Slashdot Mirror

← Back to Stories (view on slashdot.org)

Should RIAA Investigators Have To Disclose Evidence?

Posted by Zonk on from the special-rules-for-special-people dept.

NewYorkCountryLawyer writes "A technology battle is raging in UMG v. Lindor, a court case in Brooklyn. The issue at hand is whether the RIAA's investigator SafeNet (the company that acquired MediaSentry) now needs to disclose its digital files, validation methodology, testing procedures, failure rates, software manuals, protocols, packet logs, source code, and other materials, so that the validity of its methods can be evaluated by the defense. SafeNet and the RIAA say no, claiming that the information is 'proprietary and confidential'. Ms. Lindor says yes, if you're going to testify in federal court the other side has a right to test your evidence. A list of what is being sought (pdf) is available online. MediaSentry has produced 'none of the above'. 'Put up or shut up' says one commentator to SafeNet."

20 of 216 comments (clear)

  1. Please, keep digging your grave. :) by urcreepyneighbor · · Score: 4, Interesting

    Keep playing little games like this, RIAA & MPAA, and you will find yourselves facing the Supreme Court.

    --
    "The fight for freedom has only just begun." - Geert Wilders
  2. Disclose to defence at least by saikou · · Score: 5, Interesting

    While they certainly don't want to disclose anything, they will probably be forced to disclose it to defense, so claims can be validated and/or rebutted properly. Otherwise it's the same claim as SCO -- "I have tons of evidence you did very bad thing, but I won't show it to anyone, not even a judge"

    --
    Hyperom.com
  3. Great! by CyberData4 · · Score: 4, Interesting

    That's one way to make sure they're all guilty....don't allow em to defend themselves....

  4. Re:Discovery rules in Civil vs. Criminal cases? by ArikTheRed · · Score: 2, Interesting

    I also, ANAL, but if I recall correctly, it's a state to state matter. In some states, even in criminal cases, the defense doesn't allow for discovery - they only have to share exculpatory evidence. But the prosecutor gets to decide what is exculpatory. It's called "trial by ambush".

    --
    http://www.coderoshi.com/
  5. Re:Discovery rules in Civil vs. Criminal cases? by nomadic · · Score: 5, Interesting

    IANAL, so obviously don't take my word as legal advice, but I was under the impression that discovery rules only pertained to criminal cases, not civil cases? Any lawyerly types care to chime in on this, maybe shed a bit of light on the subject?

    Nope, the amount of discovery in civil cases often dwarfs that of even the largest, most complex criminal cases, and the rules are similar. You can refuse to produce documents on certain bases, including that it involves proprietary information or business secrets, but you have to convince the judge of this, which can be tough. A lot of times the parties will enter into confidentiality agreements, where only the lawyers (and possibly expert witnesses) will gain access to the produced information, not the clients. I think it would be tough to convince the judge that a confidentiality agreement wouldn't protect them.

  6. Similar to Drunk Driving defense... by MozeeToby · · Score: 4, Interesting

    I remember a similar argument being used a while back by people convicted of drunk driving. They argued that their defense required access to the technical information about the breath-a-lizer, including the source and testing documentation.

    If I remember right the judge in the case (Florida AFAIK) ruled in favor of the defendent. If the Breath-a-lizer company didn't turn over the requested documents, the defendent was off the hook. Don't know if the case has been overturned though.

    1. Re:Similar to Drunk Driving defense... by ScrewMaster · · Score: 5, Interesting

      I'm not sure it's the same case, but in the one I read about, the company that produced the unit was required to turn over the source code for independent verification and analysis. Apparently, it was a joke ... with comments like "this section is just for testing and shouldn't be shipped", with some major design flaws as well. It didn't even do a proper baseline measurement, and it's results could have been off by something like +/- 50 percent or something like that. I should go Google that case and see what eventually happened with it.

      In any event, proprietary software shouldn't be when people's lives are on the line. That includes losing judgments on the order of a quarter million dollars (as happened in a recent RIAA case.)

      --
      The higher the technology, the sharper that two-edged sword.
    2. Re:Similar to Drunk Driving defense... by snowraver1 · · Score: 3, Interesting

      That is an interesting point. I spoke to a Canadian judge recently and asked what the likly outcome would be of such a request if made in Canada.

