---
title: "Digital Forensics Expert’s Analysis of Website Activity Considered Relevant"
meta:
  "og:description": "The expert sufficiently explained his methodology, which is sound and based on his expertise in digital forensics"
  "og:title": "Digital Forensics Expert’s Analysis of Website Activity Considered Relevant"
  author: "Expert Witness Profiler"
  description: "The expert sufficiently explained his methodology, which is sound and based on his expertise in digital forensics"
---

# Digital Forensics Expert’s Analysis of Website Activity Considered Relevant

Posted on July 1, 2025 by Expert Witness Profiler

This is a copyright infringement action filed by CoStar Group, Inc. and CoStar Realty Information, Inc. (collectively, “CoStar”) in September 2020 against Commercial Real Estate Exchange Inc (“CREXi”).

CoStar is a company that provides commercial real estate (“CRE”) information, analytics, and online property listing marketplaces. It owns and operates LoopNet.com, a digital marketplace platform for CRE listings. CoStar contended that CREXi has engaged in “mass infringement” of CoStar’s photographs. Apparently, CREXi and its BPOs copied listing information, including images, from LoopNet when a listing could only be found on LoopNet, and that CREXi would take screenshots of photos or otherwise crop out CoStar’s watermarks from photos to build out listings on its website.

CREXi filed a _[Daubert](https://www.law.cornell.edu/wex/daubert_standard)_ Motion to exclude the opinions of CoStar’s expert, Mr. [Daniel Roffman](https://expertwitnessprofiler.com/expert-witness/Daniel-Roffman/1538137). CoStar retained Roffman to opine on CREXi’s access to the LoopNet website.

## **Digital Forensics Expert Witness**

[Daniel E. Roffman](https://expertwitnessprofiler.com/expert-witness/Daniel-Roffman/1538137) is Vice President in the Forensic Services Practice. He has over 20 years of digital forensics and information security consulting experience, helping clients protect their most valuable information, and investigating allegations of trade secret theft and cyber incidents.

He has extensive testimony experience working on behalf of both plaintiffs and defendants and has served as a court-appointed neutral expert on theft of trade secret cases. Roffman has also testified on a range of other digital forensic subjects including software piracy, cyber investigations, and electronic document authenticity issues.

[Want to know more about the challenges Daniel Roffman has faced? Get the full details with our Challenge Study report](https://expertwitnessprofiler.com/order/add?eId=1538137&amp;pId=3). 

## **Discussion by the Court**

Roffman was supposed to analyze LoopNet logs and identify what activity in those logs can be attributable to CREXi and its representatives (including CREXi employees and third-party vendors CREXi retained to complete certain work).

To begin with, Roffman explained how IP addresses can be used to identify users and track their activity on a website, LoopNet’s tools for logging activity (referred to as “hits”) on its website during a “session,” and how users “anonymous online campaigns” attempt to mask user activity through virtual private networks (“VPNs”), outsourcing tasks to third-party business process outsourcing companies (“BPOs”), and rotating through multiple IP addresses in a single session.

#### **Rule 403**

Basically, CoStar’s theory of copyright infringement is that CREXi copied its images from LoopNet “on a massive scale,” including by having BPOs copy images from CoStar, crop out CoStar’s watermark logo, and upload them onto CREXi’s website, and that this activity was a company policy at CREXi.

Given that CoStar’s theory of the case is “mass infringement” by CREXi, the Court found that Roffman’s opinions are not substantially more prejudicial than probative. 

Accordingly, Roffman’s analysis of the volume of activity on LoopNet’s website attributable to CREXi is relevant to and probative of whether CREXi employees and BPOs copied images off of LoopNet.

#### **Rule 702**

CREXi contended that Roffman’s opinions are unreliable because IP addresses identify a computer network, not an individual user. But if an IP address is identified as a computer network associated with CREXi, including activity from users on that computer network would likely show activity by users associated with CREXi. Roffman’s testimony attempts to identify LoopNet activity by CREXi and its BPOs. To the extent CREXi contended that this does not accurately capture activity attributable to CREXi, the Court held that it is free to challenge Roffman’s approach on cross-examination.

