Monday, March 03, 2008

Marie Lindor replies to RIAA and MediaSentry in support of her motion to compel MediaSentry to respond to subpoena

In UMG v. Lindor, defendant has filed reply papers in further support of her motion to compel MediaSentry to respond to the subpoena duces tecum with which it was served, responding to the opposition papers filed by the RIAA and by MediaSentry.

March 3, 2008, Letter of Ray Beckerman responding to MediaSentry*
Exhibit A - Tom Mizzone declaration*
Exhibit B - Text documents (Part 1)*
Exhibit B - Text documents (Part 2)*
Exhibit C - List of backup materials requested*
Exhibit D - Confidentiality stipulation and emails*
Exhibit E - Tom Mullaney emails indicating no further documents would be produced even with confidentiality stipulation*
Exhibit F - Reply brief of Oregon Attorney General in Arista v. Does 1-17*
Exhibit G - RIAA surreply brief in Arista v. Does 1-17*
Exhibit H - RIAA opposition brief in Arista v. Does 1-21*

March 3, 2008, Letter of Ray Beckerman responding to RIAA*
Exhibit I - Motion to compel production of MediaSentry agreements and March 30, 2007, order denying motion*
Exhibit J - Email exchange stating that MediaSentry was not being requested to turn over its agreements with RIAA*

Ms. Lindor's attorneys were assisted in the preparation of their reply papers by Jonathan Jaffe, a law student in the University of San Francisco School of Law, Intellectual Property Law Clinic.

[Ed. Note. Following is a list of the technical documents and data that have been requested.]
6. All documents containing, evidencing or otherwise concerning (a) methods and procedures to be used and protocols to be followed for investigating, detecting and monitoring the activity alleged in the complaint, including, but not limited to validation methodology, testing procedures, failure rates and work flow methods, (b) procedures, if any, followed by MediaSentry, during its investigation of the activity alleged in the complaint, for mitigating the misidentification of IP addresses caused by IP address spoofing, (c) procedures followed by MediaSentry, during its investigation of the activity alleged in the complaint, for mitigating the effect and consequences of virus and malware infections, and/or (d) procedures followed by MediaSentry, during its investigation of the activity alleged in the complaint, for ensuring the validity and integrity of information returned by superpeers.

7. All documents evidencing, reflecting, explaining, referring to or otherwise concerning the setting, synchronization, and maintenance of clock time on the computers and servers that MediaSentry used in the investigation and detection of the activity alleged in the complaint.

8. All documents evidencing, reflecting, or otherwise concerning the amount of time that MediaSentry and its employees and agents were engaged in investigating, detecting and reporting the activity alleged in the complaint.

9. Complete digital copies of all packet logs of traffic sent to and from the measurement infrastructure and the P2P network in connection with the investigation and detection of the activity alleged in the complaint, including all packet logs of traffic sent to and from the Kazaa bootstrap superpeer and Kazaa session superpeer.

10. All documents sufficient to identify the software(s), hardware systems and other tools and devices that were used to detect and monitor the activity alleged in the complaint.

11. Digital copy of the source code of the software(s) used to detect and monitor the activity alleged in the complaint.

12. Manuals for the software(s) used to detect and monitor the activity alleged in the complaint.

13. Digital copies of all electronic files, including metadata, downloaded or accessed by MediaSentry relating to The Account.

14. Digital copies of the Kazaa or other peer to peer software program installed on the computers or servers that MediaSentry used in connection with its investigating, detecting and monitoring the activity alleged in the complaint.

15. (A) All documents identifying, evidencing, reflecting or otherwise concerning the software that was used to generate the data in Exhibit A. (B) All documents identifying, evidencing or otherwise concerning (i) the natural person or persons, if any, who generated, or caused to be generated, Exhibit A hereto, and/or (ii) the hardware used to generate, or cause to be generated, said exhibit. (C) Digital copy of the .txt file from which Exhibit A was printed. (D) Digital copies of all files whose data was used in the creation of, or incorporated into, said .txt file.

