Wednesday, May 06, 2009

Court issues protective order governing hard drive inspection in SONY BMG Music Entertainment v. Tenenbaum

In SONY BMG Music Entertainment v. Tenenbaum the Court has ruled that the RIAA may obtain a hard drive inspection of the defendant's Gateway desktop computer but not of the defendant's Toshiba laptop computer.

The Court also granted a protective order controlling the procedure for the hard drive inspection, which provided as follows:

1. Plaintiffs shall select a computer forensic expert of their choosing to produce a mirror-image of the Gateway computer's hard-drive.

2. The Expert and any assistants assigned to the computer inspection shall execute a Confidentiality Agreement agreed to by the parties and shall sign a copy of and abide by the Protective Order in place in this action.

3. The Defendant shall make the Gateway computer available to the Plaintiffs'
Expert at his counsel's office at a mutually agreeable time within 10 business days of the approved Protective Order. The Expert shall make a mirror-image of the Gateway computer's hard-drive, a process which should require no more than
several hours. He or she may not remove the Defendant's computer from the
premises.

4. Only the Expert and his or her assistants assigned to this project are authorized to inspect, or otherwise handle the Defendant's computer or the mirror-image generated. No employee of the Plaintiffs, or their counsel, will inspect or
otherwise handle the mirror-image produced. The Expert will also maintain all
information in the strictest confidence. Furthermore, the Expert will maintain a
copy of the mirror images and all recovered data and documents until 60 days
after the conclusion of this litigation.

5. The Expert shall examine any recoverable file-sharing data on the mirror-image, including electronic records generated by file-sharing software and "metadata" associated with music files. Recoverable data includes 'deleted' files that no longer appear in the operating system's directory.

6. The Expert shall not examine any non-relevant files or data, including those
belonging to the following categories: emails, word-processing documents, PDF
documents, spreadsheet documents, image files, video files, or stored web-pages.
On their face, none of these types of electronic files appear to have any
established relevance to Tenenbaum's use of file-sharing software or allegedly
infringing activities. As an added precaution, the Defendant shall also be
permitted to designate any attorney-client communications or privileged workproduct files in a Privilege Log provided to both the Expert and the Plaintiffs' counsel prior to inspection. These files shall be immediately deleted from the mirror-image by the Expert and, under no circumstances, may they be opened or their contents examined by the Expert.

7. Based on this inspection of the mirror-image, the Expert shall produce a report
which describes the music files found on the computer and any file-sharing
information associated with each one, as well as any other records of file-sharing
activity. The report may also address any evidence that the hard-drive has been
"wiped" or erased since the initiation of this litigation.

8. The Expert shall disclose this report only to the Defendant's counsel, who will
have five business days to lodge any objections to the report based on privilege.
Any such objections shall first be communicated in writing to Plaintiffs' counsel.
If the parties cannot resolve any dispute themselves, the Plaintiffs shall file a
Motion to Compel the production of the Expert's report. If there is no dispute, or
the parties reach an agreement themselves, the Defendant shall promptly disclose the Expert's report to the Plaintiffs.

9. In resolving any Motion to Compel, the Court may require the Defendant to
submit the Expert's report for review in camera.
The order further provided:
Before this discovery proceeds, a Protective Order consistent with these terms must be submitted for the Court's approval by the Plaintiffs. After that approval, the parties shall promptly meet and confer to determine the contents of the confidentiality agreement and an appropriate time, within ten business days, for the Expert to access the Gateway computer for mirror-imaging.


Unlike the protective order (pdf) in SONY BMG Music Entertainment v. Arellanes, this protective order permits the RIAA to unilaterally select whatever expert it chooses, rather than an independent, mutually agreeable, expert.

May 6, 2009, Protective Order

Commentary & discussion:

p2pnet.net
Slashdot
p2p consortium
Copyrights & Campaigns





Keywords: lawyer digital copyright law online internet law legal download upload peer to peer p2p file sharing filesharing music movies indie independent label freeculture creative commons pop/rock artists riaa independent mp3 cd favorite songs intellectual property portable music player

26 comments:

DreadWingKnight said...

If I were in the position, I would want the credentials of the forensics expert put on record.

I would also want all affiliations on record as well.

That's me, not sure if it's going to happen here.

Anonymous said...

