Campbell et al v. Facebook Inc.

Filing 149

RESPONSE (re 138 MOTION to Certify Class ) Opposition to Plaintiffs Motion for Class Certification (Redacted) filed byFacebook Inc.. *** ATTACHMENTS 1, 7 LOCKED AT FILER'S REQUEST. SEE DOCUMENT 162 *** (Attachments: # 1 Declaration Declaration of Christopher Chorba In Support of Defendant Facebook, Inc.s Opposition to Plaintiffs Motion for Class Certification (Redacted), # 2 Declaration Declaration of Alex Himel In Support of Defendant Facebook, Inc.s Opposition to Plaintiffs Motion for Class Certification (Redacted), # 3 Declaration Declaration of Dan Fechete In Support of Defendant Facebook, Inc.s Opposition to Plaintiffs Motion for Class Certification (Redacted), # 4 Exhibit Expert Report of Dr. Benjamin Goldberg (Redacted), # 5 Exhibit Exhibit BBB to Expert Report of Dr. Benjamin Goldberg, # 6 Exhibit Exhibit CCC to Expert Report of Dr. Benjamin Goldberg, # 7 Exhibit Expert Report of Dr. Catherine Tucker (Redacted), # 8 Exhibit Exhibit DDD to Expert Report of Dr. Catherine Tucker, # 9 Exhibit Exhibit EEE - Expert Report of Dr. Catherine Tucker, # 10 Exhibit Exhibit FFF - Expert Report of Dr. Catherine Tucker, # 11 Exhibit Exhibit GGG - Expert Report of Dr. Catherine Tucker, # 12 Exhibit Exhibit HHH - Expert Report of Dr. Catherine Tucker, # 13 Exhibit Exhibit III - Expert Report of Dr. Catherine Tucker, # 14 Exhibit Exhibit JJJ - Expert Report of Dr. Catherine Tucker)(Chorba, Christopher) (Filed on 1/15/2016) Modified on 1/22/2016 (ewn, COURT STAFF). Modified on 1/22/2016 (vlkS, COURT STAFF).

Download PDF
UNITED STATES DISTRICT COURT NORTHERN DISTRICT OF CALIFORNIA MATTHEW CAMPBELL and MICHAEL HURLEY, on behalf of themselves and all others similarly situated, Plaintiffs Case No. C 13-05996 PJH v. Expert Report of Dr. Benjamin Goldberg FACEBOOK, INC., Defendant REDACTED VERSION OF DOCUMENT(S) SOUGHT TO BE SEALED Table of Contents I. QUALIFICATIONS ........................................................................................................... 1 II. SUBJECT MATTER OF OPINIONS ................................................................................ 2 III. MATERIALS REVIEWED ................................................................................................ 2 IV. SUMMARY OF OPINIONS .............................................................................................. 3 V. TECHNOLOGY OVERVIEW ........................................................................................... 8 VI. THE FACEBOOK SOCIAL NETWORKING SERVICE ............................................... 10 VII. THE FACEBOOK SOFWARE/SOURCE CODE ........................................................... 16 A. URL Previews B. VIII. .............................................................................. 16 .......................................................................... 24 RESPONSE TO THE GOLBECK REPORT ................................................................... 26 A. The Alleged “Interceptions” .................................................................................... 26 1. ......................... 27 2. ................................................................. 30 3. ............................................................................ 31 4. Code-Based “Devices”.................................................................................... 31 B. C. Variability in the Alleged “Uses” of “Intercepted” Data ......................................... 37 D. Continuing Conduct ................................................................................................. 41 E. Lack of Ascertainability of Class Members............................................................. 41 F. IX. Variability in the Purported “Interceptions” ............................................................ 32 Variability in Operation of the Source Code Across Senders and Recipients ......... 44 COMPUTER STORAGE ................................................................................................. 44 A. Computer Storage Technology ................................................................................ 44 B. The Incorrect Distinction Between “Memory” and “Storage” ................................ 47 X. ORDINARY COURSE OF BUSINESS........................................................................... 49 XI. RESERVATION OF RIGHTS ......................................................................................... 51 I. QUALIFICATIONS 1. I am a tenured Associate Professor in the Department of Computer Science of the Courant Institute of Mathematical Sciences, New York University (“NYU”), in New York, NY. I have held this position since September 1994. From 1987 to 1994, I was an Assistant Professor in the Department of Computer Science at NYU. Since September 2014, I have been the Director of Graduate Studies for the MS programs in the Department of Computer Science, having previously served in that role from September 2009 through August 2012. I served as the Director of Undergraduate Studies for the Department of Computer Science from September 1995 through August 1998 and from September 2003 through August 2006. In addition, I have held a one-year visiting professorship at the Institut National de Recherche en Informatique et en Automatique (INRIA), a national laboratory in France, and was twice appointed to a month-long position as an invited professor at the Ecole Normale Supérieure, a university in Paris. 2. I received my Doctoral degree in Computer Science from Yale University, New Haven, Connecticut in 1988, having previously received Master of Science and Master of Philosophy degrees in Computer Science from Yale in 1984. My undergraduate degree from Williams College in 1982 was a Bachelor of Arts degree with highest honors in Mathematical Sciences. 3. I have taught courses at the undergraduate and graduate level in, among other things, software development, programming languages, object oriented programming, hardware design, and operating systems (including networking). I have also published extensively in the areas of memory management and distributed and parallel computing, which involves computers connected by networks and data transmission between computers. 