|
|
|
||||
|
||||||
|
First Amended Felten ComplaintJune 26, 2001
Grayson Barber (GB 0034)
Frank L. Corrado (FLC 9895)
(Additional Counsel listed on signature page)
IN THE UNITED STATES DISTRICT COURT FOR THE DISTRICT OF NEW JERSEY Civil Action FIRST AMENDED COMPLAINT FOR DECLARATORY JUDGMENT AND INJUNCTIVE RELIEF Case No. CV-01-2660 (GEB) EDWARD W. FELTEN; BEDE LIU; SCOTT A. CRAVER; MIN WU; DAN S. WALLACH; BEN SWARTZLANDER; ADAM STUBBLEFIELD; RICHARD DREWS DEAN; and USENIX ASSOCIATION, a Delaware non-profit non-stock corporation, Plaintiffs, vs. RECORDING INDUSTRY ASSOCIATION OF AMERICA, INC.; SECURE DIGITAL MUSIC INITIATIVE FOUNDATION; VERANCE CORPORATION; JOHN ASHCROFT, in his official capacity as ATTORNEY GENERAL OF THE UNITED STATES; DOES 1 through 4, inclusive, Defendants. INTRODUCTION
"So here's the invitation: Attack the proposed technologies. Crack them."
"Open Letter to the Digital Community," available on the Internet at:
1. The private Defendants, relying on a relatively new and unclear statute, have chilled Plaintiffs from engaging in core scientific speech. The private Defendants dared, and specifically invited, the entire Internet world to attempt to crack certain technologies which they were proposing to use to protect digital music from copyright infringement. The individual Plaintiffs, researchers from Princeton University, Rice University and elsewhere took up the challenge as part of their normal scientific research and defeated most of the technologies. They then did exactly what scientific researchers normally do: they wrote a paper discussing their work; they submitted it to a peer-reviewed scientific conference which accepted it for publication; they planned to present the paper at the conference. But then, in a brazen attempt to squelch Plaintiffs’ research, the private Defendants threatened to sue, claiming (among other things) violations of the Digital Millennium Copyright Act (DMCA) – even though they had specifically authorized Plaintiffs to attack their technologies. 2. Unfortunately, the private Defendants successfully accomplished their short-sighted objective. The conference at which the paper was to be presented was thrown into chaos, and the researchers felt compelled to withdraw their paper for fear of having to defend baseless litigation. Their speech was chilled, to their detriment and to the detriment of the scientific community. 3. The individual Plaintiffs (all but one of the original researchers) still desire to present the results of their research, but fear that they will be sued. Plaintiff USENIX Association has accepted their research for its Security Symposium in mid-August, but fears that, because it benefits financially from holding conferences, it may be subject to criminal as well as civil liability under the relevant provision of the DMCA. Plaintiffs are forced to seek a Declaration from this Court that publication and presentation of the paper is lawful, since they have no other reasonable way to assure themselves, in the face of the serious threats made by the private Defendants, that they will not be sued or prosecuted for publishing mainstream and valuable scientific research.
The Declaratory Judgment Act was designed to relieve potential defendants from the Damoclean threat of impending litigation which a harassing adversary might brandish, while initiating suit at his leisure -- or never. The Act permits parties so situated to forestall the accrual of potential damages by suing for a declaratory judgment, once the adverse positions have crystallized and the conflict of interests is real and immediate. Japan Gas Lighter Ass'n v. Ronson Corp., 257 F.Supp. 219, 237 (D.N.J. 1966). THE PARTIES 4. Plaintiff Edward W. Felten is an Associate Professor of Computer Science at Princeton University, and resides in Princeton, New Jersey. 5. Plaintiff Bede Liu is a Professor of Electrical Engineering at Princeton University, and resides in Princeton, New Jersey. 6. Plaintiff Scott A. Craver is a graduate student in the Department of Electrical Engineering at Princeton University, and resides in Princeton, New Jersey. 7. Plaintiff Min Wu recently completed her Ph.D. studies in the Department of Electrical Engineering at Princeton University, and resides in Princeton, New Jersey. She has just been appointed to the faculty at the University of Maryland. 8. Plaintiff Dan S. Wallach is an Assistant Professor in the systems group of the Rice University Department of Computer Science, and resides in Houston, Texas. 9. Plaintiff Ben Swartzlander recently completed his Masters program in the Department of Computer Science at Rice University in Houston, Texas, and currently resides in San Jose, CA. 10. Plaintiff Adam Stubblefield is an undergraduate student majoring in mathematics at Rice University, and resides in Houston, Texas. 11. Plaintiff Richard Drews Dean, Ph.D. is a computer scientist who resides in Cupertino, California. The Plaintiffs referred to in paragraphs 4-11 will sometimes be referred to collectively as the "individual Plaintiffs." 12. Plaintiff USENIX Association (USENIX) is a Delaware non-profit non-stock corporation, with its executive office in Berkeley, California. Since 1975, USENIX has brought together the community of engineers, system administrators, scientists, and technicians working on the cutting edge of the computing world. Its conferences have become the essential meeting grounds for the presentation and discussion of the most advanced information on the developments of all aspects of computing systems. USENIX routinely publishes conference proceedings, including presented papers. Proceedings at least a year old are published for free public access on the USENIX web site. Proceedings less than a year old are accessible online by USENIX members, see http://www.usenix.org/publications/library/proceedings/index.html. Proceedings are also published on paper and sold to conference attendees and the general public. 13. Upon information and belief, Defendant Recording Industry Association of America, Inc. (RIAA) is a New York not-for-profit corporation with a place of business in Washington D.C. It represents entities which manufacture and distribute sound recordings, including the five major labels and many of their subsidiary labels. 14. Upon information and belief, Defendant Secure Digital Music Initiative Foundation (SDMI) is a multi-industry consortium, business form unknown, established to create specifications for the secure delivery of digital music. In September and October 2000, SDMI ran the SDMI Public Challenge, which is at the root of this action. SDMI’s mailing address is SDMI Secretariat, c/o SAIC (Science Applications International Corporation, a Delaware corporation), 10260 Campus Point Drive, San Diego, California, 92121. 