And while we're at it, how about some reporting about the installation - such things as wireless routers and malware can have significant bearing on the quality and probity of the evidence.

-Quiet Lurker

Ryan said...

Hmm finally a filing in this case that doesn't seem insane. All in all not some bad protections, at least he got SOME which is more than other defendants.

raybeckerman said...

ryan, that's because this filing was by the Judge.

Alter_Fritz said...

OK, a few things I would like to criticize:

He or she may not remove the Defendant's computer from the premises.
that's superfluous and irrelevant since the HDD resp. its mirrored content is the relevant stuff here, not the other hardware that made up a computer.

1. Plaintiffs shall select a computer forensic expert of their choosing to[...]
is in conflict with
4. Only the Expert [...] handle the Defendant's computer or the mirror-image generated. No employee of the Plaintiffs, or their counsel, will inspect[...]in so far that P. can choose an expert they want even one that IS employed (or economicly dependant from RIAA members like this Dr. J and his company) since no neutral expert is required.

Beside this nitpicking by me, I agree with ryan that this protective order is better then the other inspections in other cases where Plaintiffs could snoop around in all the personal files of defendants.

Justin Olbrantz (Quantam) said...

Well, as far as privacy protections go, it's movement in the right direction, at least. I can only attribute the lack of requirements at least this strong in every single instance where a drive was submitted to the RIAA thus far as a gross lack of technical knowledge and familiarity with the RIAA's modus operandi on the part of the presiding judges.

DTS said...

In addition, the methodologies used by the forensics expert also ought to be made known for verification, scrutiny, et cetera by the court and external parties if necessary. Not like what consistently happens when the RIAA's selected expert gives their testimony.

usagemayvary said...

could the defense object to that the expert won't be mutually agreed upon?

Alter_Fritz said...

@usage may vary

If I were Joels councel, I would!

I would propose the following procedure.

A court apointed *neutral* expert shal make the mirror image.

Plaintiff's shall provide this neutral court apointed expert (maybe some police forensic guy?) with the search parameters they wish him to perform on the Harddrive.
The Parties might like to fight over these instructions already ;-)

Then neutral expert will provide *Defendants* councel with the printed results of the inspections procedures the parties agreed upon that the expert should perform.

Defendants councel checks those results for priviledge and non relevance and all this stuff.
Inform the court if there is problems.

And only after that all is clear, then will the neutral expert hand over the PRINTOUTS of his examinations to the plaintiffs.

AT NO TIME will the plaintiffs get their hands on the complete image itself since it is on the records that plaintiffs and their expert Dr. J. will snoop around in irrelevant private files. (see Lindor and other cases where the good Dr. J. admitted to have done exactly that!)

Anonymous said...

The RIAA should , in my non-lawyer
opinion only be allowed to search
for the presence or absence of the
specific file sharing software they
claim was used by the defendant.

If no such software is, and never was
on the PC in question ( the registry
WILL tell )

then it is not possible for this to
be the correct PC.

This makes any other file on the
drive irrelevant as there are
many LEGAL ways that music files
can get on a drive.

No filesharing software, no case.

There should be no need to pry
any further.

But that would be too fair and balanced.

Dreddsnik

and .. jmfo.

Alter_Fritz said...

There IS filesharing software on this computer since according to the judges order the Defendant already admitted to that fact in his deposition.

raybeckerman said...

Yes, in view of the admissions, one wonders why the RIAA needs a hard drive inspection at all.

I think they do it because it makes a defendant feel violated, and the RIAA bullies like that sort of thing.

Of course a good protective order takes the fun out of it for them.

Anonymous said...

" There IS filesharing software on this computer since according to the judges order the Defendant already admitted to that fact in his deposition. "

Still,
It is something to consider in
the many cases where they sue
the innocent.

That's been known to happen ..
often.

Dreddsnik

Anonymous said...

Dreddsnik:

FYI It is possible, and not even difficult, to remove all traces of file-sharing software from your computer.

Not that it matters in this case, because it's unlikely the defendant tried to do so.

XYZZY

Anonymous said...

Here is the problem that this man sees.

Instead of telling the Plaintiffs the only files they are allowed to see, this order attempts to list all the kinds of files they're not allowed to view. This is ass-backwards.

