RIAA's 'Expert' Witness Testimony Now Online

NewYorkCountryLawyer writes "The online community now has an opportunity to see the fruits of its labor. Back in December, the Slashdot ('What Questions Would You Ask an RIAA Expert?') and Groklaw ('Another Lawyer Would Like to Pick Your Brain, Please') communities were asked for their input on possible questions to pose to the RIAA's 'expert'. Dr. Doug Jacobson of Iowa State University, was scheduled to be deposed in February in UMG v. Lindor, for the first time in any RIAA case. Ms. Lindor's lawyers were flooded with about 1400 responses. The deposition of Dr. Jacobson went forward on February 23, 2007, and the transcript is now available online (pdf) (ascii). Ray Beckerman, one of Ms. Lindor's attorneys, had this comment: 'We are deeply grateful to the community for reviewing our request, for giving us thoughts and ideas, and for reviewing other readers' responses. Now I ask the tech community to review this all-important transcript, and bear witness to the shoddy investigation and junk science upon which the RIAA has based its litigation war against the people. The computer scientists among you will be astounded that the RIAA has been permitted to burden our court system with cases based upon such arrant and careless nonsense.'"

One quick thought about licensure

[Raul654]

I saw something in the transcript that I wanted to point out before anyone else here criticizes Jacobson on it:

Q. By what body are you certified as an engineer?
A. By no professional society.
Q. No professional society? Is there any organization that has certified you as an engineer?
A. No.
Q. Are you part of any peer regulatory body?
A. I don't quite understand what you mean by --
Q. Are you part of any body the members of which are peer-regulated?
A. Can you give me an example of what you are --
Q. A lawyer, an architect, an accountant. I thought an engineer had to be certified by a peer-regulated body.
A. To be called a professional engineer they do.
Q. So are you not a professional engineer?
A. I do not have a PE license.

Based on his Jacobson's research page. It looks like Jacob's, a professor "on the faculty of Electrical and Computer Engineering", is a computer engineer. Given that, the above statement is totally understandable As a computer engineer myself, I can say that it is *EXTREMELY* rare for a computer engineer to be a licensed PE. (Not a single computer engineering professor in my University is). PE's are common in engineering professions where somebody needs to sign off on the final product - civil engineering especially, and mechanical engineering to a lesser extent.

Re:One quick thought about licensure

[Cassini2]

I'm a Computer Engineer and a Professional Engineer. If I testify in legal proceedings, I am required to adhere to specific professional standards. My certifying body takes our legal obligations fairly seriously. A customer would be wise to hire properly licensed engineers for matters involving legal responsibility and/or large contracts. Amongst other requirements, licensed engineering firms require liability insurance, so if things go bad, the customer has some recourse. We also have ethical standards constraining what we can say or do.

Re:One quick thought about licensure

[lawpoop]

Because he is not a professional engineer, there is nothing really keeping him from being a talking head in court. On the witness stand, he could be totally honest and forthcoming, or he could totally sell out the the RIAA and say whatever they wanted him to say. The only thing at stake is his reputation, if he is later discredited. However, a professional engineer would lose their license if they were shown to have acted fraudulently or negligently, and thus their career, profession, and ability to make a living.

It's fine to give a professor the benefit of the doubt when you attend his/her lecture. Doing so in a courtroom seems an act of extreme naivety.

Re:One quick thought about licensure

[mollymoo]

As a computer engineer myself, I can say that it is *EXTREMELY* rare for a computer engineer to be a licensed PE.

Way off-topic, but programming desperately needs the kind of accountability and professionalism that 'real' engineering has. We're around where engineering was 100 years ago just now, with a hundred different screw threads and steam engines which explode in your face. 'software engineering' may be an academic discipline, but 'professional' (in their execution) software engineers are few and far between and professionally engineered software is rarer still. The lawyer is making a valid point.

Before you ask, I am a professional (it's my job) programmer. I'd love to be an engineer. I'd love to work somewhere where those kind of standards were applied. I'd get a CS degree (mine is in Physics), but those programmers I've worked with who have CS degrees don't seem much more engineer-like in their application than those without. Too much hacking, not enough engineering. Perhaps civil engineers would be the same if every bridge had "this bridge comes with no warranty, either express or implied" written into the contract.