4. I have testified numerous times as an expert in computer science at trial in U.S. District Court, including in the U.S. District Court for the Northern District of California. I have 1 also provided two technology tutorials to the Court in the U.S. District Court for the Northern District of California. Additional information concerning the computer science courses that I have taught, my professional publications and presentations in the field of computer science, and cases in which I have testified as an expert at trial or deposition in the past four years are set forth in my current Curriculum Vitae, a copy of which is attached as Exhibit BBB. II. SUBJECT MATTER OF OPINIONS 5. I have been retained by Gibson Dunn, counsel for Facebook, to form opinions regarding the operation of the Facebook social networking service, to explain the meaning of computing terminology related to this matter, and to respond to certain assertions made by Dr. Jennifer Golbeck in her November 13, 2015 Report in Support of Plaintiff’s Motion for Class Certification (“the Golbeck report”). (Dkt. No. 137-6.) 6. I am being compensated at a rate of $450 per hour for my work in this matter. My compensation is in no way conditioned on the nature of my opinions or on the outcome of this matter. III. MATERIALS REVIEWED 7. A complete list of the materials that I reviewed in forming my opinions set forth in this report is attached hereto as Exhibit CCC. As detailed further below, I also reviewed portions of Facebook’s source code from the period of September 2009 to December 2012, which I understand to be the same source code to which Dr. Golbeck had access. Consequently, unless otherwise specified, my opinions are limited to the operation of Facebook’s messaging service during that period. 2 IV. SUMMARY OF OPINIONS 8. I disagree with Dr. Golbeck’s conclusions that Facebook’s implementation of what I or any other skilled computer scientist would consider routine programming functions are “interceptions” of message content using what she calls “code-based devices” (a term I have never heard before). Dr. Golbeck concludes that , is an “interception,” but she does not draw the same conclusion about any of the other objects that are generated when a message is sent. not unusual in object-oriented programming, and here, 9. Dr. Golbeck also claims that also constitute interceptions. However, processes performed by nearly all software systems to track error rates, resource usage or congestion, and security concerns, among other things. 10. Even if Dr. Golbeck’s characterization of these standard programming practices as “interceptions” were credited, an individual, message-by-message inquiry would be required to determine whether 3 11. Similarly, to determine whether Facebook’s “Insights” feature (an interface for website owners to view data about engagement with their sites); aggregate, anonymous Plugin Counters (numbers that website owners can display with Facebook’s social plugins that reflect the level of engagement with those sites); aggregate, anonymous counters in the Graph API (publicly available counts that reflect the level of engagement with a given URL); and Recommendations and Activity Feeds (which displayed a list of pages for a given website that the viewer may be interested in seeing). However, determining whether i. The date the message was sent, 4 v. 12. Dr. Golbeck cannot validly opine on the current operation of the messages product since she, like I, could have examined, and at most did examine, only Facebook source code operational until December 31, 2012 (per the agreement of the parties). Accordingly, while her report expresses conclusions about the current operation of Facebook software, I do not believe she has a factual basis for these conclusions since there is no way for her to have reliably determined the behavior of Facebook’s software for any date after December 31, 2012. Her attempt to interpret internal Facebook emails allegedly bearing on potential practices (most or all of which appear to be written long before the beginning of the Class Period) does not form a valid basis for these conclusions about the operation of the current source code (or source code from any time period). 13. Dr. Golbeck also provides “sample” code for a database query of her own design, which she claims would yield a list of the Facebook IDs of everyone whose actions had and she has stated that this would identify the members of Plaintiffs’ proposed class. However, her proposed query is both under- and over-inclusive in a number of ways (all of which I understand she has conceded). First, it will be under-inclusive in that it will not identify: iii. Senders and recipients whose accounts were deleted; 5 Dr. Golbeck’s proposed query will also be over-inclusive in that it will include: vii. Senders whose messages did not contain URLs in their text; viii. ix. Senders and recipients outside the United States; x. Senders of messages outside the Class Period; and xi. Senders that were not subject to the challenged “uses.” Her proposed query also cannot identify senders: 14. As discussed below in further detail, 15. I disagree with Dr. Golbeck’s distinction between “memory” and “storage,” in which she claims that, when a 1 6 , they are held in memory, not storage. I have never encountered such a distinction in my decades of experience as a computer scientist. Computer systems use different forms of electronic storage, including but not limited to CPU storage, CPU cache memories, random access memory (or RAM), and disk or flash memory; indeed, memory in computing is a form of storage. But even under Dr. Golbeck’s unique definition of storage (with which I do not agree), 16. Finally, I disagree with Dr. Golbeck’s conclusion that Facebook’s alleged interception, was not necessary for the messaging functionality on Facebook. First, while I do not offer an opinion on illegality as a legal conclusion, I note that Dr. Golbeck appears to use an incorrect inquiry for determining whether any interception was performed in the ordinary course of Facebook’s business. Dr. Golbeck assessed whether the alleged interception was “necessary.” However, I understand the Court has instead stated that the relevant inquiry is whether there exists any nexus between the alleged interception and Facebook’s ultimate business, which is to allow people to share information and connect with other people in a safe, efficient online space. Since my review of the source code and reliance on sworn testimony of Facebook’s engineers indicate that Facebook’s both necessary and also have a clear nexus to Facebook’s messaging service and its ultimate business. 