16. (A) All documents identifying, evidencing, reflecting or otherwise concerning the software that was used to generate the data in Exhibit B. (B) All documents identifying, evidencing or otherwise concerning (i) the natural person or persons, if any, who generated, or caused to be generated, the document annexed hereto as Exhibit B, and/or (ii) the hardware used to generate, or cause to be generated, said exhibit. (C) Digital copy of the .txt file from which Exhibit B was printed. (D) Digital copies of all files whose data was used in the creation of, or incorporated into, said .txt file. (E) A printout of the .txt file from which Exhibit B was printed, which sets forth all of the data in said file, including text that was cut off on the right margin of Exhibit B. (F) All documents identifying, evidencing, reflecting or otherwise concerning (i) “Rule Name: Hubcap” as referred to on the second line of page 1 of Exhibit B, (ii) “agent ID 194" as referred to on the fourth line of page 1 of Exhibit B, and/or (iii) “Scanner Name: DAYSC17" as referred to on the fourth line of page 1 of Exhibit B. (G) Digital copies of the eleven (11) files allegedly downloaded on 8/7/2004 from 6:41:26 AM to 7:08:33 AM, as set forth in Exhibit B. (H) Digital copies of the eleven (11) files for which downloads were logged on 8/7/2004 from 7:09:40 AM to 7:09:43 AM, as set forth in Exhibit B.

17. All documents identifying, evidencing, reflecting or otherwise concerning (A) the software that was used to generate the data in Exhibit C, (B) the algorithm and procedures used to generate the data in Exhibit C, (C) the natural person or persons who generated, or caused to be generated, Exhibit C and the digital version of same.

18. (A) Digital copy of the .txt file from which Exhibit C was printed. (B) Digital copies of all files whose data was used in the creation of, or incorporated into, said .txt file. (C) All documents defining or containing the definition of the term “Distinct Matches” as used in Exhibit C. (D) All documents reflecting, evidencing or otherwise concerning how the .txt file in Exhibit C came to be named “Lindor Marie-UserLog-6190165.txt”. (E) All documents identifying, evidencing or otherwise concerning the person or persons who named the .txt file, from which the document annexed hereto as Exhibit C was printed, “Lindor Marie-UserLog-6190165.txt”. (F) All documents reflecting, evidencing or otherwise concerning how the IP address 141.155.57.198 came to be included in the .txt file from which Exhibit C was printed.

19. Digital copies of the file(s) from which the document annexed hereto as Exhibit D was printed.

20. All other screenshots, user activity logs, and reports ever generated by MediaSentry in connection with The Account.

21. All documents identifying, evidencing, reflecting or otherwise concerning (A) the software that was used to generate the data in Exhibit E, (B) the algorithm and procedures used to generate the data in Exhibit E, and (C) the natural person or persons who generated exhibit E, or caused it to be generated.

22. (A) Digital copy of the .txt file from which Exhibit E was printed. (B) Digital copies of all files whose data was used in the creation of, or incorporated into, said .txt file. (C) All documents defining or containing the definition of the term “Distinct Matches” as used in Exhibit E. (D) All documents reflecting, evidencing or otherwise concerning (i) how the .txt file, from which Exhibit E was printed, came to be named “Lindor Marie-UserLog(Compressed)-6190165.txt”, (ii) the natural person or persons who named the .txt file, from which Exhibit E was printed, “Lindor Marie-UserLog(Compressed)-6190165.txt”, (iii) how the IP address 141.155.57.198 came to be included in the .txt file from which Exhibit E was printed. (E) All documents identifying, evidencing, referring to, or otherwise concerning the natural person at MediaSentry who on August 7, 2004 at 6:15 a.m. “detected an individual who was engaged in the distribution of Plaintiff’s copyrighted sound recordings using the screen name jrlindor@kazaa and Internet Protocol ("IP") address 141.155.57.198,” as alleged on page 5 of Exhibit F. In the event no such documents are produced indicate whether it is because the documents are unavailable, or whether it is because there was no ‘detection of an individual’

25. All documents identifying, evidencing, referring to, or otherwise concerning the date, time and location that downloaded files with respect to The Account were listened to.