15. Upon information and belief, Defendant Verance Corporation (Verance) is a Delaware corporation that maintains its principal place of business in San Diego, California. According to the Verance web site, http://www.verance.com/, it "offers innovative audio watermarking solutions to protect, manage, and monitor your audio and audio visual content ...." At least one of Verance's technologies was among the ones involved in the SDMI Public Challenge. Upon information and belief, that technology was Technology A in the SDMI Public Challenge. The Defendants referred to in paragraphs 13 through 15 will sometimes be referred to collectively as the "private Defendants." 16. Defendant Attorney General John Ashcroft heads the United States Department of Justice, which is the agency of the United States government responsible for enforcement of federal criminal laws, including 17 U.S.C. § 1204, the criminal provision of the DMCA, as well as defending constitutional challenges to federal statutes. Attorney General Ashcroft is sued only in his official capacity. 17. Defendant Doe 1, whose identity is unknown to Plaintiffs, was the proponent of Technology B in the SDMI Public Challenge, as more fully described in paragraph 34, infra. Some of the relief which Plaintiffs seek cannot be fully afforded in the absence of this defendant, and thus this defendant, when identified, should be joined if feasible in accordance with F.R.C.P. 19(a). 18. Defendant Doe 2, whose identity is unknown to Plaintiffs, was the proponent of Technology C in the SDMI Public Challenge, as more fully described in paragraph 34, infra. Some of the relief that Plaintiffs seek cannot be fully afforded in the absence of this defendant, and thus this defendant, when identified, should be joined if feasible in accordance with F.R.C.P. 19(a). 19. Defendant Doe 3, whose identity is unknown to Plaintiffs, was the proponent of Technology D in the SDMI Public Challenge, as more fully described in paragraph 34, infra. Some of the relief that Plaintiffs seek cannot be fully afforded in the absence of this defendant, and thus this defendant, when identified, should be joined if feasible in accordance with F.R.C.P. 19(a). 20. Defendant Doe 4, whose identity is unknown to Plaintiffs, was the proponent of Technology F in the SDMI Public Challenge, as more fully described in paragraph 34, infra. Some of the relief that Plaintiffs seek cannot be fully afforded in the absence of this defendant, and thus this defendant, when identified, should be joined if feasible in accordance with F.R.C.P. 19(a). JURISDICTION AND VENUE 21. This Court has jurisdiction over this action pursuant to 28 U.S.C. § 1331 and 1338(a) because this action arises under the First Amendment to the United States Constitution and under the Digital Millennium Copyright Act, 17 U.S.C. §§ 1201 et seq. This Court also has supplemental jurisdiction of the state law claims pursuant to 28 U.S.C. § 1367. 22. Venue is proper in this Court pursuant to 28 U.S.C. §§ 1391(b) and 1391(e) in that a substantial part of the events giving rise to the claim occurred in this District, and pursuant to § 1391(e) in that half of the individual Plaintiffs reside in this District and the Attorney General is a Defendant. THE FACTS 23, SDMI is "a forum that brings together more than 180 companies and organizations representing information technology, consumer electronics, security technology, the worldwide recording industry, and Internet service providers. SDMI's charter is to develop open technology specifications that protect the playing, storing, and distributing of digital music such that a new market for digital music may emerge." http://www.sdmi.org/ 24. On September 6, 2000, SDMI issued an "Open Letter to the Digital Community," available on the Internet at http://www.sdmi.org/pr/OL_Sept_6_2000.htm. A true and complete copy of the Open Letter, printed from that web page, was filed with the Court as Exhibit A to the Complaint (June 6, 2001) and incorporated herein by this reference. The Open Letter provided in part:
25. The details of what became known as the SDMI Public Challenge, including the technologies offered as part of the challenge, were made available by SDMI on or about September 18, 2000 at the web site http://www.hacksdmi.org (which no longer exists). 26. The home page, or top page, of the hacksdmi.org web site was located at http://www.hacksdmi.org/default.asp. Entitled "Secure Digital Music Initiative Public Challenge," it stated, in part:
27. At the bottom of the home page was a button labeled "Continue". If a viewer clicked on that button, then the viewer would be taken to the next page on the hacksdmi.org web site, which was located at the URL http://www.hacksdmi.org/hacksClickThrough.asp and entitled "Click-Through Agreement for the SDMI Public Challenge" (hereinafter the "Click-Through Agreement"). A true and complete copy of the Click-Through Agreement was filed with the Court as Exhibit B to the Complaint (June 6, 2001) and incorporated herein by this reference. 28. The Click-Through Agreement purported to be a binding legal agreement between SDMI on the one hand, and those who chose to participate in the Public Challenge, on the other. Additionally, it gave an overview of how the Public Challenge was to work. The first paragraph stated that the Public Challenge was "open to everyone ..." with limited exceptions not applicable to any of the Plaintiffs. 29. Digital music file formats such as the MP3 format compress files so that they take up less space on storage media like a computer hard disk and can be transmitted more quickly on the Internet without overly degrading sound quality. The second paragraph of the Click-Through Agreement provided that four different digital watermark technologies were included in the Public Challenge. It said that each was designed to detect compression in a digital music file, though it was not clear to the individual Plaintiffs that the watermarks actually were designed for that purpose. Additionally, two other technologies were included in the Public Challenge, each designed to prevent separation of individual tracks on a CD from the rest of the CD, thus attempting to prevent, for example, a hit single from a CD from being played apart from the original CD. 30. The third and fourth paragraphs of the Click-Through Agreement generally explained how to test the four watermark technologies and the two other technologies. In the case of each watermark, for example, the participant would download from the hacksdmi.org web site a "triplet," or three music samples. The first two would be the same music sample, one with the watermark, one without, while the third would be an unrelated watermarked sample. Using whatever information one could glean from the triplet, as well as other legitimate sources of information, the object was to "determine if the watermark can be removed from the entire sample without significantly reducing the sound quality of the digital music ...." 