The Burden of Proof

  • Comments posted to this topic are about the item The Burden of Proof

  • I personally agree with you. Anything that is used to convict someone should, within reason, be available for public scrutiny. This might mean that some people will figure out ways to beat the system, but that will always happen.

    This particular case aside, I would be very unhappy if I were convicted of something I didn't do and wasn't believed because a machine said I lied, and wasn't allowed to prove I was right because some company didn't want to show what they were selling.

  • I agree with Jereme: Any code that is used in governmental procedures (law enforcement, voting, etc) should be inspectable. If you think about it any work generated by the state is automatically in the public domain, so why shouldn't source code be too?

  • It is exactly the same as convicting somebody on a scientific basis like DNA profiling. The science has to be publicly available and corroborated.

    It might mean more trips to the expert (chuckle) witness stand for the coding monkeys though 😀

  • I agree with the scrutiny, but not the public.

    Any code takes time to write and test, and so inherently has a relatively high development cost. Forced disclosure of the source code into the public domain, and therefore simplifying the ability for competitors to plagiarise, will simply penalise the true innovators. Open source development works in some cases, but not in all.

    However, there's no reason why scrutiny couldn't be achieved in a controlled fashion. The software manufacturer could easily be required to disclose the source code to a trusted independent third party, and both prosecutor and defence then required to work through that third party for picking through the code.

    Semper in excretia, suus solum profundum variat

  • If companies are too worried about their code being opened up to the public perhaps, in legal cases, the code can be disclosed to the Expert Witnesses on both the defence and prosecution sides. It would take a very stupid Expert Witness to risk their reputation by disclosing the code to other parties. This way the code is not out in the open, and the judge/jury can decide from their understanding of the Experts' arguments as to whether the code was in fact at fault.



    Ade

    A Freudian Slip is when you say one thing and mean your mother.
    For detail-enriched answers, ask detail-enriched questions...[/url]

  • Here in the UK there seems to be an obsession about speed cameras, and recently there was a report about a guy who challenged his speeding ticket and used his GPS to prove that he was driving under the speed limit. What's more - he was right! I think if governing bodies are going to adopt technical solutions for things such as breathalyzers, speed cameras, voting systems etc. then they should be subject to rigorous scrutiny and open to the suggestion that flaws can exist in such systems. And perhaps opening up the code is one method of ensuring that such flaws can be spotted and eradicated.

  • Hi,

    I used to be an analytical chemist so I have some experience in this area. All software we used for analyzing pharmaceuticals had to pass stringent validation testing before being allowed into production regardless of the claims of the manufacturer. The data from the samples analyzed on the machines would be used to form the basis of a submission to the regulatory authorities on the chemical nature of the drug in question; a document which if found to be inaccurate/ incorrect would result in massive financial and legal implications for the company.

    That said each and every batch of samples analyzed would require a calibration run be carried out before and after analysis was undertaken. Within each batch samples of known concentrations would be interspersed within the real sample set to test the performance of the system. Different tests and different reg authorities have different performance requirements. Results from standards outside the tolerance levels would result in a failure for the whole batch.

    A calibration curve can then be used to work out the concentrations of the samples being analyzed.

    In the case of the breathalyzer I would expect a calibration to be done using a range of samples of known concentration that would cover the minimum and maximum performance range of the equipment with points in between, all of which should be documented. This would be enough to determine if the equipment was working effectively making the software analysis a moot point.

    I would expect a check to see if there was a failure to calibrate or results outside the expected parameters a first point of call for a lawyer in these types of cases.

    Thanks

    K.

  • That's an interesting question and my first instinct is to agree: the code should be open to public scrutiny, otherwise it doesn't constitute evidence. For all we know, it just displays 'guilty' and 'innocent' at random, ignoring all inputs.

    I wonder how far you can go with this. Can the defense also demand the source code of the compiler that was used, in case that has flaws too? What about schematics of the CPU in the computer used to compile it, or the of the chip fabrication machine used in manufacturing? What about the source code to Windows XP, since that was involved somewhere and might have corrupted things?