27. All documents relating to any attempts by MediaSentry, or any other person or entity, to verify the accuracy of Verizon’s subpoena response, and all documents relating to the accuracy and/or synchronization of server clocks and logging instruments at Verizon, and the actual DHCP logs for that day.

28. All documents relating to any attempts by MediaSentry, or any other person or entity, to verify that any person was using an “online media distribution system” through defendant’s internet access account after August 7, 2004.

* Document published online at Internet Law & Regulation

Commentary & discussion:

p2pnet.net
Slashdot
Ars Technica
Stereophile
IT Business Edge



Digg!




Keywords: digital copyright law online internet law legal download upload peer to peer p2p file sharing filesharing music movies indie independent label freeculture creative commons pop/rock artists riaa independent mp3 cd favorite songs intellectual property

To contribute to Marie Lindor's legal defense, see below.

















The above donation button links to a PayPal account established by Marie Lindor's family for people who may wish to make financial contributions to Ms. Lindor's legal defense in UMG v. Lindor. Contributions are not tax deductible.




20 comments:

Anonymous said...

Ok,
First post. It seems like half your response was 'This is a lie' and 'This is not what I said'. Honestly, is this normal in law? If so, I'm glad I never contemplated going into it. I know PJ over on Groklaw keeps saying non-lawfolk should have more confidence in the system, but between the RIAA and SCO and some of the other stuff (54 Million Pant's suit?), it's very very very hard to have any faith in the US Legal system.

MDT

Anonymous said...

Oh, Ray, that last post was not directed against you, it was against the RIAA lawyers. I can't believe you had to all but call them liars in your response (and I do call them liars, but then again, they can't sue me (knock on wood)). :)

MDT

Anonymous said...

Ray,

What you need from the Plaintiffs is the number of times throughout all these investigations that information (IP addresses and timestamps) provided, with all the fail-safes in place, by MediaSentry have been returned by subpoenaed ISP's as invalid, or not matching any user account at the time specified.

Here's the issue. It's easy to point out that MediaSentry collects bogus information when that information does not match any user at all in the ISP's log files. It's much harder when that information does randomly hit some user, but not the right user. The RIAA may well figure that so many Internet users are swapping music that their odds are pretty good that anybody they can identify has a good chance of being guilty, but I don't feel you're allowed to use that Information & Belief in most courts. By knowing how many times they've supplied completely wrong information about IP addresses and times, someone better in math than I am can likely deduce how often they hit a valid address belonging to a completely wrong person.

The RIAA sues the wrong people. This is no secret. And even when they're clearly wrong, they don't quit easily. They insist there are no errors in their methods. Ray, every method has errors, and it needs to be shown that the RIAA is far from infallible. Showing how many clearly and demonstrably wrong cases they're attempted to identify with absolutely wrong information would be a good start in that area.

Oh, and if SafeNet maintains that they have identified the exact computer involved in the infringement, then they should have no trouble telling you at minimum, its make, model, and likely processor type , memory amount, and hard drive make, model, and size installed. They should know its network adapter Mac address also, meaning that they have no need to subpoena that information. After all, one of their experts claims he can tell you the exact manufacturer and hard drive size of an external hard drive that may have only been plugged in once. If SafeNet cannot provide this information, then they clearly haven't identified the "computer" involved in the alleged infringement.

XK-E

P.S. Any post that starts out "First Post" should immediately be deleted for grandstanding and bad manners.

Justin Olbrantz (Quantam) said...

11. Digital copy of the source code of the software(s) used to detect and monitor the activity alleged in the complaint.

Bwahaha. Can't wait to see the response to this.

Ray Beckerman said...

MDT, XK-E is right about the "First Post" thing, so please refrain from that in the future. You can't know if you're the first post anyway, since I use comment moderation, and there might be posts in line for publication ahead of yours.

As to the substance of your post, the UMG v. Lindor case presents a very good argument that being a lawyer is no fun. When the judges do not do the right thing, being a lawyer is a most unpleasant task.

I think it is absolutely wrong that Judge Trager and Judge Levy have allowed this travesty against an innocent woman to be dragged out like this.

