Slashdot Mirror
Should RIAA Investigators Have To Disclose Evidence?
NewYorkCountryLawyer writes "A technology battle is raging in UMG v. Lindor, a court case in Brooklyn. The issue at hand is whether the RIAA's investigator SafeNet (the company that acquired MediaSentry) now needs to disclose its digital files, validation methodology, testing procedures, failure rates, software manuals, protocols, packet logs, source code, and other materials, so that the validity of its methods can be evaluated by the defense. SafeNet and the RIAA say no, claiming that the information is 'proprietary and confidential'. Ms. Lindor says yes, if you're going to testify in federal court the other side has a right to test your evidence. A list of what is being sought (pdf) is available online. MediaSentry has produced 'none of the above'. 'Put up or shut up' says one commentator to SafeNet."
Maybe they are as they generally have no evidence anyway...
"I may be full of crap about this game, and I may be wrong, and that's fine." -Jack Thompson
Without disclosing the hows, it would be extortion- otherwise I could sue you for taking my content and say, well my proprietary ways say you did, so pay up!
Yeah I saw him kill her and recorded it on my camera, but im selling the footage so its...
Well I'm innocent and i have a video to show it but its...
I cant disclose what guns i had in my possession at the time of the murder as my guns are...
Theres no way something is too 'proprietary and confidential' to show a court of law!
IranAir Flight 655 never forget!
But neither does the judge/jury have to consider the RIAA's claims that they have evidence but won't show it.
How far does judicial credulousness stretch these days?
"Be light, stinging, insolent and melancholy"
Works in Guantanamo!
How can evidence be considered valid if the source of how it is obtained is not disclosed?
If this was anything except technology, the judge would laugh them out of the court.
Policeman: "He was going 11MPH above the speed limit."
Judge: "How were you able to do that?"
Policeman: "Sorry, but that's proprietary information. If leaked, it would damage our ability to catch speeders.
This has been tested on a slightly different case. Florida police can't use breathalyzers without providing the source. Unless you can show that there is no trickery in your technology, it shouldn't be held admissible in a court of law.
Hard to reveal evidence if you don't have any. And it's happened a couple times where when pressed the RIAA admitted they didn't have enough to go to trial with. No wonder they want this to be on a need-to-know basis, since they need to know before they start.
Laughter is the Spackle of the Soul.
That makes no sense. It's another set of lawyers, working for RIAA, who are doing the "fucking with their system". So please don't try to claim that it's lawyers being offended who will right this matter. It's lawyers being paid lots of money to contort copyright and free speech, and often lawyers become legislators accepting lobbying support, who've created this legal morass out of what was once a much simpler set of copyright guidelines.
If you're looking for prior examples, try the current U.S. Administration.
"We have the smoking gun on Iraq, but we can't show you until after we go to war."
"We have the evidence to prove these guys are terrorists but we can't show it to you. disregard the canadian."
"We aren't doing anything wrong. Pay no attention to the man behind the curtain."
If you can read this, I forgot to post anonymously.
How could it not be necessary? In order to be considered as legal evidence in a court of law, the method of gathering said evidence must be validated. This isn't law, it's just common sense! How can they possibly say "We have evidence you wronged us, but we can't show you" and that's that?
I like to think of online DRM as something akin to a college -- you pay for lessons until you learn something.
Remember when it started getting around that people were beating DUI charges by requesting the source code of the machine? If that was reasonable, this is a slam-dunk. The basic right to confront your accuser is one of the most important of the rights we have. If the defendant doesn't have the right to attack the evidence presented against him, he is effectively denied due process.
It's your case, RIAA. Put up or shut up.
This is not new terrain. The evidence can be examined under restrictions so the "proprietary and confidential" information doesn't make its way out of the confines of the case. Frankly, this is just standard legal maneuvering for a case like this. The test is whether the discovery methods will be considered germaine to the validity of the RIAA's case. If so, the court will likely allow discovery of these techniques.
Read the EFF's Fair Use FAQ
A good way to answer this is to mention that one algorithm for "fingering" IP addresses which violate could be to simply take a list of every IP that a certain ISP has and put them in an array. Next, you could randomize the ordering of that array and then select every 1000th entry of that array. Voila, you've now got a list of culprits. If the process is completely hidden from the judges/jury and only the results are presented, then this algorithm is as good as any in determining who is stealing music.