31. The fifth paragraph described how a challenger would know if his or her attack on one or more of the technologies was successful. Briefly, the challenger would upload the attacked file(s) to the "oracle" at the hacksdmi.org site, which would automatically test the submission and notify the challenger if the attack was successful. If so, then the oracle might ask for additional information concerning how the attack was accomplished, and might give the challenger additional music samples in order to determine if the attack was reproducible. 32. Those who successfully attacked one or more of the Public Challenge technologies were eligible for compensation of up to $10,000 per successful attack, provided they agreed to additional terms. The individual Plaintiffs'' attacks on five of the technologies were successful, but they elected not to seek compensation for their success. Since the provisions of the Click-Through Agreement meaningfully varied depending on whether the successful challenger did or did not seek compensation, we set forth those provisions in full:
Stated simply, successful challengers who received compensation were required to assign all of their intellectual property rights and to agree to confidentiality and other terms. Successful challengers such as Plaintiffs who eschewed compensation were not required to assign any of their rights or make any further agreements with SDMI; and in fact, Plaintiffs did not assign any of their rights or make any further agreements with SDMI. 33. Finally, the Click-Through Agreement provided:
34. Clicking on the "I Agree" button took viewers to the next page on the hacksdmi.org web site, http://www.hacksdmi.org/hackDownload.asp, entitled "Download and Upload the Files." From that page, challengers could, and the individual Plaintiffs did, download each of the four audio watermark technologies that were included in the Public Challenge (technologies A, B, C and F) and the two additional technologies (technologies D and E). From that same page, challengers could, and the individual Plaintiffs did, upload their attacks to the hacksdmi.org oracle. 35. Plaintiffs' attacks on each of the four watermark technologies were successful. Plaintiffs also believe that they successfully attacked one of the two other technologies, technology D. However, the oracle for technology D was defective, and thus did not indicate whether Plaintiffs' attack on that technology succeeded. Plaintiffs did not attack technology E, the other non-watermark technology, because they determined that SDMI did not give them enough information to mount a credible attack. 36. At no time did Plaintiffs attack "content protected by SDMI" outside of the Public Challenge, or attack content encoded with any technology proponent outside of the Public Challenge. 37. Having successfully attacked five of the six Public Challenge technologies, the individual Plaintiffs, who had not assigned any of their rights to SDMI and had not entered into any other agreements with SDMI, chose to write a paper describing their research and their attacks, to submit the paper to a peer-reviewed scientific conference, and if accepted, to publish the paper in the proceedings of the conference. Plaintiffs selected the Fourth International Information Hiding Workshop ("IHW"), to be held in Pittsburgh on April 25-27, 2001, and proceeded to write their paper, entitled "Reading Between the Lines: Lessons from the SDMI Challenge" (hereinafter simply the "SDMI Paper"). The SDMI Paper was submitted to IHW in late November or December, 2000. 38. After the SDMI Paper went through the peer review process, the Plaintiffs were notified in February 2001 that it had been accepted for presentation at IHW, on April 26. As is customary, the reviews were anonymous, but as is also customary, the authors were provided with the anonymous reviews, which they could, and did, use to improve the SDMI Paper. The revised paper was submitted to IHW in late March 2001 for inclusion in the IHW proceedings. 39. On November 1, 2000, Professor Felten received an e-mail from Joseph M. Winograd, the Executive Vice President and Chief Technology Officer of Defendant Verance. He stated that Verance was the proponent of one of the watermark technologies in the Public Challenge (which Plaintiffs believe is technology A), and that he wished to speak by phone with Professor Felten about the subject. Professor Felten was out of the country at a computer security conference at the time, but after he returned to New Jersey, he and Dr. Winograd spoke cordially about the subject on November 9, 2000. On a few occasions between then and mid-December, Dr. Winograd made inquiries about the paper, but because it still was in the early draft stage, Professor Felten did not feel comfortable giving a draft to Dr. Winograd at that time. 40. On March 30, 2001, apparently having learned that the SDMI Paper had been accepted by IHW, Dr. Winograd e-mailed Professor Felten requesting a pre-publication copy of the SDMI Paper. (As with all e-mails from Dr. Winograd to Professor Felten, the e-mail was addressed to Professor Felten's Princeton University e-mail address in New Jersey.) Though under no obligation to provide Dr. Winograd with such a copy, on March 31 Professor Felten e-mailed an electronic copy of the SDMI Paper to Dr. Winograd. In the e-mail, Professor Felten specifically stated "Please do not circulate this outside of Verance." 41. On April 6, 2001, Dr, Winograd sent an e-mail back to Professor Felten. He stated that he had not circulated the SDMI Paper outside of Verance, but that he took "... the precautionary step of alerting the SDMI Foundation, our commercial partner the 4C Entity, and our recording company licensees about the pending conference and provided each with a brief general description of your paper's contents." Among other things, Dr. Winograd wrote:
