Slashdot Mirror

← Back to Stories (view on slashdot.org)

Source Code On Trial In DNA Matching Case (post-gazette.com)

Posted by Soulskill on from the you-can't-handle-the-knuth dept.

An anonymous reader writes: While computer analysis by other programs was inconclusive in matching DNA evidence to a suspect, one program, TrueAllele, gave a match. As reported in the Pittsburgh Post-Gazette, an expert witness for the defense wants access to the 170,000 lines of source code to determine whether the match is scientifically valid. Not surprisingly, the software creator is resisting. From the article: "TrueAllele, created by Dr. Perlin and in its current version since 2009, is the only computer software system of its kind that interprets DNA evidence using a statistical model. It can single out individuals in a complex DNA mixture by determining how much more probable a match is versus mere coincidence. Complex mixtures can involve multiple people, as well as degraded or small DNA samples. ... Although the technology is patented, the source code itself is not disclosed by any patent and cannot be derived from any publicly disclosed source. The source code has never been revealed, he said, and it would cause irreparable harm to the company if it were. In his declaration, Dr. Perlin said that reading the source code is unnecessary to validate the program, and that a review could be done in his office or online."

17 of 117 comments (clear)

  1. Wrong industry? by Type44Q · · Score: 5, Insightful

    Guess if he didn't want his code audited, this guy shouldn't have marketed his software to this particular industry. Dumbass.

    1. Re:Wrong industry? by Eunuchswear · · Score: 3, Informative

      Nothing to do with copyright law.

      --
      Watch this Heartland Institute video
    2. Re:Wrong industry? by Layzej · · Score: 4, Interesting

      For instance, for any mission critical component NASA may have three different programs, each written in a different language and running on a unique platform. If at any time one of the programs gives an answer that is not consistent with the other two then the minority report is discarded and the other two are presumed to be correct. No need to halt the proceedings and debug at that point.

      In this case there is only one program that finds a match. It should be considered unreliable and discarded.

    3. Re: Wrong industry? by SLi · · Score: 4, Insightful

      Well, not really. If the relevant facts are roughly as stated in the summary, it's indeed quite possible that the company will be forced to produce the source code or not rely on the evidence. However the only thing this means is that the defendant's paid experts get access to the source code under a strict protective order. They will then produce an expert report, which is the only thing anybody else will have access to, and even that may be sealed in whole or part if it would reveal, in the opinion of the judge (and often anyway unless the defendants object) significant trade secrets.

      I think the two most realistic reasons to oppose are the costs of production and the possible loss of reputation if the evidence due to the inevitable criticism by opposing experts.

    4. Re:Wrong industry? by alzoron · · Score: 4, Insightful

      Exactly right.

      This is basically the same as asking an expert witness how they determined that the defendant was involved in a crime and the witness refusing to answer the question because "It's a secret."

    5. Re:Wrong industry? by gerddie · · Score: 4, Informative

      It has everything to do with copyright law. It's what the company is using in order to claim that they have a right to keep information from the court.

      No, even if they would show the code, it wouldn't become magically free software or public domain. What they claim here is that they want to keep a trade secret.

  2. Reasonable Doubt by Anonymous Coward · · Score: 3, Insightful

    From the perspective of the burden of proof placed on the Prosecution, they have to disclose how they arrived at this derived 'evidence' of a match via TrueAllele. Criminal justice can't be served using a "Black-Box" as an input.

    Disclose the software and its methods to a legally-sworn-to-secrecy-expert-witness, or toss the evidence as inadmissible.

  3. Trust us by Anonymous Coward · · Score: 3, Informative

    Perhaps it's time for a more open process and open source code backing these types devices before their results are accepted as forensic evidence.

    CSI is a lie:
    http://www.theatlantic.com/politics/archive/2015/04/csi-is-a-lie/390897/

    Crime lab major errors:
    http://www.mprnews.org/story/2013/02/14/news/saint-paul-crime-lab-major-errors-found

  4. Patented so no reason to keep secret by Eunuchswear · · Score: 5, Funny

    If his method is patented he has no need to keep his code secret.

    Unless it's shit, of course.

    --
    Watch this Heartland Institute video
  5. Computerized evidence, destructive sampling by silas_moeckel · · Score: 5, Insightful

    If your going to use a computer to generate evidence then yes you must allow the defence to look at the technique that means source code. You must never be required to merely observe at somebody else's lab especially when there companys continued business relies on the test succeeding. Realy anything that another lab that is not associated to the first can not do should not be admissible.

