See related files: (EFF Archive) (Cryptome Archive) (2600 Archive) (Harvard DVD OpenLaw Project)

Andrew Appel Deposition, in MPAA v. 2600

NY; June 29, 2000

             2                    THE VIDEOGRAPHER:  My name is
             3    Robert McDonald, member of the National Legal
             4    Video Association for New York Reporting.
             5    Today is June 29, 2000 and on the record at
             6    approximate 10:30 a.m., in the matter of
             7    Universal Studios, et al versus Reimerdes et
             8    al.  The witness today is Andrew Appel and we
             9    are at the offices of Proskauer Rose, 1585
            10    Broadway, New York, New York.  Will counsel
            11    please introduce themselve for the record.
            12                    MR. HART:  I'm Bill Hart from
            13    Proskauer Rose for the plaintiffs.
            14                    MR. HERNSTADT:  Edward
            15    Hernstadt from Frankfurt, Garbus, Klein & Selz
            16    for the defendants.
            17                    THE VIDEOGRAPHER:  Will the
            18    court reporter please swear in --
            19                    MR. HERNSTADT:  We also have
            20    David Atlas from Frankfurt Garbus and Martin
            21    Garbus from Frankfurt  also for the defendants.
            22                    THE VIDEOGRAPHER:  Will the
            23    court reporter please swear in the witness?
            24            A N D R E W   W.   A P P E L ,
            25    after having been duly sworn by a Notary Public

             2    of the State of New York, was examined and
             3    testified as follows:
             4                    THE WITNESS:  Yes.
             5                    THE VIDEOGRAPHER:  You may
             6    proceed.
             7                     EXAMINATION
             8    BY MR. HART:
             9         Q.     Good morning.  Mr. Appel or
            10    Dr. Appel?
            11         A.     Either one.
            12         Q.     Thank you.
            13                Have you ever been deposed before,
            14    sir?
            15         A.     No.
            16         Q.     You've been asked to testify here
            17    today you because it's our understanding that
            18    you are going to be appearing as an expert
            19    witness on behalf of the defendants at the
            20    trial of this case.  Is that your
            21    understanding?
            22         A.     Yes.
            23         Q.     May I have your home address for
            24    the record, please?
            25         A.     43 Philip Drive, Princeton, New

             2    Jersey.
             3         Q.     Are you employed?
             4         A.     Yes.
             5         Q.     By whom?
             6         A.     Princeton University.
             7         Q.     Okay.
             8                And what is your job function or
             9    title?
            10         A.     I'm a professor of computer
            11    science.
            12         Q.     How long have you been at
            13    Princeton?
            14         A.     14 and a half years.
            15                    MR. HART:  Okay.  I'm going to
            16    mark Plaintiff's 1.
            17                    MR. HERNSTADT:  Bill, while
            18    we're marking this, let me clarify what I told
            19    I think Chuck and you, which is that Professor
            20    Appel is going to sort of function as mixed
            21    expert and fact witness.  Some of the things he
            22    is testifying about are fact; some of the
            23    things he is testifying about are as an expert.
            24                    MR. HART:  Could you mark
            25    Mr. Appel's declaration as Exhibit

             2    1, please?
             3                    (Thereupon, the Declaration of
             4                Andrew W. Appel was marked as
             5                Exhibit 1 for identification as
             6                of today's date)
             7                    MR. GARBUS:  Bill, I assume you
             8    know that if for any reason Mr. Appel is
             9    unavailable for the purpose of testimony, then
            10    it is our plan to introduce this deposition in
            11    lieu of his testimony.
            12                    MR. HART:  That's not my
            13    understanding, and indeed in my discussion with
            14    Mr. Hernstadt last night I asked him whether it
            15    was his understanding that the witnesses he was
            16    producing for these depositions were being
            17    produced precisely because they were appearing
            18    as trial witnesses.  He said he would give me
            19    notice if they weren't and purported to hand me
            20    a notice five minutes ago in here by which the
            21    defendants are saying they are going to take
            22    Andrew Appel.  And frankly, I object to it, but
            23    frankly I would like to proceed with my
            24    deposition right now and not get into arguments
            25    over this issue.

             2                    MR. HERNSTADT:  That's fine.
             3    However, I just have to say for the record that
             4    I told you last night that we weren't sure that
             5    everyone was going to appear at trial, and that
             6    anybody who wasn't going to appear at trial, we
             7    would give you a notice of deposition and we'd
             8    take their deposition, too.  And then told you
             9    this morning that Professor Appel is away the
            10    first week of the trial and it wasn't clear he
            11    was going to be able to appear.  So pursuant to
            12    our conversation last night I've given you
            13    notice of deposition.
            14                    MR. HART:  Five minutes ago as
            15    this deposition began, correct?
            16                    MR. HERNSTADT:  That's correct.
            17                    MR. HART:  Okay.  Thank you.
            18    Let's proceed, now.
            19         Q.     Mr. Appel, I'm going to have the
            20    reporter show you what I've just marked as
            21    Exhibit 1 and ask you to identify that.  If you
            22    need to look through all the pages, you may.
            23         A.     Yes, this is a declaration that I
            24    signed in April.
            25         Q.     Okay.

             2                And your curriculum vitae is
             3    attached to this declaration, Exhibit 1, is it
             4    not?
             5         A.     Yes.
             6         Q.     Is that C.V. accurate and
             7    up-to-date in all respects?
             8         A.     As of the time it was printed.
             9         Q.     Are there any other things that you
            10    can now add to this C.V. that are not reflected
            11    in it?
            12         A.     Let's see.  The paper entitled
            13    "Technological Access Control Interferes with
            14    Noninfringing Scholarship" on a current version
            15    of my C.V. would be listed as to appear in
            16    communications of the ACM.
            17         Q.     I'm sorry.  The last part was to
            18    appear in communications --
            19         A.     To appear in the journal entitled
            20    --
            21         Q.     Excuse me.
            22         A.     To appear in communications of the
            23    ACM.
            24         Q.     Okay.
            25                And what is the ACM?

             2         A.     The ACM is the Association for
             3    Computing Machinery.  It's the scholarly and
             4    industry society for computer science and --
             5         Q.     I'm sorry.
             6         A.     And computing.
             7         Q.     Are you done?
             8         A.     Yes.
             9         Q.     I will try, and I certainly don't
            10    mean to interrupt you, and if -- let me have a
            11    chance to complete the question, too.  And
            12    that's by no means a criticism.  Sometimes the
            13    record gets cluttered.
            14                So are you taking that the only
            15    update to your C.V. as we sit here today is
            16    that your article, "Technological Access
            17    Control Interferes with Noninfringing
            18    Scholarship," is going to be published in the
            19    ACM journal?
            20         A.     Right.
            21         Q.     Okay.
            22                Anything else?
            23         A.     No.
            24         Q.     Okay.
            25                And am I correct that the article

             2    we just referred to is also attached as an
             3    exhibit to your declaration?
             4         A.     Yes.
             5         Q.     Have there been any changes in that
             6    article from the version we see here as an
             7    attachment to your declaration, Exhibit 1?
             8         A.     The version that's going to be
             9    published contains an additional sidebar box of
            10    approximately one page that explains the
            11    circumstances of the copyright office's request
            12    for public comment and sets it in the context
            13    of the -- the MCA.
            14         Q.     Mm-hmm?
            15         A.     And other than that, there are no
            16    changes.
            17         Q.     Do you have a copy of this later
            18    version of the article with you today?
            19         A.     No.  It's available from my
            20    website.
            21         Q.     Thank you.
            22                Does your involvement in this case
            23    call upon any special skills or knowledge?
            24         A.     I think it has to do with my
            25    knowledge of how scholars publish their works,

             2    sometimes in the form of computer programs, and
             3    in how the -- certain certain scholarly uses of
             4    published materials may require access to the
             5    unencrypted content of those materials.
             6         Q.     Okay.
             7         A.     And maybe other things, as well.
             8         Q.     Okay.
             9                Are the other things things that
            10    are reflected in your Declaration, Exhibit 1?
            11         A.     I think that other things are just
            12    general technical issues relating to what are
            13    computer programs and how they work.
            14         Q.     Are there any other things that you
            15    bring to bear in connection with this case in
            16    terms of special skills or knowledge?
            17         A.     Not that occurs to me at the
            18    moment.
            19         Q.     Okay.
            20                You said a moment ago, and I don't
            21    want to mischaracterize your testimony, but you
            22    just to cut through this --
            23                    MR. GARBUS:  Mr. Gold.
            24                    MR. HART:  Good morning.
            25         Q.     -- that one of the specialized

             2    areas of knowledge that you have is the
             3    publication of works of scholarship involving
             4    computer programs.  Is that roughly right?
             5         A.     That's right.
             6         Q.     Okay.
             7                What is the basis for your
             8    knowledge and expertise in that area?
             9         A.     I have published works of
            10    scholarship in the form of computer programs.
            11         Q.     As an author?
            12         A.     As an author.
            13         Q.     Okay.
            14                Anything else?
            15         A.     I have used the results of other
            16    scholars who have published their works in the
            17    form of computer programs.
            18         Q.     With permission or without
            19    permission from the other authors?
            20         A.     Sometimes with explicit permission.
            21         Q.     Mm-hmm.
            22         A.     And sometimes they have published
            23    it in a form that implies permission to
            24    retrieve it from their internet site and use
            25    it.

             2         Q.     Is that implied permission
             3    suggested by the very presence of such works on
             4    the internet?
             5                    MR. HERNSTADT:  You're talking
             6    about with respect to these articles?
             7                    MR. HART:  Wait a second.  The
             8    witness has not indicated he has a problem with
             9    the question.  If you have an objection, make
            10    it.
            11                    MR. HERNSTADT:  No.  I have a
            12    problem with the question, okay?
            13                    MR. HART:  Fine.  Object to it.
            14                    MR. HERNSTADT:  Okay, Bill.  I
            15    will.  Objection to the form of the question.
            16                    MR. HART:  Thank you.
            17                    MR. HERNSTADT:  Are you -- what
            18    does the word "that" refer to?  Are you
            19    referring to anything on the internet or are
            20    you referring to specific articles on the
            21    internet?
            22                    MR. HART:  Do you want the
            23    question read back, sir?
            24                    THE WITNESS:  Yes, please.
            25                    MR. HART:  Okay.  Ms. Reporter,

             2    if you would.
             3                    (Record read)
             4         Q.     You can answer the question.
             5         A.     Usually I would say it's the
             6    presence of that material on the internet on a
             7    website where someone is clearly distributing
             8    papers and such things as computer programs.  I
             9    wouldn't say that any appearance on -- anywhere
            10    on the internet would constitute permission.
            11    It has to do with the type of site it's being
            12    distributed from.
            13         Q.     The context in which it's presented
            14    on the internet?
            15         A.     Right.
            16         Q.     And what indicia in your mind would
            17    indicate the situation where you have implied
            18    permission in your words as distinguished from
            19    a situation where you don't in your mind?
            20                    MR. HERNSTADT:  I'm going to
            21    object to the extent that this is calling for a
            22    legal conclusion.
            23                    MR. HART:  Not --
            24                    MR. HERNSTADT:  I understand.
            25    I'm just making the record that he's not a

             2    legal -- he's not a lawyer and I'm instructing
             3    him not to answer in any way that would suggest
             4    that you have an understanding of the law, but
             5    that you're answering as a layperson.
             6                    MR. HART:  I'll stipulate that
             7    every question I ask him is going to be based
             8    on his knowledge and his views and does not
             9    call for a legal conclusion.
            10                    MR. HERNSTADT:  Very good.
            11                    THE WITNESS:  I would say that
            12    in practice almost all of the places where I
            13    download computer programs are from the
            14    websites of scholars both in academia and at
            15    industrial research labs.  Where it's clear
            16    that the programs in question are the results
            17    of scholarships, that have been published for
            18    the purpose of people using them.
            19         Q.     Got you.  Thank you.
            20                I'd like you to turn to your
            21    declaration, Exhibit 1, for a moment.  And I'd
            22    like you to focus on Paragraph 3.  Okay?
            23         A.     All right.
            24         Q.     All right.  And if you want to take
            25    a moment to read that, please do so.

             2         A.     All right.
             3         Q.     Okay.
             4                You say, and I'm referring to the
             5    sentence that begins "this on a basic level."
             6    Do you see that?
             7         A.     Yes.
             8         Q.     Okay.
             9                Is what you're saying here that if
            10    there is something of interest, it should be
            11    put onto the internet so others can have at it?
            12    Is that essentially what the statement means?
            13                    MR. HERNSTADT:  Objection.  It
            14    misstates what's -- what's written here.
            15                    MR. HART:  I'm not asking him
            16    to restate what's written.  I'm asking him for
            17    what -- his understanding of what he wrote and
            18    what he meant.
            19                    MR. HERNSTADT:  If you can
            20    answer the question, go ahead.
            21                    THE WITNESS:  I think what it
            22    means is that ideas can best be evaluated by
            23    exposing them to public view and public
            24    comment.
            25         Q.     Okay.

             2                And does that include ideas
             3    contained in other people's works or material?
             4         A.     Yes.
             5         Q.     Okay.
             6                Does your view of scholarship in
             7    this context mean that you are free to take
             8    other people's works without permission and put
             9    them on the internet in order to further the
            10    purposes described in Paragraph 3 of your
            11    declaration?
            12                    MR. HERNSTADT:  Could you read
            13    back the question, please?
            14                    (Record read)
            15                    MR. HERNSTADT:  Objection.
            16    That question significantly misstates the
            17    testimony.  The witness -- the question
            18    before That was talking about --
            19                    MR. HART:  Stop.  No speeches.
            20                    MR. HERNSTADT:  The question
            21    before that was talking about --
            22                    MR. HART:  No.  Stop.  Please
            23    stop.  I don't want you testifying and coaching
            24    the witness.
            25                    MR. HERNSTADT:  -- ideas.  You

             2    are misleading with that question.   you
             3    misstate the testimony.
             4                    MR. HART:  I'm going to ask the
             5    witness to walk out if you are going to
             6    speechify.  It's improper.   Objection.
             7                    MR. HERNSTADT:  You can do that
             8    if you want.  It's not an improper objection.
             9                    MR. HART:  Okay.  Then make the
            10    objection and --
            11                    MR. HERNSTADT:  Fine.  Then
            12    what I'm going to ask the reporter to do is
            13    could you read back the prior question and
            14    answer and then read back the last question?
            15                    MR. HART:  I'm going to ask the
            16    witness to step out of the room until
            17    Mr. Hernstadt's done filling the record with
            18    his testimony.  Mr. Appel, I'd ask you to
            19    excuse yourself, and I do not want to be
            20    impolite to you and ask you to do that.
            21                    MR. HERNSTADT:  Mr. Hart, I
            22    have just asked the witness --
            23                    MR. HART:  While the witness is
            24    here I don't want you saying anything.
            25                    MR. HERNSTADT:  Bill, you can't

             2    do that.
             3                    MR. HART:  Yes, I can.
             4                    MR. HERNSTADT:  No, you can't
             5    do that.  I've asked the reporter to read back
             6    the prior question and answer and then your
             7    question.  I've made my objection and now we're
             8    pro -- and now we're ready to proceed.  I made
             9    that clear before you made this dramatic little
            10    act here.  We are ready to go on if you are
            11    ready to grow -- to go on.  I made my
            12    objection, I explained my objection.  You know,
            13    I suggest you read the transcript and see
            14    Mr. Cooper's speaking objections all through.
            15                    Now, could you read back the
            16    prior question and answer and then the
            17    follow-up question?
            18                    (Record read)
            19                    MR. HERNSTADT:  Subject to my
            20    objection you can answer the question.  Bill,
            21    you've got to take it easy.
            22                    THE WITNESS:  There is a
            23    difference between taking other people's works
            24    and discussing the ideas that may be inherent
            25    to those works.

             2         Q.     So you're saying that you could
             3    discuss the ideas without actually taking the
             4    works and posting them to the internet, right?
             5                    MR. HERNSTADT:  Objection to
             6    the form of the question.  You can answer that
             7    if you can.
             8                    THE WITNESS:  Discussion of the
             9    ideas in a work can be possible without posting
            10    the work itself.
            11                    MR. HART:  Thank you.  I'd like
            12    to mark the subpoena, please, with
            13    the document request as Exhibit 2.
            14                    (Thereupon, a Subpoena and
            15                Document Request was marked as
            16                Appel Exhibit 2 for identification
            17                as of today's date)
            18         Q.     Mr. Appel, I'm going to just show
            19    you what the reporter just marked as Exhibit 2
            20    and ask you to take a look at that.  And the
            21    question is, have you seen that document
            22    before?  And you can take a moment to peruse it
            23    before you give me an answer your answer.
            24         A.     Yes.
            25         Q.     Okay.

             2                Did you collect any documents in
             3    response to that subpoena and document request
             4    that we've marked Exhibit 2?
             5         A.     Yes.
             6         Q.     When did you do so?
             7         A.     Yesterday.
             8         Q.     Did you have any assistance in
             9    doing so?
            10         A.     No.
            11         Q.     You did it yourself?
            12         A.     Yes.
            13         Q.     Okay.
            14                And how were you guided in looking
            15    for the documents?
            16                    MR. HERNSTADT:  Objection to
            17    the form.
            18                    MR. HART:  Fair enough.  It was
            19    a bad question.  I apologize.
            20         Q.     How do you know what documents to
            21    look for?
            22         A.     The only documents I have with
            23    respect to this case are the declarations and
            24    attachments that I already filed and an E-mail
            25    file of E-mail to and from other people.

             2         Q.     What other people?
             3         A.     I have some E-mail messages that
             4    are before the time the attorneys for the
             5    defendants first contacted me.
             6         Q.     Okay.
             7                And what time was that just to put
             8    it into a context?
             9         A.     That was in mid-April.
            10         Q.     All right.
            11         A.     And -- and I have E-mail after that
            12    time, and I have been advised that the E-mail
            13    from after that time --
            14         Q.     Mm-hmm.  --
            15         A.     -- because of who it is with is
            16    subject to privilege.
            17         Q.     Who is it with?
            18                    MR. HERNSTADT:  Let me be
            19    clear.  It's E-mail with me and I just --
            20                    MR. HART:  I don't want you to
            21    be clear.  I asked the witness a question.  If
            22    you object, object.
            23         Q.     Who is it with?
            24         A.     It's E-mail with the attorneys for
            25    the defense.