42. Only three days later, and without Professor Felten having received anything specific from Dr. Winograd about how his concerns might be addressed, Professor Felten received a letter at Princeton dated April 9, 2001 from Matthew Oppenheim, Esq. The pre-printed letterhead is that of Defendant RIAA, and identifies Oppenheim as the Senior Vice President, Business and Legal Affairs, of RIAA. The letter's signature block additionally identifies Oppenheim as the Secretary of Defendant SDMI. The letter shows copies to Dr. Ira S. Moskowitz of the Naval Research Laboratory, who was the Program Chair of IHW; Cpt. Douglas H. Rau, USN, Commanding Officer, National Research Laboratory; Mr. Howard Ende, General Counsel of Princeton; and Mr. David Dobkin, Computer Science Department Head of Princeton. A true and complete copy of the letter was filed with the Court as Exhibit C to the Complaint (June 6, 2001) and incorporated herein by this reference. 43. Acting as the agent for Verance and possibly others, Oppenheim wrote, among other things:
44. Chaos quickly ensued. Though Professor Felten was the only author of the SDMI Paper to whom Oppenheim sent the letter directly, it affected all of the authors, and copies quickly were circulated among them. Plaintiffs had no idea of what to make of Oppenheim's threats, their research being standard scientific fare. In the meantime, the IHW organizers were equally confused, and did not know how to proceed. 45. Shortly thereafter, talks began between various combinations of Professor Felten, attorneys for Princeton, Rice, Xerox and Dr. Dean on the one hand, and Oppenheim, Dr. Winograd, David Liebowitz (Chairman of the Board of Verance, and former Executive Vice President and General Counsel of Defendant RIAA) and a team of outside attorneys for Verance, on the other. Oppenheim's role in those talks was limited. Verance was left to determine, from the private Defendants' side, whether an acceptable solution could be reached. 46. On April 16, Dr. Winograd e-mailed Professor Felten, stating that he believed that, "with some minor modifications," the SDMI Paper could meet Verance's desires while still maintaining academic integrity. But only a day later, on April 17, Dr, Winograd e-mailed to Professor Felten a document entitled "Recommendations on 'Reading Between the Lines: Lessons from the SDMI Challenge." Dr. Winograd's "recommendations" consisted of 25 separate requests for changes in the SDMI Paper (some of which were compound), and included removal of several text sections and entire diagrams. Indeed, though only one Verance watermark (technology A) was apparently included among the five technologies which Plaintiffs successfully hacked, more than half of Dr. Winograd's recommendations were addressed to the attacks on watermarks of presumed competitors of Verance, technologies B, C and F, as well as to the other non-watermark technology, technology D. At no time did Dr. Winograd or any other representative of the private Defendants indicate that any technology other than watermark technology A was a technology propounded by Verance. 47. Though talks continued, both on a group basis and one-on-one between Professor Felten and Dr. Winograd, right up until the day before the SDMI Paper was to have been presented at IHW, at no time did Dr. Winograd or any other representative of the private Defendants indicate that Dr. Winograd's recommendations, including those involving technologies in which Verance had no direct interest, were offered on anything other than a take it or leave it basis. Had Plaintiffs accepted Dr. Winograd's recommendations, the resultant paper would have been rejected by any respectable scientific conference. 48. During the same time period, it was clear that IHW was not of one mind regarding how to proceed. On April 19, Dr. Ira Moskowitz, the Program Chair of IHW, sent an e-mail saying that the SDMI Paper could not be presented at IHW without a written agreement by all concerned parties. That e-mail, which imposed a deadline of April 23, was sent not only to each of the individual Plaintiffs, but also to Oppenheim and Bruce Block of RIAA, but not to anyone from Verance. Also on or about April 19, Dr. Moskowitz phoned Professor Felten, expressing concerns that he and IHW would get embroiled in litigation. However, on April 24, only two days before the SDMI Paper was to be presented, and the day after the deadline which Dr. Moskowitz had set, Ross Anderson, a member of the IHW Program Committee, sent an e-mail saying that the Committee had met that morning, and that the presentation of the paper could proceed. 49. However, there was never any indication from Oppenheim, SDMI, RIAA, Verance or any of their representatives that Oppenheim's threat of suit was anything other than one to be taken with great seriousness. The pressure on all of the authors to withdraw the SDMI Paper from IHW increased, and the pressure was particularly intense on Professor Felten, the only one of the authors who was in regular, direct communication with the private Defendants or their representatives. Finally, the authors decided that the threat of litigation against them, the IHW organizers and their employers was all too credible. With great reluctance the decision was made to withdraw the SDMI Paper from IHW, for no reason other than the fear of having to defend a lawsuit. The private Defendants set out to chill the researchers’ scientific speech, and they succeeded. 50. After the SDMI paper was withdrawn, Defendant RIAA issued a press release claiming that they had not intended to sue the researchers. This came as a surprise to the researchers, who had been led to believe that they and the others involved would be sued if the paper was presented. Neither RIAA nor SDMI nor Verance ever informed the researchers directly that they had changed their position and now did not intend to sue if the paper was published. 51. The authors still desire to publish their research, and in that regard, the SDMI Paper has been accepted for publication and presentation at the 10th USENIX Security Symposium, to be held in Washington, D.C. on August 13-17, 2001. However, Plaintiffs, including USENIX, cannot be certain that the cycle will not repeat itself, that the private Defendants will not once again threaten to sue, or simply go forward with an action, or that the Doe Defendants will not make their presence felt. Further, as an entity which stands to gain commercially from the publication of the SDMI Paper, USENIX is concerned about potential criminal liability under 17 U.S.C. § 1204 if the SDMI Paper should be found to violate the DMCA. Thus, Plaintiffs are forced to bring this Declaratory Judgment action as their only reasonable method of publishing the SDMI Paper without fear of civil or criminal liability. 52. The SDMI paper Plaintiffs wish to present at the USENIX Security Conference was filed under seal with the Court as Exhibit D to the Complaint (June 6, 2001) and is incorporated herein by this reference. 