Capitol Records, LLC v. Redigi Inc.
Filing
16
DECLARATION of LARRY RUDOLPH in Opposition. Document filed by Redigi Inc.. (Attachments: # 1 Exhibit A - Curriculum Vitae, # 2 Exhibit B - Patent Application Abstract)(Beckerman, Ray)
<![CDATA[
UNITED STATES DISTRICT COURT
SOUTHERN DISTRICT OF NEW YORK
---------------------------------------------------------------x
CAPITOL RECORDS, LLC,
Plaintiff,
Civil Action File No.
12 Civ 0095 RJS/AJP
-againstREDIGI INC.,
Defendant.
DECLARATION
----------------------------------------------------------------x
LARRY RUDOLPH (aka Lawrence S. Rogel) declares under penalty of
perjury:
1. I am Chief Technical Officer and a founder of ReDigi Inc. I received my
PhD in Computer Science from the Courant Institute of Mathematical Science, NYU in 1981.
After a post-doc at University of Toronto, I joined the Computer Science faculty at CarnegieMellon University and then the Hebrew University, Jerusalem, Israel. After attaining the rank of
full professor, I then moved to the Massachusetts Institute of Technology as a Principle Research
Scientist. After 12 years, I joined VMWare as a Senior Staff Engineer in 2007 to start the Mobile
Virtualization Project. In 2009, I left VMWare to found ReDigi where I serve as the CTO. A
copy of my CV is attached hereto as exhibit A.
WHAT REDIGI DOES
(A) The upload and storage process
2. After signing up for a ReDigi account, accepting ReDigi’s terms of service,
downloading and installing ReDigi’s proprietary “Music Manager” software (“Music Manager”),
and logging into the account using secure login information, a ReDigi user may upload an
eligible music file (“Eligible File”) from the user’s computer to the user’s personal storage locker
(“Cloud Locker”) in ReDigi’s cloud-based storage system (the “ReDigi Cloud”). We have
applied for a patent for our technology, and the patent application is pending (An abstract of our
patent application attached hereto as exhibit B).
3. A user’s Cloud Locker consists of file pointers, or record locators, that
associate particular Eligible Files with a particular user’s account and indicate in which Cloud
Locker those files are located. Only the user associated with a particular Cloud Locker has
access to its contents.
4. The only Eligible Files are files originally and legally downloaded from
iTunes, or subsequently from ReDigi, thereby excluding music tracks copied from CDs, or
downloaded from other online vendors or file sharers, or obtained from any other source.
Moreover, only one instance of an Eligible File can ever be sold on ReDigi.
5. Music Manager analyzes each music file that a user seeks to upload to
determine that it was legally downloaded from iTunes or ReDigi by the user and eligible to be
uploaded. Before a file is accepted for upload, the file is subjected to an initial validation process
on the user’s computer, which includes analyzing file ownership, source, purchase dates, UITS
code if it exists, metadata, and changes and modifications, if any. If the file passes the initial
validation stage, the file is uploaded to the ReDigi server where additional and more intensive
analysis takes place to confirm eligibility, including validating file source and ownership, and
verifying that the file was not modified or tampered with.
6. Music Manager continuously runs in the background on a user’s computer.
-2-
Upon the upload of an Eligible File to a user’s Cloud Locker, such file and all copies thereof
residing on the user’s computer, and on attached synchronization and storage devices, are
deleted. If the user were to attempt to upload the file without first accepting the prompt to delete
the other copy or copies detected by Music Manager, the upload would be blocked.
7. If any storage or synchronization device is connected to the user’s computer
subsequent to the upload, Music Manager automatically searches the device for instances of
copies of any Eligible File previously uploaded by the user to his or her Cloud Locker and, if a
copy of such Eligible File is detected, the user is prompted to authorize the deletion of such file
from that device. If the user fails to provide such authorization, his or her account is suspended.
8. Similarly, if a user downloads a file from his or her Cloud Locker, the file in
the Cloud Locker is deleted.
9. After the upload of an Eligible File to a user’s Cloud Locker, the user can
privately listen to the file by “streaming” it from the user’s Cloud Locker to an
internet-connected device using the user’s secure login to access his or her ReDigi account.
(B) The sale process
10. A user can choose to offer an Eligible File stored in his or her Cloud Locker
for resale to other ReDigi users through the ReDigi used music marketplace. This is the only type
of used music sale transaction permitted on the ReDigi site. No copy of the file in the ReDigi
Cloud is made when the Eligible File is sold by one ReDigi user to another ReDigi user. When
such a file is purchased by another user, the file pointer associating the Eligible File with the
Cloud Locker of the selling user is modified to associate the file with the Cloud Locker of the
purchasing user. In such a transaction only the pointer is changed; the Eligible File remains in
-3-
the same location in the ReDigi Cloud and is not copied.
