NDS Americas Group dealt with the lack of a digital security product and a “reputation problem” caused by its own hacked analog system in the late 1990s and early 2000 by “harming everyone else,” claimed the attorney for Echostar Communications Corp. during final arguments in the multi-million dollar trial against the conditional access company.
Attorneys for NDS countered that Echostar was repeatedly hacked by several pirate groups, adding that the damaging information that showed up on Internet pirate sites came from sources other than the former NDS employee and acknowledged pirate, Christopher Tarnovsky, cited by the plaintiffs.
Reverse engineering, the method by which NDS engineers found the weaknesses in Echostar’s conditional access system, is legal and routine and is in fact conducted by both NDS and NagraStar, asserted NDS attorney Darrin Snyder.
The parties are in the final days of what was expected to be a month-long trial. In the suit brought by then-Echostar (now Dish Network) and the security firm it co-owns, NagraStar LLC, the digital-broadcast satellite company alleges that NDS, a rival security firm owned by News Corp., hacked Echostar smart cards.
NDS engineers testified they reverse-engineered the cards to improve NDS’s product, but the information detailing how to hack Echostar’s system appeared on the Internet within days of the completion of NDS hacking report, according to testimony.
Echostar’s suit alleges that NDS’s actions violated the Digital Millennium Copyright Act, the federal Communications Policy Act and two California penal codes.
The case will now be decided by the eight-member jury in U.S. District Court in Santa Ana, Calif.
In their final addresses to the jury, attorneys for both sides have presented their version of who is behind the screen names “Nipper,” “Nipper 2000” and “Nipper Clauz”—monikers that were on Internet postings publicizing internal codes that helped pirates hack smart cards in use by Echostar.
The DBS company alleges that it is Tarnovsky; NDS lawyers assert that that name has been traced back to an Internet provider in Canada and ultimately traced to a different pirate with no known links to Tarnovsky. Echostar didn’t investigate the other purported pirate because they were creating a case centered on Tarnovsky, asserted Snyder.
Echostar believes NDS created the hack, in part, because it has a well-funded lab and staff of engineers in Haifa, Israel. But Snyder said Echostar was routinely hacked, citing postings dating back to 1998 and attributed to two pirates not linked to Tarnovsky or NDS, he noted.
One of those postings even claimed to have hacked into Echostar’s corporate FTP site to steal information in encrypted ZIP files, Snyder said. The attorney identified Berrie, Ontario, Canada as the nexus of the piracy wave that caused Echostar to swap out 9 million smart cards in 2003. Another hacker lab was also known to operate in Thunder Bay, Ontario, according to testimony.
Snyder added that Tarnovsky did not see the Haifa lab’s report on the hack of NagraStar’s cards until years after the information was posted by pirates on the Internet.
Echostar is asking for $93.8 million in damages for itself and NagraStar for the actual cost of the swapping out the compromised cards.
If the jury finds in favor of Echostar and opts to apply statutory damages—$10,000 for each of the 100,000 compromised smart cards Echostar claims it had to replace in the U.S.—NDS could be on the hook for up to $1 billion in damages.
Snyder countered that even if jurors believe there is a direct link between NDS and the hacking alleged by Echostar, NDS would only be liable for cards that were used in the U.S.—not Canada—and only for documented violations that occurred after June 2000, in the case of the Communications Act claim; or October 2000, in the case of the Digital Millennium Copyright Act claims.
Any damages would have to be based on facts, not guesses, he added.