Sunday, December 28, 2008

Trial transcript of Capitol Records v. Jammie Thomas now available online

We are pleased to announce that the complete transcript of the Duluth, Minnesota, jury trial, which took place October 2, 2007, to October 4, 2007, in Capitol Records v. Thomas, is now available online:

Transcript, October 2, 2007, pp. 1-278
Transcript, October 3, 2007, pp. 280-543
Transcript, October 4, 2007, pp. 544-643

[Ed. note. Many, many, many thanks to the "Joel Fights Back" team, who obtained this transcript and furnished it to "Recording Industry vs. The People". This transcript will be an invaluable aid to those of us representing defendants in RIAA cases. Among the many interesting things to look for: the early-morning argument on October 4, 2007, where Richard Gabriel convinced Judge Davis to change his mind and accept the plaintiffs' proffered jury instruction; the testimony of Jennifer Pariser in which -- according to Cary Sherman -- she "misspoke"; the testimony of the RIAA's expert witness Doug Jacobson; the testimony of the MediaSentry investigator; the technology issues relating to the service performed by Best Buy on Ms. Thomas's hard drive; the voir dire and testimony of the RIAA's expert. And on and on. This was the RIAA's first and only trial, as far as we know. This transcript is a huge help to all of us. On behalf of all of the victims of the RIAA's vicious campaign: Thank you, "Joel Fights Back". -R.B.]

[Ed. note. On page 532 of the October 3rd transcript, when the lawyers and the judge were discussing the making available issue, this passage jumped out at me:

THE COURT: .....I didn't hear any Eighth
Circuit cases that were cited.
MR. GABRIEL: I don't believe the Eighth Circuit
has spoken on the issue, Your Honor. I think we looked for

Commentary & discussion:

Ars Technica
gulli (German)
C. E. Conversations


Keywords: lawyer digital copyright law online internet law legal download upload peer to peer p2p file sharing filesharing music movies indie independent label freeculture creative commons pop/rock artists riaa independent mp3 cd favorite songs intellectual property portable music player


Marc W. Bourgeois said...

Thanks to "Joel Fights Back" and to you Ray for getting this out. I'm sure when I get to skim the transcript of events I'll be able to remember much more precisely times during the trial where I couldn't believe my eyes and ears. It will also be valuable to anyone else who needs to try a case of this sort.

I haven't reviewed the transcript yet, but for technicians out there try to find the argument on October 3rd about the CD ripping speed test with Dr. Jacobson testifying. I remember him making several statements during that phase which made me disbelieve his credibility. (His conclusion that the files on the hard drive were transferred from another hard drive, and not ripped). A quite convincing counter experiment to disprove his statements could easily be performed by any slightly experienced technician.

Are the exhibits that were presented to the jury available to the public? I know they extensively referenced during Dr. Jacobson's testimony especially.

raybeckerman said...

Dear Marc

1. First let me say I am thrilled by your comment, and hope it is the first of many that will be posted here dealing with the technical issues. A good discussion of those issues will be enormously helpful to the lawyers defending these horrid cases.

2. Yes I have a full set of the evil empire's trial exhibits. The MediaSentry exhibits were posted here. If there's anything missing, or if you want to see any of the other exhibits, just let me know and I'll put them up.

Thanks again, Marc!!!

Alter_Fritz said...

Wow, what a fascinating read.

First we learn that "The dentist" is now too in the business of having a record label called "the Oppenheim group" and his "label" has interests in all those songs that media sentry downloaded in the last few years too. (at least that's what can be derived from his yes answer when the judge asked him about his role. But maybe it is just this kind of mishearing/misspeaking virus that got transmitted from Jenny P. to Jan O.?!)

then we learn that Pariser is akin of terroristic suicide bomber since her head is able to explode! Hve some bomb squat on standby in Duluth on the day of Retrial ;-)

And one of the most important issues I have read so far is IMO that we got (even though only with a short sentence that "it is not from him") from the MediaSentry PartyGuy conformation for a fact that me and others have mentioned in comments for quite some time now: The lawyers for Sony-BMG, EMI, Vivendi Universal and Warner are actively tempering with what they call at trial "evidence" and they manipulate these evidence like they see fit even after they get the "casefile" from their unlicensed crime committing Private Investigators at MediaSentry/SafeNet.