7 V. TECHNOLOGY OVERVIEW 17. The technology at issue in this matter relates to the messaging feature of the Facebook social networking platform. The specifics of the Facebook platform are described below in a subsequent section of this report. This section provides a general overview of the technology and defines various technical terms used throughout my report. 18. Facebook, like most services found on the Internet, utilizes a client-server architecture. In a client-server architecture, people on “client” devices, usually personal computers and mobile devices such as smart phones and tablets, interact with a user interface supported by software—generally referred to as “client software”—running on their client devices. More demanding computations, storage of larger amounts of data, and communication between different people are supported by server computers, which are larger, more powerful computers with large amounts of storage capacity. The software that the server computers run, generally referred to as “server software”, usually responds to requests from numerous client devices, generates the data to be provided to the clients (often specifying the format of the display of the data), interacts with database management systems to store and retrieve data, and, in many cases, communicates with other server computers. The terms “client” and “server” are used to refer either to the client and server software or to the client and server machines—or both. In this report, unless stated otherwise, I will use “client” and “server” to refer to the software and hardware together. For example, when I discuss a “Facebook server”, I am speaking of Facebook server software running on a Facebook server computer. 19. Clients and servers in many modern client-server systems use HTTP, the Hypertext Transport Protocol defined by the World Wide Web consortium (see http://www.w3.org/Consortium/) to communicate with each other, almost always over the Internet. Services provided by servers to clients using the HTTP protocol are usually referred to 8 as “web-based” services. Clients request resources, such as documents (e.g. web pages, audio files, and videos) and services (for shopping, travel, etc.), by issuing HTTP requests. An HTTP request is directed to the proper server—and specifies the desired document or service on that server—using a uniform resource locator (URL). Examples of URLs include https://www.google.com/, http://www.ford.com/new-cars/, and https://en.wikipedia.org/wiki/Webserver_directory_index. 20. People on client devices can communicate with each other in numerous different ways, such as via electronic mail (email), video chat, texting, and messaging. In each of these media, the data being transmitted is generally sent from a client to a server, which then may forward the data to another server, and so on, until the data is sent from a final server to the receiving client (of course, in some instances, there may only be a single server involved). When the data arrives at a server, it is stored on that server at least temporarily until it is forwarded to the next server or to the receiving client. In many cases, a server only forwards the data to the receiving client when the receiving client requests the data. For example, in many email and messaging systems, the email or message data is stored in the recipient’s “inbox” on a server until the email or messaging software on the client requests the data. The process of storing transmitted data on a server and forwarding the data to the next server or to a client is known as “store-and-forward”. 21. In most email systems and some messaging systems, the text of a message that someone has typed can be augmented by an “attachment.” An attachment is additional data that is transported to the recipient along with the main text of the email or message, but is often not visible within the display of the text of the email or message. Attachments are often in a different format from the text of the email or message, such as when the text is in plain text or 9 HTML format and the attachment is a document in PDF format, an image, or an audio or video file. In some cases, the attachment only becomes visible (or audible) when the sender or recipient clicks or taps on an icon or link displayed along with the message. In other cases—as in the Facebook messaging feature described below—the attachment may be displayed automatically when the text of the message is displayed. 22. In most web-based email and messaging systems, even when an email or message is forwarded to the client for display to the sender or recipient, the email or message (along with any attachment) remains in the “inbox” on the server. This way, emails or messages can be accessed by the senders and recipients at a later time or from a different client device and does not require a substantial amount of storage on the client devices. In such cases, the email or messaging service is said to be “hosted” on the server(s) supporting the service, because the server(s) provides the long-term storage for the emails and messages. VI. THE FACEBOOK SOCIAL NETWORKING SERVICE 23. Facebook is a free social networking service. The main purpose of the service, as stated in Facebook’s mission statement, is to give people the power to share and make the world “more open and connected.” When people join the service, they create a profile by providing Facebook with a variety of information such as Name, Age, Profile Picture, City, Education, and Work experience. As an example, below is an image of my profile on Facebook. 10 24. As individuals continue to use the service, they may post additional information that they wish to share. Some of this information may be user-generated, such as photos, videos or posts, and some of it may be information from other sources, such as web articles that someone finds interesting. People who use Facebook can also define other people on Facebook as “friends,” and they can control who else on and off Facebook can see what they post (such as “friends,” “friends of friends,” the general public, and so on). These privacy settings can be configured individually by each person who uses Facebook. 