Re:One quick thought about licensure

[Cassini2]

I would expect my licensing body would get annoyed with me if I spent "45 minutes" (Page 54) drafting a report that was used as part of litigation. They expect that Professional Engineers check our facts so as not to mislead a jury. This avoids sequences of questions like that from Page 42, where the witness essentially admits:

a) he did not look for alternative explanations,

b) he did not check how accurate his findings were (potential rate of error),

c) he has no standards or controls,

d) he is not using published methods accepted by the scientific community, and

e) has no way of determining if the information given to him was correct.

It is considered a substantial problem if a Professional Engineer misleads a jury, as it can pervert justice. As such, it is very important for the legal duties be taken seriously and with the required standards of care.

Respect

[lightversusdark]

Respect to you Ray.
I've seen you take a lot of flack for your efforts to keep us all abreast of the proceedings, of issues that should concern us all.
And it's nice to see that the community could have been of help.
All the best.

Re:Respect

[NewYorkCountryLawyer]

Thank you, light.

(You don't mind if I call you by your first name, do you?)

Re:Respect

[NewYorkCountryLawyer]

It doesn't mean a thing. In a deposition it's a totally inappropriate objection. And there was probably not a single instance in which it would have been an appropriate objection at trial.

At a trial "lack of foundation" means the lawyer's question has leapfrogged over some other material that would have been needed ... i.e. laying a foundation.

But since I would only be crossexamining this guy, lack of foundation would not have been an appropriate objection to my questions there either.

I.e., the RIAA lawyer, hopefully out of inexperience rather than calculated dilatoriness, was wasting our precious time.

Re:Anyone who knows stuff about court...

[NewYorkCountryLawyer]

There was no legal basis for making those objections at a deposition. He was just wasting time.

For me to say why he was doing it would be speculation. My guess as to the reason: inexperience.

IPV6

[Nom+du+Keyboard]

There's a spot down in there where the RIAA expert refers to IPV6, and this refers to 2004. That alone should get him laughed out of the tech community.

Not to mention that he maintains he can trace the IP address back to a specific ISP account and computer (emphasis mine). Unless he's a Peeping Tom with a web-cam in the defendant's house, the RIAA should be demanding their money back from him.

Oh, and then there's the place where he maintains that at the time the computer was imaged many months afterwards, that there was no wireless router in use at that time Media Sentry "discovered" this "infringer". Is there a log that keeps records of every IP address you've ever connected with?

And I have to laugh at how he refers to "registered" computers. I thought he was talking about gun registration, or some such thing. I've never heard of my own computer being "registered" to anything. Is this another invented RIAA term, like "Media Distribution System"? Has anyone else ever referred to KaZaA, or any other P2P program, as an MDS? Ray, you can't be letting the RIAA frame the terms of the debate to ignorant Judges.

And don't miss the parts where he says he didn't actually document any of his findings because there was nothing to find, however, you should go through your own copy of the disc to verify my Registry findings that no wireless router was in place. He's supposed to be the expert, and he wants the defense to replicate his findings in the Registry??? Are there any registry experts here? Probably a few, but not many. But he assures us it's there.

Biggest thing is that he says that no KaZaA was present, nor any infringing music files. The only way the RIAA can respond is you sent us the wrong hard drive. No question that the person in question might have actually been innocent. RIAA -- You Bastards!

Glad to know that we helped, Ray! Keep fighting the good fight!

Re:Not Chappelle too!

[Brian+Gordon]

This is not an option nigger, share the file or we have a problem.

The FE Exam

[dj245]

I'm currently studying for the spring Fundamentals of Engineering exam (FE). After taking this exam and working in the field of engineering for 5 years, you can take the Professional Engineering (PE) exam. Its not the easiest test in the world, and its a big pain in the arse. That said, I think a computer science student would have a particularly hard time with it. The morning session (general) is composed of several subjects including chemistry, strengths of materials, physics, thermodynamics, fluid mechanics, a small ethics session, etc. Basically all engineering knowledge known up to 1935, updated to the modern day. Everyone has to take the general session, and I think Comp sci students would struggle with it.