Certain of the rulings I find totally inexplicable:

1. Not permitting me to see the agreements pursuant to which MediaSentry was hired.

2. Allowing Jacobson to testify as an "expert" when he satisfies NONE of the Daubert factors, and admits that the material upon which he relies also satisfies NONE of the Daubert factors.

3. Magistrate Levy's failure to enforce his own order directing plaintiffs' to disclose their own employees' use of peer to peer file sharing software in transmitting song files to radio stations.

Judge Trager's advice to us that he will not look favorably upon a summary judgment motion until after the close of discovery.

Anonymous said...

Ray,
Sorry, that 'First Post' was not meant 'Oooh, I got the first post'. It was meant 'Hey, my first post on here, be gentle!'.

Sorry for the confusion on that.

As to your response, thanks. I imagine it would not be fun to be in a job where when you do all the right things, people don't play by the rules. It's especially bad when the ref's won't enforce the rules, or enforce them in a one-sided manner.

MDT

Anonymous said...

All I need to do in order to collect hundreds of thousands of dollars is to pay a PhD to testify that my secret software is "correct" and to "validate" some text files that say "This guy is an infringer! The secret program I made said so!", right?

-----
C:\>nslookup-renamed-to-find-infringement riaa.com

MONEY DETECTED!

Authoritative answer:
Name: riaa.com
Address: 76.74.24.143

SUE THEM!
-----

I'm 110% convinced that the above information is clear and convincing evidence that the RIAA owes me tons of money for reasons I'll pay a lawyer to expound upon once I find myself a PhD who wants a big fat contingency bonus...

So where do I collect?

Or is it customary to sue them, withdraw the suit, and refile it against their youngest children beforehand?

- Friendly Slashdotter

Anonymous said...

Few professions are "fun," but they can be enormously rewarding and even exhilarating when I finds that one has saved a patient, offered critical pastoral care, helped a student with a significant intellectual problem, or effectively assisted a client in her defense or prosecuting his claim. I agree with Ray, however, that much of the satisfaction has gone out of the practice of law. More dire and critical to profession, however, is the full frontal assault on the rule of law and lawyers from our government and business community.

Igor said...

Ray,

It might be helpful also to request the IMAGE of a harddrive used by Media Sentry in their investigation including the storage of all the logs on that harddrive from their investigation. If they can have(demand) an image of the defendant's hard drive, it's only fair that the defendant can likewise. This way you can confirm what they are claiming. If they don't have the image available then they tampered with evidence in a lawsuit they brought themselves.

Igor

Igor said...

Ray,
"All documents reflecting, evidencing or otherwise concerning how the .txt file in Exhibit C came to be named “Lindor Marie-UserLog-6190165.txt”"

That is an excellent point you make with that request. Did they name that file after they already got the name of IP owner from ISP? If so, that means the name and file were altered from original generation to include the name after the name was returned by Verizon. In that case what does 6190165 mean? Did they have a script that just appends returned subpena names to files? In what format does Verizon return these?

Igor

StephenH said...

I hope that MediaSentry has to compel these documents. I think the reason they are fighting this, is that they know just how unreliable their investigations are, and that putting these documents through a peer review would throw the door wide open to RIAA victims having strong defenses.

Ray Beckerman said...

Igor, you're a little bit late with your suggestion. Didn't you read this in October 2007?

Igor said...

Ray,
Sorry, now that you linked to it I do recall reading this. It was one of those impulse thoughts that came to me as I was reading this late last night.

Igor

Anonymous said...

Ray,

All Media Sentry internal e-mails regarding their investigations would certainly prove devastating, in the same way the leaked Media Defender e-mails were. You should try to get them. I know what programmers are like on an e-mail system that the mistakenly think is private.

XK-E

Ray Beckerman said...

XK-E....

1. The subpoena clearly calls for any such communications.

2. You're 5 months too late to be making suggestions. I put out a call for suggestions in October 2007. One of the reasons I did so was to avoid people second guessing the subpoena.

Ray Beckerman said...

XK-E

Please read the subpoena before commenting on it.