25. In addition to posting and viewing information, people who use Facebook can interact with each other and with information in many different ways, for example: 11 • Pages: Companies or businesses can create pages on Facebook, which enables them to communicate information to people who follow them. • Groups: People who use Facebook can create groups on Facebook around specific interests or affiliations, which enables communication between members of the group, whether they are Facebook friends or not. • Applications: Third-party developers can create applications that run on the Facebook platform; many of the most popular applications are games that people play with their friends on Facebook. 26. People who use Facebook to share what they are interested in can also use social plugins, which appear on third-party websites, to share these interests. Plugins like the “Share,” “Like,” and “Send” buttons let people seamlessly tell friends what has caught their attention, what is important to them, or what they enjoy, even when they are on third-party sites, so they can engage and connect with others on those topics, and so that they can receive other information tailored to their interests and preferences. This helps bring together what is otherwise a sprawling, disjointed network of activity across the Internet and allows people who use Facebook to have a richer, more meaningful connection to other people, ideas, and information. When someone is logged in to Facebook, Facebook can display personalized streams of information from her friends, such as life events, reviews, and comments, anywhere a site has incorporated Facebook plugins. Even when people who use Facebook are not logged in to Facebook, social plugins allow website owners to present information about aggregate engagement with different kinds of information, which can help people identify information that is popular and that they might find interesting. A list of the current Facebook social plugins can be found at https://developers.facebook.com/docs/plugins. 12 27. While most content on Facebook is a form of “one-to-many” communication, Facebook also provides means for “one-to-one” or “one-to-few” communication. Initially, this was performed through a function called “inbox” which behaved similarly to e-mail, enabling people to send messages to other people directly. This changed over time, and ultimately evolved into “Messages,” which is Facebook’s integrated communications platform. It enables people who use Facebook to send messages directly to other people, or to groups of people. This platform can currently be accessed through the Facebook website or through its standalone messaging application (Messenger). In addition to sending text, people can send documents and pictures, among other things. If the recipient of the message is currently browsing the Facebook website, the message will appear onscreen and enable her to respond, which can lead to a conversation with messages being sent and received in real time. If the recipient is not online, the message will appear the next time the recipient accesses Facebook. This can lead to asynchronous communication similar to e-mail, where messages are sent and received by the client device at different times. Messages are stored on Facebook servers, which enables people who use Facebook to conduct conversations seamlessly on multiple devices, for example, by beginning a conversation on a PC, and continuing it on a smartphone. It also enables senders and recipients to view messages they have sent or received in the past. 28. For a message sent from the Facebook website that contains a URL, For example, if a sender types a URL for a webpage into a draft message, Facebook will sometimes generate a small preview of the webpage (referred to in this report as a “URL preview”), including both an image and some text from the web page. This process is done before a sender sends the message, giving the sender the option to remove the attachment if the 13 sender wishes. Below is an image of a messaging conversation that I had with my wife (though this one was created for the purposes of this report). Two of the shown messages contain URL previews, and one does not. 29. As mentioned above, a URL preview is displayed and the corresponding URL . However, if the sender deletes the URL preview by clicking on an “x” in the corner of the displayed preview while the message is being composed, . The URL preview display for a message being drafted, along with the “x” to click on to remove the preview, is shown below. 14 30. Similarly, if the sender decides to delete the text of the URL from the draft message, the URL preview remain (unless the sender deletes it). Below is a message to my wife in which I originally typed a URL, but then deleted the URL. The URL preview for that deleted URL remains, . Shown on the left is how the message, after being sent, appears in my inbox and on the right is the message as it appears in my wife’s inbox. This example shows that the URL gets sent with the message, even though the URL is not in the message itself. 15 VII. THE FACEBOOK SOFTWARE/SOURCE CODE A. URL Previews 31. The Facebook source code that I examined in this matter, which was also available to Dr. Golbeck and was cited in her report, included code from September 2009 to December 2012 and was primarily written in two programming languages: JavaScript, and PHP. Both of these languages provide support for what is known to programmers as “object-oriented programming.” Although a detailed discussion of object-oriented programming is beyond the scope of this report, a core feature of all object-oriented languages is the creation of “objects,” which are data structures that both contain the data and specify the operations that can be applied to the data. A data structure is simply a way of aggregating distinct pieces of data so that they can be treated as a unit. For example, a data structure representing a personnel record may include fields for an employee’s name, social security number, department, office address, phone, and salary. If that data structure were created in an object-oriented language, the data structure would be called an “object” and, in addition, might specify the operations that can be performed on a personnel record, such as “contact the employee,” “adjust the salary of the employee,” “change the employee’s department,” etc. 32. I describe here the functionality of Facebook messaging that is relevant to this matter, based on the source code that I examined and other documents provided to me (including deposition testimony, witness declarations, interrogatory responses, etc.). However, as discussed in subsequent sections of this report, I note that Facebook is a huge system comprising tens of millions of lines of code, and handling an average of over supporting over 1.5 billion people, requests each day. (See January 14, 2016 Declaration 16 of Alex Himel (“January 14 Himel Decl.”) ¶ 28 n.3.) In such a huge system with that level of demand, there are bound to be software errors that lead to inconsistencies in the behavior of the system and . Thus, my description below of the functionality of the Facebook code, particularly the code supporting Facebook messaging, reflects how the system was designed to operate generally—not necessarily how it actually operated at any given moment.2 33. Beginning in or around August 2010, Facebook 2 I understand that certain Facebook engineers have submitted declarations in connection with this matter that explain and discuss variation among the practices and functionality challenged by Plaintiffs. Much of that variation is also discussed below. 