53. Two additional papers have been written about the work of the individual Plaintiffs during the SDMI Public Challenge. The first, written primarily by Plaintiff Min Wu, is entitled "Analysis of Attacks on SDMI Audio Watermarks" and was submitted to and accepted for publication at the IEEE Signal Processing Society 26th International Conference on Acoustics, Speech and Signal Processing, which was held in Salt Lake City on May 7-11, 2001 (the "ICASSP Paper"). The ICASSP Paper was both shorter and had a different technical emphasis than the SDMI Paper, and it was submitted and accepted before the researchers received the Oppenheim letter. However, after the decision to pull the SDMI Paper from the IHW, Dr. Wu and her advisor, Plaintiff Bede Liu, became concerned that the ICASSP Paper might also draw fire from the private Defendants. Professor Liu attempted to have it removed from the conference proceedings, but it was too late. As set forth below, Dr. Wu and her co-authors now seek a judicial Declaration that the ICASSP Paper does not violate the law or any rights that Defendants may assert. A true and complete copy of the ICASSP Paper was filed under seal with the Court as Exhibit E to the Complaint (June 6, 2001) and is incorporated herein by this reference. 54. Additionally, in her Doctoral Dissertation, entitled "Multimedia Data Hiding," Dr. Wu included Chapter 10, entitled "Attacks on Unknown Data Hiding Algorithms," which further discussed the work done during the Public Challenge. Until the events leading to the withdrawal of the SDMI Paper from the IHW, Dr. Wu had no reason to believe that Chapter 10 would be found objectionable by anyone, but in the light of those events, Dr. Wu now has a credible fear of being sued if she should publish that chapter. In accordance with standard practice, she has made her dissertation available on the Internet, at http://www.ee.princeton.edu/~minwu/research/phd_thesis.html. However, because she has felt the chill of her scientific speech, she has removed Chapter 10, an act that varies markedly from standard research publication practice. As with the ICASSP Paper, she now seeks a judicial Declaration that Chapter 10 does not violate the law or any rights that Defendants may assert. A true and complete copy of Chapter 10 was filed under seal with the Court as Exhibit F to the Complaint (June 6, 2001) and is incorporated herein by this reference. 55. Several of the Plaintiffs have current projects underway that are subject to the same chilling effects experienced as a result of the claims made by Defendants surrounding the SDMI challenge noted above and the facial reach of the DMCA. 56. Plaintiff Scott Craver is currently working on a portion of his PhD project that could be chilled by the DMCA. He has discovered a better way to detect and characterize certain types of modifications, such as the addition of echoes, to digital music. Mr. Craver's discovery could have significant applications outside the realm of digital music, including geophysics and other disciplines that rely on echo detection. 57. Using this discovery, Mr. Craver is in the process of creating a software program that can more efficiently perform the forensic analysis of music. That is, it can detect digital watermarks as well as other modifications to digital music files better than previous computer programs. The program would be useful to people designing or testing watermarking systems. 58. Mr. Craver believes that his computer program would be a boon to both data hiding research as well as those studying audio compression or other aspects of signal processing. Since it can be used to detect watermarks, however, he is concerned that he will be prevented from publishing or presenting it due to threats from the Defendants and others that it violates the DMCA. 59. As a result of this uncertainty, Mr. Craver is reluctant to follow his normal practice of asking others to join him in working on the project. This will delay completion of the project. Also, the scientific value of the project may be negatively affected if it cannot benefit from the contributions of others. 60. Mr. Craver is concerned that the development, distribution or presentation of his PhD project will be chilled or prevented by the Defendants or others based upon the DMCA. 61. Plaintiff Min Wu's areas of interest involve multimedia technologies. Her new employer, the University of Maryland, hired her to continue her research into multimedia security among other fields. 62. Dr. Wu has been approached by a prestigious publishing house, Kluwer Academic Publishers, with an offer to publish her dissertation as a book. On May 16, 2001, the Kluwer publishing manager sent Dr.Wu a prospectus questionnaire and invited her to suggest reviewers for the peer-review process. Dr. Wu replied that she would be interested, but she put the proposal on hold and explained that she was concerned about liability under DMCA. 63. Dr. Wu received a reply e-mail on June 13, 2001, from the Kluwer publishing manager stating that Kluwer would like to proceed with the process. 64. To publish Dr. Wu's dissertation as a book, some revisions may be required based on the technical peer review and marketing review conducted by the publisher. She may also make additions or revisions in the book manuscript. 65. It is important for faculty members, especially new Ph.D.’s, to be active in publishing and to have peer-reviewed book publications by prestigious publishers. Publication of her thesis as a monograph would enhance Dr. Wu's professional reputation and opportunities for advancement. 66. In addition, to disseminate Dr. Wu's research results would contribute to the enhancement of technical knowledge generally. 67. Despite the benefits that the publication of her dissertation as a book would bring to her and to the scientific community, Dr. Wu has withheld the proposal from Kluwer because she is afraid of prosecution under the DMCA, both on its face and in light of the threats of April 2001. 