Instructions and definitions

1. A “document” is all forms of recorded information, and includes but is not limited to both DIGITAL DATA and PAPER PRINTOUTS of said digital data.

........

4. “The Account” relates to anything relating to (a) Marie Lindor or an internet access account paid for by her or otherwise in her name, (b) the Kazaa username “jrlindor@kazaa”, and/or (c) the use of IP address 141.155.57.198 on August 7, 2004, at 6:15 A.M.

............

All documents relating to The Account.......

Anonymous said...

Ray,

I have read what you asked for by subpoena, and made suggestions at the time in the forums where you posted the question. I still see nowhere that e-mails are specifically called out. Programmers (and others) don't think of e-mails as part of the documentation relating to specific projects as a rule, and would be unlikely to include them unless specifically told that e-mails are considered part of the required documentation regarding the investigation . They would limit it to files they created, and not e-mails discussing the investigation, and why they think they have a live one here.

But you're the lawyer. If you get e-mails and instant message logs along with the rest of the documentation you've requested then you've certainly asked for all the right stuff and I stand corrected (once again). If no e-mails or instant message logs are provided, then you have something to go back and inquire about.

Igor made the best point here so far that any files labeled "Lindor Marie..." are highly suspect as being created (or renamed) far after the fact and time of collection. If MediaSentry knew at the time of their data collection just who they were collecting the data from, then the RIAA would have had no reason at all to subpoena that data from her ISP. Any files MediaSentry collected at the time should at most have a case number, and maybe a date, as their filename. If I were you, I would want the files that were used to create the Lindor Marie UserLog... file(s).

XK-E

Anonymous said...

Ray,

Looking back over everything once more, as I see it your subpoena calls for copies of all communications -- which would include e-mails and instant messages -- between the RIAA and MediaSentry regarding any facet of the Lindor investigation. It will be especially interesting to see just when the RIAA told MediaSentry to label that specific investigation as Lindor, Marie..., since MediaSentry couldn't have known her name unless someone told them.

What I am saying is that you also need to ensure that you get all INTERNAL E-MAILS within MediaSentry itself concerning this investigation. Those e-mails can be a wealth of information of when things aren't working right, and what may have been done to patch over the flaws.

Sorry if I wasn't clear before.

XK-E

Ray Beckerman said...

XK-E, I wasn't expecting cooperation from these criminals or from the RIAA's dishonest attorneys.

And in view of the many false statements of fact in the criminals' attorney's letter, I have to wonder about him as well.

It has been nothing but a struggle, and will continue to be a struggle until the Judges start using Rule 11 to put them in their place, as Magistrate Kravchuk recommended.

Rick Boatright said...

Ray,

I know I'm two months late, and that you already have your response from your expert regarding the Jacobson supplimental report, but I was going back and forth between this post and over at Groklaw and reading over Prof Poulwelse's report to you it occurs to me that he missed something pretty obvious.

In BOTH reports, Jacobson says that the computer in question was not connected to the internet through a wireless router based on his analysis of the registry entries on the hard disk he examined.

But, uh, er, Ray, ... He then goes on to say that this IS NOT THE HARD DISK IN QUESTION, that this is NOT the hard disk that was running Kazza that was the one that Media Sentry was looking at at the IP in question.

Ray, can he have it both ways? If he cares what the registry says, then it's the right hard disk. If it's the WRONG hard disk, then he doesn't CARE what the registry says. Doesn't he have to pick?

If this is not the hard disk in question, and it has THAT IP ADDRESS in its registry, then either

a) Someone edited the registry entries to hack in the IP address in question, in which case we know nothing about how the hard disk was attached to the internet,

or

b) This hard disk came from a computer which DID have that IP address... uh months later, still had that same IP address that Veriszon had dynamically assigned back at the time that Media Sentry did their investigation.

I don't see that Jacobson gets to have it both ways... Either it IS Lindor's hard drive, with that IP address, or it is NOT, and someone ELSE had that ip address, or their whole "Ip addresses identify computers" thing breaks down, or they're accusing you guys of hacking the registry to fake in the IP address in question.

Either way, Jacobson is either stupid or careless, or both.

Or did I misunderstand?

Rick