      His response what that it would be very unlikely to be granted. His reasoning (without being able to consult the actual laws) was that he heblives that the brethalyzer is an "approved" devise for measuring blood alcohol. This was set by the lawmakers, and it is his job to enforce the laws, which clearly say that this is an approved device.

      If you have a problem with this, take it up with the law makers.

      I found this to be quite interesting, thought I'd pas it along.

      --
      Copyright 2010. All rights reserved. This comment may not be copied in any way including, but not limited to caching.
    3. Re:Similar to Drunk Driving defense... by m.ducharme · · Score: 3, Interesting

      Hrm, I think you're not taking into account 1) the fact that discovery decisions are made very much on the specific facts of a case, and thus hypothetical situations are practically a useless guide and 2) many, nay most, judges don't like being told they shouldn't know something, and might even get a perverse pleasure out of forcing the Plaintiffs to reveal everything, and finally 3) if a precedent is going to be set, the judge (especially Canadian ones that don't need to be elected but do need to keep the number of appeals down) will go overboard and bring in material that is only somewhat relevant, just to cover all the bases. It's been my indirect experience (I'm a law clerk, and not qualified to give out any legal advice, by the way, not a lawyer) that judges don't like attitude from lawyers, forget quickly what it was like to be a lawyer, and have no great liking for corporations.

      More specifically, in the Discovery period, the adversarial lawyer can demand evidence that has a "semblance of relevance", just in case it might be relevant. If it's not really relevant the judge would rule it so in voir dire before a jury heard it. Of course, the Discovery may be more limited in the US, I don't know anything about that. Your friend the judge, talking about breathalysers, might change his mind if one of the lawyers provided, say, precedents from the US courts where the source and schematics of a breathalyser machine has already been opened up. Canadian Courts can accept US decisions as precedent if a Canadian judge hasn't already decided on an issue.

      --
      Rule of Slashdot #0: You and people like you are not representative of the larger population. - A.C.
  7. What do you think? by NewYorkCountryLawyer · · Score: 5, Interesting

    This motion may well come up for a conference or oral argument, or further briefing, so it would be interesting to see what you folks think about why these kinds of items are (or are not) necessary to test the validity of MediaSentry's methods and procedures.

    --
    Ray Beckerman +5 Insightful
    1. Re:What do you think? by Speare · · Score: 3, Interesting

      What about the recent case where the driver got to investigate all source code for the breathalyzer? I had heard (perhaps wrongly) that several such cases are dropped because the breathalyzer companies don't want to present the evidence. http://www.news.com/Police-Blotter-Breathalyzer-code-must-be-disclosed/2100-1030_3-6227951.html Dunno what weight this has between jurisdictions but it may be useful.

      --
      [ .sig file not found ]
    2. Re:What do you think? by Deanalator · · Score: 4, Interesting

      Whatever technologies that companies are using to look for people are incredibly sketchy. I have received 6 threatening letters from the MPAA. Four of them were legitimate (overbugeted hollywood crap anyway), but two of them were completely bogus. When I got my second completely bogus threat, I attempted to track this company down.

      It turns out that between the time when the alleged sharing occured, and when I got the letter, the company had changed names 3 times (or there were a large number of dummy companies that had contracted eachother out or something, it is really hard to tell the difference in these situations). When I finally tracked down a phone number for the building that these guys were supposedly working in, I called it. A machine picked up (customized with the name of the company and everything), but no one was in and the voicemailboxes on every extension were full.

      Just take a look at the Media Defender leaks. These companies are often engaged in illegal activity, from fraud to extortion. They are not an industry that you want to trust to give you accurate information. These people have nothing to gain by making their scanners have more accurate results, they just want to see more results, so of course you should be able to assess their techniques (especially their source code) to make sure everything is in order.

  8. Re:Discovery rules in Civil vs. Criminal cases? by Rich0 · · Score: 4, Interesting

    Yup - at work we have lots of systems that are subject to various government regulations, and which contain data that could become evidence in a lawsuit.

    We take all kinds of care to document everything about these systems and their reliability, and we have retention schedules for everything and we follow them. While in a court case we might attempt to limit the scope of discovery we ultimately would be prepared to defend our data. Otherwise a computer log isn't evidence any more than a piece of paper typed up on a typewriter 10 minutes before the trial.