Next, CREXi argued that Roffman’s opinions unreasonably assumed that activity from certain IP addresses containing _no_ indicators, which appeared in the same sessions as IP addresses with an indicator, is also attributable to CREXi. Roffman explained why he “swept in” activity from IP addresses with no indicator of CREXi—if a user accessed LoopNet from a “CREXi Referring Website” once, only the activity from that particular session would appear as associated with CREXi. Other activity from that IP address where a user did not access LoopNet through a CREXi Referring Website would be left off of the activity log results. Thus, Roffman included activity from these IP addresses to capture potential CREXi activity where a VPN or rotating IP addresses were employed.

Roffman relied on both IP addresses and sessions, which capture multiple IP addresses associated with one user in a session. He acknowledged that his approach to this analysis “may still be over inclusive,” despite taking measures to remove some data that appeared associated with CoStar’s clients, CoStar, and private IP addresses.

## **Held**

The Court denied the Defendant’s _Daubert_ motion to exclude the opinions of Daniel E. Roffman.

## **Key Takeaway:**

Roffman sufficiently explained his methodology, which is sound and based on his expertise in digital forensics. Again, to the extent CREXi disagreed with Roffman’s methodology because the results may be overinclusive, it is free to challenge his opinions on cross-examination. But questions that go to weight, not admissibility, are for the jury to decide—not the Court.

## **Case Details:**

---

## **You Might Also Like**

![Corrections Expert&#39;s Standard of Care Testimony Admitted](https://ewp-blog.expertwitnessprofiler.org/wp-content/uploads/2026/04/blog-pic-640X480-2026-04-23T161938.085.jpg) [**Corrections Expert’s Standard of Care Testimony Admitted**](https://expertwitnessprofiler.com/digital-forensics-experts-analysis-of-website-activity-considered-relevant/corrections-experts-standard-of-care-testimony-admitted)![Human Resources Expert Allowed to Opine on Termination](https://ewp-blog.expertwitnessprofiler.org/wp-content/uploads/2026/04/blog-pic-640X480-2026-04-22T200052.311.jpg) [**Human Resources Expert Allowed to Opine on Termination**](https://expertwitnessprofiler.com/digital-forensics-experts-analysis-of-website-activity-considered-relevant/human-resources-expert-allowed-to-opine-on-termination)![Neuropsychology Expert Not Allowed to Opine on Cognitive Decline](https://ewp-blog.expertwitnessprofiler.org/wp-content/uploads/2026/04/blog-pic-640X480-2026-04-22T144728.528.jpg) [**Neuropsychology Expert Not Allowed to Opine on Cognitive Decline **](https://expertwitnessprofiler.com/digital-forensics-experts-analysis-of-website-activity-considered-relevant/neuropsychology-expert-not-allowed-to-opine-on-cognitive-decline)![Human Factors Expert Not Allowed to Opine on the Tile](https://ewp-blog.expertwitnessprofiler.org/wp-content/uploads/2026/04/blog-pic-640X480-2026-04-21T191749.960.jpg) [**Human Factors Expert Not Allowed to Opine on the Tile**](https://expertwitnessprofiler.com/digital-forensics-experts-analysis-of-website-activity-considered-relevant/human-factors-expert-not-allowed-to-opine-on-the-tile)![Insurance Expert Not Allowed to Opine on Legal Duties](https://ewp-blog.expertwitnessprofiler.org/wp-content/uploads/2026/04/blog-pic-640X480-2026-04-21T155751.487.jpg) [**Insurance Expert Not Allowed to Opine on Legal Duties**](https://expertwitnessprofiler.com/digital-forensics-experts-analysis-of-website-activity-considered-relevant/insurance-expert-not-allowed-to-opine-on-legal-duties)