The afternoon session is a choice between mechanical, electrical, civil, (chemical?) engineering. I think maybe comp sci students could take the electrical and do fairly well on this half. The PE exams are very similar (identical?) to the FE exams, but it has been 5 years since you have been in a classroom so they are considered harder just for this reason.

As for the term "Computer Engineer"; in the 1800s a group of very smart men began doing different things with Natural Philosophy. They were so different that they thought they needed a new title for what they did to separate themselves from the natural philosophers. Eventually they went with the title "scientists". Perhaps a new title is needed for "computer engineers" because it doesn't seem to fit very well.

Re:Damn

[NewYorkCountryLawyer]

I think many of his students will be appalled at the actual contents of his testimony.

For example, he teaches a course in "Information Warfare", the entire thrust of which is that the internet is dangerous and insecure in the extreme. He teaches students all about the infinite numbers of vulnerabilities.

Then he testifies that he forms an opinion in 45 minutes based upon some printouts from an investigator who pulled down some screenshots from the internet.... with no verification whatsoever.

And that he's give about 200 such opinions. And so far, 200 out of 200 concluded, without reservation, that there was indeed copyright infringement.

What kind of grade would he issue to a student who handed in work like that?

Re:Expert Witness?

[NewYorkCountryLawyer]

He's submitted sworn reports... around 200 of them. But no defendant's lawyer has ever brought him to a deposition before this.

Re:Some "expert"!

[tftp]

To me it's crystal clear that they observed someone's Kazaa traffic, but when they snatched the HDD it was some other computer. The reason for that is not some outlandish NAT or Kazaa hack, but simply an IP address confusion (either a true collision, or a wrong DHCP log at Verizon - not that they care.)

Re:Some "expert"!

[NewYorkCountryLawyer]

Exactly. They have no proof who was using the computer or even what computer it was.

I'll go you even one better, they don't even know if the index of song files in the screen shot was on one computer, or represented bits and pieces from a number of different computers (nodes, in KaZaA parlance).

Objection, your honor!

[violet16]

A few unhelpful observations.

This is my first real-life encounter with a deposition, and I've gotta say it's quite fascinating. I like how the opposing lawyer relentlessly objects to nearly every single question. And how Mr. Beckerman's first goal seems to be to show that the "expert" has a financial interest in what he's been claiming, coupled with that expert's bizarre claims that he doesn't have the foggiest idea about the commercial reality surrounding his work. For example:

A. Our company worked with Audible Magic to develop a product to stop peer-to-peer traffic as identified by Audible Magic's proprietary code.
Q. And you are testifying here today that you have no idea how the RIAA reacted to this work that you are doing?
A. That's correct.
Q. Have the press releases issued by Palisade Systems referred to the RIAA?
MR. GABRIEL: I object to the form.
Lack of foundation.
A. I'm sure that some of our press releases have probably mentioned the RIAA.

I'm not sure how you can have "no idea" whether the RIAA is pleased, furious, or otherwise about the fact that your company is creating anti-P2P products, while being simultaneously "sure" that your company is referring to the RIAA in its press releases to help sell its products.

This is funny, too:

Q. Based upon your examination of the hard drive which you examined, what evidence did you find that inculpated Marie Lindor personally?
MR. GABRIEL: Object to the form.
Lack of foundation.
A. Would you please define the second-to-last word.
Q. "Her"?
A. No, "inculpated." Would you please define that for me.
Q. Do you not know what the word "inculpated" means?
A. That's correct.
Q. Are you familiar with the word "exculpate"?
A. No.
Q. What is your educational background?
A. Computer engineering.

This testimony fails a basic test for evidence

[grandpa-geek]

IANAL, but I understand that there are standards for admissibility of scientific evidence, and the questions quoted below (and several that follow) cover them. The most recent ruling is called "Daubert."

Whatever this witness has to say based on his methods is useless because the methods have not been generally accepted and/or there are no peer reviews or tests of the methods' accuracy/reliability and no known level of accuracy/reliability.