             2         Q.     Okay.
             3                Are there any other E-mails that
             4    you have after you were contacted by the
             5    defendants in mid-April with persons other than
             6    the attorneys for the defense?
             7         A.     Yes.
             8         Q.     And have you produced those to us,
             9    sir?
            10         A.     No.
            11         Q.     Why not?
            12         A.     They are generally with other
            13    people who might testify, and -- and I was
            14    advised that I didn't have to produce those.
            15         Q.     I'm sorry.  You were advised by
            16    whom?
            17         A.     By the -- by Mr. Hernstadt.
            18         Q.     And who are these other people that
            19    you said might testify?
            20         A.     Edward Felten, David Touretzky,
            21    Peter Ramadge.
            22         Q.     Peter Remwich?
            23         A.     Ramadge.
            24         Q.     Could you spell that for the
            25    record?

             2         A.     R-a-m-a-d-g-e.
             3         Q.     And where is Peter?
             4         A.     He's a professor of electrical
             5    engineering at Princeton University.
             6         Q.     Okay.
             7                Anybody else?
             8         A.     There may be -- I don't recall.
             9    That -- that -- nothing significant.
            10         Q.     How do you know that?
            11         A.     I guess I scanned through the
            12    E-mail file.
            13         Q.     How big is that E-mail file?
            14         A.     My guess is that it has about 100
            15    messages.
            16         Q.     And this is all post mid-April?
            17         A.     The E-mails from before mid-April I
            18    brought with me.
            19         Q.     Have you turned those over to me?
            20         A.     No, I will do so now.
            21                    MR. HERNSTADT:  No, we did.
            22                    THE WITNESS:  Oh, we did?
            23                    MR. HERNSTADT:  Those are those
            24    right in front of you with AT your left hand.
            25                    MR. HART:  Let's mark this as

             2    Plaintiff's 3.
             3                    (Thereupon, a Group of E-mails
             4                was marked as Exhibit 3 for
             5                identification as of today's date)
             6         Q.     Mr. Appel, the reporter has just
             7    handed you what we've marked as Plaintiff
             8    Exhibit 3.  Is that the entirety of the E-mail
             9    traffic that you referred to a moment ago as
            10    having turned over to me?
            11         A.     Yes.
            12         Q.     And is this all E-mail that's all
            13    post mid-April of 2000 relating to this case?
            14         A.     This is E-mail of March 2000.
            15         Q.     This is -- this is before you were
            16    --
            17         A.     Right.
            18         Q.     -- in contact with defense
            19    attorneys?
            20         A.     That's right.
            21         Q.     Okay.
            22                Are you represented here today by
            23    counsel?
            24         A.     I'm represented by these attorneys
            25    (indicating).

             2         Q.     I see.
             3                    MR. HERNSTADT:  For the
             4    purposes of this deposition.
             5         Q.     I see.  And when did you engage
             6    these attorneys?
             7                    MR. HERNSTADT:  We've --
             8                    MR. HART:  Wait.  Please.
             9                    MR. HERNSTADT:  Objection to
            10    the form of the question.
            11                    MR. HART:  Thank you.
            12                    MR. HERNSTADT:  It assumes
            13    questions not in evidence.
            14         Q.     Fair enough.  You can answer.
            15         A.     We discussed this morning that they
            16    would be representing me for -- for the
            17    purposes of this deposition.
            18         Q.     Oh, okay.  So all those other
            19    E-mails that you had since mid-April concerning
            20    this case, they weren't involving
            21    communications with your lawyer, were they?
            22                    MR. HERNSTADT:  Objection to
            23    the form of the question.  You can answer if
            24    you can.
            25                    THE WITNESS:  Mr. Garbus told

             2    me that --
             3                    MR. HERNSTADT:  Objection.
             4    Don't say what Mr. Garbus told you.
             5                    THE WITNESS:  Okay.
             6         Q.     It's a pretty straightforward
             7    question, Mr. Appel.  I'm not trying to trick
             8    you here.  I just --
             9                    MR. HERNSTADT:  No, I'm
            10    directing him not to tell you what Mr. Garbus
            11    told you.
            12                    MR. HART:  I didn't ask him for
            13    that.  Do you want to read back the qustion?
            14                    MR. HERNSTADT:  You can answer
            15    the question with that.
            16                    MR. HART:  Let's read the
            17    question back.  I think that will help the
            18    witness.
            19                    (Record read)
            20                    THE WITNESS:  That's right.
            21         Q.     Okay.
            22                Now, the E-mails before this
            23    mid-April time when you were first in
            24    communication with defendant's lawyers, have
            25    you produced the entirety of those to us

             2    relative to this case --
             3         A.     Yes.
             4         Q.     -- or to DeCSS or CS'S.
             5         A.     Yes.
             6         Q.     And that's what's in Exhibit 3?
             7         A.     Yes.
             8         Q.     When did you first hear of DeCSS?
             9         A.     It may have been in a phone
            10    conversation with David Touretzky.
            11         Q.     Mm-hmm.
            12         A.     -- shortly prior to the first
            13    E-mail that I've give you which is dated March
            14    13 or it may ave been earlier.  I can't recall.
            15         Q.     The E-mail that you referred to
            16    from Mr. Touretzky or Dr. Touretzky is
            17    reflected to the first page of Exhibit 3?
            18         A.     I got a phone call from David
            19    Touretzky.
            20         Q.     Okay.
            21         A.     And this first E-mail is from me to
            22    Edward Felten discussing the phone call.
            23         Q.     I see.
            24                Now, prior to the phone call from
            25    Dr. Touretzky, had you ever been in

             2    communication with him before?
             3         A.     I met him in 1981 and I have not
             4    had much communication with him since 1985
             5    until March of this year.
             6         Q.     Okay.
             7                And the communications that you had
             8    with him from '81 to 85, what did they concern
             9    generally?
            10         A.     I was a graduate student at
            11    Carnegie-Mellon University where he teaches.
            12         Q.     Got you.
            13                What was the gist of the phone call
            14    from Dr. Touretzky?
            15         A.     He was interested to know whether I
            16    would like to contribute to his website, the
            17    gallery of CSS descramblers, and would I like
            18    to mirror it.
            19         Q.     Mirror Dr. Touretzky's gallery?
            20         A.     That's right.
            21         Q.     Had you, prior to that call, seen
            22    Dr. Touretzky's website?
            23         A.     No.
            24         Q.     What else was said that in phone
            25    call with Dr. Touretzky?

             2         A.     I think that's all.
             3         Q.     Okay.
             4                Did he say anything about what was
             5    on his website in the phone call?
             6         A.     I think he described its contents.
             7         Q.     Can you give me a rough
             8    approximation of that description as he gave it
             9    to you?
            10                    MR. HERNSTADT:  Objection to
            11    the form.  You can answer it if you can.
            12                    THE WITNESS:  He said that the
            13    website was meant to illustrate that it's very
            14    difficult to draw a line between on one hand
            15    commuter program source code, and on the other
            16    hand other description of an algorithm that is
            17    not computer program source code.
            18         Q.     And by other "other description,"
            19    what did you understand that to mean?
            20         A.     Such things as English language
            21    sentences or mathematical notation or other
            22    formal or informal ways of describing computer
            23    algorithms.
            24         Q.     Got you.
            25                And what -- was there anything else

             2    discussed in the phone call with Dr. Touretzky?
             3         A.     I don't think so.
             4         Q.     Okay.
             5                What did you do after that phone
             6    call relative to this case or that
             7    conversation?
             8                    MR. HERNSTADT:  Objection to
             9    the form of the question.
            10                    THE WITNESS:  I discussed with
            11    Ed Felten whether we should mirror the website,
            12    and I made a scientific investigation of what I
            13    might contribute to it.
            14         Q.     Okay.
            15                And what did that investigation
            16    involve?
            17         A.     I had a particular scientific idea
            18    that would illustrate the difficulty of
            19    distinguishing between English language
            20    description of a computer algorithm and
            21    computer source code, and I investigated the
            22    feasibility of concretely demonstrating that
            23    idea by means of another computer program.
            24         Q.     Okay.
            25                What other computer program?

             2         A.     It would be a computer program that
             3    would translate between the English language
             4    description of an algorithm and the source code
             5    description.
             6         Q.     Rather than have you repeat it, I'm
             7    just going to have here read it back.  It may
             8    be a function of my deafness and not your --
             9    not your answer.  If you would you.
            10                (Record read)
            11         Q.     For lack of a better word, and
            12    excuse my ignorance, would this be a program
            13    that would function like a compiler-decompiler
            14    to convert the English language version of a
            15    program into some other form of computer
            16    program?
            17                    MR. HERNSTADT:  Objection to
            18    the form of the question.  If -- if you can
            19    answer it, go ahead.
            20                    THE WITNESS:  It would
            21    generally translate the source code description
            22    into an English language description and back.
            23         Q.     I see.
            24                Did you ever actually create that
            25    program?

             2         A.     I found such a program that someone
             3    had created a few years previously.
             4         Q.     Uh-huh.
             5         A.     And I investigated whether it would
             6    be applicable to something like DeCSS.
             7         Q.     Was it?
             8         A.     Not in the form that I found it.
             9         Q.     Why not?
            10         A.     It appears to be tuned a little too
            11    closely to a different situation.
            12         Q.     All right.  Get technical with me
            13    now.
            14         A.     Okay.
            15         Q.     What do you mean, "tuned to a
            16    different situation?"
            17         A.     The author of that program --
            18         Q.     Let's but a name on that program,
            19    please.
            20         A.     I believe it's called --
            21         Q.     I guess the record will reflect
            22    that you're referring to Exhibit 3.
            23         A.     I believe it's called c2txt2c.
            24         Q.     Okay.  All right.
            25         A.     It was original is designed by its

             2    author to translate a computer program called
             3    Blowfish --
             4         Q.     Right.
             5         A.     -- to English prose and back again.
             6         Q.     Okay.  Got you.
             7                And that program c2 whatever that
             8    you just referred to did not work in doing that
             9    with DeCSS when you tried it?
            10         A.     That's right.
            11         Q.     Okay.
            12                Do you know why?
            13         A.     Basically because that program was
            14    a prototype demonstration of that idea.
            15         Q.     I see.
            16         A.     That was not implemented in full
            17    generality.
            18         Q.     Got you.
            19                So did you wind up contributing
            20    anything to Dr. Touretzky's gallery?
            21         A.     No.
            22         Q.     Okay.
            23                Did you have further communications
            24    with Dr. Touretzky after that first phone call
            25    about the subject of contributing something to

             2    his gallery?
             3         A.     Yes.  Those are reflected in the
             4    E-mail that I've given you.
             5         Q.     Were they E-mail communications or
             6    phone calls that are reflected by E-mail
             7    communication?
             8         A.     I believe they were all E-mail
             9    communications.
            10         Q.     Got you.
            11                And would the E-mails that are in
            12    Exhibit 3 reflected the entirety of your
            13    communications with Dr. Touretzky concerning
            14    this case?
            15                    MR. HERNSTADT:  Objection to
            16    form.  As -- it assumes facts -- excuse me.  It
            17    misstates the testimony before.  There is a
            18    phone call prior to that.
            19                    MR. HART:  Understood.
            20         Q.     Taking that into account.
            21         A.     I don't recall if there were any
            22    other phone calls between me and Mr. Touretzky.
            23         Q.     Okay.  Okay.
            24                Did you ever have occasion to look
            25    at Dr. Touretzky's site?

             2         A.     Yes.
             3         Q.     Okay.
             4                Do you recall whether it contained
             5    DeCSS in binary form or as an executable
             6    utility?
             7         A.     I don't recall.
             8                    MR. HERNSTADT:  I'm sorry.
             9    Could you read back the question?
            10    (Record read)
            11         Q.     Do you have any understanding of
            12    when Dr. Touretzky created that site containing
            13    the gallery as we're referring to it?
            14         A.     No.
            15         Q.     Okay.
            16         A.     It must have been before he called
            17    me.
            18         Q.     I understand.
            19                But you don't know whether it was
            20    before or after this lawsuit commenced, do you?
            21                    MR. HERNSTADT:  Objection.
            22    Asked and answered.
            23                    THE WITNESS:  Don't know when.
            24         Q.     Have you ever used DeCSS?
            25         A.     No.

             2         Q.     Now, you said a minute ago that you
             3    were investigating the possibility of running
             4    this c2 -- excuse me -- program that you
             5    mentioned on DeCSS to see if it would work with
             6    DeCSS.  And how did you do you that if you
             7    didn't have DeCSS?
             8                    MR. HERNSTADT:  Objection to
             9    form.  Go ahead and answer if you can.
            10                    THE WITNESS:  I didn't say I
            11    didn't have DeCSS.
            12         Q.     I'm sorry.
            13         A.     I said I didn't use it.
            14         Q.     So is it -- fair enough.  I
            15    understand.
            16                When did you first have DeCSS?
            17         A.     I didn't say I did have DeCSS.
            18         Q.     Okay.  I think you may be smarter
            19    than me and I apologize for that.  I don't want
            20    to, you know, make this drag out.  Let me try
            21    and phrase a question that you can provide a
            22    reasonably intelligent answer to.
            23                    MR. GARBUS:  Bill, how long do
            24    you expect to go today?
            25                    MR. HART:  We are moving along

             2    so, you know, as long as we can move along I --
             3                    MR. GOLD:  Was it really
             4    necessary to interrupt the testimony to ask him
             5    that question?
             6                    MR. HERNSTADT:  Please, Bill, I
             7    won't interrupt you.  Go ahead.
             8         Q.     Okay.
             9                Have you ever had DeCSS in your
            10    possession or control?
            11         A.     I don't remember.  I have certainly
            12    looked at it on the website.
            13         Q.     I see.
            14         A.     And I don't remember whether I
            15    downloaded to it my own machine.
            16         Q.     Okay.
            17                And when you say you looked at it
            18    on a website, what website was it that you
            19    looked at?
            20                    MR. HERNSTADT:  Objection to
            21    form.  You can answer.
            22                    THE WITNESS:  I don't remember.
            23    I noticed it was was available on several
            24    websites, and I looked at it on one of those
            25    websites.  I don't recall specifically which

             2    one.
             3         Q.     Do you remember what time period
             4    this occurred in?  Was this after the call from
             5    Dr. Touretzky?
             6         A.     Yes.
             7         Q.     Okay.  May I?  We only have this
             8    copy.  I have to have copies made.  I apologize
             9    for that.  Thank you.
            10                    MR. HERNSTADT:  You're welcome.
            11         Q.     So I'm just trying to read the
            12    header here.
            13                    MR. HERNSTADT:  Bill, I'm
            14    sorry.  Do you want to take two minutes and
            15    read through them because I wouldn't mind going
            16    --
            17                    MR. HART:  No, no, because I'm
            18    going to ask the witness to help me unless you
            19    need to go the bathroom.
            20                    MR. HART:  Off the record.
            21    Marty can continue to move things along because
            22    he so desires to move them along.
            23                    MR. GARBUS:  Just let him go to
            24    the bathroom.
            25                    MR. HART:  I guess we are.

             2                    THE VIDEOGRAPHER:  The time now
             3    is 11:10 a.m.  We are going off the record.
             4                    (Informal discussion held off
             5                the record)
             6                    THE VIDEOGRAPHER:  The time now
             7    is 11:16 a.m.  We are back on the record.
             8         Q.     Okay.  Mr. Appel.  We were talking
             9    about your first familiarity with DeCSS, and I
            10    believe you had said that you had seen it on a
            11    website but you couldn't remember which site;
            12    is that correct?
            13         A.     That's correct.
            14                    MR. HERNSTADT:  Objection.  I
            15    think that misstates the testimony, but to
            16    ahead.
            17                    MR. HART:  I'm sure it does,
            18    and it wasn't my intention to do so and I
            19    apologize profusely.
            20                    MR. HERNSTADT:  I'm just making
            21    the record.
            22         Q.     But to move this along, could you
            23    look at the headers on this Exhibit 3 pack of
            24    E-mail and place for me in time when you first
            25    that had that conversation with Dave Touretzky?

             2         A.     The first E-mail is dated March 13
             3    and I believe that it was the same day that --
             4    that David called me.
             5         Q.     And was David at -- Touretzky at
             6    that time in the process of assembling his
             7    gallery, to your knowledge?
             8         A.     Yes, but I believe he had already
             9    assembled the bulk of it.
            10         Q.     When did you look at his website
            11    for the first time?
            12         A.     I believe also on March 13.
            13         Q.     Got you.
            14                But you don't remember if it
            15    contained any executable DeCSS on it?
            16         A.     That's right.
            17                    MR. HERNSTADT:  Object to the
            18    form.
            19         Q.     Do you recall how you found the
            20    website that you used to look at DeCSS for the
            21    first time?
            22         A.     Yes.
            23         Q.     How?
            24         A.     I believe I went to a search engine
            25    and I typed in DeCSS, and I examined the

             2    listings until I found one containing the
             3    source code.
             4         Q.     When you say you examined the
             5    listings, does that mean that you actually
             6    clicked on some of the entries brought up by
             7    the search engine to view what was there?
             8         A.     Yes.
             9         Q.     Okay.  And --
            10                    MR. HART:  I'd like you to read
            11    two answers back, please.
            12                (Record read)
            13         Q.     Is it your testimony that there
            14    were listings brought up by the search engine
            15    that you examined that did not contain DeCSS
            16    source code?
            17                    MR. HERNSTADT:  Objection to
            18    the form of the question.
            19                    THE WITNESS:  Yes.
            20         Q.     Okay.
            21                Did those listings contain DeCSS in
            22    object or binary executable form?
            23                    MR. HERNSTADT:  Objection to
            24    the form of the question.  Compound.  But go
            25    ahead and answer if you can.

             2                    THE WITNESS:  I don't recall.
             3         Q.     Do you remember how many listings
             4    you went through as a result of that search
             5    engine search until you found one that had
             6    source code?
             7         A.     My guess is approximately 10.
             8         Q.     10.  Okay.
             9                Do you recall if any of the
            10    listings on the search engine that you looked
            11    at before you got to the one containing source
            12    code had DeCSS in object or binary or
            13    executable form?
            14                    MR. HERNSTADT:  Objection to
            15    the form.  You can answer.
            16                    THE WITNESS:  I don't recall.
            17         Q.     Did you download DeCSS at that time
            18    after you found it through the search engine
            19    search?
            20         A.     As I've already said, I know I
            21    viewed it on the screen and I don't recall
            22    whether I downloaded it.
            23         Q.     And the version that you viewed as
            24    you've said is -- was source code, correct?
            25         A.     Yes.