    Maybe that's why there's the concept of "beyond reasonable doubt". Where do you draw the line of reason?

  • Karma's analytical chemists have it right but they are professional analysts operating in a controlled laboratory environment. The breathaliser is in the hands of overworked police who have neither the time, experience or resources to do before, in between and after callibration.

    Yes disclosure to the Expert Witnesses should be mandatory but further than that, No, particularly as non-experts would waste a lot of time and resources going through the code thinking they could understand it - they've written an Excel macro so they're programmers! 😀

  • P Jones (2/8/2008)


    ....particularly as non-experts would waste a lot of time and resources going through the code thinking they could understand it - they've written an Excel macro so they're programmers! 😀

    Ain't that the truth!

    Semper in excretia, suus solum profundum variat

  • There's the potential for a slippery slope here, but I think Karma nailed the solution - black box testing is good enough for pharma regulators, it should be good enough in this case without actually examining the 1s and 0s.

    If this is a ploy to get out of a legitimate charge, may Karma visit the individual - and soon.

    :{> Andy

    Andy Leonard, Chief Data Engineer, Enterprise Data & Analytics

  • Adrian Nichols (2/8/2008)


    If companies are too worried about their code being opened up to the public perhaps, in legal cases, the code can be disclosed to the Expert Witnesses on both the defence and prosecution sides. It would take a very stupid Expert Witness to risk their reputation by disclosing the code to other parties. This way the code is not out in the open, and the judge/jury can decide from their understanding of the Experts' arguments as to whether the code was in fact at fault.

    I agree. One could even take it one step further and establish a trusted agency (preferably NOT gonvernmental, it should remain in the hands of industry) who would act as custodian for such code and be the Expert Witness in such cases. That agency would then make the determination whether the legal reps need to actually look at code they are in no way qualified to judge. They could even examine a specific unit if there was a question about its accuracy. In this case, the breathalyzer unit could be checked out. The problem with that is getting to the unit fast enough so that it is not recalibrated deliberately or accidentally.

  • Another possible aspect to this discussion is to look at what is actually happening in “computer controlled” equipment like this. In the case of a breathalyzer, radar gun, or other type of sensing equipment, there is going to be some kind of physical sensor that produces some kind of output (change in electrical resistance, using transistors to change state, etc.) Those outputs will become inputs to the software, which will then do something with the inputs (i.e., display the results).

    The software could be completely correct, but the physical sensor may be affected by heat, humidity, or other environmental factors that skew the sensor’s outputs. Or, the sensor could work absolutely perfectly, but the software is skewed or doesn’t consider the correct inputs or has some other kind of flaw.

    I have heard of situations where the police will calibrate a radar gun prior to starting a shift, use the radar gun during the shift, and verify the calibration at the end of the shift. If the ending check shows the radar gun to be out of whack (technical term), then any challenged tickets based on that gun’s readings during that shift will be thrown out, as the officer has no proof of when the equipment went out of calibration or what caused the problem. (Assuming it wasn’t dropped. :P)

    Should code be disclosed in an open public manner? I think this question has to be balanced with other questions regarding trade secrets, other calibration techniques, the public interest, etc. If it were to come about, I believe the bar for requiring code disclosure should be set very high, i.e. there is absolutely no other possible way to verify the accuracy of the product / process, and the product / process relies solely on the software.

  • I guess I'm going to be the first to disagree. I see no reason the code should be treated any differently than the blueprints for any manufactured device, be it breathalizer, radar gun, police car or Segway. Proprietary data can be disclosed during a discovery process but only with a court order if sufficient reason is presented. The accuracy and repeatability of the device can be (and should have been for acceptance) analyzed by testing. If testing reveals anomalies THEN go to a judge and get controlled access to whatever is warranted. Opening up source code or blueprints to public scrutiny invites a fishing expedition for ambulance chasing attorneys to create FUD in the minds of a non-technical jury - which is exactly what the guy in the article wanted to do.

    Regards,

    Greg Young

Viewing 15 posts - 1 through 15 (of 30 total)

You must be logged in to reply to this topic. Login to reply