17 Web scraping is a normal technique used to extract data from websites for various reasons. Declaration of Alex Himel being submitted simultaneously in support of Facebook’s Opposition to Plaintiffs’ Motion for Certification. (See id. ¶¶ 13-15; id. at Ex. B (Facebook’s Supplemental Responses and Objections to Plaintiffs’ First Set of Interrogatories (“Supp. Resp. to First Interrog.”)) at 17-18.) 34. On the Facebook server, 18 35. Below is an example of preview images being displayed after the message was sent (see also paragraph 29 for an image of the preview being displayed before being sent). 19 36. 37. I understand from Facebook’s interrogatory responses that 20 (See Supp. Resp. to First Interrog. at 17.) 38. The use of has many benefits. (See January 14 Himel Decl. ¶ 14.) 39. In the case of Facebook messaging, (See January 14 Himel Decl. ¶¶ 15-16; Supp. Resp. to First Interrog. at 18.) 21 40. When the sender had completed typing the message, she could send the message by clicking on or tapping a “Send” button or hitting the enter key. in the inboxes of the sender and recipient so that they could view the message text as well as the URL attachment. (January 14 Himel Decl. ¶¶ 16-18; Supp. Resp. to First Interrog. at 18-19; January 14, 2016 Declaration of Michael Adkins (“Adkins Decl.”) ¶¶ 10-14.) (See January 14 Himel Decl. at Ex. A (Facebook’s Second Supplemental Responses and Objections to Plaintiffs’ Narrowed Second Set of Interrogatories (“Sec. Supp. Resp. to Sec. Interrog.”)) at 18.) 41. 22 (See also January 14 Himel Decl. ¶¶ 16-18.) 42. 23 B. 43. Like other complex websites, Facebook must store the information shared on its site, at the very least in order to display that information when people use features that require it (e.g., viewing your messages inbox or a social plugin counter). Complex websites also log activity on their sites (with varying frequency and degree of detail) for other purposes, including maintaining site integrity and operability and detecting and deterring abuse. 44. 45. 24 I understand 25 from the Facebook engineers that it was in fact changed over time. 46. see also January 14 Himel Decl. ¶ 54.) VIII. RESPONSE TO THE GOLBECK REPORT 47. I have been asked by counsel to respond to certain portions of the Golbeck report as augmented by Dr. Golbeck’s deposition testimony. In this section, I provide my responses as well as the bases for my disagreements with Dr. Golbeck. I understand that the opinions I express in this report will be considered by the Court for class certification purposes; thus, it is not my intent to exhaustively respond to Dr. Golbeck with respect to topics that are unrelated to class certification. I reserve the right to respond to the Golbeck Report on such topics in the future if asked to do so. A. The Alleged “Interceptions” 48. Dr. Golbeck refers to several routine computer programming functions as “interceptions.” I offer no opinion at this time on whether the practices Dr. Golbeck discusses could be deemed “interceptions” for purposes of wiretapping law (though it would seem odd to 26 me if they could be). As discussed below, however, there was considerable variation in these practices and in my opinion it would be necessary to conduct a message-by-message analysis to determine whether the purported “interceptions” occurred for any given message. 1. 49. Dr. Golbeck characterizes as an “interception” or “redirection” the creation of a data structure, ) As someone who has been working and teaching in the field of computer science for more than 30 years, I disagree with these conclusions and the use of this terminology. As discussed above, the creation of “objects” is a standard part of object-oriented programming, and there is nothing unusual about If Dr. Golbeck’s characterization of an “interception” or “redirection” based on the creation of data structures (objects) were correct, there would be no way for the provider of a service involving communication between people to know when it was or was not performing an “interception.”3 50. At her deposition, Dr. Golbeck attempted to (Golbeck Deposition Transcript (“Golbeck Dep.”) 3 In her report, Dr. Golbeck says, 27 51. At her deposition, Dr. Golbeck also stated that • collecting statistics about the geographical locations of senders and recipients to improve performance and reduce failures, e.g. by adding computing and 4 28 communication resources to best reduce network congestion and balance the computing load on servers; • saving web page images referred to in messages so that the web pages do not have to be repeatedly accessed at a cost of network congestion and server load; and • for security by analyzing and saving patterns in the message content and traffic patterns to detect malevolent communications. 52. To the extent that Dr. Golbeck is characterizing the creation of an object (as opposed to other types of data structures) as an “interception” or “redirection,” the creation of objects is a fundamental operation in all programs written in commonly used object-oriented languages, such as Java, C++, PHP, and JavaScript— 53. Indeed, during her deposition, Dr. Golbeck could not identify 54. Dr. Golbeck also states that she considers the it would strike one of skill in the 29 field of computer science as odd to characterize 2. 