             2         Q.     Okay.
             3                What language was that written in?
             4         A.     In C.
             5         Q.     And is C intelligible to you just
             6    looking at it?
             7         A.     Yes.
             8         Q.     Is there any value in your
             9    professional opinion to looking at object or
            10    binary or source code?
            11         A.     Yes.
            12         Q.     Okay.
            13                Can you read object code?
            14         A.     With difficulty.
            15         Q.     Okay.
            16                Do you consider yourself specially
            17    skilled in that regard?
            18                    MR. HERNSTADT:  Object to the
            19    form of the question.  It's vague.  If you can
            20    answer that.
            21                    THE WITNESS:  I guess I -- I
            22    guess I don't know what you mean.
            23         Q.     Okay.  I'm just looking for the
            24    truth here.  Is -- just to get our terminology
            25    straight, is there any difference from your

             2    standpoint between object code and a binary
             3    executable?
             4         A.     No.
             5         Q.     Okay.
             6                Is object code normally
             7    intelligible to human beings?
             8         A.     With difficulty, yes.
             9         Q.     Okay.
            10                And what difficulty is that, sir?
            11         A.     It's a notation for writing
            12    computer programs that is more suited to
            13    execution by machine than it is suited for
            14    reading by humans.
            15         Q.     And from your professional
            16    standpoint, is it much easier to read source
            17    code than object code?
            18         A.     Yes.
            19         Q.     Okay.
            20                And in terms of viewing or
            21    analyzing computer code generally, is it much
            22    easier to do so in source code form rather in
            23    than in object code form?
            24                    MR. HERNSTADT:  Object to the
            25    form of the question.


             2                    THE WITNESS:  For most
             3    purposes.
             4         Q.     And what purposes would object code
             5    have value in?
             6                    MR. HERNSTADT:  Object to the
             7    form of the question.  You can answer it if you
             8    can.
             9                    THE WITNESS:  There are several
            10    purposes.  One is when one doesn't completely
            11    trust correctness of the translation from
            12    source code to object code.
            13         Q.     Mm-hmm.
            14         A.     One is when one wants to analyze in
            15    detail the efficiency of the program.
            16         Q.     Mm-hmm.
            17         A.     It's easier sometimes to do that
            18    with object code than with source code.
            19         Q.     Mm-hmm.
            20         A.     And one is for the purpose of
            21    teaching about computer architecture, that is,
            22    in the introduction to computer science class
            23    at Princeton University we teach students how
            24    you to read and write both source code and
            25    object code.

             2         Q.     I see.
             3                Have you ever had occasion to use
             4    DeCSS object code in teaching at Princeton?
             5                    MR. HERNSTADT:  Objection to
             6    the form of the question.  It assumes facts not
             7    in evidence.  But if you can answer it, go
             8    ahead.
             9                    THE WITNESS:  I have not used
            10    DeCSS object code in teaching at Princeton.
            11         Q.     Have you used DeCSS source code in
            12    teaching at Princeton?
            13                    MR. HERNSTADT:  Objection to
            14    the form of the question.  He's never used
            15    DeCSS.  He said that.
            16                    MR. HART:  Just --
            17                    MR. HERNSTADT:  You can answer
            18    the question if you can.
            19                    THE WITNESS:  No no.
            20         Q.     Now, when you said a minute ago
            21    that there were certain values to having DeCSS
            22    in -- in object code form, is that because
            23    DeCSS and object code form will run on a
            24    computer?
            25                    MR. HERNSTADT:  I'm sorry.

             2    Could you read that question back, please?
             3                (Record read)
             4                    MR. HERNSTADT:  Objection to
             5    the form of the question.  You can answer that
             6    if you know.
             7                    THE WITNESS:  I don't think I
             8    did say specifically that it was useful to have
             9    DeCSS in object code form, but one reason it
            10    can be helpful to have programs, including
            11    DeCSS, in object code form is to analyze the
            12    speed at which they will run on various kinds
            13    of computers.
            14         Q.     Okay.
            15         A.     And another is for the purposes of
            16    running it to observe its behavior.
            17         Q.     Okay.
            18                And both of those answers entail
            19    actually running the program?
            20         A.     The first of those answers may or
            21    may not entail actually running a program.
            22         Q.     And that related to what aspect of
            23    --
            24         A.     To estimating the speed at which
            25    the program would run.

             2         Q.     Okay.
             3                And how do you discern that?
             4                    MR. HERNSTADT:  Objection to
             5    the form.  Go ahead.  If you can.
             6                    THE WITNESS:  Okay.  There is a
             7    part of the field of computer science which is
             8    -- involves estimating the efficiency of
             9    programs even without running them, because one
            10    may want to know how fast it will be to run on
            11    a -- a particularly long running program or on
            12    a large input where there is not actually time
            13    to run it.
            14         Q.     And how does one discern that?
            15         A.     One would examine the sequence of
            16    instructions that will be executed, one could
            17    calculate, let's say, for each frame of the
            18    video the sequence of instructions in the
            19    program would need to be executed, and
            20    calculate how long would it take to do.
            21         Q.     And is that based in any part upon
            22    the size of the program in object code form?
            23                    MR. HERNSTADT:  Object to the
            24    form.  Go ahead.
            25                    THE WITNESS:  In part.  Usually

             2    the size of the program as a whole is not the
             3    most relevant thing.
             4         Q.     And what is?
             5         A.     An analysis of which instructions
             6    in the inner loop of the program will be
             7    executed in the common case.
             8         Q.     But in your examination of DeCSS as
             9    you described it earlier in your testimony you
            10    did not look at object code, correct?
            11         A.     That's right.
            12         Q.     Now, I'd just like to get a sense
            13    on this record of how common it is for people
            14    to be able to read object code.  And can you
            15    give me a sense of that in your professional
            16    opinion?
            17                    MR. HERNSTADT:  Objection to
            18    the form of the question.  If you can answer
            19    it, go ahead.
            20                    THE WITNESS:  I would guess
            21    that most people who have taken approximately
            22    three or four undergraduate courses in computer
            23    science would be able to read object code,
            24    although with difficulty.
            25         Q.     Okay.

             2                And you still have difficulty
             3    reading object code; is that correct?
             4                    MR. HERNSTADT:  Objection to
             5    the form.  It that's quite vague.  If you can
             6    answer that, go ahead.
             7                    THE WITNESS:  Source code is
             8    easier to read than object code.
             9         Q.     Got it.
            10         A.     In general.
            11         Q.     And just so the record's clear in
            12    this place, how long have you been in the
            13    computer area as a specialist combining both
            14    our undergraduate, graduate, postgraduate and
            15    teaching and other work?
            16         A.     Since about 1976.
            17         Q.     Okay.
            18                Do you have a computer in your
            19    office?
            20         A.     Yes.
            21         Q.     Do you have a computer at home?
            22         A.     Yes.
            23         Q.     Do you have internet connection in
            24    your office?
            25         A.     Yes.

             2         Q.     Do you have internet connection in
             3    your home?
             4         A.     Yes.
             5         Q.     Can you tell me in basic terms what
             6    kind of connection you have in your office and
             7    your home respectively?
             8                    MR. HERNSTADT:  Objection to
             9    the form.  Go ahead.
            10                    THE WITNESS:  My office
            11    computer is connected to the internal network
            12    of the department of computer science at
            13    Princeton, which is connected to the internet
            14    by some sort of high speed connection, and I'm
            15    not exactly sure which kind.
            16         Q.     Okay.
            17         A.     And my computer at home is
            18    connected by a DSL line directly to the
            19    internal network of the department of computer
            20    science.
            21         Q.     Can you put the approximate speed
            22    of those network connections into some kind of
            23    context for us, like gigabytes bites or
            24    megabytes per second?
            25                    MR. HERNSTADT:  Objection to

             2    the form.
             3                    THE WITNESS:  I believe that
             4    the effective bandwidth from my home to my
             5    office is about two megabytes per second.
             6         Q.     Okay.
             7         A.     And I don't know what the bandwidth
             8    is from my office to the internet.
             9         Q.     Do you think it's higher or lower
            10    than your your home.
            11         A.     It's higher.
            12         Q.     Do you own a DVD player?
            13         A.     No.
            14         Q.     Ever hear of Napster?
            15         A.     Yes.
            16         Q.     Can you tell me what your
            17    understanding is of Napster?
            18         A.     Napster is --
            19                    MR. HERNSTADT:  I'm going to
            20    object.  This is -- well, go ahead.  This is
            21    certainly beyond --
            22                    MR. HART:  You're right.  Go
            23    ahead.
            24                    MR. HERNSTADT:  This is beyond
            25    the scope of what his expertise is.

             2                    MR. HART:  Of course it is.
             3                    MR. HERNSTADT:  Go ahead.
             4                    MR. HART:  I'm sure it is
             5    irrelevant, too.  But let's go ahead.
             6                    MR. HERNSTADT:  It is
             7    irrelevant.
             8                    MR. HART:  I was being
             9    facetious for the record.
            10                    MR. HERNSTADT:  I wasn't for
            11    the record.  Go ahead.
            12                    THE WITNESS:  Napster is a
            13    directory service and enables its users to
            14    share MP3 files across the internet.
            15         Q.     Do you believe it's technically
            16    feasible to engage in conduct like Napster with
            17    video files?
            18                    MR. HERNSTADT:  Objection to
            19    the form of the question.  Are you asking for
            20    his opinion as an expert or are you asking him
            21    for his reaction as a -- as someone who's had
            22    familiarity in the field?
            23                    MR. HART:  Take it any way you
            24    want to give it.
            25                    MR. HERNSTADT:  Well, it lacks

             2    foundation.  Go ahead.
             3                    THE WITNESS:  It's my
             4    understanding that the video files are too
             5    large to conveniently exchange on the internet.
             6         Q.     Okay.
             7                And what do you base that
             8    understanding on?
             9         A.     I guess reading some of the
            10    documents connected with this case and my own
            11    understanding of the commonly available
            12    internet connection bandwidths and the size of
            13    video files.
            14         Q.     Got you.
            15         A.     Although I wouldn't say I have
            16    special expertise in those areas.
            17         Q.     Got you.  I got you.
            18                Do you have any expertise in
            19    connection with digital video?
            20         A.     Aside from a familiarity with some
            21    of the terminology, I would say no.
            22         Q.     Do you have any expertise or
            23    special knowledge in connection with video
            24    compression schemes?
            25         A.     I have taken a college course in

             2    which video compression was covered, and I have
             3    read articles on the subject and I am familiar
             4    with data compression in other contexts.
             5         Q.     When did you take the college
             6    course?
             7         A.     About 1980.
             8         Q.     Okay.
             9                Are you aware if anything's changed
            10    much since then in the video compression area?
            11                    MR. HERNSTADT:  Objection to
            12    the form of the question.
            13                    THE WITNESS:  I'm sure it has.
            14         Q.     Okay.
            15         A.     My expertise is not specifically in
            16    video compression.  I have read articles from
            17    time-to-time that touch on it.
            18         Q.     Okay.  Got you.  Okay.
            19                Now, just to be clear, and I -- you
            20    know -- you've never used DeCSS to encrypt a
            21    DeCSS encoded movie, right?
            22                    MR. HERNSTADT:  Objection.
            23    Asked and answered.
            24                    THE WITNESS:  That's right.
            25         Q.     Do you know how many university

             2    students in the United States alone have access
             3    to the kind of bandwidth that you were
             4    describing is available to you at your school?
             5                    MR. HERNSTADT:  Objection to
             6    the form of the question.  If -- if you can
             7    possibly answer it, go ahead.
             8                    THE WITNESS:  I don't know.
             9         Q.     Has Napster been a problem at
            10    Princeton, to your knowledge?
            11                    MR. HERNSTADT:  Objection to
            12    the form of the question.  It's vague.
            13                    THE WITNESS:  Not to my
            14    knowledge.
            15         Q.     Are you aware whether Napster has
            16    been banned at any colleges or universities
            17    within the United States?
            18         A.     I believe I have read that some
            19    universities have asked their students not to
            20    use Napster.
            21         Q.     Okay.
            22                Do you know why?
            23         A.     I believe that one of the reasons
            24    is that they were using up too much of the
            25    bandwidth of that college's internet

             2    connection.
             3         Q.     Using up too much bandwidth of the
             4    university's connection in doing what?
             5         A.     In shipping MP3 files back and
             6    forth from the university to the rest of the
             7    internet.
             8         Q.     Have you in your reading or through
             9    any other means of -- to your knowledge, any
            10    understanding as to whether the use of Napster
            11    as you've just described it has had an impact
            12    on record companies or recording artists?
            13                    MR. HERNSTADT:  Objection to
            14    the form of the question.  I object to this
            15    entire line of questioning.  This is not an
            16    area that Professor Appel has stated that he is
            17    familiar -- that he's an expert in.  And I
            18    think his answers prior to this have explained
            19    that his familiarity is fairly limited.  That
            20    said, you can go ahead.
            21                    THE WITNESS:  I believe I may
            22    have read articles about the impact of Napster
            23    on the recording industry, but I don't remember
            24    any specific details.
            25         Q.     Okay.

             2                By "impact," are we talking about
             3    economic impact, lost sales, like that?
             4         A.     I guess, you know, any kinds of
             5    impact.
             6         Q.     Any kinds of impact is -- is your
             7    answer?
             8         A.     I have read articles about the
             9    impact of Napster on the recording industry and
            10    I don't recall what the details tails of those
            11    articles were.
            12                    MR. GOLD:  May I ask the
            13    reporter to mark that last objection of
            14    Mr. Hernstadt's?
            15                    MR. HERNSTADT:  I think you
            16    have to identify yourself for the record.
            17                    MR. GOLD:  My name is Leon for
            18    the record.
            19                    MR. HERNSTADT:  Leon Gold.
            20                    MR. GOLD:  Yes.  But my website
            21    name is Merbl and I come from Mars and I sell
            22    Mounds.
            23                    MR. HART:  Come on, Leo,
            24    please.
            25                    MR. HERNSTADT:  Make sure this

             2    is all on the record.
             3                    MR. GOLD:  It is.
             4                    MR. HART:  And everyone's
             5    smiling.
             6                    MR. GOLD:  Everyone needed a
             7    bit of humor.
             8                    What I'd like to do is make a
             9    -- a index of certain of the objections of
            10    Mr. Hernstadt, and we'll tell you which.  And
            11    the last one is one I'd like to mark and make
            12    an index.  Our contention is going to be that
            13    he's coaching the witness and telling him what
            14    to say.
            15                    MR. HERNSTADT:  That's fine.
            16    I'd like to reiterate my objectionl  Are you
            17    going to continue with this line of
            18    questioning?  We've told you what Professor
            19    Appel is going to be our witness for, okay?
            20    And I object to this entire line of
            21    questioning.  This is clearly irrelevant.
            22                    MR. GOLD:  You said that ones
            23    before.
            24                    MR. HERNSTADT:  Are you going
            25    do continue it for much longer?

             2                    MR. HART:  If we began get away
             3    from lawyers yakking and take to the witness, I
             4    guess we can move off the subject quicker and
             5    that's my goal.
             6                    MR. HERNSTADT:  You let him
             7    talk to you like this, Leo?
             8                    MR. GOLD:  I thought that --
             9                    MR. HART:  With all due
            10    respect, counsel.
            11                    MR. GOLD:  Everything he said
            12    was true.  And the answer is yes.
            13         Q.     Is that impact positive or negative
            14    insofar as you understood it based on your
            15    reading and knowledge?
            16         A.     I don't recall.  I probably read
            17    articles with both points of view.
            18         Q.     Do you have a personal point of
            19    view in terms of the click impact of that the
            20    economic impact of that behavior?
            21                    MR. HERNSTADT:  Objection to
            22    that question.
            23                    THE WITNESS:  I'm not an
            24    economist and --
            25         Q.     Okay.

             2         A.     -- I don't have any particularly
             3    relevant speculations about the economics of
             4    the recording industry.
             5         Q.     Okay.
             6                Just to be clear, is the technology
             7    already in place today to enable so-called file
             8    sharing of feature-length movies, to your
             9    knowledge?
            10                    MR. HERNSTADT:  Object to the
            11    form of the question.  Lacks foundation.
            12    Answer it if you can.
            13                    THE WITNESS:  I believe there
            14    are several file sharing protocols now
            15    available.  And it's plausible that some of
            16    them can accept files of arbitrary size.  And I
            17    don't know whether they would have adequate
            18    performance to practically share multi-gigabyte
            19    files.
            20         Q.     Got you.
            21                When you say you believe there are
            22    file sharing protocols, I believe you used the
            23    word, can you put a name to those?
            24         A.     Such things as Newtela (sic) and
            25    Freenet.

             2         Q.     Freenet.  Any others?
             3         A.     Not whose names I recall.
             4         Q.     How did you learn about those?
             5         A.     By reading in the newspapers.
             6         Q.     Do you recall which newspapers?
             7         A.     Most likely the New York Times.
             8         Q.     Did you ever visit the 2600
             9    website?
            10         A.     Yes.
            11         Q.     When was the first time?
            12         A.     Must have been at some point after
            13    I was first contacted by the defense.
            14         Q.     Okay.
            15                And we've said earlier that was
            16    sometime in mid-April?
            17         A.     That's right.
            18         Q.     Who contacted you?
            19         A.     Mr. Hernstadt.
            20         Q.     Uh-huh.
            21                And what did he say to you?
            22         A.     He asked if I would be willing to
            23    file a declaration --
            24         Q.     Right.
            25         A.     -- in this case.

