Safeguards For RIAA Hard Drive Inspection 276
NewYorkCountryLawyer writes "In SONY v. Arellanes, an RIAA case in Sherman, Texas, the Court entered a protective order (PDF) that spells out the following procedure for the RIAA's examination of the defendant's hard drive: (1) RIAA imaging specialist makes mirror image of hard drive; (2) mutually acceptable computer forensics expert makes make two verified bit images, and creates an MD5 or equivalent hash code; (3) one mirror image is held in escrow by the expert, the other given to defendant's lawyer for a 'privilege review'; (4) defendant's lawyer provides plaintiffs' lawyer with a 'privilege log' (list of privileged files); (5) after privilege questions are resolved, the escrowed image — with privileged files deleted — will be turned over to RIAA lawyers, to be held for 'lawyers' eyes only.' The order differs from the earlier order (PDF) entered in the case, in that it (a) permits the RIAA's own imaging person to make the initial mirror image and (b) spells out the details of the method for safeguarding privilege and privacy."
Some things I wonder about are.... (Score:5, Insightful)
1. Who pays for the neutral expert?
2. Who makes the deletion of the privileged files?
3. How are the privileged files going to be deleted?
Re:Piracy just hurts the little guy. (Score:2, Insightful)
Re:Tell them to piss off (Score:3, Insightful)
Where's Mr. Tuttle when we need him? (Score:5, Insightful)
You just KNOW that the creepy bureaucratic gnomes who write up this stuff are going to have a hand in designing the "revised Internet" that's made the news lately.
Your computer has been used to violate article IV of the The Working Artists' Protection Act. Please unlock your front door, sit on the ground, place your hands behind your head and wait quietly. Attempts to flee, contact the press, or hire legal counsel is a violation of the P.A.T.R.I.O.T. III Act and may result in detention in an Overseas Protective Facility.
Why a broken hash? (Score:1, Insightful)
Re:Some things I wonder about are.... (Score:5, Insightful)
Are my computing habits putting me at risk if they should ask about my online activities? Should I be afraid? Should I be hiding stuff now?
I don't download music or movies, but how do I prove that without having to go through such huge measures as going to court? The existence of MP3 files on my hard drive does not mean I've been downloading. If I buy a used system that has music files on it, am I guilty?
My belief is that they don't have a right to look at it at all without hard evidence that I've been downloading illegally. The police are the only ones given the ability to search with probable cause only. Discovery for court purposes is one thing, do they search each defendant's home top to bottom to find any hidden hard drives? Do they 'interview' neighbors and friends to see if there is a missing hard drive they are just 'holding'?
To me, this whole hard drive evidence thing is illegal in itself. What if a virus infected my machine as was being used to pass illegally downloaded files? What happens if the defendant's lawyer declares all data on the disk to be private, other than the OS files?
Re:Initial image by agreed experts, not RIAA (Score:4, Insightful)
How I read it, it's basically:
1) Plaintiff, don't worry, you'll get access to the drive by March 21
2-3) Defendent, don't worry, here's how we'll do it---first, you get to delete your private files
IANAL, but that's how I read it. The summary's a bit confusing, and seems to suggest that #1 in the document has to occur before #2, which really doesn't make sense, as the GP points out.
Re:Piracy just hurts the little guy. (Score:3, Insightful)
http://www.google.com/search?q=%22As+a+record+sto
Well, you cold have at least updated your 12 year old record store and 'last year'.
Next to you being an RIAA shill, if you DO have a store, you deserve to be out of business. Or bring some Dimmu Borgir into your 'christian' store.
Re:Safeguards I use (Score:3, Insightful)
Details are absurd because Big Picture is. (Score:3, Insightful)
1. Who pays for the neutral expert? 2. Who makes the deletion of the privileged files? 3. How are the privileged files going to be deleted?
If media files are all the RIAA trolls are interested in, it would be easy enough to make a script to extract them. Standard tools like find and tar do exactly that and do it well. Fancier tools could be made to look for id tags if the RIAA is paranoid about people changing filenames. It is this list of files that should be agreed on and only that should be coppied for examination beyond the "neutral" party.