    This gets even more important when the tests are destructive so it can only be done once. Validating the means used etc etc elsewise it becomes a black box to provide evidence against whoever they want.

    --
    No sir I dont like it.
  6. Re:Wrong industry? (not a copyright issue) by tkrotchko · · Score: 5, Insightful

    As the other poster said, he's not saying it's a patent or copyright issue, he's effectively saying it's a trade secret.

    So the issue is really pretty clear isn't it? If he refuses to show his code to an expert witness and explain it, then the evidence can't be used.

    We'll see what the judge has to say.

    --
    You were mistaken. Which is odd, since memory shouldn't be a problem for you
  7. Speaking as an IT expert witness of 16 years... by bfwebster · · Score: 5, Interesting

    ...I think the defense has the better argument. I have used software tools (both third party and ones I have developed personally) to do source code comparisons and analysis, but they only serve to point me to likely areas of investigation; I have never directly reported and relied upon the output from one of my custom tools in my expert reports.

    A key aspect of expert testimony is that your analysis should, in theory, be repeatable by any other qualified expert using the same methodology (which needs to be spelled out in your report). If Perlin is relying directly upon his custom program for his conclusions, he needs to thoroughly expose his methodology -- which, in effect, means either allowing his source code to be reviewed or producing a detailed summary of his methodology that would allow someone else to reproduce it. Trying to claim trade secret status (which is what he's doing, in effect) for a expert methodology is an oxymoron.

    --
    Bruce F. Webster (brucefwebster.com)
  8. If results cannot be reproduced... by OrangeTide · · Score: 3, Insightful

    Then it is not science, and it should not be admissible as evidence. It doesn't really matter that it can't be reproduced because the software vendor won't share their techniques as they believe the software to be a trade secret. If it is not possible to confirm results, it's not science! Yes, TrueAllele is a toy and not only am I skeptical of anyone using it as the basis of their scientific research, use of TrueAllele om court ought to throw any conviction into question as well.

    --
    “Common sense is not so common.” — Voltaire
  9. Re:Wrong industry? (not a copyright issue) by mspohr · · Score: 3, Insightful

    Essentially this guy is going to jail based on a secret algorithm that can't be verified.
    I can't imagine how this could be legal.

    --
    I don't read your sig. Why are you reading mine?
  10. The main problem is finding a disposable expert. by tlambert · · Score: 3, Interesting

    The main problem is finding a disposable expert.

    The people who originally clean-roomed the IBM BIOS for Compaq were split into two teams, with a Chinese wall between them: the analysis team, and the implementation team. The analysis team analyzed the IBM BIOS, wrote a specification, and then the implementation team implemented a BIOS to that specification. At which point the analysis team were effectively "burned", as in being forever barred from ever working on an implementation team in the future. They were highly paid for this, but they were disposable.

    As with clean-room engineering, this expert would not be permitted to work on any software covered by the trade secret in the future. In an expert witness situation, you might be able to get away with disposing of the expert, if all they did was witnessing, rather than actually coding in the field of expertise themselves. However, how likely is it that you can find someone like that who also qualifies as an expert?

    Further complication: Having testified (presumably in favor of the prosecution, in this case), would the expert witness be permitted to testify on similar goal programs in the future, given what the [now] knows about the process and techniques of the one they testify about today? Would exposure to multiple, competing trade secrets, damage their ability to perform an unbiased analysis, given what they knew from earlier experience? In general, I think you [as the defense] could argue that it, in fact, did damage their impartiality in their analysis.

  11. Re:Wrong industry? (not a copyright issue) by almechist · · Score: 4, Insightful

    Essentially this guy is going to jail based on a secret algorithm that can't be verified. I can't imagine how this could be legal.

    Actually, it's worse than that, he's facing a death sentence. It's inconceivable to me - but, sadly, unsurprising in this day and age - that someone might be legally executed based in part on the results of a proprietary algorithm that the defense is not allowed to examine. I can only hope the judge recognizes the seriousness of the situation. This case definitely bears watching

  12. Re:Not true. by sjames · · Score: 3, Insightful

    Honestly, the 50,000 foot view of the methodology sounds a bit dodgy to me. I would like to know what peer reviewed experiments have demonstrated that the methodologies in use can identify a single person out of a mix of DNA that actually owned the item. Were they replicated? Then there is a need to show that the software actually performed that methodology without error. Perhaps the prosecution would care to have a third party run the methodology by hand in a blind test?

    If those 2 sticking points cannot be satisfied, then the "evidence" is bunk.