68. Dr. Wu also plans to continue research on digital multimedia in the areas of (1) multimedia security, (2) multimedia representation and content analysis, and (3) multimedia communication over network and wireless channels, all of which are directly implicated by the DMCA. 69. These areas require the study and discussion of strengths and weaknesses of technological protection measures. Dr. Wu is concerned that her proposals for this future research will be thwarted by threats of litigation under the Digital Millennium Copyright Act. She cannot tell whether she would be allowed to pursue these avenues of study, and does not know how to advise graduate student who intend to undertake research into these areas on the legal implications of their research, which they should be aware of. 70. Plaintiff Daniel Wallach is currently developing two proposals that are likely to be impacted by the DMCA. First, he has planned to finish the work on Technologies D and E (the non-watermark technologies), if and when he is able to study them again. The research team was not able to complete its study because the SDMI oracle was broken. When the technology appears in production, he intends to continue his study to test the theories developed by the team during the SDMI Challenge. 71. In addition, Professor Wallach is developing a proposal to study and publish the results of research into new technologies being marketed as making it more difficult to "rip" consumer audio CDs, that is, to copy the music files from the CD to a personal computer. The goal of the research, as with the SDMI research, is to investigate the strength of the technological protection measures and to write a publishable paper about his findings. 72. Professor Wallach is concerned that both of these projects will be subject to threats and other chilling effects due to the DMCA. 73. Professor Bede Liu is currently continuing his research into watermarks and attacking technologies. His research on watermarks and attacks is supported by one current research grant, two proposals pending final decision by the funding agency. One of the pending proposal is in collaboration with another researcher on studying how a specific watermarking method for digital video can survive intentional attacks. 74. Professor Liu hopes to follow the traditional course of presenting any new research result at conferences and publishing it in the conference proceedings. In addition, his manuscripts will be submitted to archival scholarly journals for publication. He may also present the results at seminars at other academic institutions and industrial research labs. Without clarity about the scope of the DMCA, he is uncertain about whether this research and publication can go forward. 75. The researchers are fearful not only of losing in litigation, but of the cost of litigation and the time such litigation would take away from their research and professional responsibilities. They are also concerned about the damage to their reputations and opportunities for advancement that would result from involvement in litigation over their professional actions, regardless of the outcome of that litigation. 76. In addition to the researcher Plaintiffs, Plaintiff USENIX, just like any other sponsor of scientific conferences, will continue to face uncertainty and chilling effects under the DMCA. USENIX has long published papers in fields that necessarily involve so-called "technical protection measures" and their vulnerabilities. 77. USENIX sponsors 8-10 conferences per year. Of those, at least six have a security component where an issue about the anti-dissemination provisions could arise. Since papers for USENIX Conferences are not reviewed by USENIX until approximately six months prior to a particular conference and are not chosen until after that, USENIX will not know of specific future papers that could cause DMCA difficulties until shortly before they are to be published or presented. This means that in order to avoid potential litigation USENIX will either have to ask Defendants or the other copyright holders and creators of the relevant technologies for permission each time such a paper is presented or seek emergency relief from the courts. 78. USENIX could adopt a policy of steering clear of papers that might subject it to liability under DMCA. If it were forced to do so, its reputation would be irreparably harmed. 79. The threat of DMCA liability is harmful to scientific and technical innovation in the United States. If conferences like those sponsored by USENIX are chilled from publishing papers discussing the merits of technological protection measures, such conferences will probably be held in other countries where the risk of liability is smaller. The movement of forums for scientific discussion overseas will damage scientific discussion in the United States. 80. The problem for scientific conferences reaches individual scientists as well. For example, Professor Felten was appointed to the program committee of the Workshop on Security and Privacy in Digital Rights Management ("DRM Workshop"), which will be held in Philadelphia in November 2001. ("Digital Rights Management" refers to technologies to control access to, or use of, digital works.) As a program committee member he would be partially responsible for the choice of papers to be published at each conference. 81. In addition, Professor Felten was appointed as Publications Chair of the ACM Conference on Computer and Communications Security, which will also be held in Philadelphia in November 2001. His duties as Publications Chair include assembling the authors' papers, having them printed into a bound "Proceedings" document, and distributing the Proceedings at the conference. 82. Both of these conferences cover subject areas that are affected by the DMCA. CCS covers all areas of computer security, and has published papers related to copy-protection mechanisms in the past. The DRM Workshop is specifically about technologies that control access and copying of copyrighted materials --- that is the main topic of the conference. 83. The DRM Workshop's Call for Papers requests the submission of papers on "all theoretical and practical aspects of [Digital Rights Management]", on "experimental studies of fielded systems", and on "threat and vulnerability assessment", among other topics. These topics all involve the evaluation, publication and presentation of information about the vulnerabilities of technological protection measures as defined in the DMCA. 84. Professor Felten is concerned that his involvement in choosing and publishing the papers to be presented at these two conferences will subject him to liability or threats by the Defendants and others under the DMCA 85. The threats against the researchers who volunteered to organize the IHW conference have been discussed widely among computer security researchers. Professor Felten is informed and believes that many other people are worried about the consequences of volunteering to help organize conferences. 86. Conferences such as CCS and the DRM Workshop rely on researchers who work, on a volunteer basis, as program committee members, as Publications Chair, and in other positions. If researchers are unwilling to volunteer for these positions, the conferences cannot be held.