So NONE of the printouts seems to be usable in a serious court of law as evidence given that lawyers that work for example at HRO and that have set up even a "pay us online with your credit card"-website are in those recording industry vs the people cases are also in the business of manipulating evidence.

These transcripts are really helpful in shining the light onto those court fraudsers at HRO and Co. hired by Sony-BMG, EMI, Vivendi Universal and Warner.

I've not reached Douglas' appearance yet, but given that Richard Gabriel actually had to ask the court if their "Expert" can listen to the other witnesses testimonies so he would be even able to play the expert, I guess that read will be fun and I'm counting on fellow commenters here to dissect those parts of the transcript and the rediculous claims he made :-)

P.s. For the Re-Trail, please summon those big MediaSentry thingys that seem to hold the original evidence files.
If Mrs. Pariser truthfully claimed that those evidence storage thingies are too big for a courtroom and that's why plaintiffs had only non forensicly sound stored "fake" copies of evidence with them then I would *love* to see after the trial pictures of the 1970-80ties big fat magnetictape storage thingies that you can see in old movies where computer rooms are scenic environment.

But maybe MediaSentry has those that look a bit like a top loading washing machine where you had to put this cake like things with those big magnetic metal plates in plastic casings into?

Alter_Fritz said...

PPs. the 250 MB (!) harddisc is probably in use by MediaSentry

Anonymous said...

I have been reading the Transscript, and these are some of my thoughts so far on technical errors:

Much to-do was made about WMP 11 vs WMP 10. I think they just should have simply installed 10. I doubt it would have made much difference in the ripping time involved, as 99% of the time factor comes ONLY from the speed of the CD rom device reading the files, since that device is the slowest in the ripping chain.

The expert also attempted to state it was unreasonable for a continous ripping session to have occurred. I dont see a problem with that, because there is nothing that would suggest there was not more than one person helping with that effort. Kids could have been used to switch the disks when the songs were re-ripped to replace the data on the drive after it was replaced at best buy.

He testified the drive examined was NOT the one in the machine when MS did their thing in 2/2005. I also wonder if the other hard drive the Doctor speaks of the files were copied from was perhaps her original failed drive. It is quite common when exchanging drives to hook up both drives for a short period to allow the copying of any recoverable data to the replacement drive before disposal or return to the manufacturer of the bad unit. I would not consider such a transfer to be unlawful, but simply a backup permitted under the copyright law.

NOWHERE in the expert testimony does he ever state the MAC address of the machine, or that he looked up the first 24 bits in the OUI list to determine what manufacturer was associated with that assignment. I would have expected testimony in regard to that list, and a statement to the effect that the MAC range was assigned to a manufacturer that does NOT make routers. That testimony was absent, and not challenged by the defense. Testimony that the range in question was assigned to the manufacturer of the network card in her machine would have been expected as well.

This is important, because he testifed that the LAN side MAC never changed, and that it MATCHED the computer, thus there was not a router in use.

However, these facts standing alone do NOT establish that a Router was not in use. In almost every router that is sold, a feature called "MAC Cloning" or similar is present. Since cable modems refuse to communicate with more than one MAC address, this feature is used to place the current workstation MAC onto the WAN side output, so that communication can take place. If/when a router is installed in a cable modem enviroment, this feature allows the router to assume the MAC address of that first workstation. Thus, he cannot testify with any degree of scientific certainty that a router was not used based on that fact alone. Many routers will at the same time set this workstation address up into the DMZ so that the External IP is shared. So any testimony stating that "192.168" addresses are missing, thus no router can be false as well. A computer in the DMZ uses the external IP, but still shares that IP with other workstations connnected that use the "192.168" subnet.

Once installed, a router will allow many machines to share the connection, including the original machine with its original MAC address. Since the LAN (input) and WAN (output to cable modem) are on different physical segments, there is no conflict with both sides using the same address. The cable modem ONLY sees the WAN side, and thus has no awareness of what is on the LAN side, and nothing in the LAN side can be logged by the ISP.

The piece of evidence that is likely the most damaging to the defense is the fact that a username that matched her hotmail and Yahoo accounts was used. If a random username for the P2P software was used, the case against the defendant is much weaker.