    Looking at the laundry list, I saw one or two items that might have been a little broad, but most of this stuff is directly limited to the scope of the issues at hand and the reliability of the evidence. If there were 25 precedents that this particular software was bulletproof the plaintiffs might get the scope of discovery narrowed down a little further (maybe just to demonstrate that the software is the software that is considered reliable), but as things currently stand I'd be surprised if the judge didn't order the plaintiff to produce the supporting evidence or have their documentation ruled inadmissible (which would pretty-much gut their case).

    IANAL though...

  9. Absolutely by ShaunC · · Score: 3, Interesting

    I, for one, can't wait to see what the RIAA has in their "little black box." Right now, there are plenty of questions from the technical side that leave me wondering how their evidence will hold up:

    1. Are they using a homegrown sniffer that might be prone to capturing bad data, or are they using proven tools, like tcpdump, ethereal/Wireshark, etc.?

    2. Are they synchronizing their time against a public NTP server before they go on their fishing expeditions? Or is their machine's time (and thus their subpoena for the user of a particular IP address at a particular time) perhaps off by a couple of hours?

    3. Do they actually download the file being shared, or some portion thereof? Do they analyze that file to see if it is what they think it is? Or are they still relying on file names as some sort of proof?

    The answers to these questions, among many others, are fundamental to the defense's ability to mount, well, a defense. Does there exist in civil law an equivalent to the confrontation clause, the "right to face one's accuser?" In these matters, it seems as though the accuser is some software package at BayTSP or SafeNet, that nobody knows anything about. You shouldn't be able to win a judgment against another party based on screen shots and testimony from one bogus "expert."

    --
    Thanks to the War on Drugs, it's easier to buy meth than it is to buy cold medicine!
    1. Re:Absolutely by rtb61 · · Score: 3, Interesting
      Of course there is the other issue. How they go about choosing which person they will pursue. How many request for client data based upon an IP address have been sent out without an attempt to sue the named account holder. What was the basis for the selection, the persons inability to pay for a legal defence or a preponderance of evidence.

      Based upon their history, the ability of their chosen victim to financially support a defence against their criminal actions, apart from the odd glitch, seems to be the main factor in deciding who they will attempt to extort a payment from.

      I wonder if they also searched for infected PCs as that is a viable defence for the owner of the PC, but they failed to advise those people that their PC was infected, technically making the investigators an accessory after the fact, a criminal offence.

      --
      Chaos - everything, everywhere, everywhen
  10. obvious rebuttal by drfireman · · Score: 3, Interesting

    I guess if someone were accusing me of something, and they told a judge that they had some top-secret trust-me evidence that proved my guilt, I'd have little choice but to introduce my own top-secret trust-me evidence. I'm pretty sure by the time I was done the RIAA would be implicated in the deaths of Jimmy Hoffa and JFK.

  11. Exhibit A - Tom Mizzone declaration by rboatright · · Score: 5, Interesting

    You know, I've read this piece before, but just now noticed that he claims that the TRACEROUTE that they ran from media sentry TO the ip address in question was stored on the computer that they are investigating....

    which is silly on face. The computer (that they claim was Lindor's) didn't have a traceroute TO it from Media Sentry ON it...

    So, clearly, the people producing these documents are -- just plain not competent.

    In fact, DEFG and H all aren't on "lindor's computer"

    uh.... And I'm sure that's been commented on before, but I just noticed it.

  12. Re:Of course, how else can the evid. be valid? by blueg3 · · Score: 2, Interesting

    No, but you can perhaps believe that you would give a presentation on preliminary results and describe much about your methods, but leave out information necessary to replicate it.

    Of course, you couldn't publish a paper without that information, but that's the way the scientific community works.

    While I hardly give the RIAA the benefit of the doubt, I've learned that there's a wide spectrum between "no information" and "full disclosure".

  13. Re:This is standard civil procedure by msebast · · Score: 2, Interesting

    NewYorkCountryLawyer, can I engage you in some speculation?

    Why would a judge let them get away with ignoring Daubert?

    Is it the judge's intention to let the record company proceed with a weak case which is likely to be appealed? And then let a higher court set a precedent that rips the bottom out of all the RIAA cases?

    I thought Judges preferred to avoid being corrected on appeal?

  14. Re:Discovery rules in Civil vs. Criminal cases? by Anonymous Coward · · Score: 1, Interesting

    Work for a small ISP, we get about 140-160 of these notices a week. On average, about 10 per week cant be attributed to a customer reliably. This MAY be an error at their end or it MAY be an error at our end (user logs going missing happen from time to time due to errors in our system)