11. After such a sale, the selling user no longer has any access to the file so sold.
The Eligible File is stored in the purchasing user’s Cloud Locker where he or she can continue to
store it, listen to it, offer it for sale, or download it, in which case the file is deleted from the
purchaser’s Cloud Locker.
12. ReDigi earns a transaction fee on the sales.
(C) Streaming of 30 second clips and linking to artwork
13. ReDigi’s website has links to 30-second clips which are streamed by a
third-party source and to associated artwork maintained by that source, all pursuant to license.
(See agreement with Rdio, Inc., John Ossenmacher declaration, exhibit B). No copies of such
clips are made or stored on ReDigi’s website or in the ReDigi Cloud, nor are any of the artwork
files which are displayed on the website stored on the website or in the ReDigi Cloud. A user’s
ReDigi “memory bank” keeps track of links to which a user has listened. All that is stored in the
memory bank are these bookmarks.
HOW IT WORKS
(A) Locker storage
14. The advent of inexpensive, nearly pervasive, highspeed, and continually
accessible internet access has given rise to the rental of network storage, sometimes referred to as
cloud storage or lockers in the cloud. Access to data stored over the internet is now sufficiently
fast, that it can act like local storage. A user rents, or is otherwise provided with, space on
machines located in a datacenter, and can upload or download the data.
15. This is a rapidly growing industry. Many companies provide cloud locker
-4-
storage to consumers, some for all kinds of files, some specifically designed for MP3's and
designed to make it possible for users to privately stream their cloud-stored music (see John
Ossenmacher declaration, exhibit A).
16. In addition to the cloud storage locker for mp3 and mp3-type aac (collectively
“MP3") files ReDigi (a) offers a used digital music marketplace, and (b) provides technology and
has adopted a business model which prevents users from maintaining duplicates, even on their
home computers and connected devices, of recordings deemed eligible for ReDigi’s services.
17. The locker is a conceptual idea. There is no actual locker. Rather, there are
disk drives with a logical organization of a file system. Each uploaded file is stored in this file
system. Access to the files in this file system is restricted. A file can be accessed only by the
owner of that file. Ownership is signified by a system of file pointers which associate each file
with a particular user. There is a database that controls access to the file as well as the needs of
the used digital music marketplace. The database contains several tables which in turn contain
records, with each record containing fields. The locker, pointers to files, ownership, and other
details are realized through the values stored in the database.
(B) Verification of unique files
18. A ReDigi database contains records that specify details about each mp3 file,
such as: the source, the track title, artist, album, year produced, as well as the user name of the
file owner and the date of purchase, and the hash for the acoustic portion. Each music file has
exactly one record in the database. In some cases the file has “UITS” code, which is an encrypted
version of certain of the key data ReDigi would look at it in its verification process. The user's
locker is the collection of all the files owned by the user, which have passed the verification
-5-
process, and are stored in the file system. It is specified as the collection of all the records which
contain the user’s identification. When a file is uploaded to a locker, several things happen: (a)
the metadata and the acoustics are checked for validity; (b) the metadata are checked to ensure
that no other ReDigi user has sold, has offered for sale, or is storing, a file with the same relevant
metadata; (c) if the file fails either of these tests, it is discarded; (d) if it passes, then the file is
stored on disk along with all the other music files; (e) the user's locker is updated to include the
relevant metadata of the file and a “pointer" to the ‘location’ of the file; and (f) a record is made
of the file’s relevant metadata to ensure no other user attempts to upload a file with this same
relevant metadata.
19. The file is the only instance of that unique file that remains on the server. The
entire ReDigi cloud may contain multiple, unique copies of the same recording, although each
unique file will have certain identifiable differences in the metadata, as each was uploaded by a
different user at a different date and time. The source, iTunes, is also present in the metadata. The
industry is introducing a "UITS" code into the meta-data that is a form of "purchase receipt" that
uniquely identifies the instance of the song purchased. When present, we use that to detect if two
files are the same purchase or two different purchases. The database records also record the status
of the file, including whether this file is currently for sale or not. A file, while it is offered for
sale, cannot be streamed or downloaded by the user. Only if the user withdraws the offer to sell,
can the user stream or download the file.
20. The basic process used by our technology at this time is as follows: our
software keeps track of (a) Purchaser (bought-by), (b) Store (apple), (c) Date Purchased, and (d)
Hash value of the acoustics (we use a Sha1sum of the music portion of the music file). When this
-6-
data on one file matches the data on another, there would be a “violation”. Different tests are
done at two different locations, the client and the server.
