In a result that I find to be both groundbreaking and inevitable (based on my earlier musings about law and technology), a panel of Florida judges has ruled that the source code behind a device used to create criminal evidence must be disclosed to the defense team.

A three-judge panel in Sarasota County said that a defense expert must have access to the source code--the secret step-by-step software instructions--used by the Intoxilyzer 5000. It's a simple computer with 168KB of RAM (random access memory) that's manufactured by CMI of Owensboro, Ky.

"Unless the defense can see how the breathalyzer works," the judges wrote, the device amounts to "nothing more than a 'mystical machine' used to establish an accused's guilt."

This is completely rational since there's no other way to prove that the device hasn't been tampered with by police and that it's working as was intended when when it was certified for use as evidence. Similar reasoning requires that the internals of any hardware/software system should be made available to the defendant of any criminal case in which such a system plays an evidentiary role. For example, if a person is put on trial for embezzlement and an accounting balance sheet is used as evidence, the defendant should insist on access to the source code of the accounting software in question to ensure that it hasn't been modified to falsely incriminate him.

The right to examine source code used to generate evidence is necessary to remove reasonable doubt from criminal cases -- and the more technology involved in the case the more inherent doubt it creates. Such a right will make it harder to prosecute information-based crimes, and will also further endanger the (already doomed) protections enjoyed by intellectual property, but I don't see any alternative since any properly positioned defendant can otherwise so easily claim to have been framed by malicious software.

(HT: Eugene Volokh.)



Email blogmasterofnoneATgmailDOTcom for text link and key word rates.

Site Info