             2         Q.     And what did you say?
             3         A.     I said I would be willing.
             4         Q.     How did you know about the case?
             5         A.     I knew about the case in general
             6    terms I guess after my phone call with
             7    Mr. Touretzky.
             8         Q.     Okay.
             9                Had you hearsd of 2600 before your
            10    phone call with Dr. Touretzky?
            11         A.     I don't recall.
            12         Q.     In the conversation that you had
            13    with Mr. Hernstadt, and this again for placque
            14    of a better date is mid-April of this year,
            15    correct?
            16         A.     That's right.
            17         Q.     Okay.
            18                Did he say anything more than would
            19    you be willing to file a declaration in the
            20    case?
            21                    MR. HERNSTADT:  Object to the
            22    form of the question.  Go ahead.
            23                    THE WITNESS:  Can you repeat
            24    the question?
            25         Q.     Yes.

             2                In the first phone call with
             3    Mr. Hernstadt, did Mr. Hernstadt say anything
             4    more beyond would you be willing to file a
             5    declaration in this case, sir?
             6                    MR. HERNSTADT:  Objection to
             7    the form of the question.
             8                    THE WITNESS:  I believe the
             9    first communication I had from Mr. Hernstadt
            10    was by E-mail.
            11         Q.     Do you have that E-mail?
            12                    MR. HERNSTADT:  Asked and
            13    answered.
            14                    THE WITNESS:  I have -- I have
            15    that E-mail.
            16         Q.     Did you produce it to us?
            17         A.     No.
            18         Q.     Why not?
            19         A.     I was visioned by Mr. Hernstadt
            20    that I need not produce it.
            21         Q.     And Mr. Hernstadt advised you have
            22    that when, yesterday?
            23         A.     I believe on Saturday.
            24         Q.     Okay.
            25                So your first communication with

             2    Mr. Hernstadt was via E-mail, correct?
             3         A.     That's right.
             4         Q.     And do you recall the gist of that
             5    E-mail?
             6         A.     He asked me if I would be willing
             7    to file a declaration in this case.  That would
             8    -- and I think that was the entire gist of it.
             9         Q.     Really?
            10                And did you respond to
            11    Mr. Hernstadt?
            12         A.     Yes.
            13         Q.     How?
            14         A.     I believe I called him on the
            15    phone.
            16         Q.     Okay.
            17                What did you say to him?
            18         A.     I think I said yes, and I believe
            19    that in that first phone call that we did not
            20    discuss anything much more beyond that I would
            21    file a declaration.
            22         Q.     And at that point what you knew
            23    about the case was limited to what you had
            24    learned from Dr. Touretzky; is that correct?
            25                    MR. HERNSTADT:  Objection to

             2    the question -- form of the question.
             3    Misstates it.
             4                    THE WITNESS:  From what I
             5    learned from David Touretzky and then my
             6    subsequent investigation of what was on the
             7    web.
             8         Q.     Okay.
             9                And when did that subsequent
            10    investigation cleanse?
            11         A.     It would have been in mid March
            12    after I heard from Dr. Touretzky.
            13         Q.     And what did that investigation
            14    consist of?
            15         A.     Finding websites containing DeCSS,
            16    I believe at that time reading Frank
            17    Stephenson's article describing crypt analysis
            18    of CSS, reading some of the court documents
            19    such as the injunction against linking.
            20         Q.     And where did you read that?
            21         A.     I don't recall.
            22         Q.     Anything else?
            23         A.     Not that I specifically recall.
            24         Q.     And this was -- and this again was
            25    in mid-March after your initial communications

             2    with Dr. Touretzky, right?
             3         A.     Yes.
             4         Q.     Okay.
             5                Did Mr. Hernstadt give you any idea
             6    in your initial communications with him about
             7    the timing of this case and when it was going
             8    to trial and like that?
             9         A.     The only timing issues that he
            10    discussed with me were about by when the
            11    declaration had to be filed.
            12         Q.     And what did he tell you in that
            13    regard?
            14         A.     I think the time frame was on the
            15    order of a few days, something under a week,
            16    but I don't recall exactly.
            17         Q.     And can you place a date on when
            18    this conversation with Mr. Hernstadt occurred?
            19         A.     I don't have any documents with me
            20    that would place a date on it, but would guess
            21    that it's April 21st.
            22         Q.     That's a pretyy -- that sounds like
            23    a very precise guess.  Why did you pick April
            24    21st, sir?
            25         A.     Because earlier this week I

             2    reviewed by E-mail file and that date stands
             3    out.
             4         Q.     So these E-mails that we don't have
             5    were also reviewed by you in preparation for
             6    this deposition?
             7                    MR. HERNSTADT:  Objection to
             8    the form of the question.  Misstates the
             9    witness's testimony.
            10         Q.     Is that right?  That right?
            11                    MR. HERNSTADT:  Is that a
            12    question?
            13                    MR. HART:  Yeah.
            14                    THE WITNESS:  I believe I
            15    scanned the headers of them.
            16         Q.     How many communications have you
            17    had with Mr. Hernstadt or anyone at Frankfurt
            18    Garbus law office since your first contact with
            19    them in mid-April of this year?
            20         A.     By E-mail and otherwise?
            21         Q.     Sure.
            22         A.     Quite a few.  I don't remember -- I
            23    don't know the number.
            24         Q.     20, 50, 100?
            25                    MR. HERNSTADT:  Objection to

             2    the form of the question.
             3         Q.     Just give me -- I'm trying to get a
             4    range here.  Obviously I don't expect --
             5         A.     50.
             6         Q.     50?  5-0?
             7         A.     5-0.
             8         Q.     And how many of these
             9    communications -- let me ask you this:  How --
            10    are you in contact exclusively with
            11    Mr. Hernstadt or were there other lawyers at
            12    the Frankfurt Garbus law firm that you have
            13    communicated with?
            14         A.     I've also communicated with
            15    Mr. Martin Garbus.
            16         Q.     Can you tell me how many of those
            17    communications were in E-mail form as opposed
            18    to telephone conversation?
            19         A.     Maybe on the order of 30 E-mails.
            20         Q.     Okay.
            21         A.     And --
            22         Q.     20 telephone calls roughly?
            23         A.     And approximately 20 phone calls.
            24         Q.     Got you.
            25                Did you have any E-mail

             2    communications with Mr. Garbus?
             3         A.     Yes.
             4                    MR. GARBUS:  Bill, I want to
             5    ask you -- I type awfully.  If you get my
             6    E-mails you would barely be able to read them.
             7                    MR. HART:  Thanks.
             8         Q.     Can you give me a rough
             9    approximation of how many of these
            10    communications occurred prior to your filing of
            11    a declaration in this case?
            12         A.     Maybe five.
            13         Q.     Mm-hmm.
            14                And what were the subjects of the
            15    other 45 communications you had with Frankfurt
            16    Garbus subsequent to your filing of a
            17    declaration in this case?
            18                    MR. HERNSTADT:  Objection to
            19    the form of the question.
            20                    THE WITNESS:  They were about
            21    many aspects of the case.  I guess they were to
            22    identify what areas I might best testify about.
            23         Q.     This is after you filed your
            24    declaration?
            25         A.     That's right.

             2         Q.     Best testify at the trial of the
             3    case?
             4         A.     Right.
             5         Q.     And, again, when were you first
             6    told that you might or would testify at the
             7    trial of this case?
             8                    MR. HERNSTADT:  Objection to
             9    the form of the question.
            10         Q.     Approximately.
            11                    MR. HERNSTADT:  Assumes facts
            12    not in evidence.
            13                    THE WITNESS:  I would guess
            14    that it was perhaps a week or two after the
            15    filing of the declaration.
            16         Q.     Okay.
            17                And by the filing of the
            18    declaration, just to be clear we are looking at
            19    -- excuse me -- at Exhibit 1, I believe?  And
            20    if you just take a look at the date of that
            21    last page.
            22         A.     April 27.
            23         Q.     Okay.
            24                And what were you told about when
            25    the case would go to trial at that point?

             2         A.     I was told that it would go to
             3    trial July 17.
             4         Q.     Now, apart from communications with
             5    defense counsel about the case and your
             6    perusing the internet concerning it, is there
             7    any other way you learned about the substance
             8    of this case or what the issues were, like
             9    that?
            10                    MR. HERNSTADT:  Objection to
            11    the form of the question.
            12                    THE WITNESS:  I believe I've
            13    also read about the case in the newspaper.
            14         Q.     Mm-hmm.  Okay.
            15                Now, in perusing the net, did you
            16    have occasion to find DeCSS in the form of an
            17    executable utility?
            18                    MR. HERNSTADT:  Objection.
            19    Asked and answered.
            20                    THE WITNESS:  When I was
            21    perusing the net I was particularly looking for
            22    source code.
            23         Q.     And that was for the reasons you
            24    described earlier in your testimony today?
            25         A.     No.  I believe it was because I

             2    would be more easily able to recognize what it
             3    was by looking at it in source code form.  So
             4    it was just an easier thing --
             5         Q.     Got you.
             6         A.     -- to look at.
             7         Q.     Do you know if Frank Stephenson
             8    posts DeCSS as an executable utility?
             9         A.     I don't know.
            10         Q.     Now, the paper that's attached as
            11    an exhibit to your declaration, why don't we
            12    take a quick look at that for a moment, dated
            13    February 17, 2000, yes?
            14         A.     Yes.
            15         Q.     Was this submitted to the copyright
            16    office in connection with its rule-making
            17    inquiry?
            18         A.     Yes.
            19         Q.     When?
            20         A.     On February 17.
            21         Q.     Was it written for that purpose?
            22         A.     Yes.
            23         Q.     And were you aware at the time you
            24    wrote this piece about this case?
            25         A.     No.

             2         Q.     Now, this was co-authored by
             3    Dr. Felten?
             4         A.     Yes.
             5         Q.     And Dr. Felten is a colleague of
             6    yours at Princeton?
             7         A.     Yes.
             8         Q.     Are you in you daily contact?
             9         A.     More or less.
            10         Q.     Okay.
            11                Are your offices located close to
            12    each other?
            13         A.     Yes.
            14         Q.     Do you work together on projects?
            15         A.     Yes.
            16         Q.     Okay.
            17                Do you co-teach or co-conduct
            18    seminars or engage in other activities at the
            19    university in connection with your academic
            20    activities?
            21                    MR. HERNSTADT:  Objection to
            22    the form of the question.
            23                    THE WITNESS:  From time-to-time
            24    there are teaching and research guidance
            25    activities that we do jointly.

             2         Q.     Got you.
             3                Is this the first piece you've ever
             4    authored with Dr. Felten?
             5         A.     No.
             6         Q.     Have you ever discussed this case
             7    with Dr. Felten?
             8         A.     Yes.
             9         Q.     When was your first occasion to do
            10    that?
            11         A.     I know I discussed it with him in
            12    the days following harsh 13th, I believe that
            13    we had a -- we may have had some discussion of
            14    it earlier than that that we discussed that
            15    there were some court cases involving DVDs.
            16         Q.     So it's possible that you may have
            17    learned of this case not first through
            18    Dr. Touretzky but indeed through Dr. Felten; is
            19    that possible?
            20                    MR. HERNSTADT:  Objection to
            21    the form of the question.
            22                    MR. HART:  I understand you.
            23                    THE WITNESS:  Maybe from
            24    Dr. Felten or maybe in some other way.
            25         Q.     Okay.

             2         A.     But my awareness of this case let's
             3    say prior to March 13 as in vague and in
             4    general determines.
             5         Q.     So you refer, for example in your
             6    article to searching the text of Shakespearean
             7    plays.  I'm looking at Page 2 of your article
             8    as it appears as an attachment to your
             9    declaration.
            10                    MR. HERNSTADT:  Point out where
            11    you are looking.
            12                    MR. HART:  It's the lower right
            13    column.
            14                    THE WITNESS:  Okay.  Yes.
            15         Q.     All right?
            16                Is it your understanding is that
            17    the works of Shakespeare are protected by
            18    copyright or do you have any understanding in
            19    that regard?
            20         A.     I believe they are not.
            21         Q.     Okay.
            22                What relevance do you believe this
            23    article has to this case?
            24                    MR. HERNSTADT:  Objection to
            25    the form of the question.  Go ahead.

             2                    THE WITNESS:  This article
             3    describes many kinds of scholarly analyses of
             4    both text as well as audio and video and other
             5    media, and scholars who wish -- who may wish to
             6    apply these kinds of analyses may wish to apply
             7    it both to uncopyrighted and copyrighted
             8    material.  And to do that they will need access
             9    unencrypted digital encrypted form of the
            10    material.
            11         Q.     Got you.
            12                So in your view, is there value in
            13    posting say an entire copyrighted work to the
            14    internet in order to share it for academic
            15    purposes with others?
            16                    MR. HERNSTADT:  Object to the
            17    question.  Lacks foundation.
            18                    THE WITNESS:  The examples that
            19    we give -- the anecdotal examples that we give
            20    in the article are scholars who have purchased
            21    copies of copyrighted material might wish to
            22    apply these analyses, and that that would be
            23    the appropriate way for scholars to access
            24    copyrighted material.
            25         Q.     Okay.

             2                So if you purchased a copy of
             3    someone's work, is it your view that you it
             4    would then be appropriate if you saw the need
             5    for it to post that work to the internet in
             6    order to engage in academic or scholarly work
             7    discussion it?
             8                    MR. HERNSTADT:  Object to the
             9    form of the question.  Misstates what's in this
            10    article.
            11                    MR. HART:  I'm not -- I'm
            12    asking for his view.
            13                    THE WITNESS:  No.
            14         Q.     Inappropriate?
            15         A.     It's inappropriate.
            16         Q.     Why?
            17         A.     Because the legitimate uses of
            18    copyrighted material do not generally include
            19    republishing it.
            20         Q.     And that's true whether you own a
            21    copy of it or not, right?
            22                    MR. HERNSTADT:  Just to
            23    reiterate, I'm instructing him not to make
            24    legal answers.  Okay.
            25                    MR. HART:  Absolutely.

             2                    THE WITNESS:  That's right.
             3         Q.     Okay.
             4                    MR. GOLD:  Can you mark that
             5    objection?  Thank you.
             6                    MR. HERNSTADT:  Dan, are you
             7    suggesting that I'm coaching the witness?
             8    Because I take great offense at that.
             9                    MR. HART:  We want to move
            10    along.  Let's not have arguments, please.
            11                    MR. GOLD:  Then you will have
            12    to take offense.
            13                    MR. HERNSTADT:  I have to what?
            14                    MR. GOLD:  You take -- what did
            15    you say?
            16                    MR. HERNSTADT:  Great offense.
            17                    MR. GOLD:  Oh, then that's it.
            18    I do, too.
            19                    MR. HERNSTADT:  Good.
            20                    MR. GOLD:  To the fact that we
            21    believe there is coaching going on.  You don't
            22    -- you don't think I don't I have a right to
            23    mark the transcript where I want?
            24                    MR. HERNSTADT:  No, you can
            25    certainly mark it.  Where I instruct him not to

             2    make -- to answer in a way to the extent that
             3    he has any legal experience to make legal
             4    conclusions?  Mark away.
             5                    MR. GOLD:  You've stipulated to
             6    the fact that we're never doing that.  We don't
             7    want to.  And you --
             8                    MR. HERNSTADT:  I'm making the
             9    objection and I'm entitled to do that.
            10                    MR. GOLD:  I don't think so.
            11                    MR. HERNSTADT:  Go ahead.
            12    Bill.
            13                    MR. HART:  Thank you,
            14    Mr. Hernstadt.
            15                    MR. HERNSTADT:  Certainly.
            16                    MR. GARBUS:  Can you make the
            17    room warmer?  It's freezing.
            18                    MR. HART:  I'm sorry.  Now what
            19    do you have, Mr. Garbus?  I'm really doing my
            20    best here.
            21         Q.     If a work's made available to a
            22    website, one doesn't really have control over
            23    what people do with it after they download it;
            24    isn't that right?
            25                    MR. HERNSTADT:  Objection to

             2    the form of the question.  It's very vague.  If
             3    you can answer it.
             4                    THE WITNESS:  That's generally
             5    but I would not say entirely true.
             6         Q.     Where is the untruth in that
             7    statement?
             8                    MR. HERNSTADT:  Objection to
             9    the form of the question.  Go ahead.
            10                    THE WITNESS:  If -- if, for
            11    example, a work was posted encrypted on a
            12    website, then people wishing to read it would
            13    have to have a means of decrypting it.  So
            14    that's one way in which one could have control.
            15         Q.     How many drafts of your declaration
            16    did you go through before you finalized it?
            17                    MR. HERNSTADT:  Objection to
            18    the form of the question.
            19                    THE WITNESS:  I would guess
            20    three.
            21         Q.     Were there any topics that were
            22    discussed but not included or included but then
            23    removed?
            24                    MR. HERNSTADT:  Objection to
            25    the form of the question.  Go ahead.

             2                    THE WITNESS:  No.
             3         Q.     No?
             4         A.     No.
             5         Q.     Okay.
             6                How long did it take to prepare the
             7    declaration?
             8         A.     I don't recall exactly.  I mean, a
             9    few hours.
            10         Q.     A few hours.
            11         A.     Spread over a day or two.  I don't
            12    remember exactly.
            13         Q.     Got you.
            14                Was it drafted by Mr. Hernstadt or
            15    was it drafted by you?
            16                    MR. HERNSTADT:  Objection to
            17    the form of the question.  Go ahead.
            18                    THE WITNESS:  I think we
            19    drafted it together.
            20         Q.     Sitting here today, can you tell
            21    what was yours and what was Dr. Hernstadt's?
            22    I'm sorry.  Mr. Hernstadt's.
            23                    MR. HERNSTADT:  I know you look
            24    to me to give you sucker in your hour of need,
            25    but I'm not a doctor.

