Declaration of The Association for Computing Machinery (ACM)

in Felten v.RIAA (Aug. 13, 2001)

Grayson Barber (GB 0034)
Grayson Barber, L.L.C.
68 Locust Lane
Princeton, NJ 08540
(609) 921-0391

Frank L. Corrado (FLC 9895)
Rossi, Barry, Corrado & Grassi, P.C.
2700 Pacific Avenue
Wildwood, NJ 08260
(609) 729-1333

(Additional Counsel listed on signature page)
Attorneys for Plaintiffs

IN THE UNITED STATES DISTRICT COURT FOR THE DISTRICT OF NEW JERSEY

I, JOHN R. WHITE, HEREBY DECLARE:

1. I am the Executive Director of the Association for Computing Machinery ("ACM"), a non-profit educational and scientific computing society, whose executive offices are located at 1515 Broadway, New York, New York 10036.  I have held this position since November 15, 1998. The facts stated in this declaration are known to me of my own personal knowledge or. if stated on information or belief, I believe them to be true. If called upon to testify to the matters in this declaration, I could and would competently do so.

2. ACM is a professional society of computer scientists, educators, and other computer professionals. ACM's mission is to advance the open interchange of information concerning computing and related disciplines. In furtherance of that mission, ACM is a leading publisher of scientific information that promotes computer research, innovation, and economic growth through the advancement of computer technology.

3. ACM believes that the application of any law to limit the freedom to publish research on computer technology will impose a cost not only on ACM's members, but also on the academic community, the process of scientific discourse, and society in general.

ACM's Role in Scientific Publication and Presentation

4. Founded in 1947, ACM is the oldest and most respected society for computing professionals in the world. Its 75,000 members are diversified in the field of computer science but unified in the quest for advancing information technology. ACM draws these computer science practitioners, academicians, and students together through a wide variety of professional conferences and scientific publications. Membership is open to anyone with an interest in science or technology who holds a bachelor's degree or equivalent or has two years of full-time employment in information technology.

ACM Publications

5. ACM publishes, distributes, and archives original research from the world's leading researchers, educators, and thinkers in computer and information technologies. It publishes 26 journals and magazines that introduce, explain, and interpret new technological developments in computer science and related fields. Two of ACM's 26 publications— Collected Algorithms (CALGO) and Journal on Educational Resources in Computing (JeRIC)— include refereed computer programs. Several other ACM publications include computer code as either primary references or as auxiliary material.

ACM Conferences

6. ACM (and its Special Interest Groups, as described below) sponsor over 80 professional conferences each year attended by more than 100,000 attendees from around the world. These conferences present pioneering research promoting innovation, technical achievement, and economic growth. For example, ACM will sponsor the Workshop on Security and Privacy in Digital Rights Management in Philadelphia on November 5, 2001. This workshop will be part of the Eighth ACM Conference on Computer and Communications Security.

7. As it does in connection with many of its conferences, ACM plans to publish all of the articles accepted for the workshop as "Proceedings" and distribute them to attendees. The articles published in the Proceedings are prepared by noted scholars, researchers, and experts and are intended for the study of computer science and the advancement of knowledge in the field. The Proceedings often include papers containing computer code.

ACM's Online Digital Library

8. ACM's online Digital Library, introduced in July 1997, is the centerpiece of its information services architecture for the future. The Digital Library is a complete online, electronic archive dating back to 1954 of all the articles published in ACM journals, magazines, and conference proceedings. It currently includes over 80,000 articles authored by leading researchers and scientists in the computing field. The articles in the Digital Library contain computer code, mathematical equations, algorithms, and other means by which scientists communicate technical information. Supported by individual subscriptions and by more than 400 corporate and academic library consortia, over 13 million articles were downloaded from the Library in the last 18 months alone.

ACM Special Interest Groups

9. ACM Special Interest Groups ("SIG") represent 35 distinct areas of information technology and address a wide spectrum of technological interests, including programming languages, graphics, computer-human interaction, human-computer interfaces, mobile communications, and other matters. Each SIG is organized around its specific area of interest and hosts conferences and workshops reflecting the current state-of-the-art in that field. Serving both practitioner- and research-based constituencies, SIGs publish newsletters and other publications and support e-mail forums for the exchange of information As described above, the articles accepted for SIG conferences and workshops are typically published as Proceedings.

10. ACM's Special Interest Group on Security, Audit and Control (SIGSAC) addresses all activities involved in maintaining and protecting computers and computer programs and focus on the architectural foundation of secure systems and the development of computer security standards.

11. ACM's Special Interest Group on Software Engineering (SIGSOFT) was established to improve the ability to engineer software by stimulating interaction among practitioners, researchers, and educators, fostering the professional development of software engineers, and representing software engineers to professional, legal, and political entities. SIGSOFT is concerned with issues of software safety, reliability, dependability and security and it addresses these issues in areas of specification, design, implementation (in computer programs), and testing.  Its publications are the primary outlet for the dissemination of novel ideas to software engineering researchers, educators, and practitioners worldwide.

