Capitol Records, LLC v. Redigi Inc.

Filing 16

DECLARATION of LARRY RUDOLPH in Opposition. Document filed by Redigi Inc.. (Attachments: # 1 Exhibit A - Curriculum Vitae, # 2 Exhibit B - Patent Application Abstract)(Beckerman, Ray)

Download PDF
UNITED STATES DISTRICT COURT SOUTHERN DISTRICT OF NEW YORK ---------------------------------------------------------------x CAPITOL RECORDS, LLC, Plaintiff, Civil Action File No. 12 Civ 0095 RJS/AJP -againstREDIGI INC., Defendant. DECLARATION ----------------------------------------------------------------x LARRY RUDOLPH (aka Lawrence S. Rogel) declares under penalty of perjury: 1. I am Chief Technical Officer and a founder of ReDigi Inc. I received my PhD in Computer Science from the Courant Institute of Mathematical Science, NYU in 1981. After a post-doc at University of Toronto, I joined the Computer Science faculty at CarnegieMellon University and then the Hebrew University, Jerusalem, Israel. After attaining the rank of full professor, I then moved to the Massachusetts Institute of Technology as a Principle Research Scientist. After 12 years, I joined VMWare as a Senior Staff Engineer in 2007 to start the Mobile Virtualization Project. In 2009, I left VMWare to found ReDigi where I serve as the CTO. A copy of my CV is attached hereto as exhibit A. WHAT REDIGI DOES (A) The upload and storage process 2. After signing up for a ReDigi account, accepting ReDigi’s terms of service, downloading and installing ReDigi’s proprietary “Music Manager” software (“Music Manager”), and logging into the account using secure login information, a ReDigi user may upload an eligible music file (“Eligible File”) from the user’s computer to the user’s personal storage locker (“Cloud Locker”) in ReDigi’s cloud-based storage system (the “ReDigi Cloud”). We have applied for a patent for our technology, and the patent application is pending (An abstract of our patent application attached hereto as exhibit B). 3. A user’s Cloud Locker consists of file pointers, or record locators, that associate particular Eligible Files with a particular user’s account and indicate in which Cloud Locker those files are located. Only the user associated with a particular Cloud Locker has access to its contents. 4. The only Eligible Files are files originally and legally downloaded from iTunes, or subsequently from ReDigi, thereby excluding music tracks copied from CDs, or downloaded from other online vendors or file sharers, or obtained from any other source. Moreover, only one instance of an Eligible File can ever be sold on ReDigi. 5. Music Manager analyzes each music file that a user seeks to upload to determine that it was legally downloaded from iTunes or ReDigi by the user and eligible to be uploaded. Before a file is accepted for upload, the file is subjected to an initial validation process on the user’s computer, which includes analyzing file ownership, source, purchase dates, UITS code if it exists, metadata, and changes and modifications, if any. If the file passes the initial validation stage, the file is uploaded to the ReDigi server where additional and more intensive analysis takes place to confirm eligibility, including validating file source and ownership, and verifying that the file was not modified or tampered with. 6. Music Manager continuously runs in the background on a user’s computer. -2- Upon the upload of an Eligible File to a user’s Cloud Locker, such file and all copies thereof residing on the user’s computer, and on attached synchronization and storage devices, are deleted. If the user were to attempt to upload the file without first accepting the prompt to delete the other copy or copies detected by Music Manager, the upload would be blocked. 7. If any storage or synchronization device is connected to the user’s computer subsequent to the upload, Music Manager automatically searches the device for instances of copies of any Eligible File previously uploaded by the user to his or her Cloud Locker and, if a copy of such Eligible File is detected, the user is prompted to authorize the deletion of such file from that device. If the user fails to provide such authorization, his or her account is suspended. 8. Similarly, if a user downloads a file from his or her Cloud Locker, the file in the Cloud Locker is deleted. 9. After the upload of an Eligible File to a user’s Cloud Locker, the user can privately listen to the file by “streaming” it from the user’s Cloud Locker to an internet-connected device using the user’s secure login to access his or her ReDigi account. (B) The sale process 10. A user can choose to offer an Eligible File stored in his or her Cloud Locker for resale to other ReDigi users through the ReDigi used music marketplace. This is the only type of used music sale transaction permitted on the ReDigi site. No copy of the file in the ReDigi Cloud is made when the Eligible File is sold by one ReDigi user to another ReDigi user. When such a file is purchased by another user, the file pointer associating the Eligible File with the Cloud Locker of the selling user is modified to associate the file with the Cloud Locker of the purchasing user. In such a transaction only the pointer is changed; the Eligible File remains in -3- the same location in the ReDigi Cloud and is not copied. 11. After such a sale, the selling user no longer has any access to the file so sold. The Eligible File is stored in the purchasing user’s Cloud Locker where he or she can continue to store it, listen to it, offer it for sale, or download it, in which case the file is deleted from the purchaser’s Cloud Locker. 