FIRST CAUSE OF ACTION
87. The Plaintiffs reallege and incorporate all of the previous paragraphs as if set forth here in full. 88. The DMCA prohibits a number of activities that interfere with "technological measures" designed to control access and limit the copying of works protected by the Copyright Act, including the dissemination and distribution of technologies that can be used to circumvent technological measures. 89. The DMCA makes it unlawful to "offer to the public . . any technology . . . that . . . is primarily designed or produced for the purpose of circumventing a technological measure that effectively controls access to a [copyrighted] work. . .." 17 U.S.C. § 1201(a)(2). The DMCA also makes it unlawful to disseminate technology that can be used to circumvent "a technological measure that effectively protects a right of a copyright owner . . .in a [copyrighted] work or a portion thereof." 17 U.S.C. § 1201(b). 90. The DMCA also prohibits (1) the intentional removal or alteration of "copyright management information" without the authority of the copyright owner or the law and (2) the distribution of copyright management information that has been removed or altered without the authority of the copyright owner or the law, if the person removing, altering or distributing the information has "reasonable grounds to know, that it will induce, enable, facilitate, or conceal an infringement of any right under [the Copyright Act]." See 17 U.S.C. § 1202(b). "Copyright management information" is defined as information that can identify a copy of a work and which is conveyed along with the copy (including such information as the title and the terms and conditions for use of the work). See 17 U.S.C. § 1202(c). 91. The individual Plaintiffs did not violate the DMCA by submitting the SDMI Paper to the IHW or the USENIX Security Symposium, and no Plaintiff will violate the DMCA by presenting or publishing the SDMI Paper at the USENIX Security Symposium or elsewhere. 92. Plaintiffs Wu, Craver, Liu and Felten did not violate the DMCA by submitting the ICASSP Paper to ICASSP, did not violate the DMCA by presenting the ICASSP Paper and having it published in the conference proceedings and will not violate the DMCA by publishing the ICASSP Paper elsewhere. 93. Plaintiff Min Wu did not violate the DMCA by writing and defending Chapter 10 of her dissertation and will not violate the DMCA by publishing Chapter 10 on her website or elsewhere. 94. The DMCA is not violated by the conduct, publication or presentation of future research projects such as those described above by the Plaintiffs or others related to technological protection measures.
SECOND CAUSE OF ACTION
95. The Plaintiffs reallege and incorporate paragraphs all of the previous paragraphs as if set forth here in full. 96. Any person who violates sections 1201 or 1202 of the DMCA is subject to civil liability under 17 U.S.C. § 1203. Persons who, for financial or commercial interests, willfully violate sections 1201 or 1202 of the DMCA are subject to criminal liability under 17 U.S.C. § 1204. 97. Since USENIX receives revenues from organizing conferences and publishing papers presented at its conferences, it is subject to criminal liability under 17 U.S.C. § 1204 for violations of the DMCA. 98. All of the Plaintiffs fear having to defend against future threats of liability under the DMCA. Most, if not all, of the individual Plaintiffs will continue to work in areas of research that involve digital music and other technologies protected by the DMCA. But they desire to continue their research and publish in this area without fear of liability and currently feel chilled by the DMCA. 99. The primary institutional activity of USENIX is to hold scientific and technical conferences and publish conference proceedings. USENIX has a history of receiving and publishing papers that examine, describe, evaluate and defeat cryptographic and watermarking and other technologies. It expects to receive such papers in the future. Many technologies addressed by these papers can be used as access or copy control measures in copyright management information systems. Some papers, such as the SDMI Paper, may even examine the technologies in a context of technological controls over copyrighted works. Accepting and publishing these papers would therefore subject USENIX, its referees, and the authors of the papers to civil and criminal liability under the DMCA. USENIX desires to publish and present all papers accepted by its referees, including those that raise the specter of liability under the DMCA. 100. Because of the fear of civil and criminal liability, the DMCA has chilled, and will continue to chill, the Plaintiffs and others from engaging in activities protected by the First Amendment. 101. In chilling publication and presentation of scientific speech, the DMCA wreaks havoc in the marketplace of ideas, not only the right to speak, but the right to receive information -- the right to learn. The main mission of USENIX is to organize forums where scientists and researchers learn from each other. By intimidating the individual plaintiffs into withdrawing their paper from the IHW, however, the private Defendants prevented people from learning. If the source of Defendants' power to threaten, the DMCA, is not dispelled, Plaintiffs will not be the only victims. Without full and open access to research in areas potentially covered by the DMCA, scientists and programmers working in those areas cannot exchange ideas and fully develop their own research. As a consequence, the DMCA will harm science. 102. By imposing civil and criminal liability for publishing speech (including computer code) about technologies of access and copy control measures and copyright management information systems, the challenged DMCA are provisions impermissibly restrict freedom of speech and of the press, academic freedom and other rights secured by the First Amendment to the United States Constitution in that, among others, they are overbroad, vague and discriminate as to content. 103. Application of DMCA to speech protected by the First Amendment, including its application to the SDMI Paper and other work by the Plaintiffs related to the SDMI Public Challenge, violates the First Amendment rights of the Plaintiffs and of their readers, of other scientists, programmers and publishers, and of others similarly situated. 104. Unless the Department of Justice is restrained from enforcing the challenged provisions against Plaintiff USENIX and the private and Doe Defendants are enjoined from seeking to impose civil liability on all of the Plaintiffs, the speech of the Plaintiffs and others will continue to be restrained and will continue to cause Plaintiffs and others irreparable harm.
THIRD CAUSE OF ACTION
105. The Plaintiffs reallege and incorporate paragraphs all of the previous paragraphs as if set forth here in full. 106. The individual Plaintiffs did not violate the Click-Through Agreement by submitting the SDMI Paper to the IHW or the USENIX Security Symposium, and no Plaintiff will violate the Click-Through Agreement by presenting or publishing the SDMI Paper at the USENIX Security Symposium or elsewhere. 107. Plaintiffs Wu, Craver, Liu and Felten did not violate the Click-Through Agreement by writing the ICASSP Paper or by submitting it to ICASSP and presenting it and having it published in the ICASSP proceedings, and will not violate the Click-Through Agreement by publishing it elsewhere. 108. Dr. Wu did not violate the Click-Through Agreement by writing and defending Chapter 10 of her dissertation, and will not violate the Click-Through Agreement by publishing it on her website or elsewhere. 109. In the alternative, to the extent the Click-Through Agreement would preclude the Plaintiffs from engaging in any of the actions identified in paragraphs 73 through 75 above, the Click-Through Agreement is invalid and/or unenforceable with respect to the Plaintiffs.