Later on the Defendant is called to testify and is permitted to mis-state the evidence in regard to her MAC address. She says "Do you recall that you told us that the modem MAC address was 00028ACF5590". Looking that number up in the OUI list shows:
00-02-8A (hex) Ambit Microsystems Corporation
00028A (base 16) Ambit Microsystems Corporation
5F-1, 5 Hsin-An Road Hsinchu,
Science Based Industrial Park,

This is NOT a company that makes cable modems, and thus this address can NOT be the MAC address of her modem. It is more likely the MAC addess of a built-in network card on her workstation. The defense needs to be careful in regard to letting them get this in. The rep from the ISP can clearly testify this is NOT the modem address and they make it clear that she was tricked into giving this testimony, as she is not an expert in these matters.

Another matter to be aware of is in regard to changing the MAC address in the hardware on the board, and the testimony does not make it clear that the MAC address can be changed from the factory assigned one with a utility provided by the manufacturer of the network card.

The testimony talks a lot about the option in most operating systems including Windows to change the MAC address used by the operating system. This option does not actually change it on the hardware device, but merely changes the address used.

When network cards were first made many years ago, the MAC address was stored in a ROM and was unchangable. For the last 15 years or so, almost every network card made has the MAC address stored in a rewriteable device. There are many reasons that a network administrator might want to re-assign a MAC address, and I have seen them all:

1) A box of network cards were purchased, but 2 of the cards were incorrectly set to the same MAC address.

2) DRM on software installed on a specific machine might tie the software to a specific MAC address. When the hardware is upgraded, the MAC address changes and the software will not run without changing the MAC

3) A network card fails, and equipment or software expecting that MAC address requires the replacement card also have the same address.

4) Hot/Cold backups, or test machines for the DRM systems above need to be made, and require the MAC address match.

Often in SNA enviroments where every thing is tied to a mac address, a "fake" one is set up from the beginning. Some people also set MAC addresses to be cute. An example of a common "Cute" mac address is "deadbeefcafe", since it is one of the few phrases that can be spelt with the letters a-f only.


Anonymous said...

From Albert's post:

"Later on the Defendant is called to testify and is permitted to mis-state the evidence in regard to her MAC address. She says "Do you recall that you told us that the modem MAC address was 00028ACF5590". Looking that number up in the OUI list shows:
00-02-8A (hex) Ambit Microsystems Corporation
00028A (base 16) Ambit Microsystems Corporation
5F-1, 5 Hsin-An Road Hsinchu,
Science Based Industrial Park,

This is NOT a company that makes cable modems"

Ambit IS a major manufacturer of cable modems.


Anonymous said...

moreover, Ambit is one of the brands utilized by her ISP.


Another Kevin said...

Alter_Fritz:PPs. the 250 MB (!) harddisc is probably in use by MediaSentry

I always liked the 29.2 MB IBM 2314's. They didn't look like washing mashines, because the packs were front-loading rather than top-loading. They looked like pizza ovens instead. said...

Q. Do you work with SafeNet or MediaSentry when they go about acquiring names in their investigations?
A. They work for us, yes.
Q. Do you supervise them?
A. Not directly.
Q. Do you make certain that they're careful about what they're doing?
A. I hope they are careful, yes.
Q. How many dead people have you sued?


PRICELESS....! There's a "mastercard moment" for you!

I almost feel sorry for her (almost), he walked her down the lane, made her dig her own grave.. handed her the shovel and calmly turned his back and walked away because he knew she would bury herself.

Masterful, wicked, beautiful... ohh, words fail me. Oops, funny too! (they dont fail me completely!)

Wonderful that you have posted their transcripts, we will be writing a follow up article and be putting copies up on our site ( as well (just in case, but if this is a problem kindly just say so and we'll take down the copies)

These slimy ***** (censored myself in respect for this blog) think they can use their slime and slink away, lets not give them the chance.

Thank again Ray.


Unknown said...

I'm reading Dr Jacobson's cross, and the "demonstration". They managed to put alot of doubt into the validity of the demonstration. But, the numbers are very interesting. What would have been more interesting, would have been to copy the songs from a HD to another HD.
They had about 12 seconds per song. Which is seriously not fast enough for a HD to HD transfer. I would expect the transfer rates to be substantially faster than 12 seconds between songs.
Your average .wma file should be roughly 5mb. I would expect transfer rates from HD to HD to be in the 500KB to 1MB per second at a minimum. This should give timestamps of less than 10 seconds per song. More likely to be roughly 3 to 5 seconsd per song.

