Declaration of Andrew W. Appel
in Felten v. RIAA (Aug. 13, 2001)
Grayson Barber (GB 0034)
Frank L. Corrado (FLC 9895)
(Additional Counsel listed on signature page)
IN THE UNITED STATES DISTRICT COURT FOR THE DISTRICT OF NEW JERSEY
I, ANDREW W. APPEL, being of full age, hereby declare and state:
1. I am not a party to this action. Unless otherwise stated, I have personal knowledge of the facts set forth in this Declaration. I make this Declaration in support of Plaintiffs' motion for a preliminary injunction in this matter.
2. I am currently Professor of Computer Science at Princeton University. I earned my PhD in Computer Science at Carnegie Mellon University. I have published two books and more than 50 journal and conference papers on topics in programming languages, compilers, and computer security, and I have taught undergraduate and graduate courses in these and other topics for more than 15 years. My full vita is attached as Exhibit A.
3. Analysis and synthesis: Good engineering research is a combination of analysis and synthesis. Analysis: a researcher examines an existing system, designs an experiment to measure the system, gets quantitative results, analyzes the results to figure out what they can tell us about its performance, and publishes the results. Synthesis: the researcher designs a new system with better performance, and publishes an explanation of the design. In each case, publication is essential to scientific progress. A researcher who does brilliant science but doesn't explain the results might as well spend his time watching soap operas, for all the good he does society.
4. For example, the 1980's saw a revolution in the design of computers. Professors John Hennessy of Stanford University and David Patterson of Berkeley invented a new analysis of computer architectures. Instead of asking, "how beautiful and symmetric are the instructions" they measured quantitatively "which instructions do computer programs execute most frequently?" The results of this empirical measurement led them to design "Reduced Instruction Set Computers," sparking industry-wide improvements in computer performance that continue to this day. The papers they published -- both the analysis papers and the synthesis papers -- are now classics of computer science.
5. Synthesis without analysis is not great science. Much of the work in computer architecture just before Hennessy and Patterson suffered from this problem: computer engineers did not understand how to best analyze the consequences of their design decisions.
6. Good research in computer security also requires analysis and synthesis. Analysis: "How easy is it to break into this system?" Synthesis: "Let's design a more secure system." Designing computer-security systems without an understanding of how to measure their effectiveness will inevitably lead to weak designs. And a researcher who does brilliant analyses must publish the results, otherwise the work cannot be useful to other scientists.
7. Modes of publication: Academic computer scientists normally publish their work so as to reach as wide an audience as possible. For example, like most computer scientists I typically start by writing a "technical report" and putting it on my web page. Then I condense this down to a 10-12 page paper and send it to a conference. Computer science is unlike most disciplines in that conference publication is the most important venue for publication; a good conference will receive 200 submissions and accept fewer than 30 for presentation and for publication in the printed proceedings. Because of the strict length limits on conference papers, the proceedings version often cites the longer technical report (available from my web page) where the interested reader may find more details. Finally, after the conference, I prepare a longer, revised article for publication in a scientific journal.
8. Often, the research leading to a scientific result requires writing a computer program. In order to make my results most useful to their intended audience, I make the programs available along with the formal scientific paper. In rare cases the program is short enough to be included in the paper itself:
9. But in most cases the computer program is thousands of lines long, and is best examined by its readers not in printed form, but on a computer system. Therefore, in a more typical case I put the software on the Internet separately from the paper. For example:
10. Like most computer scientists, in my own research I rely heavily on computer programs published by other scientists. The Twelf system by Frank Pfenning of Carnegie-Mellon University, the SPIM system by James Larus of University of Wisconsin, the Lambda Prolog system by Dale Miller of Penn State University, the VPO system by Jack Davidson of U. Virginia, the SUIF system by Monica Lam of Stanford, and the Edinburgh ML compiler from the University of Edinburgh, are just some examples of the academic research software that I have relied on in my own work. In each of these cases, the computer programs were distributed on the Internet to accompany scientific papers; I can study the inner workings of the programs to deepen my understanding of the research papers, and I can use the programs as the infrastructure for building my own scientific software.
11. Case studies in computer security research: I have supervised several undergraduate projects in security analysis and reverse engineering of existing systems. Peter Ullman built tools for reverse engineering object-code programs, with the goal of automatically protecting host computers from viruses; Mr. Ullman is now a patent attorney. Andrew Myers defeated the authentication protocol of a networked computer game and implemented an automated player client, in the process learning about the limits to "trusted systems"; Mr. Myers is now a graduate student working on computer networking at Carnegie-Mellon University.
12. At Princeton in the autumn of 1995, one of my graduate students came to me and explained that Sun Microsystems was advertising Java as a safe platform to run untrusted programs (applets) in a Web browser, but he and another student had found six different ways to break the security, allowing "rogue applets" that do nasty things to an unsuspecting user. They were preparing a paper describing the weaknesses in Java security.
13. The students' main concern was, "Is this research?" They wanted to know if the paper would be publishable, whether they could build the beginnings of a scientific career on this kind of work.