<Complete your profile by adding a signature!>
Folks,
IANAL, but I have been an expert witness in many legal proceedings in Federal courts. As a part of discovery, you *have* to give the other side your raw data and details of your methodology. Otherwise, the judge is almost certain to throw out your testimony, as the other side has no way of discovering the weak spots in your case. I was involved with one case where the judge sanctioned one of the opposing experts and it took us three tries to get a decent set of data and models out of them. This had a very negative effect on the credibility of the other side's expert, which pretty well torpedoed their case. (They won as a matter of law, but damages were negligible.) Mind you, the data and models are generally covered by a protective order to maintain confidentiality, but it's so common that the wording is almost boilerplate. SafeNet and the RIAA don't have a leg to stand on here, and I can't imagine why they're bothering to oppose this unless they're pulling an SCO -- in which case, the judge should slap them down HARD.
--Paul
I'm not a lawyer, and I barely understand my legal rights to facing my accuser in this digital world, but I do know this:
We don't have any prior examples of this specific niche technology at work. There's no baseline of acceptable "industry standard" out there - every bit of information about these products is held so closely to the chest of these businesses that we just do not know where the hell this data comes from and, more specifically, we don't know how this data is corroborated with ISPs to find these people who are supposedly committing the infringements. Plus, we have no idea of what the failure rate of this entire process has been. On top of all of that, there is no independent analysis of this method.
If the RIAA litigation team was an inventor, this whole ordeal would be nothing short of them running around screaming about how they've invented perpetual motion, and then not letting anyone independently verify that the machine works.
It is hard to imagine someone coming to federal court, asking the Court to accept its methods, and refusing to allow the Court to know what its methods are.
The only people I have ever met who have that much stupidity and that much arrogance are the RIAA's lawyers.
Ray Beckerman +5 Insightful
And didn't DMCA suddenly make a criminal offence out of something that should have been a civil court matter. The stick has two ends. Criminalising something while bringing the perspective of jail, penalties, etc also brings a different standard of proof in most legal systems.
Baker's Law: Misery no longer loves company. Nowadays it insists on it
http://www.sigsegv.cx/
If video footage of a crime in-the-act is caught, should it reasonably be expected that all of the above information about the digital camcorder be provided to validate the evidence? The storage media also? .. and the computer used to view and process?
No, but they'd reasonably ask to see the actual footage... not the result of a face recognition system and a copy of the suspect's driver's license. And if photography were only a decade or three old, and had been known to photograph the wrong person?
I suspect that the demands are probably more than they need, and I suspect they don't expect to get all they're asking for, but I don't think it's unreasonable to demand more details than you would of a videotape.
The most fitting use I've heard of: Judge: Prosecution, please state your case methodology. RIAA: 1. Accuse randomly 2. 3. Profit
OK. You want a court to order me to pay you $MANY bucks. Fine. You say I did something that deprived you of legitimate monitary gain. Fine. You say that because I did something, that I owe you lots and lots of money. Fine.
Prove it.
Otherwise this just becomes a protection racket. "Mighty nice income stream you have there, buddy. It would be a shame of something happened to it." "Maybe you should just pay us a few thousand dollars, because, like, you never know when we might decide that downloading GPL software is really downloading our Most Holy and Precious Intellictual Property. After all, once we railroad you in a kangaroo court with 'evidence' we don't have to disclose, a few thousand dollars becomes a few hundred thousand dollars...."
If I file suit against someone, I'd better be willing to prove all elements of the loss. Else my suit should (rightfully) be thown out on it's ear, my business fined, and my attorney facing disbarment for bringing a friviolous suit.
Our courts are here to correct real injustices. They are not here to protect outmoded business models, monopoly interests, or "pie in the sky" patents.
That said, file sharing of copyrighted intellectual property whose owners do not agree to share them without fee is wrong. It's one thing for Linus et al to give away a very valuable program (the Linux Kernel), it's quite another to rip someone's music and blast it out without compensation if they did not agree to let you do so.
