joegratz.net

Even Brown at internetcases.com has this excellent post on Arista Records v. Tschirhart, a RIAA filesharing case. Generally, the defendants in these suits are quite sympathetic. Here, the defendant started out sympathetic, then really fouled things up.

The defendant destroyed data on her hard drive after receiving notice of the suit and after the court had granted the plaintiff’s motion to compel inspection of the drive. The defendant had a duty to preserve the data on that drive as evidence and make it available to the plaintiffs, and knew about that duty, but irretrievably destroyed the data anyway. In an order filed Wednesday, the court entered the ultimate sanction against a defendant: default judgment in favor of the plaintiffs. This means that the plaintiff just wins without having to prove anything, and also receives fees and costs associated with the suit. Because the defendant destroyed all of the evidence, it’s likely that the allegations in the complaint will be taken as true for purposes of determining damages.

The court’s order is understandably a bit thin on technical details, but it seems that the defendant didn’t completely nuke the drive, but instead used “wiping” software to delete files irretrievably. But wiping software, as I learned at this year’s DEFCON, leaves a tell-tale pattern of data on the disk, so the plaintiffs’ investigators were able to figure out that the defendant had used two different disk-wiping programs even though she’d deleted both to cover her tracks.

So, the takeaway: No, you can’t just circumvent the judicial process by destroying evidence in your control after you have notice of a lawsuit against you. Moreover, it makes courts really, really mad, and you’ll deserve whatever sanction you get.