Imagine a search warrant that said you can take everything in this house except the bed, kitchen table, refrigerator, television, couch, chairs...you'd never get a proper list made. That's the problem here.

The Plaintiffs should be required -- given that they already know the music files discovered and the P2P system used -- to specify the only files they are searching for and be prohibited from absolutely everything else -- including unallocated file space. Make them tell you what evidence file sharing leaves on a hard drive. Anything else is a huge loss for the Defense.

THE VERY WORST part of this is allowing Plaintiffs to delve into unallocated space. Every operation on a computer tends to leave partial work temporary files with the same data as the final files in the unallocated space. Crucially, these unallocated file blocks have no file type associated with them any longer. So while there may be a prohibition against .PDF and .DOC files being examined, you don't know that this currently unused space wasn't once part of a prohibited file type. This provision should be fought to the death to not be included.

{The Common Man Speaking}

Anonymous said...

" FYI It is possible, and not even difficult, to remove all traces of file-sharing software from your computer. "

I would say this would be true of
most of us that visit this blog,
and regulars on other similar blogs.

The average end user ?
No, that type of knowledge, as
basic as it seems to you and I
is rare among most end users.

Even so, lack of evidence isn't
evidence, in itself, as the RIAA
members want everyone to believe,
and is shown by their treatment of
the defendents, going so far as to
claim it's the sued party's fault
if no evidence can be found.

To assume that because it can be
done, everyone does it is another
form of the presumption of guilt.

But back on point, I don't believe
the majority of end users possess
even basic knowledge of the windows
registry.

Dreddsnik

Justin Olbrantz (Quantam) said...

"I think they do it because it makes a defendant feel violated, and the RIAA bullies like that sort of thing."

I doubt it's that docile. They're probably looking to find as many "illegal downloads" as possible so as to sue him for the maximum permitted by law. More files = bigger hammer to smash his skull in with.

Justin Olbrantz (Quantam) said...

Hey, does anybody know whether the RIAA has ever filed a suit against someone for use of BitTorrent or another file-sharing system where only specific files (e.g. the files in each torrent) are available on the network?

To my knowledge only networks like Kazaa, where all files in the shared folder are available and the client may choose to download any of them, have been hit by suits. But I haven't been cataloging them or anything, so I could well be mistaken.

This is a major distinction because the former generally follow the 1:1 up:down ratio, meaning the expected number of copies uploaded of any work is exactly 1; in the latter case it's theoretically possible some files will be requested much more frequently than others, thus you can't predict with confidence the actual number of copies of each file distributed.

raybeckerman said...

To the best of my knowledge, of the 40,000 or so cases, not a single one of them has had to do with BitTorrent.

They have all involved either FastTrack (KaZaa, e.g.) or Gnutella (Limewire, e.g.).

Anonymous said...

Justin:

I've looked for torrent cases and also found nothing.

For the RIAA it's difficult when torrent comes into play. What does it mean to share 2% of a song? What if it's non-contiguous 2%, like .1% from 20 different places in the song? Is that copyright infringement? Can you go after 50 users, each sharing 2% of the song?

Combine that with fake peers from The Pirate Bay's trackers, DHT, and it being difficult to choose who you get your files from, and torrent is an investigation nightmare.

On the other hand, if the RIAA were to employ low-quality investigators, then it could easily go after torrent users too.

XYZZY

Anonymous said...

" Hey, does anybody know whether the RIAA has ever filed a suit against someone for use of BitTorrent ..... "


That's kinda where I was headed ;)

" To the best of my knowledge, of the 40,000 or so cases, not a single one of them has had to do with BitTorrent. "

That's what I thought. Glad to see
some backup on that thought.

Joel Tenenbaum said...

"I think they do it because it makes a defendant feel violated."

They've definitely succeeded on that front.

raybeckerman said...

Be thankful you have legal representation and a judge who is sensitive to the privacy invasion.

Most defendants have neither.

Joel Tenenbaum said...

Absolutely, Ray. And we're thankful to you as well. Keep fighting the good fight.

Alter_Fritz said...

I have just now noticed that your "example case" link is faulty.

it should read

http://beckermanlegal.com/pdf/?file=/Documents.htm&s=SONY_v_Arellanes


hth

--
A_F

raybeckerman said...

Thanks very much, A_F. Fixed it.