Slashdot Mirror
Court Sets Rules For RIAA Hard Drive Inspection
NewYorkCountryLawyer writes "In a Boston RIAA case, SONY BMG Music Entertainment v. Tenenbaum, the Court has issued a detailed protective order establishing strict protocols for the RIAA's requested inspection of the defendant's hard drive, in order to protect the defendant's privacy. The order (PDF) provides that the hard drive will be turned over to a computer forensics expert of the RIAA's choosing, for mirror imaging, but that only the forensics expert — and not the plaintiffs or their attorneys — will be able to examine the mirror image. The forensics expert will then issue a report which will describe (a) any music files found on the drive, (b) any file-sharing information associated with each file, and any other records of file-sharing activity, and (c) any evidence that the hard-drive has been 'wiped' or erased since the initiation of the litigation. The expert will be precluded from examining 'any non-relevant files or data, including ... emails, word-processing documents, PDF documents, spreadsheet documents, image files, video files, or stored web-pages.'"
(c) any evidence that the hard-drive has been 'wiped' or erased since the initiation of the litigation.
Just curious: Let's say someone wanted to do just that - wipe or erase the hard drive since the initiation of the litigation.
Theoretically, couldn't a person just set the BIOS clock to a date and time prior to the legislation, do multiple shreds and formats on the HDD, reinstall the OS with the BIOS clock still 'in the past', and have it seem as though nothing changed since the initiation of the litigation?
It would seem to me that if the BIOS clock was set to a prior point, that everything else on the HDD would follow. The BIOS clock has no intuitive knowledge of time, it only knows what it's told.
All theoretical, of course. No one would actually do such a thing, of course...
While I admire people fighting the good fight, this is EXACTLY what makes court so dicey. If you get some judge with his head up the RIAA's ass and you are going to lose no matter how good your case is. The PROPER thing to do in a case like this is to have both parties agree on who examines the drive. One more thing, five days doesn't seem like a lot of time to examine a tech report for improprieties.
=Smidge=
Is it just my observation, or is eldavojohn an idiot?
I thought more and more convictions were based on ISP logs instead of hard drive searches these days...
I'd bet the RIAA wants to be as invasive and punitive as possible. I'm suprised they haven't asked for daily body cavity searches of all defendants.
The "forensics expert of the RIAA's choosing" pretty much negates all other protections in this order. That's like telling me "You can't peak into my email" then saying "But you can have any one of your best friends peak, with no supervision."
SJW: Someone who has run out of real oppression, and has to fake it.
This makes way too much sense.
Nope. Letting the RIAA pick the "forensics expert" does absolutely nothing to ensure that a fair and impartial expert is chosen. I'd think all that would do is make it very easy for the RIAA to set up a forensics lab of their own that could potentially plant evidence on the mirror copy. Then what do you do? They could always claim that your copy, which is minus the planted evidence, was "tampered with". I see no good out of this, but if NewYorkCountyLawyer disagrees, I would welcome an opportunity to be educated out of my error here.
I thought more and more convictions were based on ISP logs instead of hard drive searches these days...
Which would be more logical because how else can you tell the difference between a pirated MP3 and one I downloaded from Amazon.com or ripped from a CD?
"I am the king of the Romans, and am superior to rules of grammar!"
-Sigismund, Holy Roman Emperor (1368-1437)
There have been contradictory rulings about this. Many courts have ruled that at least in criminal cases people can be forced to decrypt their hard drives. See for example http://arstechnica.com/tech-policy/news/2009/03/court-self-incrimination-privilege-stops-with-passwords.ars
Have there been any rulings in civil cases?
I would guess the penalties for the destruction of evidence and the manufacturing of new evidence would land you in significantly more trouble, no?
Court orders to search hard drives aren't right - they're not even wrong.
If you get a warrant to search my house, you search my house.
No court believes that it would issue a single warrant to search part of my home, part of my business and parts of my friends' and family's homes.
