You shouldn’t be convicted by secret evidence in a functional democracy. So when the government uses forensic software to investigate and build its case in a criminal prosecution, it should not hide that technological evidence from the defense. In an amicus brief filed today EFF urged the Ninth Circuit Court of Appeals to allow criminal defendants to review and evaluate the source code and developmental materials of forensic software programs used by the prosecution, to help prevent the wrong people ending up behind bars, or worse, on death row.
The Constitution requires that defendants be given the opportunity to review, analyze, and confront the prosecution’s evidence. But in the information age, prosecutors are increasingly relying on evidence produced by proprietary forensic software programs–marketed and distributed by private companies to law enforcement–to establish key elements of their case, while still seeking to keep the source code that determines the outputs of that forensic technology a secret. This gamesmanship undermines the public’s trust in the integrity and fairness of the criminal justice system. We are told simply to take the government’s word for it that the software does what it is supposed to do.
Ostensibly, the secrecy around proprietary forensic software is meant to prevent competitors from learning the trade secrets of the original program vendor, but it also prevents defendants and the public from discovering flaws that could send innocent people to prison or execution. Time and again, when forensic software is subjected to independent review, errors and inconsistencies are discovered that call into question its viability and suitability for use in the criminal justice system. Forensic software has no special immunity from the bugs and mistakes that plague software in other fields, something that has been amply demonstrated with errors discovered in, for instance, the software used for DNA analysis and breathalyzer tests.
A commercial interest in maintaining a trade secret shouldn’t override a defendant’s rights of due process and to confront the evidence against them, nor should it override the public’s interest in knowing that justice is being done. Companies that go into the business of providing forensic tools to law enforcement cannot reasonably expect that they will be able to maintain secrecy over how those tools function. Besides, if a case presents itself where there is a legitimate reason to avoid public disclosure, the court can always issue a ‘protective order’ limiting disclosure to the defense team. This is routine in commercial litigation, even between direct competitors who actually have an incentive to commercialize the trade secrets they might learn.
In this case, a defendant was linked to a particular IP address and the government contends that it was able to identify and isolate that IP address as the sole source for a download of contraband material from within a peer-to-peer network using a secret forensic software program. But the defense must be allowed to review the forensic software’s source code, developmental materials, and the underlying assumptions embedded within them, in order to understand and meaningfully confront the prosecution’s contention.
What if the forensic software misidentified the computer that it downloaded the contraband from? Or what if the software suggests that the entire file was downloaded from a single source, when in fact it was downloaded from multiple sources, each of which was incomplete? These are questions that the defense cannot answer until they have had a chance to review the software relied upon by the prosecution. That is why EFF urges the Ninth Circuit to reconsider this case en banc, and to determine that the prosecution can’t hide the forensic software that it uses from the defense and the public.
For the full amicus brief see U.S. v. Joseph Nguyen EFF amicus.