US Copyright Group Willing To Reveal The Tech It Uses To Identify File Sharers... Sort Of
from the an-investigation-would-be-useful dept
Dave Gordon from CCS Labs contacted us to let us know that US Copyright Group has agreed to let it review its technology and methodology if CCS Labs can show that it has been hired by someone who is being sued by it. So, CCS Labs is looking for anyone who was on the receiving end of a US Copyright Group lawsuit to contact them as soon as possible:
However, the CCS LABS, requires your help! If you have received a letter from the US Copyright Group please contact the CCS LABS and formally request them to represent you as your technology experts. They will need your case number of personal contact details which will not be made public. You will also have access to the full report produced by the CCS LABS, instead of a summary disclosure report.Why might this be important? Beyond getting a look into what US Copyright Group is actually doing in determining who it accuses of infringement, CCS Labs could potentially determine that the technology is not reliable for courtroom use:
The technology supplied will be tested for "fitness" and can receive one of three classifications NOT CERTIFIED, eDiscovery Certified, or Forensics Certified. Only Forensics Certified software may be used to provide "expert evidence" in court. If the technology receives a NOT CERTIFIED classification then the technology is not fit for any intelligence gathering use.I have no clue if the technology and methodology used by USCG is any good, but it would be nice to have some more details on it, and also getting it tested to determine whether or not it really can be used in court. Among the questions that CCS Labs intends to look at:
1) Is the file downloaded the file that is expected?I'm guessing that US Copyright Group really isn't that keen on having all these questions answered.
2) Are the IPs listed providing the chunks expected or false chunks?
3) Is every action logged?
4) Is a full report produced?
5) Are problems displayed and analysed by humans later?
6) What is the user documentation like?
7) Are the users of the technology fully trained on the technology?
8) Do we have access to the developers?
9) Is the technology's confidence level known?
10) Are the results produced by the Technology repeatable?
11) Has the technology been assessed by an external auditing authority already?
12) How automated is the system?
13) What level of redundancy checking is used?
14) If hashing used, which algorithm(s) is/are used?
and many more...