Should anyone go to prison based on secret SOFTWARE?

(Paywall-free popularization like this is what I do for a living. To support me, see the end of this post)

Yes, as dumb as it is, that is a question that NEEDED asking.

Should anyone go to prison based on secret SOFTWARE? /img/cybergenetics.jpg

The Electronic Frontier Foundation, recently celebrated an appellate ruling in the USA, because: “No one should be imprisoned or executed based on secret evidence that cannot be fairly evaluated for its reliability, and the ruling in this case will help prevent that injustice”.

The ruling EFF is talking about is one in which a man accused of murder was granted access to the source code of DNA testing kit, used gather evidence against him.

The software helped analyze a genetic sample from a weapon that was used to tie the defendant to the crime. The defense asked to check the source code of that software, to be sure that it was free of errors. They pointed out that other sofware of the same type had been found, only through access to its source code, to include “a secret function [that tended] to overestimate the likelihood of guilt."

The maker of the software refused, declaring that the program’s source code is a trade secret and that, being 170,000 lines long, it would take eight and a half years to review at a rate of ten lines an hour.

Initially, the software maker had offered access under such strict conditions that the defense objected, arguing that they would “hinder their evaluation and deter any expert witness from participating”.

Eventually, the appellate court sided with the defense, compelling the software maker to make their source code available to the defense team because:

“Without scrutinizing its software’s source code… no finding that it properly implements the underlying science could realistically be made”.

Good. The only real news here, is that it took an appeal court to announce what should be basic common sense.

Update, 2021/03/09: Another judge has said the same things!

Wait, it’s even funnier. In the wrong way, that is

(added on 2021/02/28)

Hilariously, the CEO of Cybergenetics has said that source code is just not necessary to test the accuracy of any his software - nor anyone else’s, because… “You don’t learn how a car works by reading its blueprints; you take it for a test run”.

Yeah, right. Tell that to those who uncovered the Volkswagen emission scandal: that fraud was indeed discovered without looking at the source code, by what you may call a “test run”. Problem is, that “test run” had to keep busy (as in “wasting tons of taxpayer money”) several large organizations, in several countries, for almost two years, before reaching a conclusion.

Whereas, with access to the source code, any ICT undergraduate may have discovered the problem in a few evenings on her spare time, while watching TV.

Who writes this, why, and how to help

I am Marco Fioretti, tech writer and aspiring polymath doing human-digital research and popularization.
I do it because YOUR civil rights and the quality of YOUR life depend every year more on how software is used AROUND you.

To this end, I have already shared more than a million words on this blog, without any paywall or user tracking, and am sharing the next million through a newsletter, also without any paywall.

The more direct support I get, the more I can continue to inform for free parents, teachers, decision makers, and everybody else who should know more stuff like this. You can support me with paid subscriptions to my newsletter, donations via PayPal (mfioretti@nexaima.net) or LiberaPay, or in any of the other ways listed here.THANKS for your support!