But a warrant to search my hard drive is exactly that.
Restricting this search to the forensics expert of the MAFIAA's choosing but not allowing irrelevant info to pass on to them is exactly offensive and ridiculous. I'm frustrated my own following hyperbole, but I am so angry, this is the only metaphor that I can find - the beat cop gets to exercise the right to search everyplace you've been with a single warrant, but don't worry, he'll only tell the detectives about the stuff he found that's relevant.
The fucking MAFIAA's cases isn't one of governmental high crimes or misdemeanors, neither is it one involving a criminal case - it's a fucking civil case. How dare any court in the land grant such a mind-numbingly offensive violation of one's constitutional protection of privacy in a fucking civil case?
Pathological kinda promises Path + Logical - but instead, you get stuck with pathetic.
As I read various comments, people are suggesting ways to thwart the attempt of a forensics expert to determine if certain files are present on a person's drive.
Which is amusing because numerous posters make the claim that they are doing nothing wrong when they get a piece of music for nothing.
So, if they're doing nothing wrong, why all the suggestions on ways to hide what you're doing?
We will bankrupt ourselves in the vain search for absolute security. -- Dwight D. Eisenhower
So flip the last bit on all your MP3s, and the hashes will all be off. Or flip a random bit in the middle, at most you will hear a bit of hiss or something at one point in the song.
I see this as good news.
The best news here is that this shows that the court system and the judges understand what computers are and how they are used and are at least making an effort to deal with the case in a balanced way. Sure, computer forensic evidence has become routine in the last few years but there have still been plenty of RIAA cases where the handling of the defendant's property is remarkably cavalier.
The RIAA, despite their myriad flaws, are entitled to their day in court. If procedures are balanced and remedies are fair, then I believe that the RIAA's corporate sponsors will quickly decide that the game isn't worth the candle.
The copyright statutes and the discovery procedures are the law of the land whether we like them or not. The injustice and unfairness early in the RIAA campaign came from the lack of due process, the flimsy evidence and weak cases, and the threats of draconian penalties. It's getting better, and every positive step brings us that much closer to closing this dark era in the history of the legal system.
I thought more and more convictions were based on ISP logs instead of hard drive searches these days...
Perhaps more and more civil cases, but not more and more convictions.
Pathological kinda promises Path + Logical - but instead, you get stuck with pathetic.
You can do hard time for putting a trap on something...
That's nice. "To consider the judges as the ultimate arbiters of all constitutional questions [is] a very dangerous doctrine indeed, and one which would place us under the despotism of an oligarchy. Our judges are as honest as other men and not more so. They have with others the same passions for party, for power, and the privilege of their corps. Their maxim is good justice is broad jurisdiction, and their power the more dangerous as they are in office for life and not responsible, as the other functionaries are, to the elective control. The Constitution has erected no such single tribunal, knowing that to whatever hands confided, with the corruptions of time and party, its members would become despots. It has more wisely made all the departments co-equal and co-sovereign within themselves." - Thomas Jefferson, founder of the Democratic Party
Correct Mr. Jefferson. *I* have determined that the Constitution forbids the government(s) from forcing me to testify against myself ("nor shall be compelled in any criminal case to be a witness against himself"), so I will remain silent about my password on the ground it may or may not incriminate me. If the jackbooted police want to see what's on my drive, let them hack their way in. And if they cannot, then they must free me for lack of ability to find guilt.
"I disapprove of what you say, but I will defend to the death your right to say it." - historian Evelyn Beatrice Hall
http://xkcd.com/538/
While the article you link too was quite informative on the court issues surrounding encrypted drives, the matter is not anywhere near closed in that case. I suspect that one may go all the way to the SCOTUS, although even if they do say the court can compel testimony, then it appears to contain some specific issues such that it doesn't clearly say that courts can compel a defendant to provide a password just because the drive is encrypted.