55. Dr. Golbeck also opines that Facebook’s logging is a process performed by virtually all software systems and occurs for many reasons, including the recording of errors, interactions, resource usage, security issues, etc. If simply logging various aspects of person-generated data as part of providing a service to people can be considered an “interception,” service providers would not be able to determine which logging might be considered an interception and which might not be. 56. Dr. Golbeck’s report cites to a source code file after that date. (Id.) 57. Dr. Golbeck’s report also points to 30 3. 58. I understand that Plaintiffs have previously referred to therefore it cannot even be accused of being an interception. 4. 59. Code-Based “Devices” Dr. Golbeck’s Report also refers to portions of Facebook code as “code-based devices” or simply “devices.” (Golbeck Report ¶¶ 17.b., 55). According to Dr. Golbeck, the above-referenced “interceptions” are accomplished through the use of these “code-based devices.” In my 33 years as a computer scientist, I have never heard the term “device” used to refer to software. Within the field, “device” is used to refer to hardware—and I note that Dr. Golbeck does not identify any hardware device as performing the interception such that the device (such as a Facebook server) is not used in the ordinary course of Facebook’s business. At her deposition, Dr. Golbeck admitted she had never used the term “code-based device.” (Golbeck Dep. 206:21-207:2): Q. Have you ever used the term “code-based devices” in your academic career? A. I don’t think so. 31 Q. Why not? A. This is not the kind of thing I study. I don’t write about code at all, I don’t think, yeah. As someone whose publications have all been about code and programming, I can confirm that “code-based device” is not a term of art used to refer to code alone.5 B. Variability in the Purported “Interceptions” 60. While I find Dr. Golbeck’s characterizations of routine and unremarkable computer science practices as “interceptions” and “redirections” to be unusual, I do not offer any opinion at this time regarding whether these practices could be deemed to constitute illegal wiretapping. However, even if Dr. Golbeck were correct in her characterization of routine programming practices, such as , as “interceptions,” determining whether such alleged interceptions actually occurred would require a message-bymessage analysis, in the following sense: • • 5 Additionally, I performed a web search for “code-based device” and, in all the references I found, the “device” is a hardware device that executed code. 32 • (See supra paragraph 30, 39; January 14 Himel Decl. ¶ 15.) • The Facebook code— 33 Adkins Decl. ¶¶ 8-12, 1623.) • As stated in Facebook’s interrogatory responses (see Supp. Resp. to First Interrog. at 35; Sec. Supp. Resp. to Sec. Interrog. at 16) and the testimony of Facebook witnesses (see January 14 Himel Decl. ¶¶ 28, 40; September 25, 2015 Deposition of Ray He 77:10-78:23, 156:15-157:1), 34 • The same variability exists for Facebook’s Graph API. Graph API count would have been incremented. Graph API. (See January 14 Himel Decl. ¶¶ 27-29, 69, 73-78.) or Graph API. (Id. ¶ ) 35 • (Id. ¶¶ 46-49.) • . (See supra ¶¶ 55, 57; January 14 Himel Decl. ¶¶ 52-57.) • Moreover, as stated above, Dr. Golbeck has not examined any Facebook source code later than December 31, 2012, so she cannot tell from the Facebook code she examined 36 61. In summary, because of the various scenarios under which an C. Variability in the Alleged “Uses” of “Intercepted” Data 62. For the reasons discussed in the Facebook fact declarations I have reviewed, the same variability that exists for the “interception” issue also exists for the “use” issue. For a variety of reasons, including changes of practices over time, it would be necessary to conduct a message-by-message inquiry to determine whether and even then such a determination likely would not be possible. Further, I understand Dr. Golbeck acknowledged at her deposition that, other than one (Golbeck Dep. 310:22-314:22.) 37 63. Examples of the variability inherent in any inquiry concerning each of the alleged “uses” include: • Insights, Related APIs, and Real-Time Analytics: I understand that visible to domain owners through Insights until October 11, 2012. the Insights counter at all. the owner of that domain might never have authenticated ownership and accessed Insights RealTime Analytics – a specialized system designed to provide Insights data even more rapidly. Insights counter. (See January 14 Himel Decl. ¶¶ 58-65.) • Plugin Counts: The between August 16, 2010 and December 19, 2012. (See id. ¶¶ 37-43.) First, 38 (See id. ) & Graph API: • API queries would have reflected Graph API query. Graph API query. Graph API, 39 . (See id. ¶¶ 7379.) • Recommendations and Activity Feeds: There likewise was considerable variability over time, during certain periods, For most of the proposed class period (from December 2011 to July 9, 2014) Recommendations and Activity Feeds, at most, both the Recommendations and Activity Feeds were discontinued altogether on June 23, 2015. (See Fechete Decl. ¶¶ 23-34, 43-45.) 40 D. Continuing Conduct 64. Dr. Golbeck and I had access to the same Facebook source code produced in this matter, namely source code from the period of September 2009 to December 2012. However, the Golbeck report opines on the current operation of the Facebook software—without ever having reviewed current Facebook source code. One of skill in computer science would know there is no way to reliably determine the behavior of software—particularly when it comes to internal operations that are not visible to the sender or recipient, as is the case with the accused functionality—without examining source code. Thus, I do not believe Dr. Golbeck has a factual basis for the conclusions she reaches in Section V of the Golbeck report, entitled “ Facebook’s Conduct Continues to the Present” (Golbeck Report ¶¶ 94-97). 65. I also note that, in opining on several of Facebook’s practices, Dr. Golbeck relies not on source code but on e-mails about potential practices. (See, e.g., id. ¶¶ 46-49, 52-53, 6671, 76-78, 86-93.) This is not a scientifically reliable manner on which to base conclusions about the operation of source code. E. Lack of Ascertainability of Class Members 66. In her report, Dr. Golbeck says that “to retrieve a list of class members, the Code process should be relatively straightforward.” (Id. ¶ 103.) In the next two paragraphs of her report, she provides “example” code that she contends would return a list of “Facebook user IDs of everyone ” and, in her deposition, she said that such a list would identify the class members. (Golbeck Dep. 331:2-8.) 