The real answer here is a common micropayment system (a tip jar), and to simply let RIAA and their anal retentive and grossly over exagerated 'damages' go the same way as coal oil lamps. They just aren't needed today because technology and the consumer have moved beyond their ability to provide a valued and valuable service.
Necessity is the plea for every infringement of human freedom. It is the argument of tyrants; it is the creed of slaves.
Please, people, don't get any of your legal education from TV. I work with TV writers. They are definitely not scholars in any sense of the word. They will create plot devices that brazenly ignore the law of the land, the laws of human behavior, and/or the laws of physics if it'll move the story forward.
If a job's not worth doing, it's not worth doing right.
7. This is absolutely critical. Most ISPs assign IP number through DHCP. The numbers are only leased for a short time. If the end-user's computer doesn't renew the lease (perhaps because it is shut off or the connection dropped) the number will be freed up and reassigned to someone else. The time (and timezone) at which the activity was recorded could impact who the IP number was supposed to be assigned to.
It is also critical that the system be synchronized regularly. Some systems will log when the clock is synchronized and record the amount of the adjustment. It's also important to note what the clock was synchronized with. Our nation's official time keeper is the U.S. Naval Observatory. They run an NTP server at tick.usno.navy.mil.
9. These are presumably the logs Dr. Jacobson analyzed to conclude no wireless adapter was used, so they should exist. The IP headers will tell you if loose source routing was used (one form of IP spoofing). There should be timestamps on the recorded packets which will tell you latency between MediaSentry and Ms. Lindor. If the latency is less than the speed of light (about 20ms from New York to California) then you know something fishy is going on. It will also give you an idea of what the transfer rate was. If it exceeds the service Ms. Lindor had subscribed to, you again know something is going on. Kazaa likely also includes a wealth of information in its layer of the protocol stack.
The logs may indicate many failed attempts to download files. If the infringer's machine was not able to respond to most download requests it would put an upper bound on damages.
You can set up your own test to prove that Dr. Jacobson's claim about wireless is bogus. Your own test would produce packets very similar to those from the logs.
11. Most software has bugs. Software that isn't exposed to the general public isn't tested as well and consequently has more bugs. It is virtually guaranteed any custom software MediaSentry developed has bugs in it. You need to determine if there were any bugs that would impact the claims MediaSentry is making.
13. If MediaSentry downloaded documents suggesting the machine belonged to someone else it would certainly be pertinent to the defense. Many a public figure has learned the hard way that Word documents record the user who created them. MP3 files contain IDT tags that can include arbitrary information (the actual information depends on the software that created the file). If the documents contain a name and that person uses the same DHCP server as Ms. Lindor it would be a huge red flag that the other person had a lease on the infringing IP number when the documents were downloaded.
16. 11 files in three seconds?? The logs from paragraph 9 would be interesting here.
27. As mentioned earlier the clocks are critical. If MediaSentry and Verizon were out of sync the IP number and all the evidence associated with it are meaningless as evidence.
That's not what's going on here. It's more along the lines of "This person accused me of something bad, so let me start with determining the credibility of their evidence, the chain of custody for that evidence, and the error rate for the methods they used to collect said evidence"
Comparing this to the "slutty girl" defense is inaccurate. The defense is challenging the methods that MediaSentry used to collect the evidence. Although it would be interesting to know how many of the subpoenas issued to ISPs have been responded to with "That IP address was not assigned to a subscriber at time in question" as it would directly relate to the error rate of MediaSentry's methods.
It's not paranoia when they really are out to get you.
To quote the judge: This isn't a court of common sense, this is a court of law!
Sooner or later, they're going to wind up suing the kid of a congressman. I can't wait.
Thanks to the War on Drugs, it's easier to buy meth than it is to buy cold medicine!
Excuse me, but you are operating in a Sane World where these things all come out in the wash at trial, and the wrong party gets punished. The RIAA isn't operating under those rules. Their punishment is inflicted by their ability to drag this out forever, with tens of thousands of dollars of legal fees inflicted on the Defendant, who never gets his/her day in court, or (usually) legal fees reimbursed after the RIAA then cuts and runs by a dismissal WITHOUT prejudice once it's clear they're about to lose. They've just screwed you royally because you're guilty in their eyes -- even if never under the law itself -- and gotten away with it!
"It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."