             2                    MR. HART:  I'm not offended by
             3    that statement.
             4                    THE WITNESS:  As I look at it
             5    now, I believe that all -- all the paragraphs
             6    are either written by me or rewritten by me
             7    after -- after maybe I received something from
             8    Mr. Hernstadt.
             9         Q.     So in other words, Mr. Hernstadt
            10    sent you a draft and you rewrote it?
            11                    MR. HERNSTADT:  Object to the
            12    form of the question.  It misstates the
            13    testimony.  Go ahead.
            14                    THE WITNESS:  Most of the draft
            15    that Mr. Hernstadt originally sent me was
            16    written by me.
            17         Q.     How?
            18         A.     Because I had filed a related
            19    declaration in a previous case regarding --
            20    regarding two cryptography.
            21         Q.     What case?
            22         A.     I filed a declaration in the case
            23    of Bernstein versus U.S.
            24         Q.     Right.
            25         A.     And in the case of Younger versus

             2    Daily.
             3         Q.     Got you.
             4                Is it your testimony that the
             5    declarations from Bernstein and Younger served
             6    as a basis for declaration Exhibit 1 in this
             7    case?
             8         A.     That's right.
             9         Q.     Did you produce copies of those
            10    declarations to us?
            11         A.     They are on my website.  I didn't
            12    bring any copies with me.
            13         Q.     Got you.
            14                Do you have qualifications as a
            15    cryptographer?
            16                    MR. HERNSTADT:  Object to the
            17    form of the question.  It's vague.
            18                    THE WITNESS:  I have a fair
            19    understanding of cryptography --
            20         Q.     Okay.
            21         A.     -- from taking college courses in
            22    which it was covered, from reading the
            23    literature on cryptography, from an interest in
            24    applications of cryptography to computer
            25    security, but I would not say that my own

             2    research is specifically in the area of
             3    cryptography.
             4         Q.     Got you.
             5                What's your understanding of the
             6    word "hacker"?
             7                    MR. HERNSTADT:  Objection to
             8    the question.
             9                    THE WITNESS:  I would say that
            10    I first started the word hacker circa 1980.
            11         Q.     Okay.
            12         A.     And my understanding of it at that
            13    time was somebody who likes to play with
            14    computer programs.
            15         Q.     That sounds pretty -- I'm sorry,
            16    you weren't -- I don't want to interrupt you.
            17    Please finish if --
            18         A.     And since that time, the -- the use
            19    of the word as it typically appears in the
            20    media seems to be more people who try and get
            21    unauthorized access to computer systems.
            22         Q.     Do you believe that hacking is an
            23    appropriate activity?
            24                    MR. HERNSTADT:  Objection to
            25    the form of the question.  That is impossible

             2    to answer.
             3                    MR. HART:  It may be for you,
             4    but I'm asking the witness.
             5                    MR. HERNSTADT:  What kind of
             6    hacking are you talking about, are you talking
             7    about --
             8                    MR. HART:  Thanks for coaching
             9    him.
            10                    MR. HERNSTADT:  I'm not
            11    coaching him, Bill.  I'm asking you what your
            12    question means.
            13                    MR. GOLD:  Can we have you
            14    marked that change, please?
            15                    MR. HERNSTADT:  Do you
            16    understand the question?
            17                    THE WITNESS:  I gave you two
            18    means of the word hacking, and it's not clear
            19    to me which one you are asking about.
            20         Q.     You can answer with whatever
            21    appropriate qualifications you feel necessary
            22    to answer the question.
            23                    MR. HERNSTADT:  It's a compound
            24    question.  I object to it.
            25                    THE WITNESS:  I think think

             2    that playing with computer programs is
             3    certainly acceptable activity.
             4         Q.     Okay.
             5         A.     I think that examining the
             6    weaknesses in the security of computer systems
             7    is acceptable.
             8         Q.     Okay.
             9         A.     And I have encouraged my students
            10    to do it.
            11         Q.     You have encourage your students to
            12    do it?
            13         A.     I have.
            14         Q.     Okay.
            15         A.     And that activity such as
            16    electrically breaking into computer systems and
            17    downloading copies of information or destroying
            18    information is a crime.
            19         Q.     Okay.
            20         A.     So...
            21         Q.     Thank you.
            22                Are there any ethical constraints,
            23    to your understanding and world view, on the
            24    dissemination of material or devices that
            25    enable hacking?

             2                    MR. HERNSTADT:  Objection to
             3    the form of the question.  I'm going to
             4    instruct the witness to answer with great
             5    specificity as to which definition.
             6                    MR. HART:  Of course.
             7                    THE WITNESS:  I think that it's
             8    reasonable and ethical to disseminate
             9    information concerning the weaknesses of
            10    security.  I guess --
            11         Q.     Yeah.  Again I'm asking for your
            12    view in terms of ethics of it as a computer
            13    professional.
            14         A.     Mm-hmm.
            15         Q.     Are there any constraints in terms
            16    of the dangers or abuses that it poses in the
            17    context of that dissemination?
            18                    MR. HERNSTADT:  Object to the
            19    form of the question.  If you understand that
            20    question, you can answer it.
            21                    THE WITNESS:  I guess there are
            22    dangers of some kind.
            23         Q.     And in your view, and I'm just
            24    asking for your view, are the dangers
            25    overridden by the need to share information?

             2                    MR. HERNSTADT:  Again,
             3    objection to this whole line of questioning.
             4    It's very vague.  If you understand you can
             5    answer it.
             6                    THE WITNESS:  I can give
             7    specific examples.
             8         Q.     Okay.
             9         A.     For example, in 1995 and '96 when
            10    my students and colleagues found ways of
            11    circumventing the security systems of web
            12    browsers so that one could make a website that
            13    would be able to steal or destroy information
            14    from the users who are browsing that website,
            15    we went public with an analysis of the
            16    weaknesses in security, and in doing so we made
            17    sure that it was brought to the attention of
            18    the providers of the web browsing systems so
            19    they could fix the security.
            20         Q.     Okay.  Got you.
            21         A.     But as well as for public
            22    discussion of the specific strengths and
            23    weaknesses of these systems.
            24         Q.     Did you at any time create or
            25    author any kind of software that would do

             2    precisely what you just described?
             3         A.     We did create such software.
             4         Q.     Did you make it available to the
             5    public?
             6         A.     I don't recall.  I don't believe
             7    so.
             8         Q.     Sitting here today, do you believe
             9    that it would be appropriate in those
            10    circumstances to make such a device available
            11    to the public?
            12         A.     I think it would be appropriate.
            13         Q.     Why?
            14         A.     People who wish to improve the
            15    security of their systems can use such devices
            16    to probe for weaknesses.
            17         Q.     But I'm talking about making it
            18    available to the general public, not to the
            19    people that own or control the security system.
            20         A.     People who wish to do research on
            21    improving security systems may not be the one
            22    who own those systems.
            23         Q.     Got you.
            24         A.     For example, our research now
            25    involves improving the security of web browsing

             2    systems.
             3         Q.     Mm-hmm.
             4         A.     We became interested in this
             5    research after we identified weaknesses in the
             6    security of web browsing systems.  We were not
             7    the creators of those systems.
             8         Q.     Who is "we"?
             9         A.     Let's say Professor Felten and I.
            10         Q.     Okay.
            11         A.     And my students.
            12         Q.     Okay.
            13         A.     So the purpose of the public
            14    discussion of the weaknesses of the security of
            15    these systems is to, among other things,
            16    encourage research in these areas, not only by
            17    the original providers of those systems.
            18         Q.     Got you.
            19                And to your mind is there a
            20    difference between discussion of weaknesses of
            21    system and the manufacturer of a utility that
            22    takes advantage of a weakness in the system?
            23                    MR. HERNSTADT:  Objection to
            24    the form of the question.  If you can answer
            25    that.

             2                    THE WITNESS:  I found in my own
             3    research, and not specifically limited to, you
             4    know, security and devises to you know, exploit
             5    the weaknesses of systems, but in computer
             6    science in general that a discussion of some
             7    aspect of computer science is often much more
             8    effective if it's accompanied by exchange of
             9    computer programs relevant to that discussion.
            10         Q.     And how does that computer exchange
            11    normally take place?
            12         A.     Typically by people posting their
            13    computer programs on their websites along with
            14    articles discussing how they work or as an
            15    accompaniment to, let's say, an article
            16    published in a journal about how the program
            17    might work.
            18         Q.     And we are talking about what,
            19    source code?
            20         A.     Source code and object code.
            21         Q.     Okay.
            22                And in your view, that's
            23    appropriate to do, that is, to make an
            24    executable utility available generally on a
            25    website even if it has the potential for abuse

             2    by others?  That's your view?
             3                    MR. HERNSTADT:  Objection to
             4    the form of the question.
             5                    THE WITNESS:  If the source
             6    code or object code has some useful purpose in
             7    the scholarly discussion or has some useful
             8    purpose as a tool, then it's appropriate to
             9    post it.
            10         Q.     Despite the potential for abuse?
            11         A.     Despite the potential for abuse.
            12         Q.     So if you and your students created
            13    a utility that would defeat the security codes
            14    for ATM machines at Citibank and believed that
            15    that was of scholarly, academic or
            16    cryptological interest, you are dealing me that
            17    in your view it would be appropriate to post
            18    that utility to the internet in a widespread
            19    fashion even though it would be available to
            20    pool to basically invade Citibank and take the
            21    money?
            22                    MR. HERNSTADT:  Objection to
            23    the form of the question.  It's an incomplete
            24    hypothetical.  If you can answer it.
            25                    THE WITNESS:  To give a more

             2    concrete example --
             3         Q.     What was wrong with my example?
             4         A.     Let me give a different example and
             5    then relate it to your example.
             6         Q.     I'd like you to answer my example.
             7    That's the question on the table.
             8         A.     Mm-hmm.
             9         Q.     Appropriate or appropriate?
            10                    MR. HERNSTADT:  I -- If you can
            11    answer that question --
            12                    MR. HART:  Ed, we understand.
            13    We will stipulate that the witness will only
            14    answer the questions that he can answer, okay?
            15                    MR. HERNSTADT:  Now, look --
            16                    MR. HART:  No speeches, please.
            17    Honestly.  I'm going to throw him out of the
            18    room because you're going to coach him again.
            19                    MR. HERNSTADT:  Bill, excuse me
            20    I'm going to make my record.  I have objected
            21    to the form of the question.
            22                    MR. HART:  Please stop.
            23                    MR. HERNSTADT:  Bill, excuse
            24    me.  I'm making my objection.
            25                    MR. HART:  I will ask the

             2    witness to leave the room before you coach.
             3                    MR. HERNSTADT:  You can make
             4    your little speech after I make my objection.
             5                    MR. HART:  I'm not making a
             6    speech.  There's a question pending.
             7                    MR. HERNSTADT:  You are going
             8    to let me make my objection, bill.  I have a
             9    right to make an objection and then you can say
            10    anything you want to after that.
            11                    MR. HART:  Excuse me.  Would
            12    you let the witness leave the room before you
            13    continue.
            14                    MR. HERNSTADT:  No, no.  I'm
            15    going to make my objection.
            16                    MR. HART:  Then I'm accusing
            17    you of coaching the witness.
            18                    MR. HERNSTADT:  Then you can
            19    accuse me all you want, Bill, and you can go to
            20    the court with it.
            21                    MR. HART:  I would like to
            22    witness to leave the room.
            23                    MR. HERNSTADT:  However, I am
            24    making my objection.
            25                    MR. HART:  This is outrageous.

             2                    MR. HERNSTADT:  I object to the
             3    form of the question.  It think is a question,
             4    it is a question that assumes facts not in
             5    evidence and it is an incomplete hypothetical.
             6                    MR. GOLD:  Now, would you tell
             7    me why you have such a problem with your
             8    witness leaving the room to engage in a lengthy
             9    discussion?
            10                    MR. HERNSTADT:  I'm not
            11    engaging in a lengthy discussion.  I'm
            12    attempting to make -- I'm attemptinn to make an
            13    objection.  I'm being interrupted by Mr. Hart's
            14    speechifying.  How I'm being interrupted by
            15    your speechifying.
            16                    MR. HART:  This is outrageous.
            17    There is a question pending and you are
            18    talking.
            19                    MR. HERNSTADT:  Excuse me.
            20    That is the only time than you can make an
            21    objection to the question is when it's pending.
            22                    MR. HART:  But you're not
            23    making objections.
            24                    MR. HERNSTADT:  I mean, if I
            25    made objections after every question, you'd

             2    tell me hey, it's too late to make the
             3    objection.  This is absurd, Bill.
             4                    MR. HART:  This is insane.
             5                    MR. HERNSTADT:  May I suggest
             6    --
             7                    MR. HART:  I don't want you to
             8    suggest anything more.  That's the problem.
             9                    MR. HERNSTADT:  May I suggest
            10    we go on.  I find your insinuations and your
            11    direct accusations that I am coaching the
            12    witness outrageous.  I suggest you really go to
            13    the judge if you think it's really true.  Can
            14    we continue the deposition please?
            15                    MR. GOLD:  Calm down.  Don't
            16    get so upset.  Can I ask you why you are so
            17    opposed to your witness not hearing a lengthy
            18    objection?
            19                    MR. HERNSTADT:  Because it's a
            20    waste of time.  This is not a lenghty
            21    objection.  Neither of you had any idea what my
            22    objection was when I tried to make it.
            23    Mr. Hart interrupted me repeatedly when I
            24    attempted to make the objection.
            25                    MR. GOLD:  Is the reason you

             2    don't want the witness to go out of the room
             3    because you want him to hear the lengthy
             4    objection?  Do you have an answer for that?
             5                    MR. GARBUS:  No need for that.
             6                    MR. HERNSTADT:  That's an
             7    insulting question, Leon.  The answer is
             8    obviously no.  The answer is it's not a lengthy
             9    objection.  And, Leon, do you read my mind?  Do
            10    you have any idea how long my objection is
            11    going to be before I make it?  The answer is
            12    no.  The answer is clearly no.  I would like to
            13    just continue this deposition.
            14                    MR. HART:  May I -- Okay.  I
            15    would, too.  To expedite things let me make an
            16    suggestion, okay?  I'd like to get your
            17    agreement right now, Ed, that the next time
            18    that I ask that the witness leave the room
            19    because of your objection that you allow that
            20    to happen.
            21                    MR. HERNSTADT:  Absolutely not.
            22                    MR. HART:  And then you can say
            23    anything you want on this record.  I think you
            24    are doing is obstructive and improper.
            25                    MR. HERNSTADT:  If I have a

             2    long speech to make like you just made --
             3                    MR. HART:  No, that wasn't a
             4    long speech.  That was a request.  You said no.
             5    I got it, no.
             6                    MR. HERNSTADT:  You have no
             7    idea what my objection is before I make it,
             8    okay?  And it's just -- it's outrageous and
             9    it's insulting for you to say I can't make
            10    objections until the witness has left the room.
            11    I find that staggering, okay?  having made an
            12    absurd record why don't we continue.  We
            13    probably I should read the last question back.
            14                    MR. HART:  This is my
            15    deposition.
            16                    MR. HERNSTADT:  It is my
            17    witness.
            18                    MR. HART:  It is.  It is your
            19    witness.
            20                    MR. HERNSTADT:  And after all
            21    this,I certainly don't want him attempting to
            22    answer a question that has been on the table
            23    for five minutes.
            24                    MR. HART:  I apologize,
            25    Mr. Appel.

             2                    Let's mark this, if you would,
             3    please, Ms. Reporter.
             4         Q.     Okay.  We were with my
             5    hypothetical.
             6         A.     What we have done in case where we
             7    have found ways to compromise the security of
             8    commercial systems is to notify the commercial
             9    provider of those systems a few days before we
            10    publically post the description.  And this
            11    allows them to formulate a response and take
            12    whatever measures they may need to take.  But
            13    when we inform them, we tell them that we are
            14    going to go ahead and publish it anyway and
            15    this is just a courtesy to them.
            16         Q.     Got you.  And -- I'm sorry.
            17         A.     And in any hypothetical case of the
            18    kind you described, we might do something
            19    similar.
            20         Q.     I see.
            21                And in the ordinary course of that,
            22    how much lead time do you give the proprietor
            23    of the system before you disclose?
            24         A.     In the cases in the past
            25    specifically relating to web browsers,

             2    typically three days.
             3         Q.     In other cases?
             4         A.     I have not been involved in any
             5    other cases.
             6         Q.     Okay.
             7                The only situation you've been
             8    involved in where you compromised security, if
             9    you will, was this this web browser situation
            10    you described?
            11                    MR. HERNSTADT:  Objection to
            12    the form of the question.
            13                    THE WITNESS:  The only cases
            14    where we have published descriptions of the
            15    compromising the security of commercial systems
            16    was a series of -- of security analyses of web
            17    browsers in approximately the period 1995 to
            18    '97.
            19         Q.     And is there a difference to your
            20    mind between publishing a description of a
            21    weakness of system and providing someone with
            22    an executable piece of software that takes
            23    advantage of that weakness?
            24                    MR. HERNSTADT:  I'm sorry.
            25    Could you read back that question?