67. That is incorrect. This query would return a list of people that is both under- and over-inclusive of the proposed class. In her deposition, Dr. Golbeck conceded each of these flaws in her proposed query: 41 68. This query will be under-inclusive in that it will not reflect recipients of messages 69. This query will be under-inclusive in that it will not identify 70. This query will be under-inclusive in that it will not identify senders and recipients whose accounts were deleted. (Id. at 335:25-336:10.) 71. This query will be under-inclusive in that it will not identify 72. This query will be under-inclusive in that it will not identify 73. This query will be under-inclusive in that it will not identify 74. This query will be over-inclusive in that it will include senders whose messages did not contain URLs in their text. (Id. at 339:2-15.) 75. This query will be over-inclusive in that it will include 76. This query will be over-inclusive in that it will include senders and recipients outside the United States. (Golbeck Dep. 340:22-341:1.) 77. This query will be over-inclusive in that it will include senders of messages outside the Class Period. (Id. at 341:2-7.) 6 In her deposition, Dr. Golbeck proposed that this flaw could be remedied by looking at each message to ascertain who the recipient was, a woefully infeasible methodology if done manually, or trying to draft code to do the same, but does not propose any actual methodology for doing so. She assumes this is feasible. (Golbeck Dep. 334:3-335:18.) 42 78. Moreover, Dr. Golbeck’s query is overbroad in that it will identify senders that were not subject to the challenged “uses.” In her deposition, Dr. Golbeck conceded each of these flaws in her proposed query and said that identifying those that were subject to the challenged “uses” would be “case-specific:” 79. This query cannot identify senders 80. This query cannot identify 81. This query cannot identify 82. This query cannot identify 83. This query cannot identify 84. This query cannot identify 85. This query cannot identify 86. This query cannot identify 87. Finally, I understand from Facebook engineers that this query would not correctly writing and executing even a corrected query would 43 be extremely burdensome and resource-intensive, if it were even possible, given the nature and breadth of Facebook’s databases. (See January 14 Himel Decl. ¶ 8.) F. Variability in 88. As discussed in detail above, the (See January 14 Himel Decl. ¶¶ 20-22, 27-30, 37-43, 46-50, 55-57, 62-65, 73-79; Fechete Decl. ¶¶ 20-38, 43-44; Adkins Decl. ¶¶ 8-12, 16-23.) 89. For all the reasons given above, it is my opinion that the Facebook messaging software did not treat the people identified by Dr. Golbeck as being a “class” substantially the same. IX. COMPUTER STORAGE A. Computer Storage Technology 90. I have been asked to explain the meaning of “storage” in the context of computer science. Simply put, “storage” refers to the electronic components in a computer system that hold (store) data so that the data can be (1) processed by the central processing unit (CPU), e.g. used for arithmetic, image processing, text formatting, etc., (2) held temporarily until the data is 44 sent over a network or is sent to a display device, printer or other output device, or (3) kept for a longer period of time (perhaps indefinitely) so that it can be accessed in the future. The amount of data stored on a computer or other computing device (e.g. smartphone or tablet) is measured in terms of bytes, where a single byte comprises eight bits (each bit being a zero or a 1), which was the amount of data historically required to represent a single character of text (e.g. letter, digit, punctuation mark). On modern computing devices, storage capacity is normally multiples of megabytes (millions of bytes), gigabytes (billions of bytes), or terabytes (trillions of bytes). Naturally, mobile devices such as smartphones and tablets generally have less storage than personal computers, which, in turn, have less storage than large servers. 91. Computer systems have a number of different forms of electronic storage, ranging from small, fast, and expensive (on a per-byte basis) to large, slow, and inexpensive. Below is a diagram that I created to illustrate the so-called memory hierarchy, i.e. the different types of storage found on computer systems, including registers (very fast, very small storage within a CPU), cache memories (small, fast memories, often within the CPU), RAM (random access memory, aka “main memory”), and disk drive or flash memory.7 7 Historically, there has been another level at the bottom of the hierarchy, archival storage – generally consisting of backup tapes or optical media (e.g. DVD-ROMs) – that is not shown. 45 As shown in the diagram, the storage types near the top of the diagram are small and fast, and the storage types near the bottom are larger and slower. 92. Storage can also be divided into two categories, “volatile” and “non-volatile.” The term “volatile” means that the storage only retains the data while power is applied, so if the computer is turned off, the data is lost. Registers, cache memories, and RAM are examples of volatile electronic storage. The term “non-volatile” means that data is preserved in the storage even when no power is applied; thus, non-volatile electronic storage is often used for storing data for longer periods of time than volatile storage. Examples of non-volatile storage include disk storage, flash memory, magnetic tapes and optical media (CD-ROMs, etc.). 46 B. The Incorrect Distinction Between “Memory” and “Storage” 93. Dr. Golbeck appears to distinguish “memory” from “storage.” Any information in a computer system is in memory when it is not in storage; otherwise, it could not be in the computer at all. (Golbeck Report ¶117). 94. Dr. Golbeck also testified about the distinction between “memory” and “storage:” Q. What’s the difference between memory and temporary storage? A. Storage is -- so memory allows you to operate on some data if it’s in memory. Storage, temporary or permanent, is a place where information is stored that it can’t be operated on. (Golbeck Dep. 287:3-9.) 