RIAA Security Expert's Quest For Reliability

NewYorkCountryLawyer writes "In the ongoing case of UMG v. Lindor, Ms. Lindor has now moved to exclude the trial testimony of the RIAA's 'expert' witness, Dr. Doug Jacobson. Jacobson is the CTO and co-founder of Palisade Systems, Inc, and a teacher of internet security at Iowa State, but in his February 23rd deposition testimony she argues he failed to meet the reliability standards prescribed by Daubert v. Merrell Dow Pharmaceuticals, Inc. and Federal Rule of Evidence 702. The Groklaw and Slashdot communities participated in both the preparation of the deposition questions, and the vetting of the witness's responses."

Re:Geez too many links

[gEvil (beta)]

If you're interested in the most recent happenings in this case, then that would be the second link.

Re:Unreadable

[Dr. Eggman]

What's so difficult to read? Different colors? Anyways, it basically says that some lawyers in new York are in an ongoing battle with the RIAA (via UMG) and a recent "expert" is being questioned on the grounds that they did not meet a certain standard to an expert witnesses, set forth by case precidence. It also states that Slashdot and Groklaw participated in formulating questions asked of the 'expert' as well as analysis of it's response.

Re:Am I the only one

[Anonymous Coward]

RTFA and follow the links.

The main argument is that all of his testimony is based on assuming the ISP and MediaSentry provided accurate information. MediaSentry and the ISP are not going to testify. In his deposition, the RIAA "expoert" stated he has no idea how MediaSentry or the ISP came to their conclusions. The cases sited require that the expert testimony start with verifiable facts, not with unverifiable information provided by third parties that will not even be in court.

Furthermore, the sited case law requires that the expert use peer reviewable methods. The RIAA's "expert" made up his own methods that have never been published or reviewed. So he can't be considered an expert by the court.

I kind of hope the judge refuses this motion. The RIAA's "expert" made enough errors in his deposition that he will be made a laughing stock on the stand.

Re:Am I the only one

[Anonymous Coward]

I think you mean "cited", not "sited"

Re:Am I the only one

[GregAllen]

You keep using that word. I do not think it means what you think it means.

From WordNet (r) 2.0 [wn]:
site
      v : assign a location to; "The company located some of their agents in Los Angeles" [syn: {locate}, {place}]
cite
      v 1: make reference to; "His name was mentioned in connection with the invention" [syn: {mention}, {advert}, {bring up}, {name}, {refer}]

Re:Is this the end of MediaSentry?

[NewYorkCountryLawyer]

If this motion is granted, could this be the end of the RIAA's use of Media Sentry?

If this court makes this ruling (and while IANAL, I would grant this motion!), could this be grounds for challanging all future MAFIAA supenas?

1.Yes.

2. Yes.

Re:Geez too many links

[NewYorkCountryLawyer]

It is I who am thankful for the outpouring of assistance we received from the tech community.

Please actually read it or learn about computers

[jgoemat]

You say:

He freely admitted that any identification of who that IP address belonged to was not done by him, and he had no way to verify it; his testimony was about what IP was being used for filesharing, not who that IP belonged to.
...
The only problems I've seen anyone have with his testimony are that he's relying on the data he's given to be accurate (HTF else is he supposed to operate?), that he made a few minor errors in his testimony - i.e. mixing up some terms (this happens to people, and unlike a written deposition he cannot go back over it for mistakes before sending it in), and that he is inaccurate with some of what he says while trying to explain complex technical details to a layperson (everything taught to laypeople is like this; generally correct, even if not correct in specifics).

His report states the following:

15) I will testify to the procedures and results obtained by MediaSentry coupled with the information complied by defendant's ISP to demonstrate the defendant's internet account and computer were used to download and upload copyrighted music from the internet using the KaZaA peer-to-peer network.

He can't do that. It's impossible. there is no way he can use those materials to prove that a computer owned by the defendant was used. Throughout his deposition he gives misleading and weasly answers. "I'll show the defendant's computer was used", yet he cannot and in fact found no evidence on her hard drive. He's getting paid by the RIAA, but his duty as an expert is to give his accurate interpretation of the evidence. We've all seen on TV (and in the SCO vs. IBM litigation) that some experts will say anything for money. This appears to be another case of that. He not only makes "technical" mistakes in attempting to describe it to a layperson, he makes glaring errors and omissions to further his client's case.

His report has this error shortly after his credentials:

The Internet is a collection of interconnected computers or network devices. In order to be able to deliver traffic from one computer or network device to another, each computer or network device must have a unique address within the Internet. The unique address is called the Internet Protocol (IP) address. This is analogous to the postal system where each mail drop has a unique address.

He doesn't mention NAT or proxy servers at all. There can actually be many computers sharing a single public IP address. NAT (Network Address Translation) is when one computer or device separates two networks. On one side of the device, computers can have different addresses. When they want to communicate to the other side of the device, they use the device as a gateway. The NAT device then uses it's own IP address on the other side. There can be many computers on the "internal" side, but they all look the same to computers or devices on the other side of the NAT device. Imagine you live in a house with two friends, Joe and Moe. Joe gets a subscription to Scientific American and Moe gets a subscription to Playboy, but they only fill out the address. When the mail comes, you give Joe the Scientific American and Moe the Playboy because you know they requested them. The magazines only know someone at your address has a subscription. Even though there are three people living at that address, the magazines can't tell.

Proxy servers can also be used to mask the final destination. Think of it almost as a post-office box. Many people can rent PO boxes from one address. They come to that address to get their mail, then they take it home to their personal address. The place with the PO Boxes might not even have your personal address, like a proxy server might not store logs. This is especially the case when someone with nefarious intent got you to install something on your computer without your knowledge to make it act as a proxy s

Re:Am I the only one

[87C751]

I don't remember him specifically saying that a network card does not have an IP address, but I think I do remember him attributing IPs to computers. I do not consider this to be a mistake because there's no reason why we can't consider a single NIC to be part of a personal computer. Really, why make a distinction between the two unless there's more than one NIC on a single host? It does not affect the equation as far as NAT and other relevant aspects.

(note: I read the whole transcript)

You missed the part(s) where he continued to state that the public IP address identifies one, and only one, computer. Even after admitting the existence of NAT, he kept returning to this assumption.