             2                (Record read)
             3                    MR. HERNSTADT:  Object to the
             4    form.
             5                    THE WITNESS:  I guess there is
             6    a difference.
             7         Q.     So to come back to my Citibank
             8    hypothetical, which I know you love, you'd feel
             9    comfortable in posting a description of the
            10    weakness after you contacted Citibank but not
            11    so comfortable in providing an executable
            12    utility to the general public that would take
            13    advantage of that weakness; is that a fair
            14    statement?
            15                    MR. HERNSTADT:  Objection to
            16    the form of the question.  Misstates the
            17    testimony.  Go ahead.
            18                    THE WITNESS:  I guess it would
            19    depend on the circumstances of the particular
            20    security flaw and of the nature of, you know,
            21    whatever research we had done.
            22         Q.     Okay.  Let's take away those
            23    variables.  I'll make it real easy.
            24         A.     Okay.
            25         Q.     The software utility I'm talking

             2    about enables you to walk into any Citibank,
             3    hit an ATM and take money out for free.
             4                    MR. HERNSTADT:  Objection to
             5    the form of the question.  If you can answer
             6    it, go ahead.
             7                    THE WITNESS:  I don't know.
             8    The -- in that kind of case we might very well
             9    decide to give Citibank more than three days of
            10    lead time and we might very well publish, you
            11    know, a description of -- of the security
            12    weakness.  But I don't think we would
            13    necessarily completely avoid forever the
            14    publication of the software, that is, the study
            15    of the software its and the details of the
            16    weakness are certainly of interest to the
            17    community of researchers doing computer
            18    security.
            19                    MR. GOLD:  Bill, we need to
            20    break so the video person can change his tape.
            21                    MR. HART:  Okay.  This is a
            22    good juncture, I think.  Can we take five?
            23    Bathroom, cigarette.
            24                    THE VIDEOGRAPHER:  This
            25    completes Videotape Number 1, the time now is

             2    12:34 p.m.  we are going off the record.
             3                    (Informal discussion held off
             4                the record)
             5                    THE VIDEOGRAPHER:  This is
             6    Videotape Number 2 of the continued deposition
             7    of Andrew Appel.  The time now is 12:52 p.m.
             8    We are back on the record.
             9         Q.     Prior to the call and E-mail from
            10    Dave Touretzky, you had no knowledge of DeCSS
            11    or interest in studying it for any reason, did
            12    you?
            13                    MR. HERNSTADT:  Object to the
            14    form.  Go ahead.
            15                    THE WITNESS:  I had not been
            16    motivated to examine DeCSS before that time,
            17    that's right.
            18         Q.     Were you aware of DeCSS before that
            19    time?
            20         A.     I was there that there were some
            21    court cases and how -- I don't remember how
            22    detailed was my awareness.
            23         Q.     Okay.
            24                But as a cryptography buff, and I
            25    don't want to characterize the degree of

             2    sophistication that you have in that field, but
             3    to whatever degree you've had it you expressed
             4    an interest in cryptography, that was not a
             5    subject that came across your radar screen,
             6    that is DeCSS, until you to you to Touretzky;
             7    is that right?
             8         A.     I have been interested for a few
             9    years now in the question of whether it's
            10    really technically feasible to distribute
            11    encrypted content to people who have possession
            12    of the machine that decrypts it in a secure
            13    way.  And I've had conversations on -- relating
            14    to that topic with several people who work in
            15    the field of security over the past three years
            16    approximately.  So the court case were
            17    interesting to me partly for that reason.
            18         Q.     But prior to the discussion with
            19    Touretzky in March you were unaware of DeCSS
            20    per se, correct?
            21         A.     Yes.
            22         Q.     Despite your background and
            23    interest in security systems, cryptography and
            24    what you just said?
            25         A.     I was aware that the court cases

             2    focused on unlicensed decryption software, but
             3    I don't know that I could have told you the
             4    name of the software.
             5         Q.     Okay.
             6                Now, you mentioned just a moment
             7    ago in your testimony that you've had
             8    communications with interested parties
             9    concerning those subjects over the course of
            10    the last three years, correct?
            11         A.     The subject, not specifically of
            12    DeCSS or DVDs, but the distribution of
            13    encrypted content.
            14         Q.     Right.
            15                And how did you engage in those
            16    communications, through what form or media?
            17         A.     Generally in person.
            18         Q.     Generally in person?  I'm sorry?
            19         A.     Yes.
            20         Q.     What about E-mail?
            21         A.     I don't think so.
            22         Q.     Any reason why not?
            23         A.     I would talk to people at
            24    conferences, for example, and/or in my office
            25    in discussions or this kind of thing.

             2         Q.     Okay.
             3         A.     But I don't recall any E-mail that
             4    I have sent.
             5         Q.     Now, in those discussions did you
             6    have before and available to you and the others
             7    code in any form?
             8         A.     I think not.
             9         Q.     Okay.
            10                Is it possible to E-mail DeCSS from
            11    one person to another?
            12                    MR. HERNSTADT:  Object to the
            13    form.
            14                    THE WITNESS:  Yes.
            15         Q.     Okay.
            16                Are there encryption programs that
            17    are widely available that are used in
            18    connection with E-mail communications?
            19         A.     Yes.
            20         Q.     Can you name one or two, please?
            21         A.     PGP is one of them.
            22         Q.     Okay.
            23                Have you ever used any of those
            24    encryption programs, whether or not it was PGP,
            25    in connection with E-mail communications with

             2    others?
             3         A.     I have encrypted an E-mail using
             4    PGP and sent it.
             5         Q.     As an experiment or --
             6         A.     Basically as an experiment.
             7         Q.     Did it work?
             8         A.     Yes.
             9         Q.     And would you explain, just to make
            10    the record clear, what the value of doing that
            11    is?
            12         A.     The value of encrypting E-mail is
            13    to achieve privacy in communications.
            14         Q.     As a practical matter, isn't it
            15    possible to engage in discussions with
            16    researchers, scientists, cryptographers and
            17    others who may have some scholarly or
            18    engineering interest in DeCSS by communicating
            19    with them and transferring to them DeCSS via
            20    encrypted E-mail?
            21         A.     That presupposes the fact that I
            22    know which scholars are interested in it.  And
            23    generally when I do research and public it I
            24    don't know in advance exactly which scholars
            25    would be interested in it using the results of

             2    my research in their work.
             3         Q.     So, let's take, for example, the
             4    people that you said you met with in person
             5    over the course of the last three years.  Do
             6    you have any of their E-mail addresses?
             7         A.     Yes.
             8         Q.     So all those folks that you talked
             9    with within the last three years are certainly
            10    within the orbit of people that you would know
            11    to E-mail to if you wanted to, right?
            12         A.     Yeah, I'd say they're -- yes.
            13         Q.     Okay.
            14                And is it common when someone has a
            15    website to provide an E-mail address for them
            16    on their website?
            17                    MR. HERNSTADT:  Object to the
            18    form of the question.  If you don't understand
            19    it --
            20                    THE WITNESS:  Let's say the --
            21    a personal home page will typically include an
            22    E-mail address.
            23         Q.     What about websites used by
            24    scholars, scientists, cryptographers and the
            25    like?

             2         A.     Some of the them have E-mail
             3    addresses.
             4         Q.     So it's not uncommon, is it?
             5         A.     It's common.
             6         Q.     Common.  Right.
             7                And so if you wanted to communicate
             8    with somebody that had posted something to a
             9    website on the internet, you would you have a
            10    way to communicate with them via E-mail, right?
            11         A.     Yes.
            12         Q.     And encrypted E-mail as well,
            13    right?
            14         A.     No.  For me to communicate with
            15    somebody by encrypted E-mail, they would have
            16    to have posted their public key in some place.
            17         Q.     Right.
            18         A.     And not very many people have done
            19    that.
            20         Q.     But you could you E-mail the person
            21    and say can you give me your PGP key so I can
            22    send you an encrypted E-mail, right?
            23         A.     Most people have not installed PGP,
            24    so I would have to E-mail them and say can you
            25    download and install the PGP and make yourself

             2    a key and put this somewhere so I could --
             3         Q.     Sure.
             4                Is that a big deal?
             5         A.     It's an hour's work.
             6         Q.     And in the life of a computer
             7    person what's an hour?
             8         A.     If I want to publish my work in
             9    such a way that other people will read it, I
            10    don't generally want to impose an hour penalty
            11    in even accessing what I've written.
            12         Q.     I understand.
            13                So, in other words if you want to
            14    makes sure it gets out there to the greatest
            15    number of people possible you put it on a
            16    website in an unencrypted form?
            17         A.     Right.
            18         Q.     Now, have you done any kind of
            19    tentative, preliminary, intermediate, final or
            20    close to final report or analysis in connection
            21    with this case or your testimony in it?
            22                    MR. HERNSTADT:  Objection to
            23    the form of the question.  I take it you mean
            24    apart from his declaration?
            25                    THE WITNESS:  I am not -- I've

             2    not been preparing any kind of document of that
             3    description.
             4         Q.     Were you told not to?
             5         A.     No.
             6         Q.     Okay.  Why not?
             7         A.     No one discussed at all either pro
             8    or con the preparation of such a document.
             9         Q.     Okay.
            10                So if I wanted to get an
            11    understanding of what you planned to testify in
            12    in the trial of this case, how do I find that
            13    out?
            14         A.     I don't know.
            15         Q.     Okay.
            16                If I ask you right now, can you
            17    tell me all the subjects in which you plan to
            18    testify at the trial of this case or are
            19    prepared to testify at the trial of this case?
            20    Can you tell me?
            21         A.     Yes, I can tell you some subjects
            22    in which I am prepared to testify.
            23         Q.     Okay.
            24         A.     The one subject is that scholarly
            25    publication is often most effective when it

             2    includes the publication of source and object
             3    code in addition to articles and other reports
             4    describing that source and object code.
             5         Q.     Mm-hmm.
             6         A.     And that that's the way that
             7    scientists routinely communicate with each
             8    other.  One is on distinctions between source
             9    code and object code and how they are used to
            10    communicate between people and other people as
            11    well as operation on a machine.
            12                One is on on various kinds of uses
            13    of copyrighted material such as those described
            14    in my paper of February 17, that is, uses that
            15    scholars might put copyrighted material to that
            16    would require access to the unencrypted
            17    content.  And I guess the fact that people
            18    working in the field of computer security and
            19    cryptography do routinely publish the
            20    descriptions of weaknesses in systems or ways
            21    of circumventing systems as part of the process
            22    of designing and inventing better systems.
            23         Q.     Anything else?
            24         A.     Not that I recall at the moment.
            25         Q.     Now, you are going to be going

             2    away, is that right, soon?
             3         A.     I will be away the week of July 17.
             4         Q.     And is that a date that's been
             5    fixed for a while for your departure somewhere?
             6         A.     That date was fixed in
             7    approximately January.  It's a principal
             8    investigators meeting of researchers in
             9    computer security funded by the Defense
            10    Department.
            11         Q.     Excellent.  Where is that?
            12         A.     In Hawaii.
            13         Q.     Sounds terrible.
            14                And you let Mr. Hernstadt know
            15    that?
            16         A.     That's right.
            17         Q.     When?
            18         A.     When he first told me the trial
            19    date, which as I said was approximately a week
            20    or two after the filing of my declaration.
            21         Q.     Sometime in April?
            22         A.     No, that would have been May.
            23         Q.     Sometime in May.  Okay.
            24                In other words a week or two after
            25    the filing date of your dec is what you said?

             2         A.     Right.
             3                    MR. HERNSTADT:  And obviously
             4    sometime after May 12.
             5                    MR. HART:  I'm sorry.  Would
             6    you read back what Mr. Hernstadt just said?
             7                    (Record read)
             8         Q.     I'm sorry.  Do you know what the
             9    significance of May 12 is?
            10         A.     No.
            11                    MR. HERNSTADT:  That's when the
            12    judge moved the trial date to July 17.  It
            13    would not have been possible for me to tell him
            14    a July 17 date before that.
            15         Q.     Did Mr. Hernstadt ever advise you
            16    that it was the defense's intention to seek an
            17    adjournment of the trial?
            18         A.     I think he has told me that.
            19         Q.     Do you remember when he first told
            20    you that?
            21         A.     I remember that he told me that
            22    about a week ago, but I don't remember if
            23    that's the first told that he told me.
            24         Q.     Okay.
            25                Now, coming back to the subjects,

             2    there were four categories.  The last of them
             3    was the publication or descriptions about
             4    weaknesses in security systems.
             5         A.     The practice of scientists doing
             6    research in computer security of publishing
             7    descriptions of the weaknesses.
             8         Q.     And that's what we've already
             9    talked about today in your testimony in terms
            10    of descriptions and utilities and the like?
            11                    MR. HERNSTADT:  I'm sorry.  The
            12    last answer and question read back, please?
            13    The answer and then his question.
            14                    (Record read)
            15                    THE WITNESS:  I think we have
            16    talked about that.
            17         Q.     Now, you said it's normal practice,
            18    correct me if I'm wrong, that if someone
            19    discerns a break in a security system that they
            20    contact the proprietor or user of that system.
            21    Is that your testimony?
            22         A.     My testimony was that that had been
            23    our practice.
            24         Q.     Your practice.
            25                Do you know if that's a normal

             2    practice?
             3         A.     I don't know.
             4         Q.     Do you have any information as to
             5    whether that was done in this situation with
             6    DeCSS?
             7                    MR. HERNSTADT:  Objection to
             8    form.
             9                    THE WITNESS:  No, I have no
            10    information.
            11         Q.     Okay.
            12                Now, you also mentioned that one of
            13    the other subjects for your anticipated trial
            14    testimony is the use of copyrighted material --
            15    excuse me.  The use of copyrighted materials in
            16    connection with scholarly research.
            17         A.     That's right.
            18         Q.     Right.
            19                And you men -- and these are the
            20    subjects that are covered by your article,
            21    right?
            22         A.     That's right.
            23         Q.     Okay.
            24                And you said you have nothing to
            25    add to this article other than the little side

             2    bar that's going to appear in the next
             3    published version of it describing the basic
             4    rules when you submitted this to Congress or
             5    the copyright office?
             6         A.     What I said was that the article as
             7    it will appear in Communication of the ACM as
             8    it appears on my website includes a one page
             9    sidebar explaining the circumstances of their
            10    regulatory process.
            11         Q.     Right.
            12                Now, in doing searches of musical
            13    works as you described them in your article,
            14    does this entail loading musical content into a
            15    computer in some kind of digital form before it
            16    can be searched through by a computer?
            17         A.     It's plausible to do the search
            18    directly from, for example, a CD.  Although the
            19    material will have to flow into the computer as
            20    it would in any way of using the D -- the CD.
            21         Q.     And so how would you that be done?
            22         A.     One would open the file from the CD
            23    rom device.
            24         Q.     Okay.
            25         A.     For example.

             2         Q.     Okay.
             3         A.     It would be generally more
             4    convenient if there were many things to be
             5    searched to put them on the hard disk, for
             6    example.
             7         Q.     And why is that?
             8         A.     Then one could do the search
             9    without, you know, repeatedly shuffling the CDs
            10    in and out of the CD rom Drive.
            11         Q.     So what we are talking about --
            12    again, I have to make this record clear -- is
            13    taking a CD that contains music, copying it
            14    electrically onto the hard drive of a computer
            15    so that the content of that CD as it now
            16    resides in the computer memory could be
            17    searched by some kind much computer-assisted
            18    search device, is that -- do I have that right?
            19         A.     Well, I described two versions of
            20    the process; one where it is copied to the hard
            21    disk and one where it's not copied to the hard
            22    disk although it will exist in the computer's
            23    ram memory for the time that it's being
            24    searched.
            25         Q.     Got you.

             2                But with respect to the version
             3    that involved copying to the hard disk did I
             4    have that right?
             5         A.     That's right.
             6         Q.     Okay.
             7                And with respect to the version
             8    that didn't involve copying to hard disk it
             9    would involve loading the CD into a CD rom
            10    player and searching the content of the CD
            11    while it's in the player; is that right?
            12         A.     That's right.
            13         Q.     Now, does your scenario of music
            14    searches contemplate that there would be some
            15    kind of large database containing music files
            16    in order to apply the search engine?
            17         A.     I guess that would be up to the
            18    user of the search software.
            19         Q.     Right.
            20                What's the real research or
            21    academic value to your mind of searching one or
            22    just a handful of CDs?  I mean, isn't the real
            23    value in having a huge repository of these
            24    things --
            25                    MR. HERNSTADT:  Objection to

             2    the form of the question?
             3         Q.     -- to search through?  Isn't that
             4    where the computer really makes it alot more
             5    efficient?
             6                    MR. HERNSTADT:  Argumentative.
             7         Q.     With due respect, sir.
             8         A.     Part of the research is even
             9    designing the computer programs that do the
            10    search.  In order to test those computer
            11    programs, one needs content --
            12         Q.     Sure.
            13         A.     -- to feed them to.
            14         Q.     Got you.
            15         A.     Part of the research is in that one
            16    might search in a CD or some passage where --
            17    you know, containing a certain theme one
            18    sketches out.
            19         Q.     Sure.
            20         A.     And it could well be that those
            21    kinds of searches will be more effective if
            22    performed on a larger database than a smaller
            23    one.
            24         Q.     Rather than flipping CDs in and out
            25    of a drive?

             2         A.     If there are many CDs to be
             3    searched, yes, it would be easier from a larger
             4    database.
             5         Q.     And the point of your article is
             6    that if the CDs are wrapped in some kind of
             7    encryption that this would inhibit scholarly
             8    research unless the encryption were cracked --
             9         A.     That's right.
            10         Q.     -- is that right?  Okay.
            11                And is there any aspect to this, to
            12    your mind, that involves consideration of the
            13    copyrighted content that's on the CDs, that is,
            14    if you were to load a whole bunch of CDs onto a
            15    hard drive or put it somewhere in some computer
            16    storage facility that it would raise copyright
            17    issues to your mind?  And again, without a
            18    legal conclusion.  Just asking what's passed
            19    through your mind in the context of considering
            20    these issues.
            21         A.     Not as a legal conclusion, but it
            22    is my understanding that there are
            23    circumstances where it's permissible to buy
            24    copyrighted material and transfer it to another
            25    medium for one's own use.  And so I can

             2    speculate that it might well be fair use under
             3    the copyright law to buy a collection of CDs
             4    and load them onto a hard disk for the purpose
             5    of searching them.
             6         Q.     Okay.
             7                And would that assumption apply if
             8    one were to post the content of those CDs onto
             9    the internet so that others could search them?
            10         A.     I can easily imagine that that one
            11    would not fall within the category of fair use.
            12         Q.     And why is that?  And again I'm
            13    just using for our view.  You're using the word
            14    fair use.
            15         A.     If one posts the unencrypted
            16    content on the internet, then indeed it is
            17    available for everyone not only to search but
            18    to download.
            19         Q.     Okay.
            20                And if people are able to do that
            21    with movies on the internet, would your answer
            22    be the same?
            23                    MR. HERNSTADT:  Objection to
            24    the form of the question.  We should read back
            25    the answer, too.

             2         Q.     Go ahead.
             3         A.     Well, if people post copies of
             4    movies on the internet and in such a way that
             5    people can download them, then I imagine that
             6    that would not be considered fair use of the
             7    material.
             8         Q.     And coming back to your thesis
             9    about the value of scholarly research in this
            10    connection, okay, because I think you actually
            11    do address video content analysis as part of
            12    your article; right?
            13         A.     That's right.
            14         Q.     And that's sort of doing the same
            15    thing as we just talked about with respect to
            16    musical content on CDs with respect to video
            17    content in some digitized form, yes.
            18         A.     That's right.
            19         Q.     And the notion would be that you'd
            20    have a computer program that functions as a
            21    search engine.  If we wanted to find certain
            22    scenes as we described them for the engine,
            23    that the engine would search through all the
            24    digitized video content and pluckk those scenes
            25    out as defined?