FOURTH CAUSE OF ACTION
110. The Plaintiffs reallege and incorporate all of the previous paragraphs as if set forth here in full. 111. Congress may legislate only pursuant to a power specifically enumerated in the Constitution. Neither the text nor the legislative history of the DMCA indicates which power Congress relied on to enact the statute. 112. The DMCA prohibits the distribution of technology without regard for originality, duration of copyright, or infringement of copyright in the underlying, technologically-protected work. It therefore is not a valid exercise of the intellectual property power of the Constitution. 113. The DMCA is not a valid exercise of the necessary and proper power or the commerce power, because it contravenes specific limits on Congress' power under the intellectual property clause. 114. Unless the Department of Justice is restrained from enforcing the challenged provisions and the private and Doe Defendants are enjoined from seeking to impose civil liability, the Plaintiffs and others will continue to be restrained in their abilities to make lawful and constitutionally protected uses of technology and of material that has been subjected to technological protection, and will continue to suffer irreparable harm. 115. Plaintiffs have no adequate remedy at law to resolve all of the disputes raised in this Complaint. PRAYER FOR RELIEF WHEREFORE, Plaintiffs request the following relief: Declaratory Relief (First Cause of Action) A. A declaration that the individual Plaintiffs are not liable under the DMCA for (1) submitting the SDMI Paper to IHW or the USENIX Security Symposium, or for presenting or publishing the SDMI Paper at the USENIX Security Symposium or elsewhere; (2) submitting the ICASSP Paper to the ICASSP conference and presenting or publishing it in the ICASSP proceedings or elsewhere; and (3) publishing or presentations based on Chapter 10 of Dr. Wu's dissertation in electronic form or otherwise. B. A declaration that Plaintiff USENIX is not civilly liable under the DMCA and is not subject to criminal liability for publishing the SDMI Paper or presentations based upon the paper at the USENIX Security Symposium, or elsewhere. C. A declaration that the Plaintiffs are not liable under the DMCA for the presentation or publication of any research resulting from, or related to, the SDMI Public Challenge. D. A declaration that the DMCA is not violated by the publication or presentation by the Plaintiffs or others of future scientific and technical information (including computer code) related to access and copy control measures and copyright management information systems. Declaratory Relief (Second Cause of Action) E. A declaration that the application of the DMCA to the publication or presentation of the SDMI Paper, the ICASSP Paper, Chapter 10 of Dr. Wu's dissertation and/or any scientific, technical or academic research related to the SDMI Public Challenge violates the First Amendment to the United States Constitution. F. A declaration that the DMCA is unconstitutional on its face because it violates the First Amendment to the United States Constitution. G. A declaration that the application of the DMCA to the publication or presentation of scientific, academic or technical speech, including the publication of computer programs, violates the First Amendment to the United States Constitution. Declaratory Relief (Third Cause of Action) H. A declaration that the individual Plaintiffs did not and will not violate the Click-Through Agreement by (1) submitting the SDMI Paper to IHW or the USENIX Security Symposium, or for presenting or publishing the SDMI Paper at the USENIX Security Symposium or elsewhere; and (2) submitting the ICASSP Paper to the ICASSP conference and presenting or publishing it in the ICASSP proceedings or elsewhere; and (3) by Dr. Wu writing, defending and publishing Chapter 10 of her dissertation in electronic form or otherwise. Declaratory Relief (Fourth Cause of Action) I. A declaration that the DMCA is unconstitutional because it is not a valid exercise of any of Congress' enumerated powers. Injunctive Relief J. A preliminary and permanent injunction enjoining the private Defendants, the Doe Defendants and their respective agents, employees, attorneys, successors in office, assistants and all persons acting in concert with them from initiating an action against the Plaintiffs under the DMCA or for violating the Click-Through Agreement, where applicable, for the presentation, publication or discussion of (1) the SDMI Paper, (2) the ICASSP Paper, (3) Dr. Wu's dissertation, (4) any revisions, changes or amendments to any of those documents, and (5) any academic or scientific work by the Plaintiffs, including works in progress or future works. K. A preliminary and permanent injunction enjoining the Department of Justice and its agents, employees, attorneys, successors in office, assistants and all persons and agencies acting in concert with them from enforcing the DMCA against Plaintiff USENIX for violating the DMCA by (1) allowing the individual Plaintiffs to present the SDMI Paper at the USENIX Security Symposium and publishing the SDMI Paper in electronic form or otherwise; or (2) allowing others to resent their work (including computer code) at future USENIX Conferences and publishing their work, in electronic form or otherwise. L. A preliminary and permanent injunction enjoining all of the Defendants from enforcing, or threatening to enforce the DMCA to prevent protected expression under the First Amendment, including scientific, academic or technical papers, presentations and computer programs. M. A permanent injunction enjoining enforcement of the DMCA because it is in excess of Congress' enumerated powers. Other Relief N. For costs and disbursements incurred in this action, including reasonable attorneys' fees, and such other and further relief as the Court deems proper. DATED: JUNE 26, 2001
Grayson Barber (GB 0034)
Gino J. Scarselli
Cindy A. Cohn
Frank L. Corrado (FLC 9895)
James S. Tyre
Joseph P. Liu
Attorneys for Plaintiffs
|
|
|
|
||
|
|
||||||
|
|
Please send any questions or comments to webmaster@eff.org. |
|||||