95. Dr. Golbeck’s characterization of memory and storage—namely that memory is not storage—is incorrect for the following reasons: • This is not an accepted characterization—in fact, I have never encountered this distinction between memory and storage before now. Dr. Golbeck seems to be referring to the fact that the instructions of a CPU (such as those to perform arithmetic or logical operations) can directly access some forms of storage, e.g., registers, cache, and RAM, but can only access other forms of storage, e.g., disk drives and flash memory, indirectly by first loading the data from disk or flash memory into RAM. Dr. Golbeck’s distinction between memory and storage has nothing to do with whether data is stored or not, only how the data is accessed. • As evidence that “memory” in the computing field is a form of “storage,” the Microsoft Computer Dictionary defines memory as follows (emphasis added): 47 memory n. A device where information can be stored and retrieved. In the most general sense, memory can refer to external storage such as disk drives or tape drives; in common usage, it refers only to a computer’s main memory, the fast semiconductor storage (RAM) directly connected to the processor. See also core, EEPROM, EPROM, flash memory, PROM, RAM, ROM. Compare bubble memory, mass storage. (Microsoft Computer Dictionary, 5th Ed., 2002 p. 333) As the dictionary states, “memory,” used in its general sense, refers to all types of storage and, in its common narrower sense, “memory” is used to refer to RAM, which is fast semiconductor storage.8 In either case, of course, memory is a form of storage. 96. For these reasons, and as discussed extensively above, message data is in storage as the term is used in computer science. 97. I understand that the Electronic Communications Privacy Act (18 U.S. Code § 2510) specifically defines “electronic storage” to include “any temporary, intermediate storage of a wire or electronic communication incidental to the electronic transmission thereof,” and that communications in electronic storage are governed not by the Wiretap Act (18 U.S. Code § 2511) but by another law (the Stored Communications Act, 18 U.S. Code § 2701) not being asserted in this case. the “temporary, intermediate storage” defined by the Act to be “electronic storage.” 98. As a factual matter, Dr. Golbeck is incorrect when she states that the – even given Dr. 8 More recently the common use of “memory” is expanded to include “flash memory”, which is a slower and cheaper form of semiconductor storage than RAM and has replaced disk drives in many computing devices. 48 Golbeck’s definition of “storage” (which I disagree with). Upon reaching , the data would be in “storage” according to Dr. Golbeck’s definition. X. ORDINARY COURSE OF BUSINESS 99. Dr. Golbeck’s report also discusses whether Facebook’s alleged “interception” was “necessary for Facebook to deliver private messages” (Golbeck Report ¶ 17.b.) and ultimately “conclude[s] that the interception, is not necessary for the functionality of message sharing in Facebook.” (Id. at ¶ 109.) However, my understanding is that whether or not the alleged interception of message content was “necessary” is not relevant to the “ordinary course of business” inquiry. 100. Rather, for purposes of assessing whether the “ordinary course of business” exemption to the Wiretap Act should apply, I understand that the Court has stated that it must determine whether the interception is “related or connected to [the] electronic communication provider’s service, even if it does not actually facilitate the service…[and whether there is] some nexus between the need to engage in the alleged interception and the subscriber’s ultimate business, that is, the ability to provide the underlying service or good.” (Order on Mot. to Dismiss (Dkt. 43) 11-12.) Accordingly, Dr. Golbeck’s test for assessing whether Facebook’s alleged “interceptions” fall within the “ordinary course of business” exemption appears to be inconsistent with the Court’s order, and I think her conclusions are irrelevant. Instead, Dr. Golbeck should have inquired whether there exists some nexus between the alleged 49 “interceptions” and Facebook’s ultimate business, or its ability to provide its underlying service. Of course, Facebook’s underlying service is not merely to provide a messaging product but to provide a massive social network comprising various features allowing people to share information and ideas and to engage and connect with other people in a safe, efficient online environment. Based on my review of the source code, I believe any alleged “interception” (if indeed, one exists, which I do not believe it does) more than qualifies under the “nexus” test set out by the Court, since it is related to both the messaging feature as well as other features that make up the Facebook service. 101. First, as discussed above, my review of the source code indicates that URL share objects (the creation and storage of which Plaintiffs claim constitutes an illegal interception) are inboxes. This contradicts Dr. Golbeck’s assumption that share object creation must not be necessary for sharing URLs in messages because Facebook concedes that share objects are not always created. (Golbeck Report ¶ 110.) Indeed, if no share object is created for a URL sent in a message (for any of the reasons explained above), the recipient will not be able to see the URL 102. Second, 50 103. Third, 104. Finally, by providing data points for internal research and site maintenance, data points for site integrity analysis, and, in the case of the Insights system, contributing to measures of engagement displayed with Facebook’s social plugins and other features as part of its social platform extending to third-party websites, which help users identify information they may be interested in viewing and sharing. XI. RESERVATION OF RIGHTS 105. I reserve the right to supplement or amend my opinions in response to opinions expressed by Plaintiffs’ experts, or in light of any additional evidence, testimony, discovery or other information that may be provided to me after the date of this report. In addition, I reserve the right to consider and testify about issues that may be raised by Plaintiffs’ fact witnesses and 51 experts at trial. I also reserve the right to modify or to supplement my opinions as a result of ongoing expert discovery or testimony at trial. Dated: January 14, 2016 DR. BENJAMIN GOLDBERG 52

Disclaimer: Justia Dockets & Filings provides public litigation records from the federal appellate and district courts. These filings and docket sheets should not be considered findings of fact or liability, nor do they necessarily reflect the view of Justia.


Why Is My Information Online?