14. My answer was, "Of course this is research." If everyone in computer security does synthesis work without any analysis of others' systems, no substantial progress can be made. As it turned out, I was right: it was publishable and of great interest to the computer science community and beyond. The two students were Drew Dean and Dan Wallach, both of whom are Plaintiffs in this action. The paper they wrote (joined by Professor Ed Felten, who helped them develop the ideas further), "Java Security: From HotJava to Netscape and Beyond," was accepted for publication in the competitive IEEE Symposium on Security and Privacy, May 1996. This analysis research was followed by good work in synthesis that drew on the results of the analysis: Drew Dean's "The Security of Static Typing with Dynamic Linking" (ACM Conference on Computer and Communications Security, 1997) explained a solution to one of the security problems they found in that 1996 paper; Dan Wallach and Ed Felten's "Understanding Java Stack Inspection" (IEEE Symposium on Security and Privacy, 1998) explains a solution to one of the other problems.
15. The SDMI Challenge: I was not a part of the team of researchers who analyzed the watermarking and other technologies of the "SDMI Challenge," but I did observe behaviors by the scientists/authors that were significantly more inhibited than the computer-science norm in publishing their results:
16. Since April 26, when the researchers withdrew their paper, many members of the Princeton faculty from many departments -- Computer Science, Electrical Engineering, Geosciences, Music, Philosophy, Physics, Sociology -- have expressed to me their outrage at the censorship of scholarly publication and their support for these researchers.
17. At the Princeton University Faculty meeting of April 30, 2001, there was a discussion of the SDMI incident. The meeting was unusually well attended, I believe because this item was on the agenda (even though inserted at the last minute, on April 27). The Faculty voted unanimously for a motion to study how Princeton University can best defend academic freedom against censorship by threats of litigation.
18. Troublesome aspects of the DMCA: The Digital Millennium Copyright Act is particularly troublesome for computer scientists because (a) it's not at all clear what is covered under the term "circumvention device," and (b) technological usage controls (such as cryptography and watermarking) prevent scientists from using automated tools for the scholarly analysis of published works.
19. The DMCA raises a number of questions that affect the work of computer scientists. Will it be true that any discussion of a weakness of a security scheme (that could possibly be used for access or copy control for copyrighted works) will be actionable? Will it be actionable only if the discussion mentions technical details? Or only if the discussion is in writing? Is any explanation of the inner workings of an access or copy-control measure actionable, or only if it uses computer source code to illustrate the point? If computer source code is actionable, is pseudo-code permissible? What about a formal English-language explanation that could be translated into computer source code?
20. Many researchers in computer science, information science, library science, musicology, film studies, and other disciplines design and use sophisticated software tools for the scholarly analysis of published works. In February 2000, Ed Felten and I wrote a paper, "Technological Access Control Interferes with Noninfringing Scholarship," explaining how this kind of research requires fair-use access to (digital) works in unencrypted form. My colleague Peter Ramadge, Professor of Electrical Engineering at Princeton, does research in "video content analysis"; as he testified in Universal City Studios v. Reimerdes (111 F. Supp.2d 294), he has designed software that will analyze camera angles in a digital video of a soccer game or a movie. He has been stymied by DMCA-sanctioned content protection of DVD movies. Although in principle he could negotiate a license from the copyright holder, in practice he has found it difficult to obtain such licenses: scientists at universities are not well equipped to identify the copyright holder, find the actual person from whom to seek licensing rights, and negotiate a license, all for what is really fair use of the material anyway. He explained in his deposition and testimony (Universal City Studios v. Reimerdes) the cumbersome and restrictive arrangements that he and others use with industrial partners.
21. My colleague Perry Cook, Associate Professor of Computer Science and Music, does research in audio analysis: his software can "listen" to a radio broadcast and determine the genre of the radio station (Top 40, Classic Rock, etc.; "Automatic Musical Genre Classification of Audio Signals," by George Tzanetakis, Georg Essl, Perry Cook, submitted to International Symposium on Music Information Retrieval, 2001). If music is subject in the future to DMCAsanctioned technological usage controls, Professor Cook might have to avoid analyzing much of the music on the Internet.
22. The future of computer security research: Although I started this declaration by explaining that good research needs analysis followed by synthesis, in practice many computer scientists find it all too easy to leave out the analysis. After all, analysis requires an understanding of someone else's system, whereas synthesis means designing one's own system. There is always a solipsistic temptation to ignore the world and construct self-contained, artificial, ideal system of no relevance to the real world. In computer science, analytic research is rarer than synthetic research.
23. Now imagine a world in which analytic computer security research -- which in practice often means a concrete demonstration that someone else's security system has specific weaknesses -- is subject to threats of litigation. Not only the speech of any potential researcher will be chilled, but the entire research direction of the field will shift away from analysis. This is fundamentally the problem with the DMCA. The United States would be leaving it to overseas researchers to conduct analytic research.
I declare under penalty of perjury that the foregoing is true and correct and that this Declaration is executed in Princeton, New Jersey on June 15, 2001.
Appendix: Pre-conference availability of papers from authorsŐ web sites.
On June 14, 2001 I visited the Web site of the International Conference on Functional Programming (http://cristal.inria.fr/ICFP2001), whose papers will be formally presented in September 2001. I found the list of accepted papers below. I then used the Google search engine to find as many papers as I could from their authorsŐ web sites. In each case where I found a copy of a paper I have listed the web address. Overall, 12 of the 23 papers have been posted by their authors before the conference.
Attorneys for Plaintiffs
Please send any questions or comments to firstname.lastname@example.org.