Asking for more is just abusive but that's what this is all about, isn't it? "A few dollars a song is all we ask," they tell us, "isn't everything we can take away worth more than that?" Muggers use similar logic when they brandish their weapons.
While the change from "The RIAA gets everything it wants, so shut up." in these tiny details is nice, there's a long way to go before anything like justice is served and these searches start to look reasonable or lawful. Everyone in my house has a computer or two. The burden of identifying each and every file that might be embarrassing or abused is well beyond the average user. Even if you can do that, the details of the deletion are still troubling. I'd say that the RIAA system that makes the original mirror is something that can't be trusted to begin with and all bets are off from the first step.
Unreasonable searches are disruptive and dangerous. The easiest way to see what a powerful weapon this can be is to imagine if MLK were alive today. The kinds of people who tapped his phones and told him to commit suicide [wikipedia.org] would be demanding his computers. Those who want to avoid harassment must give up many modern conveniences and efficiencies. The threat of revocation make the tools useless anyway. All it takes to end up on the list is an ISP.
The only thing less reasonable than the "evidence" or motivation for these trials are the harsh penalties provided by law. Everyone of us faces the complete loss of property and livelyhoods at random, all to protect an industry from obvious technical obsolescence.
Re:Initial image by agreed experts, not RIAA (Score:1, Insightful)
Re:Initial image by agreed experts, not RIAA (Score:5, Insightful)
A subpoena is supposed to not cause undue harm or burden. Since due process has not actually taken place (e.g. argue against it in court), the harm and burden is supposed to be limited. Preventing someone from using their computer is, IMHO, an undue harm and burden. This is the principle our laws came from (not that the laws actually implement it very well).
In the "old days" (when such principles were established), evidence was generally written on paper. An order to preserve evidence would mean not destroying those papers. That would not have been an undue burden in most cases. Someone doing more stuff with papers is generally going to be buying more paper, or at the very least doing more writing in the remaining blank spaces of paper.
The computer of today does not fit an analogy of paper. Perhaps the CDROM backups might. Using a computer typically does involve deleting old data and using the space for new data.
But there is an even more extreme situation here. Microsoft Windows is so vulnerable to exploits that several things can end up destroying evidence, or exacerbating the burden. Infectious programs may cause damage or filesystem corruption. Spamware and spyware may be so pervasive that the only option is to wipe the disk and re-install the OS. It has happened to several of my friends and family (in many cases I've been the one to diagnose the problem and carry out the cure which first involved booting Linux to run "dd" to be damned sure the drive was wiped clean, before booting the Windows install disk to start all over). I actually recommend to people that they re-install Windows every 3 months if there are no visible signs of infection (or immediately if there are).
Is it really the intent of the court to tell someone they must not clean out the infections in their computer, and must let the spamware keep popping up various ad windows, and must let their computer keep emailing spam to others on the internet? Will the court also extend that order to the ISP to prevent the user's account from being shut off due to all the spam coming through?
Courts do need to learn a whole lot more about technology. And they sure aren't going to get it in an ex-parte hearing, especially with RIAA lawyers.
IMHO, when a court has issued a subpoena that does cause harm and burden by preventing someone from using their computer, at least for more than a day or two, that court has overstepped its authority. Note that this is an opinion, not a description of how lawyers and judges have currently structured things (which is really wrong because of their lack of knowledge about technology). Fixing it, though, is going to be a tough issue for the future.
But do keep in mind that lost evidence can be very easily the result not of the user, but of things beyond the user's control, at least if they keep using their computer. Tell me what you would think if a subpoena ordered you to shut your computer off, and not run it or use it at all, for 30 days, until they can get a bit image of the drive made (whether you did anything suspect or not)?
Re:Initial image by agreed experts, not RIAA (Score:2, Insightful)
Nice to know you've been paying attention. After all, the RIAA never, ever causes trouble for those who are actually innocent, right?
Re:Initial image by agreed experts, not RIAA (Score:1, Insightful)
"I don't recall"
If it's good enough for Congress, it's gotta be good enough for a judge.