12. ReDigi earns a transaction fee on the sales. (C) Streaming of 30 second clips and linking to artwork 13. ReDigi’s website has links to 30-second clips which are streamed by a third-party source and to associated artwork maintained by that source, all pursuant to license. (See agreement with Rdio, Inc., John Ossenmacher declaration, exhibit B). No copies of such clips are made or stored on ReDigi’s website or in the ReDigi Cloud, nor are any of the artwork files which are displayed on the website stored on the website or in the ReDigi Cloud. A user’s ReDigi “memory bank” keeps track of links to which a user has listened. All that is stored in the memory bank are these bookmarks. HOW IT WORKS (A) Locker storage 14. The advent of inexpensive, nearly pervasive, highspeed, and continually accessible internet access has given rise to the rental of network storage, sometimes referred to as cloud storage or lockers in the cloud. Access to data stored over the internet is now sufficiently fast, that it can act like local storage. A user rents, or is otherwise provided with, space on machines located in a datacenter, and can upload or download the data. 15. This is a rapidly growing industry. Many companies provide cloud locker -4- storage to consumers, some for all kinds of files, some specifically designed for MP3's and designed to make it possible for users to privately stream their cloud-stored music (see John Ossenmacher declaration, exhibit A). 16. In addition to the cloud storage locker for mp3 and mp3-type aac (collectively “MP3") files ReDigi (a) offers a used digital music marketplace, and (b) provides technology and has adopted a business model which prevents users from maintaining duplicates, even on their home computers and connected devices, of recordings deemed eligible for ReDigi’s services. 17. The locker is a conceptual idea. There is no actual locker. Rather, there are disk drives with a logical organization of a file system. Each uploaded file is stored in this file system. Access to the files in this file system is restricted. A file can be accessed only by the owner of that file. Ownership is signified by a system of file pointers which associate each file with a particular user. There is a database that controls access to the file as well as the needs of the used digital music marketplace. The database contains several tables which in turn contain records, with each record containing fields. The locker, pointers to files, ownership, and other details are realized through the values stored in the database. (B) Verification of unique files 18. A ReDigi database contains records that specify details about each mp3 file, such as: the source, the track title, artist, album, year produced, as well as the user name of the file owner and the date of purchase, and the hash for the acoustic portion. Each music file has exactly one record in the database. In some cases the file has “UITS” code, which is an encrypted version of certain of the key data ReDigi would look at it in its verification process. The user's locker is the collection of all the files owned by the user, which have passed the verification -5- process, and are stored in the file system. It is specified as the collection of all the records which contain the user’s identification. When a file is uploaded to a locker, several things happen: (a) the metadata and the acoustics are checked for validity; (b) the metadata are checked to ensure that no other ReDigi user has sold, has offered for sale, or is storing, a file with the same relevant metadata; (c) if the file fails either of these tests, it is discarded; (d) if it passes, then the file is stored on disk along with all the other music files; (e) the user's locker is updated to include the relevant metadata of the file and a “pointer" to the ‘location’ of the file; and (f) a record is made of the file’s relevant metadata to ensure no other user attempts to upload a file with this same relevant metadata. 19. The file is the only instance of that unique file that remains on the server. The entire ReDigi cloud may contain multiple, unique copies of the same recording, although each unique file will have certain identifiable differences in the metadata, as each was uploaded by a different user at a different date and time. The source, iTunes, is also present in the metadata. The industry is introducing a "UITS" code into the meta-data that is a form of "purchase receipt" that uniquely identifies the instance of the song purchased. When present, we use that to detect if two files are the same purchase or two different purchases. The database records also record the status of the file, including whether this file is currently for sale or not. A file, while it is offered for sale, cannot be streamed or downloaded by the user. Only if the user withdraws the offer to sell, can the user stream or download the file. 20. The basic process used by our technology at this time is as follows: our software keeps track of (a) Purchaser (bought-by), (b) Store (apple), (c) Date Purchased, and (d) Hash value of the acoustics (we use a Sha1sum of the music portion of the music file). When this -6- data on one file matches the data on another, there would be a “violation”. Different tests are done at two different locations, the client and the server. 21. At the client level, if the Music Manager software resident on the user’s machine finds a file matching a file that is in the user’s locker on the ReDigi site, or a file which has already been sold on the ReDigi site, it would term that a “violation”, and require the user to delete the file from the client or delete it from the locker (and cancel any pending offer for sale); the user’s failure to comply would mean suspension of the user’s account. 