             2         A.     That's an example.
             3         Q.     Okay.
             4                So I guess I go back to the
             5    scenario we just talked about a second ago,
             6    which is that the video content is posted to
             7    the net, and one purpose for doing that may be
             8    to run a search engine of the type we just
             9    described, a video analysis search engine,
            10    right?  But there is also --
            11                    MR. HERNSTADT:  Objection.  I'd
            12    like to let him answer that question and I
            13    object to the form of the question.
            14                    THE WITNESS:  Right.  So what
            15    -- what we say in the paper and what I said
            16    already is that we believe that applying such
            17    search engines to a copy of copyrighted
            18    material which one has purchased is fair use.
            19    And whether or not it's fair use, technically
            20    it's true that in order to do that one needs
            21    access to the unencrypted content.  And -- and
            22    I have not said that posting the unencrypted
            23    content to the internet is fair use.
            24         Q.     And you -- fine.
            25         A.     Okay.

             2         Q.     Okay.
             3                Let's just forget fair use for a
             4    moment, if you will.
             5         A.     All right.
             6         Q.     All right?
             7                I guess my question is a little
             8    more simpleminded.
             9         A.     Okay.
            10         Q.     All right?  And that is --
            11                    MR. GARBUS:  Speak for yours.
            12                    MR. HART:  I am, thank you.
            13    Did you get Mr. Garbus's acerbic comment?
            14                    MR. HERNSTADT:  Smiling
            15    comment.
            16         Q.     Someone puts up --
            17                    MR. GOLD:  You know the
            18    definition of a villain?  I
            19                    MR. HERNSTADT:  Definition of a
            20    --
            21                    MR. GOLD:  Villain with
            22    smiling.  Afterwards I'll tell you.
            23                    MR. HART:  Good, good.
            24         Q.     Someone puts up onto the net a
            25    bunch of video content, right?

             2         A.     Mm-hmm.
             3         Q.     And it could ostensibly be used if
             4    to do the scanning process he just described,
             5    the video search analysis process.  But it also
             6    has the potential for abuse, if you will, in
             7    that people can just download the movies for
             8    their intrinsic --
             9         A.     Okay.
            10         Q.     -- content.
            11                In that situation, okay, in your
            12    mind do you believe that it would be
            13    appropriate to have posted the material to the
            14    internet for that purpose given the risk of
            15    abuse?
            16                    MR. HERNSTADT:  Objection to
            17    the form of the question.  I don't think I
            18    understand it.  Could you repeat the question
            19    back?
            20         Q.     Do you understand the question?
            21         A.     I think I understand the question.
            22                    MR. HERNSTADT:  Could you read
            23    it back?  I want to make sure I understand it,
            24    too.  It's a reasonable desire.
            25                    (Record read)

             2                    MR. HERNSTADT:  And this is in
             3    the context of the hypothetical?
             4                    MR. HART:  Mm-hmm.
             5                    MR. HERNSTADT:  Okay.
             6                    THE WITNESS:  In such a
             7    situation I personally would not post the
             8    material to the internet partly because there
             9    may be other ways of permitting searches on the
            10    material without posting the unencrypted
            11    content.
            12         Q.     Like what?
            13         A.     Like I could post an interface to
            14    the search engine itself.
            15         Q.     Okay.
            16                And by doing that, how does one get
            17    the content to search?
            18         A.     Users might be able to perform
            19    searches which would return indexes into the
            20    material and --
            21         Q.     Go ahead.  I'm just --
            22         A.     -- and then they would have the
            23    choice of purchasing a copy of that material
            24    for their own use having found it by the search
            25    or, and this is where my legal expertise in

             2    fair use --
             3         Q.     Again, I'm not calling for anything
             4    --
             5         A.     Okay.  But I could speculate that
             6    it might be legal to provide very short
             7    excerpts in the search engine interface to
             8    permit the users to determine whether they had
             9    actually found what they wanted.
            10         Q.     Okay.
            11                But all of what you just described
            12    is in effort to avoid putting entire
            13    copyrighted content onto the internet for
            14    people to download?
            15         A.     That's right.
            16         Q.     Okay.
            17                If I told you that people today are
            18    using DeCSS to decrypt DVD movies in order to
            19    traffic them on the internet in the same way
            20    that Napster involves so-called file sharing of
            21    MP3 audio, what would your view be of the
            22    appropriateness of providing DeCSS, the
            23    decryption utility, generally to the public?
            24                    MR. HERNSTADT:  Object to the
            25    form of the question.

             2                    MR. HART:  That's okay.
             3                    MR. HERNSTADT:  If you can
             4    answer it, go ahead.
             5                    THE WITNESS:  Right.  Since in
             6    my view DeCSS has legitimate uses --
             7         Q.     Right.
             8         A.     -- then it's appropriate to post
             9    it.  Just as it's legal and appropriate to sell
            10    Xerox machines which have many legitimate uses
            11    in addition to the illegitimate use of the
            12    wholesale duplication of books, for example.
            13         Q.     So in your mind DeCSS is like a
            14    Xerox machine?
            15                    MR. HERNSTADT:  Objection to
            16    the question.
            17                    THE WITNESS:  It's a useful
            18    tool that also has uses that may be
            19    illegitimate.
            20         Q.     Is there anything special about
            21    digital transmission of content that makes the
            22    risk involved in, say, abuses more pronounced
            23    when you're dealing with the internet, say,
            24    than with a photocopy machine?
            25                    MR. HERNSTADT:  Objection to

             2    the form of the question.  Tortured
             3    hypothetical.  You can answer.
             4                    THE WITNESS:  I guess perhaps
             5    what you're implying is that it's easier to
             6    make a copy of a digital work than it is to
             7    make a copy of a physical work.  So that it may
             8    be more convenient to perpetrate the abuses.
             9         Q.     Is that your view?
            10         A.     I have no experience with the
            11    transmission of multi-gigabyte files, so I
            12    don't know how convenient it is.
            13         Q.     I understand.  But assume -- I'm
            14    going -- the premise is assume that it's doable
            15    and convenient.
            16         A.     Mm-hmm.
            17         Q.     And you suggested that the
            18    photocopy machine was an analogy.  And my
            19    question is really a straightforward one.
            20         A.     Mm-hmm.
            21         Q.     It is, isn't there there a greater
            22    potential for abuse when you deal with digital
            23    content vis-a-vis the internet given the ease
            24    with copies can be multiplied and transmitted
            25    than when you are dealing with a photocopying

             2    device such as a Xerox brand copier?
             3                    MR. HERNSTADT:  Objection to
             4    the form of the question.  It's a compound
             5    question.  Assumes facts not in evidence and is
             6    a tortured hypothetical.
             7                    MR. HART:  Thank you.
             8                    MR. HERNSTADT:  Go ahead.
             9                    THE WITNESS:  It seems
            10    plausible.
            11         Q.     What seems plausible?
            12         A.     That there may be a greater
            13    potential for abuse of -- of digital content
            14    than non-digital content.
            15         Q.     Okay.
            16                Well, let's -- let's take a look
            17    back at your declaration Exhibit 1.
            18                    MR. GARBUS:  It's about 1:30,
            19    can we break for lunch?
            20                    MR. HART:  Let me finish up
            21    this little bit of questioning and absolutely.
            22         Q.     Paragraph 8.
            23         A.     Okay.
            24         Q.     Here, correct me if I'm wrong, you
            25    are describing --

             2                    MR. HERNSTADT:  8?
             3         Q.     Paragraph 8 on Page 4.  Garbus
             4    Frankfurt Garbus document number --
             5                Here you are describing how you
             6    made available some software for free back in
             7    '87 by sending magnetic tapes through Parcel
             8    Post, correct?
             9         A.     That's right.
            10         Q.     And then you go on to say in
            11    Paragraph 9 that with the advent or at least
            12    your recognition of the value of the internet,
            13    that you could do so much more readily simply
            14    by transmitting it over the internet; is that a
            15    fair characterization of what you say?
            16         A.     Yes.
            17         Q.     And I guess following what you said
            18    in your declaration I ask you the same
            19    question.
            20         A.     Mm-hmm.
            21         Q.     Isn't there a fundamental
            22    difference in terms of the ability to multiple
            23    reply and transmit copies on the internet
            24    versus hard copies, in this case you were
            25    talking about Magnetic tapes, in the example

             2    you gave me you were talking about a Xerox
             3    machine.
             4                    MR. HERNSTADT:  Objection to
             5    the form of the question.
             6                    THE WITNESS:  So as I said,
             7    DeCSS has legitimate uses in addition to uses
             8    -- in addition to abuses.
             9         Q.     Right.
            10         A.     And -- and I guess one of the
            11    abuses is the potential to post unencrypted
            12    movies on the internet.
            13                    MR. HART:  Let's stop for
            14    lunch.  Thanks.
            15                    THE VIDEOGRAPHER:  The time now
            16    is 1:31 p.m.  We are going off the record.  Off
            17    lunch recess taken afternoon session.
            18                    THE VIDEOGRAPHER:  The time now
            19    is 2:33 p.m.  We are back on the record.
            20         Q.     Are you ready to resume?
            21         A.     Yep.
            22         Q.     Thank you.
            23                We were talking before the lunch
            24    break about different ways to provide
            25    researchers and scientists with code for

             2    academic or engineering purposes, and one of
             3    the ways we talked about was in person, another
             4    way was through E-mail, whether encrypted
             5    E-mail or unencrypted E-mail.
             6                Are there any other ways, and again
             7    I'm talking about short of posting it generally
             8    to the public on an internet site?
             9         A.     Such as the shipping of tapes by
            10    Parcel Post or --
            11         Q.     Okay.
            12         A.     I don't know if anything else comes
            13    to mind.
            14         Q.     Okay.
            15                Are you familiar with a program
            16    that's marketed by a company called Cahoots?
            17         A.     No.
            18         Q.     You have a website.  You've
            19    mentioned it a couple of times during your
            20    deposition.  I'm going to have the reporter
            21    mark as Exhibit 4 this group of pages that I've
            22    just stapled together.  And I guess after she
            23    marks it the question will be whether that is
            24    --
            25                    MR. HERNSTADT:  Do you have one

             2    for me?
             3                    MR. HART:  I'll go make one for
             4    you.  That will take time.
             5                    MR. HERNSTADT:  Just as long as
             6    I get one before we go.
             7                    MR. HART:  Absolutely.
             8                    (Thereupon, a Printout of
             9                principal pages of Mr. Appel's
            10                website was marked as Exhibit 4 for
            11                identification as of today's date)
            12         Q.     I guess my question is can you
            13    identify is that?  Are those the principal
            14    pages of your website?
            15         A.     These are the pages you get to by
            16    following the underlined links on my website.
            17    At least one of those is actually a link to a
            18    page that's a another website at Bell
            19    Laboratories.
            20         Q.     Uh-huh.
            21         A.     But this is my website.
            22         Q.     Okay.  Thanks.
            23                Now, do you -- do you discuss CSS
            24    or DeCSS at all on your website?
            25         A.     I believe that on my website

             2    there's a copy of my declaration in this case.
             3         Q.     Is that the extent of your
             4    discussion?
             5         A.     There is perhaps a sentence or two
             6    of introduction surrounding the link to my
             7    declaration.
             8         Q.     Okay.
             9         A.     And I believe that I don't discuss
            10    it further on the website.
            11         Q.     Got it.  And when you say the link
            12    to our declaration, your declaration exists on
            13    what server?
            14         A.     I have two links.  One is the link
            15    to my declaration that's in the same web page
            16    with all the other declarations filed by the
            17    defendants at the same time.
            18         Q.     Mm-hmm.  And where is that website?
            19         A.     Now I don't remember which website
            20    that that is.  It might at the EFF.
            21         Q.     Okay.
            22                Not your website though, correct?
            23         A.     And I have a copy of my declaration
            24    accessible at another link just in case the
            25    first link goes out of order.

             2         Q.     Got you.
             3                And where is that other
             4    declaration?
             5         A.     On my own website.
             6         Q.     You don't post DeCSS on your site,
             7    do you?
             8         A.     That's right, I have not posted
             9    DeCSS on my site.
            10         Q.     Do you link to it?
            11         A.     Not directly.
            12         Q.     What -- what do you mean?
            13         A.     I have a link here to the EFF
            14    website with the Universal Studios versus
            15    Reimerdes DVD case and I imaging by following
            16    links to there I could get to DeCSS.
            17         Q.     Okay.
            18                But your purpose in putting your
            19    website up is not to provide DeCSS to anybody,
            20    is it?
            21         A.     That's right.
            22         Q.     I mean, you don't have a banner at
            23    the top of it that says "come get DeCSS here,"
            24    do you?
            25         A.     That's right.

             2         Q.     Is there any reason why you didn't
             3    feel the need to include DeCSS in source or
             4    object code form in your site?
             5                    MR. HERNSTADT:  Objection to
             6    the form of the question.
             7                    THE WITNESS:  It seemed to be
             8    quite adequately mirrored elsewhere on the web.
             9         Q.     Why didn't you post it?
            10         A.     I don't know.
            11         Q.     Do you get involved or have you
            12    ever been involved in any so-called Linux
            13    development activities?
            14         A.     No.  I use Linux, but I have not
            15    been involved in Linux development activities.
            16         Q.     Where do you use Linux?
            17         A.     I do my research primarily on a
            18    Linux computer server in my department.
            19         Q.     Okay.
            20                And do you have access to other
            21    operating systems there, as well?
            22         A.     I -- yes.
            23         Q.     But you have not followed the
            24    efforts, exploits and travails of various Linux
            25    developers or participants in any of the

             2    so-called Linux community, have you?
             3                    MR. HERNSTADT:  Objection to
             4    the form of the question.
             5                    THE WITNESS:  I have read about
             6    aspects of Linux development and the way that
             7    development is coordinated worldwide, the ways
             8    in which various companies have supported Linux
             9    since the development of Linux a few years ago.
            10         Q.     But you have not participated in
            11    the development -- any developments yourself in
            12    Linux, have you?
            13         A.     Some of the software I wrote for
            14    other purposes and which is described in my
            15    declaration I believe has now been made
            16    available as part of the some of the Linux
            17    distributions.  But it's not really a core part
            18    of the operating system and I don't participate
            19    actively in the Linux development system.
            20         Q.     And have you ever participated in
            21    any of the chat groups that are devoted to
            22    Linux development?
            23         A.     No.
            24         Q.     You are aware that those exist?
            25         A.     Yes.

             2         Q.     And would you say that that's a
             3    pretty -- scratch that.
             4                Let's go back to the group of
             5    E-mails that we had earlier marked.  I believe
             6    you have it there as Exhibit 3.
             7         A.     Mm-hmm.
             8         Q.     And if you would turn to the --
             9    they are unnumbered pages.  I'm going to have
            10    to count them.  First, second, third, I believe
            11    it's the fourth page in.  And what I'm focusing
            12    on is just beneath the top of the page there is
            13    "-- Dave" and below that "to: Dave Touretzky"
            14    "subject:  Gallery," "In-reply-to:"  "From:
            15    Andrew Appel."
            16                Is this an E-mail from you to Dave
            17    Touretzsky on the date shown on that header?
            18         A.     Yes.
            19         Q.     And is the text that follows
            20    beneath that headers yours?
            21         A.     Yes.
            22         Q.     What were you referring to when you
            23    talked about "and finally, if it's legal to
            24    link to A and legal to Link to A xor B then
            25    ..".

             2                And then you go, "I don't
             3    completely buy this argument, and perhaps it's
             4    not the best argument to make for freedom of
             5    speech."
             6                What was the gist of that?
             7         A.     Suppose it were illegal to post a
             8    certain document on the internet.
             9         Q.     Okay.
            10         A.     It would be possible to post two
            11    other documents that when you combine them
            12    together make the original document, but in
            13    which no information from the original document
            14    is present in either of the two pieces except
            15    as they are combined.
            16         Q.     And what's your conclusion as it
            17    relates to the comment you made in this E-mail?
            18                    MR. HERNSTADT:  Objection to
            19    form.  What comment?
            20                    THE WITNESS:  I guess I came to
            21    the conclusion that very likely one could make
            22    the argument that posting in that form would be
            23    substantively the same as posting the original
            24    document.
            25         Q.     Okay.

             2                Why?
             3         A.     I don't know.  I guess the reason
             4    there is an ellipsis there is that I had
             5    difficulty coming to any well-formulated
             6    conclusion with a sound explanation.
             7         Q.     Okay.
             8                Was part of your purpose in
             9    communicating with Touretzky to discuss
            10    different illustrations of source code for the
            11    purpose of making arguments about free speech?
            12         A.     Touretzky's website in particular
            13    is to provide evidence and examples for the
            14    argument that it's inconsistent to prohibit
            15    posting source code for a computer algorithm,
            16    but to permit publication of a detailed
            17    explanation of the algorithm.  And so he has
            18    several kinds of examples, and I had thought of
            19    one or two other kinds of examples.  The
            20    example that you brought up just now is sort of
            21    the weaker and less useful of the examples and
            22    so we dropped it.
            23         Q.     I got you.
            24                When you say English language
            25    description of the source code, you mean really

             2    paraphrasing if I can use that word, you can
             3    certainly supply your own if you want, verbatim
             4    line-for-line what the source code says into
             5    English?
             6         A.     Well, it may mean that.  If you
             7    look at Frank Stephenson's article with the
             8    crypt analysis of the source code that's not
             9    paraphrasing line-for-line.  That's an
            10    explanation.
            11                But another example of the
            12    difficulty in deciding whether -- where to draw
            13    the line or whether it's even possible to draw
            14    the line would be an English language document
            15    that paraphrased line-for-line.
            16         Q.     Right.
            17                And what this is about, if we could
            18    put a label on it, isn't really reverse
            19    engineering or cryptographic research, per se,
            20    but rather sort of testing line drawing issues
            21    in terms of the differences between source and
            22    object code and English language descriptions
            23    of the code; is that a fair statement?
            24                    MR. HERNSTADT:  Objection the
            25    form of the question.