Anonymous said...

According to ArsTechnica:

The RIAA does confirm to Ars that it has evidence of "actual downloads" in the Jammie Thomas case; even with Judge Davis' ruling about "making available" evidence, Thomas would not necessarily come out clean in a new trial.

When the RIAA refers to "actual downloads" are the referring to the defendant downloading files from some source (or ripping them from CDs) to be stored on her hard drive, or someone else (MediaSentry) downloading the files allegedly from her computer to store on their own computer? Whether you're uploading or downloading is completely relative depending where you are in the chain, and the discussions about it don't give the feel that the terms are being used correctly by the non-technical lawyers.

If the plaintiffs are contending that they have proof that the defendant "downloaded" the files from some other source on to her computer (the correct usage of the term) then they must have provided these file to her for downloading, meaning that they're authorized copies (or bait).

Which is the actual crime here? Uploading, downloading, having ripped music files on your computer, or all of the above? If both uploading and downloading are the crime then somewhere someone else had to be involved in the "illegal" act somewhere and why aren't they charged in this case?

And regarding timestamps of files copied from one hard drive to another, in this man's experience the original timestamp of the file is maintained intact. As such, looking at the timestamps on this disc doesn't tell you how the files arrived on it.

{The Common Man Speaking}

Unknown said...

TCMS - Actually no you'd be incorrect on that.

When you copy a folder from 1 drive to another drive. The creation stamp is the time when the file was created on the new harddrive.

For example:

I have a file on a network share called
Created: Friday, March 21, 2008 12:49:57 PM
Modified: Tuesday, August 20, 1996, 5:29:00 PM
Accessed: Today, December 30, 2008 5:26:40pm

I copied that file to my desktop (which puts it on my harddrive)
Created: Today, December 30, 2008, 5:26:43 PM
Modified: Tuesday, August 20, 1996, 5:29:00 PM
Accessed: Today, December 30, 2008, 5:26:43 PM

As you can tell, the Created dates will change. The Modified date will stay the same, if it's a copy from another drive.

When you create a new file, the modified date is set to the creation date. So, what would have been interesting information to have on these files, would be the modified date.

If the songs were "ripped" from cd to that harddrive. They would have a modified date identical to the creation date.
If the songs were "copied from another harddrive" They would have maintained the modified date from said original harddrive, and their modified date would be BEFORE their creation date.

This is interesting, and might be a way to throw out Media Sentrie's testimony, unless they can provide the modified date as well as the creation date on all said files.

The same is true of files created in linux OS.

Ray, for anyone going with the These are my files, I copied them from CD defense. This very much would be something worth looking at. Now, it doesn't help if yuo DID rip them, and then copied them to a new hd because your old one failed. But, it's certainly something.

Anonymous said...

I just read the first 400 pages (most of the technical evidence) of the trial record on your site in Capitol Records v Thomas, and have come up with a fairly significant technical weakness in the RIAA cases. While this weakness may not help Jammie Thomas, it could help others.

The crux of the issue is that all the data that Safenet really has, once they discover an alleged offender, is an IP address and the date and time of the files being available. No where in the trial record that I could see was MediaSentry/Safenet and Charter asked how they determine what time it is. (Perhaps it was stipulated?) This is vital because internal computer clocks are notoriously unreliable. These clocks in many cases are synchronized to one of the national standards for time. If they are not, then what you have is an 'undisciplined clock', subject to variations in time. This error in time accumulates and could cause an error in time measured in hours or days. People rarely check the computer clock time (akin to not setting date and time on DVD players). If a corporation does this, then all the log information timestamps are suspect.

A good analogy I can give is if you and a co-worker both have wind-up analog watches and agree to meet for lunch exactly at 12 noon. Unless you both have coordinated your watches, the likelihood of one of the clocks being inaccurate is fairly high, and one party would wait for the other to arrive. The protocol for coordinating this time in computer systems/networks is called NTP, and you can read more about it at:

In the RIAA cases, it makes a large difference when the ISP looks up the subscriber's information from the DHCP logs. A variance in Safenet's computers and the ISP of less than one hour could cause the wrong person to be falsely accused.

My background comes from 29 years in the computer industry, training in computer forensics, and an internationally recognized certification in computer security. I don't want anything except to help people from the injustice of the RIAA lawsuits.