22. At the server level, the software searches the entire server for a “violation”. Files are ineligible to be in a user’s locker or offered for sale, if that same file (same hash, bought-by, bought-from, and purchase date, or same hash and UITS) is in someone else’s locker, offered by sale for someone else, or has been sold by someone else. 23. Files are ineligible to be uploaded if they do not contain bought-by, boughtfrom, and purchase date fields in the metadata, or the bought-from store is not iTunes or ReDigi (when one buys a used song through ReDigi, the bought-by is the ReDigi User ID and the bought-from is ReDigi). 24. Basically, every music file that the manager encounters is stored in the database, indexed by its hash. So, when the music manager sees a new file on the user’s computer or attached device, it computes the hash and checks to see if this hash matches the hash of any song in the user’s locker. If so, the other fields (purchaser, store, purchase date) are evaluated. If they match, a “violation” is found. 25. Apple iTunes has begun to use something called “UITS”, encrypted code which includes the bought-by, bought-from, and purchase date information, as well as other data, -7- in encrypted form. If the file contains UITS code, our software will rely on the UITS, since the UITS has proven to be highly reliable. We do not decrypt the UITS, we rely on the encrypted code alone, since each UITS is unique. 26. Each ReDigi user is allocated locker space that can be used to store music files. Only music files that have passed ReDigi's verification process both by the client application on the user's personal computer and the server application on the ReDigi servers can be placed in the locker. Moreover, when a file is stored in the locker, there are no other copies of that file on the user's personal computer or attached devices. The locker can be thought of as the “final resting place for unwanted music files", unless of course the owner chooses to resurrect the file by downloading it to the owner’s machine or listening to it while it is in the locker but not offered for sale. The ReDigi system is made for songs that the user no longer actively uses. A user might not be ready to offer a particular song for sale, but no longer wants it to take up space on his or her local computer. The marketplace may already have many instances of a particular recording offered for sale and so may not accept additional offers for sale of that recording. In such a case, the user can leave his or her song in the locker until supply and demand catch up with each other. ReDigi is also a “rebirth” place where the purchased file can reside before being downloaded by the new owner. It is, to the best of our knowledge, unique in that all the songs in the locker have passed verification. Many cloud storage systems tell their users to only upload items they own but, unlike ReDigi, offer no mechanism for verifying such ownership. (C) Offering music for sale or to purchase 27. The ReDigi marketplace only allows songs to be offered for sale that meet two criteria. First, they must be in a user's locker. This ensures that they have passed all the -8- ReDigi verification steps. Second, they must be the only instance of the file that the user owns. The marketplace also allows a user to place an offer to purchase a song. Such a purchase request is either satisfied immediately or is queued up until some other user offers that song for sale. The user’s client application, known as the music manager, communicates with the ReDigi server to synchronize its local information with the centralized information on the ReDigi database. A ReDigi user can at any time access a list of the songs in his or her locker that are not offered for sale, any of which can be downloaded, in which case they are deleted from the locker. Alternatively, the user may offer one of the songs for sale, in which case it can no longer be downloaded or streamed. The user can also at any time access a list of the songs in his or her locker that are offered for sale. The user can choose to cancel the offer for sale. In this case, it could then be downloaded, kept in storage, or re-offered for sale at a later time. 28. The client application program, the music manager, actually consists of two programs. One, the application program, interacts with the user. The second, is a continually running background “service” that constantly monitors music file creation, deletion, and renaming, as well as the files on removable devices when they become attached. This “service” program monitors the files on the user's computers and attached devices to ensure that the files sold, offered for sale, or residing in the locker, do not reappear on the computer. It automatically starts each time the user’s machine is rebooted. Whenever the client application program is running, it makes sure the “service” program is also running, and if not, it attempts to restart it. The client application program cannot be used if the “service” program is not running. 29. The purchase and sale orders for a recording are organized on a first-in first-out basis. It may be the case that there are no outstanding orders, in which case the offer for -9-

Disclaimer: Justia Dockets & Filings provides public litigation records from the federal appellate and district courts. These filings and docket sheets should not be considered findings of fact or liability, nor do they necessarily reflect the view of Justia.

Why Is My Information Online?