Man loses C&P Phantom Withdrawl case
Theo Markettos
theom+news at chiark.greenend.org.uk
Mon Jun 15 21:43:09 BST 2009
Nicholas Bohm <nbohm at ernest.net> wrote:
> The main conclusions that I would draw are that such cases need to be
> managed from an early stage by well-informed lawyers, and that expert
> witnesses may have more work of general education to undertake than
> their background would lead them to assume.
Coming at this thread a little late, but I was in court. My take (IANAL) on the
proceedings may be found here:
http://caliston.livejournal.com/17555.html
I think you're broadly right in what you say above. In particular for this
case:
I think the point could have been better made of the 'a priori'
probabilities. Let's say a million people have card fraud. 90% of those
will have been somewhere the cardholder has never been, so 900,000 are
refunded. 90% of the remaining can prove they were somewhere else at the
time, so 90,000 are refund. For 90% of the remaining it's their first
experience of fraud, so 9,000 are refunded. 90% of the remaining don't have
messy financial circumstances, so 900 are refunded leaving 100 left. And so
on.
Without knowledge of any statistics of this process we cannot extrapolate
whether the case before the judge is a freak or whether there is a huge body
of hidden cases that haven't come to light. After all, banks tend to refund
customers whom they believe, so by definition anyone suing the bank will be
someone with an implausible story. Steven Murdoch and the judge did have a
discussion about this (Murdoch made it very clear that he wasn't able to
indicate any of these probabilities), and the judge got the point to some
extent, but it wasn't as central as it could have been.
The second point was that the discussion of the crypto was rather lacking in
focus. In particular, there's no reason why the bank cannot reveal the card
unique key. It's on their system in encrypted form, and the system must
decrypt it to perform transactions. And the whole point of using crypto in
banking is to be able to produce these proofs to eliminate any doubt, so the
defence's case is substantially weakened by not providing them. That didn't
come across strongly enough, though the judge did castigate Halifax for
their poor evidence submission.
As far as the lawyers went, the judge was by far the sharpest of the bunch
and was more effective at crossexamining witnesses himself than the counsel
were.
Theo
--
Computer Laboratory, University of Cambridge
More information about the ukcrypto
mailing list