If you read the reasoning from judge Sessions, who said the court has the right to compel the defendant to decrypt the drive, the court has that right only because the police had foreknowledge of some of the contents of the drive.
Too me, as a non-lawyer, the police already saw the "bloody knife" at the border check so can compel the defendant to produce it to show the jury. If they just see an encrypted hard drive they don't have any foreknowledge of evidence that may or may not exist on that drive, so cannot compel the defendant to produce a password.
--You can name a file anything you want and its content based md5 will stay the same.--
What if you were to re-sample them? People do that all the time to make sure the volume level is the same for all *.mp3's in their collection?
I guess there is always a hex editor to remove such things if need be. Real pirates are not going to be slowed down. They are just stopping mom and pop. Why? I don't get it. It can only be about controlling not just the distribution of old Led Zeppelin files but controlling future do it your self-ers. They are wanting to get enough control over the Net to stop people that want to publish there own material by their selves.
Well, let's assume that someone rips tracks from some CD at 256k MP3 and puts them in a torrent for all to download. Let's assume that I've purchased that same CD and ripped a copy to my machine using the same encoder and settings. Shouldn't both the pirated and my own legal copy be identical? You're taking two identical files, running them both through the same algorithm (despite being an algorithm that results in lossy compression) and getting an output. How would they then be able to show that the file was pirated?
I haven't tested this, but if f(x) = y isn't always true, then I'd assume something went wrong (unless of course f(x) is designed to give random outputs, which I'd think isn't the case for audio compression algorithms).
How are sites slashdotted when nobody reads TFAs?
"How would they then be able to show that the file was pirated?"
The MAFIAA claims in their court filings that they could show this because of the metadata.
they have previously said in cases that when there is a "ripped by xxx" or some similar comment in the id3 comment field in the metadata that this copy must be a pirated one and not one that you format shifted from your own digital original CD content for example.
And for them to be on the safe side of their suit, they of course have this wording of "downloading and/or making available and/or distributing(uploading)" of the file(s).
So even if you have not downlaoded a copy from someone else, and you only liked to added the same metadata to your own CD transcoded files, they accuse you then of uploading or their non existing "making available" right.
I'm not disagreeing with your post but offering a likely defense based on personal experience with my music library. I've converted all of my CDs to MP3 or M4A using a combination of WinAMP and iTunes. At some point, I started purchasing music from iTunes, hence the switch to M4A (because I used the default conversion with iTunes). Since my ripping process occurred over a fairly long period, I'm guessing there was a pretty good chance for CDs to be lost, damaged, or stolen from me after converted to a digital format. Only one of my vehicles has a stereo capable of plugging in an auxiliary cable so CDs are still used in both vehicles. I also do some business travel and work in computer labs where I can play a CD easier than I can bring a MP3 player in (some environments are worried about people hooking it up as a large portable hard drive).
Now I don't have any P2P apps running on my home computers other than the one that Blizzard supplies for downloading patches. If I did have one for downloading non-pirated material, how would scanning my hard drive differentiate my music from pirated music? I won't necessarily have every CD but will have most for music that was ripped. I'll also have some from iTunes but no physical media to represent a purchase. What if I had to manipulate files from another download service in order to get them all into a single music library system? Just having a file on a system doesn't necessarily indicate the source of the file so I'm not sure what the hard drive can reveal unless you have logs that indicate this.
Mij
What's a good, free cleaner for Windows to wipe all current unallocated file space - and preferably deleted files names as well? The court may have said you can't inspect any .doc files, but when you look through that unallocated space there is no longer a file type associated with it, allowing that slimy RIAA to read all the .tmp versions of your .doc, .pdf, .eml, and every other prohibited file type. Cleaning unallocated file space should be part of everyone's general housekeeping.
"It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
Aaron Z
"Democracy is two wolves and a lamb voting on what to have for lunch. Liberty is a well-armed lamb contesting the vote