Q. Has your method of determining from
the MediaSentry materials whether a particular
computer has been used for uploading or downloading
copyrighted works been tested by any testing body?

A. Not that I have submitted.
Q. Do you know anyone else that is using
your method, other than you?
A. Not that I'm aware of.
Q. Has your method of determining
through the MediaSentry materials whether a
particular computer has been used for uploading or
downloading copyrighted works been subjected to any
form of peer review?
A. Not that I'm aware of.
Q. Has your method of determining from
the MediaSentry materials whether a computer has
been used for uploading or downloading copyrighted
works been published?
A. No.
Q. Is there a known rate of error for
your method?
A. No.
Q. Is there a potential rate of error?
MR. GABRIEL: Object to the form.
A. I guess there is always a potential
of an error.
Q. Do you know of a rate of error?
A. To my process, no.

Q. Are there any standards and controls
over what you have done?
A. No.
Q. Have your methods been generally
accepted in the scientific community?
A. The process has not been vetted
through the scientific community.

Re:Zzzzz...

[mollymoo]

The part where the ambulance goes by is pretty funny.

At first I thought that was a lawyer-lawyer jibe and he was about to ask if the other lawyer wanted to chase it. But it was almost that good anyway:

MR. GABRIEL: Why don't you wait until the ambulance passes.
MR. BECKERMAN: I don't think we --
MR. GABRIEL: It may take a while.
MR. BECKERMAN: This is New York, Richard. This isn't Denver. We could be here all day.
MR. GABRIEL: Just try to keep your voice up.

Re:You wha?

As I interpret it, the summary is that the guy inspecting the hard drive appeared to have no formal qualifications, his methods were not peer reviewed, he was unaware of the exact methods and procedures of the software he had been using to identify the user or examine the hard drive, he could not testify that although media appeared to be shared it had actually been downloaded by any person (other than the software looking for copyright material), although he examined the disk he didn't actually document any of his findings, that he was not aware if the time of IP address allocation and the IP address to account lookup that Verizon did was actually correlated/synchronized, that he was unaware of Verizons' procedure for looking up such data and if it was free of human and/or mechanical errors, that he didn't know what the IP allocation time was or how many times this dynamic IP address had been allocated that day, that he himself teaches classes involving spoofing, that there were 3 user accounts on the hard drive that he examined, and that, assuming the information from Verizon was accurate, he had no way to actually show which particular person had been using the computer. Further, he conceded that it was possible to compromise and control a computer remotely over the Internet, and that he had not investigated if this had actually occurred. A document was also referred to in which it was shown that P2P applications often scan users hard drives and share media on installation, and many P2P users are not aware of which files on their computer are shared, even when their whole drive may be shared, including personal documents. It was also stated that P2P applications can run in the background, e.g. in the system tray, perhaps without the users knowledge.

There was some tenuous discussion of how MAC addresses are used (to which I am not certain I completely agree, but I'm not an expert), and again on how the correlation of two address fields in a Kazaa packet shows that the computer was connected directly to the Internet and not through a router. Again, there was nothing to show that the computer connected to the Internet at the time actually belonged to the Verizon account holder, because no MAC address was recorded and in fact he didn't have access to anything except the hard drive (although personally I would expect Windows records this in the registry, which he did examine and didn't document). In any case, he did say that MAC addresses could be spoofed.

Most interesting for me was that as the examiner, he had been asked purely to find out if Kazaa and MP3 files were present, and he seemed to followed that direction, failing to look for any materials (e.g. malware, remote control apps, etc.) that could possibly have assisted the defense.

HTH

Re:Anyone who knows stuff about court...

[nudicle]

The lawyer was making those objections because that's how these things work, for better or worse. In these situations, lawyers attend depositions assigned specifically to object to anything remotely objectionable in order to preserve their objections in the future (because otherwise they are lost). If something really damaging happened in one of the answers to an objected question, those lawyers could then bring up the fact that they objected at the time and wouldn't be hosed by failure to preserve the issue. In many cases it's just wasting time, but in the event something goes ill in your deposition, you'll thank your lawyers for so protecting you.