21. At the client level, if the Music Manager software resident on the user’s
machine finds a file matching a file that is in the user’s locker on the ReDigi site, or a file which
has already been sold on the ReDigi site, it would term that a “violation”, and require the user to
delete the file from the client or delete it from the locker (and cancel any pending offer for sale);
the user’s failure to comply would mean suspension of the user’s account.
22. At the server level, the software searches the entire server for a “violation”.
Files are ineligible to be in a user’s locker or offered for sale, if that same file (same hash,
bought-by, bought-from, and purchase date, or same hash and UITS) is in someone else’s locker,
offered by sale for someone else, or has been sold by someone else.
23. Files are ineligible to be uploaded if they do not contain bought-by, boughtfrom, and purchase date fields in the metadata, or the bought-from store is not iTunes or ReDigi
(when one buys a used song through ReDigi, the bought-by is the ReDigi User ID and the
bought-from is ReDigi).
24. Basically, every music file that the manager encounters is stored in the
database, indexed by its hash. So, when the music manager sees a new file on the user’s
computer or attached device, it computes the hash and checks to see if this hash matches the hash
of any song in the user’s locker. If so, the other fields (purchaser, store, purchase date) are
evaluated. If they match, a “violation” is found.
25. Apple iTunes has begun to use something called “UITS”, encrypted code
which includes the bought-by, bought-from, and purchase date information, as well as other data,
-7-
in encrypted form. If the file contains UITS code, our software will rely on the UITS, since the
UITS has proven to be highly reliable. We do not decrypt the UITS, we rely on the encrypted
code alone, since each UITS is unique.
26. Each ReDigi user is allocated locker space that can be used to store music
files. Only music files that have passed ReDigi's verification process both by the client
application on the user's personal computer and the server application on the ReDigi servers can
be placed in the locker. Moreover, when a file is stored in the locker, there are no other copies of
that file on the user's personal computer or attached devices. The locker can be thought of as the
“final resting place for unwanted music files", unless of course the owner chooses to resurrect the
file by downloading it to the owner’s machine or listening to it while it is in the locker but not
offered for sale. The ReDigi system is made for songs that the user no longer actively uses. A
user might not be ready to offer a particular song for sale, but no longer wants it to take up space
on his or her local computer. The marketplace may already have many instances of a particular
recording offered for sale and so may not accept additional offers for sale of that recording. In
such a case, the user can leave his or her song in the locker until supply and demand catch up
with each other. ReDigi is also a “rebirth” place where the purchased file can reside before being
downloaded by the new owner. It is, to the best of our knowledge, unique in that all the songs in
the locker have passed verification. Many cloud storage systems tell their users to only upload
items they own but, unlike ReDigi, offer no mechanism for verifying such ownership.
(C) Offering music for sale or to purchase
27. The ReDigi marketplace only allows songs to be offered for sale that meet
two criteria. First, they must be in a user's locker. This ensures that they have passed all the
-8-
ReDigi verification steps. Second, they must be the only instance of the file that the user owns.
The marketplace also allows a user to place an offer to purchase a song. Such a purchase request
is either satisfied immediately or is queued up until some other user offers that song for sale.
The user’s client application, known as the music manager, communicates with the ReDigi server
to synchronize its local information with the centralized information on the ReDigi database. A
ReDigi user can at any time access a list of the songs in his or her locker that are not offered for
sale, any of which can be downloaded, in which case they are deleted from the locker.
Alternatively, the user may offer one of the songs for sale, in which case it can no longer be
downloaded or streamed. The user can also at any time access a list of the songs in his or her
locker that are offered for sale. The user can choose to cancel the offer for sale. In this case, it
could then be downloaded, kept in storage, or re-offered for sale at a later time.
28. The client application program, the music manager, actually consists of two
programs. One, the application program, interacts with the user. The second, is a continually
running background “service” that constantly monitors music file creation, deletion, and
renaming, as well as the files on removable devices when they become attached. This “service”
program monitors the files on the user's computers and attached devices to ensure that the files
sold, offered for sale, or residing in the locker, do not reappear on the computer. It automatically
starts each time the user’s machine is rebooted. Whenever the client application program is
running, it makes sure the “service” program is also running, and if not, it attempts to restart it.
The client application program cannot be used if the “service” program is not running.
29. The purchase and sale orders for a recording are organized on a first-in
first-out basis. It may be the case that there are no outstanding orders, in which case the offer for
-9-
]]>
Disclaimer: Justia Dockets & Filings provides public litigation records from the federal appellate and district courts. These filings and docket sheets should not be considered findings of fact or liability, nor do they necessarily reflect the view of Justia.
Why Is My Information Online?
