A couple of months ago I read about a man who wanted to question the source code behind DNA matching software that was being used to convict him in a murder trial. I found the article interesting because it appears that the court denied the defendant’s request for the sole purpose of protecting the software company’s interests:
“Defendant Martell Chubbs currently faces murder charges for a 1977 cold case in which the only evidence against him is a DNA match by a proprietary computer program. Chubbs, who ran a small home-repair business at the time of his arrest, asked to inspect the software’s source code in order to challenge the accuracy of its results. Chubbs sought to determine whether the code properly implements established scientific procedures for DNA matching and if it operates the way its manufacturer claims. But the manufacturer argued that the defense attorney might steal or duplicate the code and cause the company to lose money. The court denied Chubbs’ request, leaving him free to examine the state’s expert witness but not the tool that the witness relied on.”
So when someone’s freedom is at stake, do we not have the right to cross-examine a tool being used to convict, solely because a company is afraid of a loss of trade secret? What about the person’s fear of loss of life and freedom? What about the prospect of being sentenced to prison for potentially the rest of one’s life due to a false positive?
While I value privacy and the protection of proprietary information just as much as the next gal, I fail to understand the court’s logic in preventing a defendant from cross-examining the very tool used to convict him in a murder trial. It’s likely that the defendant’s request was made by motion prior to any trial, so it would not have been made in front of a jury. The judge could have entered a protective order to keep the disclosed information confidential. If that was the case, then the only parties privy to the information would be the defendant, his attorney, the expert retained to examine the information, the prosecutor, and the judge. They would all be barred from disclosing or using the information by the protective order. Did the software company argue that the information was so proprietary that even disclosing it under a protective order would have been harmful? That argument would have more validity in a civil context; in a criminal context, where the information could affect the conviction/acquittal decision, I fail to see the justification.
(And how many practicing defense attorneys quit their seasoned careers half way through to start writing software code? I digress…)
As I read more about this subject, I became disheartened to learn that there have been a number of other cases – such as these in Florida, North Carolina, and Pennsylvania – that have similarly denied cross-examination requests for individuals seeking to question the validity of their technical condemner.
Bruce Schneier, a security technologist, analyzed the findings from State v. Chun, where the court permitted an outside technology firm to analyze the source code behind Alcotest, a breathalyzer test used to test blood alcohol content, at the defense’s request. The technology firm found the Alcotest source code to be extremely flawed: the readings were not averaged correctly, the results were limited to small, discrete values, and the catastrophic error detection was disabled. How many false positives from Alcotest were the nail in the coffin in DWI and DUI cases?
But, all hope should not be lost. A recent article on the Slate magazine website is helping garner attention to a defendant’s right to inspect software code used in forensics. As noted in the article, the high-profile resignation of Federal District Judge Jed S. Rakoff should also give readers pause and elicit thought and discussion on the matter. After all, what could move the sole federal judge to resign from a commission organized in order to improve forensic science in the criminal justice system? (Be sure to read the letter to learn more, in Judge Rakoff’s own words.)
So, questioning is good. Cross-examination is good. Research, advancements, technology, and change are all good. We should use these tools to our advantage, but not allow secret code to convict people without allowing them to question and investigate its reliability. We should not rest on our technologically-advanced laurels with a blind eye to justice.
One final thought to ponder, which Mr. Schneier warned back in 2009:
“As we become more and more dependent on software for evidentiary and other legal applications, we need to be able to carefully examine that software for accuracy, reliability, etc. Every government contract for breath alcohol detectors needs to include the requirement for public source code. ‘You can’t look at our code because we don’t want you to’ simply isn’t good enough.”