Standards for Evidence?

[Proudrooster]

Wow! I just finished reading the ASCII transcript and would be embarassed to bring this case. Just looking at the following facts:

• The "expert" did about 45 minutes worth of work and produced no evidence to support the allegations and produced almost no documentation.
• The "expert" does not fully understand how the software that gathered the evidence functions
• The "expert" does not know if the information he received from the ISP (Verizon/3rd Party) is accurate.
• The "expert" does not know if the clocks were synchronized between the evidence gatherers and the ISP.
• The "expert" can not identify which computer is involved in the allegations.
• The "expert" can not identity what physical person is involved in the allegations.
• The "expert" understands the Internet is insecure and computers can be taken over and remote controlled.
• The "expert" understands there are several methods which could have mistakenly identified the accused, e.g. "ip spoofing".
• The "expert" either lied under oath or is not really an expert when he said he could not make certain determinations about a computer based soley on the harddrive. He stated he could not tell if the computer had a "wireless network card" by looking soley at the registry without the computer that the registry came from. Huh???? Hint to the "expert", look for "WLAN" in the Registry, double hint, WLAN='Wireless LAN'.
• The "expert" could not demonstrate that the files uploaded/downloaded were copyrighted material and simply had a screen shot of some filenames and ip addresses from a 3rd party.
• The "expert" acknowledged that screenshots could be faked.
• The "expert" acknowledged that public IP addresses can change often and could be spoofed

This entire case hinges on screenshots, mystery analysis software "encase", a questionable expert, and an IP address obtained from an ISP. The evidence in this case doesn't even make it to the standard of "hearsay" not to mention the fact that the plaintiff lawyer appears to be highly inexperienced with Turets syndrome and keeps blurting "Objection to form."

I suspect that if one were to dig deeper into the so-called evidence, one would learn that information obtained from Verizon is prone to error, and that the procedures for generating the screenshots from KaZaa are based on assumptions which are prone to error and probably performed by monkeys. I want to read the deposition from the "dude/monkey" who took the screenshots, please post that one next.

If I were the lawyer for the defendant, I would already be filing my motion for dismissal "with prejudice" with the award of reasonable lawyer fees for having brought a case without any evidence.

Are there any standards for evidence? Is a printout obtained via supoena really a standard for evidence? If so, I can prove anything you like and as a bonus, I even have a professional certification. :)

Re:Some "expert"!

[Coopjust]

He tried very hard not to say that it is always true because it isn't. That is why the lawyer (who clearly doesn't understand internetworking, but had a list of "gothchas") couldn't pin him down to anything.

While you may be right that the alledged KaZaa packets would support that idea, the main problem is that the RIAA expert has *no* way to verify any of his claims.

-He failed to document his forensics- which he believes is not necessary and any other professional would consider "OK". (Riiiight).
-He claims to be an expert on MediaSentry, but doesn't know enough about the program to discuss about potential bugs, the way it works, whether or not it has the ability to be wrong, etc.
-He tries to claim that the evidence proves his case, admits any screenshot can be manipulated, and proceeds to describe how it proves it.
-He admits the forensics, on the entire drive, found *nothing* that would suggest that there were illicit files, much less KaZaa.
-He admits that there was no verification that what Verizon produced was true.

His testimony is full of holes...

Re:so sad

[Anomolous+Cowturd]

I stopped stealing music when I found out you could just copy it!

Here's something to question...

[Xenographic]

15 Q. Does a MAC address tell you if a
16 device is wired or wireless?
17 A. If you can see the MAC address of the
18 transmitting device you could see whether that
19 device was wired or wireless.

This is flat-out wrong. Yes, you CAN find the OUI that might well give you enough information to find out who made the hardware. The problem is that you can change the whole damn MAC address. Conveniently, Wikipedia even has instructions on how to change your MAC on many OSes, although there's an illustrated guide on changing your MAC, elsewhere.

This guy may know a bit of programming, but this kind of stuff makes it pretty clear to me that he has no idea how people can and do manipulate information. It's pretty clear to me that he's done little more than investigate only those things which might support their case and has completely ignored anything which might cast doubt upon it.