12. Other ACM SIGs involved in security research and investigation include the Special Interest Group on Management of Data (SIGMOD), the Special Interest Group for Algorithms and Computation Theory (SIGACT), the Special Interest Group for Programming Languages (SIGPLAN), and the Special Interest Group for Operating Systems (SIGOPS).

Application of the DMCA to the Presentation and Publication of Research Would be Harmful to Science

13. Research in analysis (i.e., the evaluation of the strengths and weaknesses of computer systems) is essential to the development of effective security, both for works protected by copyright law and for information in general. Such research can progress only through the open publication and exchange of complete scientific results.

14. ACM is concerned that Sections 1201 to 1204 of the Digital Millennium Copyright Act (hereinafter these Sections will be referred to as the "DMCA") will have a chilling effect on analysis, research, and publication, as the result of litigation itself or of the threat of or concern about potential litigation.

15. ACM is also concerned that application of the DMCA to the presentation and publication of scientific papers could result in the departure from the U.S. of the information security community for conferences and publications. If conference organizers cannot afford to take the risk of publishing papers, such as the papers that ACM expects will be submitted for its November 5 workshop as described below, those conferences may be held in other countries where the risk of liability is lower. Such a result would have a negative impact on this country's leadership in research in that area.

The Upcoming Digital Rights Management Workshop

16. ACM is particularly concerned about the potential implications of the DMCA for its November 5, 2001 Workshop on Security and Privacy in Digital Rights Management (the "DRM Workshop").

17. ACM's description of the workshop states:

"This workshop will consider technical problems faced by rights holders (who seek to protect their intellectual property rights) and end consumers (who seek to protect their privacy and to preserve access they now enjoy in traditional media under existing copyright law).

"Digital Rights Management (DRM) systems are supposed to serve mass markets, in which the participants have conflicting goals and cannot be fully trusted. This adversarial situation introduces interesting new twists on classical problems studied in cryptology and security research, such as key management and access control.

"The workshop seeks submissions from academia and industry presenting novel research on all theoretical and practical aspects of DRM, as well as experimental studies of fielded systems."

18. The DRM Workshop is accepting research papers on a number of topics that are potentially restricted by the DMCA, including access control mechanisms, architectures for Digital Rights Management ("DRM") systems, broadcast encryption, electronic commerce protocols, encryption and authentication for multimedia data, key management in DRM systems, portability of digital rights, privacy and anonymity, privacy-preserving data mining, robust identification of digital content, tamper resistant hardware and consumer devices, threat and vulnerability assessment, and watermarking and fingerprinting for media software.

19. Like many other ACM workshops, ACM plans to publish the papers accepted for the DRM Workshop as Proceedings. ACM is concerned that the publication and presentation of technical papers on many of these topics, especially papers on watermarks, encryption, authentication, access control systems, tamper resistance and threat and vulnerability assessment, could raise problems under the DMCA. We are concerned that ACM, along with its conference and workshop organizers and member authors, will be open to the same threats and run the same risk of legal liability as were Professor Felten, his co-authors and the organizers of the Information Hiding Workshop.

20. ACM is also likely to sponsor other conferences that may be affected by the DMCA. Virtually all conferences that discuss the security of digital information may be subject to threats under the DMCA because such conferences consider the strengths and weaknesses of various technological protection measures that could be applied, or are actually being applied, to protect copyrighted works.

Harm to ACM and Its Members

21. ACM has earned the reputation of choosing strong scientific papers through a peer review process without regard to political or commercial pressure. Its reputation as a leading scientific and technical organization could be substantially damaged within the scientific and technical community if it were to fail to publish a properly submitted and peer-reviewed paper because of commercial pressure or the fear of litigation.

22. Any restriction that the DMCA may impose on the publication of scientific research will keep foreign researchers from attending our conferences in the United States, with the potential loss to ACM of members and of revenue from memberships, conference participation, and publications.

23. Because the DMCA is a new statute and its application to scientific research is unclear, ACM cannot accurately assess the risk involved in presenting and publishing papers on computer security and on technologies used to protect copyrighted digital works. Even if ACM were willing to assume whatever risk were involved in the presentation and publication of such papers, our members may not. We are concerned that some of our members, intentionally or not, may censor their submissions to avoid potential DMCA problems. If that were to happen, the quality of ACM papers and presentations would be hurt and the scientific community as a whole could suffer substantial damage.

The DMCA Poses a Continuing Problem

24. Beyond the possibility of DMCA problems at the November DRM Workshop,

ACM may continue to face potential problems in the future. ACM has long published papers in fields addressing the circumvention of security and technical protection measures. Unbiased, objective research in the field of computer and data security has always included research into the weaknesses as well as strengths of security measures. ACM could adopt a policy of steering clear of papers that could subject it to liability under the DMCA, but that could only be done at the risk of sacrificing its mission and damaging its reputation as a scientific organization.

25.     In sum, as long as Sections 1201 to 1204 of the DMCA could be interpreted to reach scientific and technical publications, ACM and its members are concerned that

they will face a continuing risk of litigation and liability.

I declare under penalty of perjury that the foregoing is true and correct. Executed on August__, 2001 in________________.

______________________________
John R. White

Attorneys for Plaintiffs

Please send any questions or comments to webmaster@eff.org.