its enough to give any computer engineer the CIA Heebie-Jeebies ( as related in that movie release "The Good Shepherd", when nobody could trust nobody. I know we love to talk "trust", but frankly, EULA's instill about as much trust in me about as much as a pre-nuptial agreement instills a sense of love. If you want TRUST, then be RESPONSIBLE for it, not deny it in a EULA.
I would hate to have future civilizations digging up the remains of our civilzation, only to discover our civilization was done in by ignorance of how their own technology worked ( as in the theme of many Star Trek episodes ) and deduce we we became ignorant of our own support technology for a song. Literally.
"Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]
Wrong. Lawyers understand the law, not technology. You could probably build a ladder to the moon with all the text that is generated on Slashdot alone about stupid lawyers and politicians getting technology wrong. This expert witness is a Geek (yes, with a capital G), or at least he thinks he is. This could not be more completely Slashdot's turf.
Lawyers do not often consult public opinon on any topic. They should be thanked for this.
Also, by the way, the lawyers here are not doing their job, they are doing your job. They are defending your freedom to share information -- which is the modern form of speech. It is every individual's duty to defend freedom. Do not criticize them for giving you a helping hand.
All data is speech. All speech is Free.