             2                    THE WITNESS:  Dave Touretzky's
             3    web page entitled "Valley of CSS Descramblers"
             4    I think is specifically devoted to testing how
             5    and whether it's possible that one can draw
             6    that line.
             7         Q.     And it's not about reverse
             8    engineering, per se?
             9         A.     Not about reverse engineering, per
            10    se.
            11         Q.     Or cryptography?
            12         A.     Yeah, I would say that.
            13         Q.     Do you know if 2600 is engaged in
            14    any reverse engineering or cryptography?
            15         A.     No.  I have looked only once at the
            16    2600 website for, you know, three or four
            17    minutes.
            18         Q.     Did you ever read the opinion that
            19    was issued by Judge Kaplan in this case?
            20         A.     Which opinion?
            21         Q.     I'm sorry.
            22                It was the January 20 preliminary
            23    injunction opinion, and there there was a
            24    following sort of lengthier memorandum opinion.
            25         A.     I believe so where in this set of

             2    E-mails I -- which page am I on?  Page 3.  Near
             3    the top.
             4         Q.     Just -- just so the record is
             5    clear, Dr. Appel, we are referring again to
             6    Exhibit 3?
             7         A.     Yes.
             8         Q.     Page 3.  Go ahead.
             9         A.     I have quoted from what's here
            10    referred to as an injunction.  Is that the
            11    opinion you are referring to?
            12         Q.     I'm sorry.  We are looking at the
            13    material that's preceded by Number -- Arabic
            14    II?
            15         A.     Yes.
            16         Q.     Okay.
            17                No.  I was asking you if you had
            18    read the decision where the court explained its
            19    reasoning in the case.
            20         A.     I think I skimmed it.  I don't
            21    think I read every word of it.
            22         Q.     Okay.
            23                Is that sound academic or scholarly
            24    practice?
            25                    MR. HERNSTADT:  Object to the

             2    question.
             3                    THE WITNESS:  If I -- to do
             4    what?
             5         Q.     Well -- and I'm by no means
             6    intending to be argumentative with you.  I want
             7    to make that clear.
             8                You have put in a declaration and
             9    intend as a witness in this case in part to
            10    impart and your specialized expertise to a
            11    court because you believe that that's important
            12    to do so for whatever reasons we may wind up
            13    talking about today.  And I guess I'm asking
            14    you whether it's sound practice from your
            15    standpoint as a scholar or academician to be
            16    taking positions in a case over a judge's
            17    decision which you have -- you just told me,
            18    merely skimmed, whether you regard that as
            19    sound academic or scholarly practice?
            20                    MR. HERNSTADT:  Objection to
            21    the form of the w -- the form of the question.
            22    It's argumentative.
            23                    MR. HART:  And I apologized for
            24    that in advance.
            25                    THE WITNESS:  If I were

             2    testifying in some -- or writing an article
             3    where in some way I was characterizing the
             4    content of something, then I should have read
             5    it in detail.
             6         Q.     I see.
             7                Now, the article that you wrote
             8    that you submitted to the copyright office, the
             9    purpose of your submission of that piece to the
            10    copyright office was what?
            11         A.     They solicited public comment in
            12    their process of regulating which classes of
            13    works were to be exempted from the prohibition
            14    on circumvention.
            15         Q.     And how did you first become aware
            16    of that proceeding?
            17         A.     I think Professor Felten mentioned
            18    it to me.
            19         Q.     Had you been following the course
            20    of the digital Millenium copyright act or its
            21    enactment?
            22         A.     Yes.
            23         Q.     You had?
            24         A.     Yes.
            25                    MR. GOLD:  Let's go off the

             2    record for 20 second.
             3                    THE VIDEOGRAPHER:  The time now
             4    IS 2:51 p.m.  We are going off the record.
             5                    (Informal discussion held off
             6                the record)
             7                    THE VIDEOGRAPHER:  The time now
             8    is 3:00 p.m.  We are back on the record.
             9         Q.     Thank you.
            10                You mentioned in paragraph -- I
            11    want to wait so we don't need to have the
            12    question read back because you didn't hear it.
            13    That's fine.
            14                    MR. HERNSTADT:  Thank you,
            15    Bill.
            16         Q.     In Paragraph 14 of your
            17    declaration, Mr. Appel, you say, and I quote,
            18    "many of the websites presently posting are
            19    linking to DeCSS state or suggest that the
            20    posting is intended to demonstrate sympathy for
            21    the right to post DeCSS."  And my question to
            22    you, sir -- do you see that text in your
            23    declaration?
            24         A.     Yes.
            25         Q.     My question to you is, how do you

             2    know that?
             3         A.     I guess by whatever words appeared
             4    on those websites.  I don't have specific notes
             5    about what was on each of those websites since
             6    in this paragraph of my declaration I was only
             7    concerned with mentioning sites that post DeCSS
             8    in the context of a scholarly discussion.
             9         Q.     Do you know how many websites you
            10    reviewed over the course of time with respect
            11    to the posting or linking of DeCSS?
            12         A.     I don't have particular records,
            13    but I would guess on the order of 50.
            14         Q.     And so it's among the 50 that you
            15    looked at that you drew your statement in the
            16    Paragraph 14 to the effect that many of the
            17    websites posting or linking and so forth?
            18         A.     Yes.
            19         Q.     And was there anything about the
            20    site that indicated to you that it was intended
            21    to demonstrate sympathy for the right to post
            22    DeCSS?
            23                    MR. HERNSTADT:  Object to the
            24    form.
            25                    THE WITNESS:  There would have

             2    been statements on the websites in addition to
             3    the link to DeCSS.
             4         Q.     Do you recall any of those
             5    statements?
             6         A.     No.
             7         Q.     In words or in substance?
             8         A.     Not specifically.
             9         Q.     Okay.
            10                But, in other words, it was clear
            11    to you that the sites weren't putting up DeCSS
            12    either by posting or linking as part of some
            13    exercise in scholarship, reverse engineering,
            14    cryptography or academic study?
            15                    MR. HERNSTADT:  Object to the
            16    form.
            17                    THE WITNESS:  That's right.
            18    Many of the websites are not posting for any of
            19    those specific reasons that you mentioned.
            20         Q.     Do you think it's fair to say that
            21    of the various sites that you saw, they
            22    represented part of a larger effort at
            23    electronic civil disobedience?
            24                    MR. HERNSTADT:  Object to the
            25    form of the question.

             2                    THE WITNESS:  That's an
             3    interesting question.  I hadn't thought about
             4    it in those terms before.
             5                    MR. HERNSTADT:  I also object
             6    that it assumes facts not in evidence.
             7                    THE WITNESS:  I don't actually
             8    know what proportion of those websites were
             9    posting it in contravention of any law or
            10    injunction so I can't tell whether they were
            11    being disobedient or not.
            12         Q.     Okay.
            13                But I'm not looking at what's a
            14    violation of law at this point, sir.  I'm
            15    simply going to your statement in Paragraph 14
            16    of your declaration that said that -- and I
            17    assume you did this based upon your personal
            18    knowledge -- that "many of the websites
            19    presently posting or linking to DeCSS state or
            20    suggest the postings intended to suggest
            21    sympathy for the fight right post DeCSS."
            22    Those are your words?
            23         A.     Yes.
            24         Q.     Okay.
            25                And I asked you how you discerned

             2    that, right?
             3         A.     Right.
             4         Q.     And then the question was, do you
             5    -- was it fair to say that this was part of an
             6    effort at electronic civil disobedience.  And
             7    that's where you said that's an interesting
             8    question.
             9                    THE WITNESS:  Right.
            10         Q.     And then we started to talk about
            11    legalities.  And I'm coming back to your
            12    question -- I'm sorry, to the question about
            13    what you said in your declaration.
            14         A.     It's my understanding that civil
            15    disobedience involves disobedience which is
            16    breaking some rule.  And it's not at all clear
            17    to me for a majority of these websites what
            18    rule they are breaking.
            19         Q.     Okay.
            20                And have you ever talked with Eric
            21    Corley or Emmanuel Goldstein?
            22         A.     No.
            23                    MR. HERNSTADT:  Object to the
            24    form of the question.  That's one person.
            25                    THE WITNESS:  I have not.

             2         Q.     Did you ever read 2600, the Hacker
             3    Quarterly magazine?
             4         A.     No, I have not.
             5         Q.     Now, you mention in your
             6    declaration several sites which you regard as
             7    -- let me get the declaration out and use your
             8    words, okay?  Hang on a second.  You got my
             9    copy?
            10                    MR. HERNSTADT:  Just trying to
            11    save time.  That's mine.  I was pointing out
            12    the words I think you're looking for.
            13                    MR. HART:  Appreciate that.
            14         Q.     Okay.  We are still in Paragraph
            15    14.
            16         A.     Okay.
            17         Q.     Starting with the acceptance "while
            18    many of the websites" and, I won't beat that
            19    horse anymore.  You go on to say "I am aware of
            20    as least four," right?  And then you mention
            21    them.
            22         A.     Right.
            23         Q.     One of which is the site of the
            24    good Dr. Touretzky who we've been talking about
            25    today, okay?

             2         A.     Okay.
             3         Q.     And the others are the sites of
             4    Greg Newby, right?
             5         A.     That's right.
             6         Q.     Bruce Schneier?
             7         A.     Right.
             8         Q.     Right?  And David Wagner, right?
             9         A.     Right.
            10         Q.     How did you find these sites?
            11         A.     The web search engine.
            12         Q.     Do you know whether any of these
            13    sites are being linked to by 2600?
            14         A.     No, I don't.
            15         Q.     Do you know if any of these sites
            16    offer DeCSS as an executable utility?
            17         A.     No, I don't.
            18         Q.     Okay.
            19                Do you know if any of these sites
            20    include DeCSS source code?
            21         A.     When I did the survey I was, as I
            22    said, primarily looking for source code.
            23         Q.     Mm-hmm.
            24         A.     It is my recollection that it was
            25    accessible from Schneier's site and from

             2    Wagner's site.
             3         Q.     The "it" being source code?
             4         A.     The source code.
             5         Q.     Right.
             6         A.     And I can't remember if source code
             7    was directly accessible from Touretzky's site
             8    or indirectly.  He had several version of
             9    things that were close to CSS, and on Newby's
            10    site there were indications that it had
            11    previously been accessible but that he had been
            12    asked to remove it by the administration of his
            13    university.
            14         Q.     Mm-hmm.
            15         A.     And so he had a discussion of -- of
            16    that and --
            17         Q.     Okay.
            18                Have you ever talked with
            19    Mr. Newby?
            20         A.     No.
            21         Q.     Have you ever talked with David
            22    Wagner?
            23         A.     Yes.
            24         Q.     When was the first time you ever
            25    talked to David Wagner?

             2         A.     He was an undergraduate at
             3    Princeton.  I'm not sure whether I talked to
             4    him during that time.
             5         Q.     Right.
             6         A.     But then he visited Princeton for a
             7    day in March --
             8         Q.     Of this year?
             9         A.     -- as part -- of this year on a job
            10    interview.
            11         Q.     And you had occasion to see him
            12    during that visit?
            13         A.     Yes, I talked to him for about half
            14    an hour.
            15         Q.     Okay.
            16                And other than the possibility that
            17    you might have bumped into him when he was at
            18    Princeton before, was that, to your
            19    recollection, the first time you remember
            20    talking to him?
            21         A.     Yes.
            22         Q.     Did you have any discussions about
            23    any of the subjects relevant to this case?
            24         A.     No.
            25         Q.     What about Mr. Schneier, ever

             2    spoken to him?
             3         A.     I believe so.  I believe I spoke to
             4    him or had E-mail with him three or four years
             5    ago on a com -- on some completely unrelated
             6    topic.
             7         Q.     Have you had any discussions with
             8    Bruce Schneier relative to any of the issues in
             9    this case, DeCSS, CSS?
            10         A.     No.
            11         Q.     You mentioned a minute ago that in
            12    certain cases code may be on a site and in
            13    other case it may be available, I believe you
            14    used the word "indirectly"; is that --
            15         A.     Right.
            16         Q.     When you say "indirectly," what do
            17    you mean?
            18         A.     That you may need to click on more
            19    than one link to get there.
            20         Q.     Okay.
            21                And in saying that, are you
            22    referring both to what I'll call internal
            23    links, if that means anything, within the same
            24    website as well as to external links that take
            25    you onto another website?

             2         A.     Yes.
             3         Q.     Okay.
             4                Functionally are those any
             5    different, internal and external links?
             6         A.     No.  I guess the point is that
             7    internal links are in some sense more reliable
             8    as they are under the control of the linker.
             9         Q.     Right.
            10                Have you ever looked at the
            11    so-called mirror page of the 2600 site?
            12                    MR. HERNSTADT:  Objection.
            13    Asked and answered.
            14                    THE WITNESS:  I don't know.
            15    I've looked at some DeCSS mirror pages, but I
            16    don't believe this they were the 2600 mirror
            17    page.  And I believe I've looked at the 2600
            18    site itself, but I don't recall whether I've
            19    looked at mirror pages of the 2600 site.
            20                    MR. HART:  Let's mark -- and I
            21    think just to make the reporter's job easier we
            22    will do this as a batch exhibit.  We are going
            23    to need a monster stapler to let that happen.
            24    We are up to five, I believe and yes, I do have
            25    copies for you, Ed.

             2                    MR. HERNSTADT:  Thank you.
             3                    (Thereupon, Printout of the
             4                Hacker Quarterly was marked as
             5                Exhibit 5 for identification as of
             6                today's date)
             7         Q.     If you turn to a page that says --
             8    it's the fifth packet within the exhibit.  It's
             9    a 19-page grouping with a date line at the
            10    bottom of 3/23.
            11         A.     Yep.
            12         Q.     And you'll see starting on page --
            13    really starting on that -- the first page
            14    within that packet, you see the heading
            15    "mirrors" toward the bottom --
            16         A.     Yes.
            17         Q.     -- of the first page of that
            18    packet?  And then continuing the list of what I
            19    can represent to you are hot links, right?
            20         A.     Right.
            21         Q.     We keep turning you'll see when you
            22    got to Page 18 of 19 --
            23         A.     Yes.
            24         Q.     -- some windows down at the bottom
            25    "to submit your mirror site containing these

             2    files, enter the URL here," do you see see
             3    that?
             4         A.     Yes.
             5         Q.     Click "okay"?
             6                Now, my understanding of this is,
             7    tell me if I'm wrong, that one would input
             8    their URL address of their website "containing
             9    these files," i.e. DeCSS, into this window or
            10    box, click "okay," and that would transmit the
            11    information concerning the URL to 2600 for
            12    inclusion on its list of mirrors.  Is that your
            13    understanding of that how that works?
            14                    MR. HERNSTADT:  Objection to
            15    form.  No foundation for the question.  If you
            16    have any idea, please answer.
            17                    THE WITNESS:  That's certainly
            18    the impression given by the text on this page.
            19         Q.     Now, if you turn to the first page
            20    of that same little packet, the 1 of 19 page
            21    where we started, are you with me?
            22         A.     Yes.
            23         Q.     Under the rubric "how you can
            24    help," do you see the statement "it's
            25    especially important that as many of you as

             2    possible all throughout the world take a stand
             3    and mirror these files?"
             4         A.     Yes.
             5         Q.     Does that reinforce your impression
             6    about what the URL box is at the end of a
             7    mirror list?
             8                    MR. HERNSTADT:  Objection to
             9    the form of the question.  No foundation.
            10                    THE WITNESS:  That text is
            11    encouraging people to mirror the files, yes.
            12         Q.     Okay.  Your DeCSS, right?
            13         A.     I guess so.
            14                    MR. HERNSTADT:  Bill, when you
            15    get to a good point to stop, we are at the
            16    about 10-minute mark.
            17                    MR. HART:  Oh, really?
            18                    MR. HERNSTADT:  Wherever is a
            19    good point to stop would be good.  I want to be
            20    able to review the stuff before we talk to the
            21    judge.
            22                    MR. HART:  Okay.
            23         Q.     And you mentioned a little while
            24    ago about a difference in your mind between an
            25    external lick -- link and external link was a

             2    question of control over the link to matter.
             3    If I can summarize your testimony that way, is
             4    that a fair characterization?
             5         A.     Yes.
             6         Q.     With respect to what we've just
             7    looked at in terms of the URL window, is it
             8    fair to say that the links appearing on the
             9    2600 page are ones that to a reasonably
            10    knowledgeable person about computers like you
            11    appear to be the result of someone posting
            12    DeCSS as a result of 2600's cold action and
            13    then providing that URL for that posting to
            14    2600 in the window?
            15                    MR. HERNSTADT:  Objection to
            16    the form of the question.  It calls for
            17    speculation.  And Professor Appel, I'm going to
            18    direct you not to speculate.
            19                    THE WITNESS:  All right.  I
            20    guess I won't speculate.
            21         Q.     Okay.  Now you can answer the
            22    question.
            23         A.     I don't know what's on -- I don't
            24    know what I would get to if I traversed the
            25    links shown here.

             2         Q.     Okay.
             3                Another words they might not
             4    contain DeCSS at all?
             5         A.     They might not even be links.
             6         Q.     Oh, in the sense that --
             7         A.     They might not be links.  They
             8    might be links to websites other than the ones
             9    listed in the text.  I don't know what you get
            10    to by clicking on those.
            11                    MR. HART:  Okay.  We will stop
            12    here for now.
            13                    MR. GOLD:  One last question.
            14    Your answer to our request for admissions was
            15    due on Monday.  I talked to Marty yesterday
            16    about it, and he said he would tell me today
            17    when you were answering that.
            18                    MR. HERNSTADT:  I think the
            19    problem with that was that we were served with
            20    other papers and that it was misfiled.  So
            21    yesterday is the first time I saw it.  We are
            22    working on it right now and we will have it
            23    you, I hope, before the end of the business
            24    tomorrow.  But as soon as we can possibly
            25    answer it I'll get it to you.

             2                    THE VIDEOGRAPHER:  The time now
             3    is 3:18 p.m.  We are going off the record.
             4                    (Informal discussion held off
             5                the record)
             6                    THE VIDEOGRAPHER:  The time now
             7    is 4:18 p.m.  We are back on the record.
             8         Q.     Thank you.
             9                Are you getting paid for your
            10    involvement in this case, Dr. Appel?
            11         A.     No.
            12         Q.     Are any expenses being reimbursed
            13    to you?
            14         A.     We have not discussed that.
            15         Q.     I see.
            16                Have you talked with anyone at the
            17    EFF regarding this case?
            18         A.     No.
            19         Q.     Okay.
            20                Do you know what the EFF is?
            21         A.     Yes.
            22         Q.     Okay.
            23                Now, coming back to the four
            24    categories of your contemplated trial
            25    testimony, I'm going to make a statement and

             2    I'm going to ask you if this fits within one of
             3    those four categories.
             4         A.     Can you summarize the categories
             5    again for me?
             6         Q.     Well, you're going to make me read
             7    my own handwriting which is not always the best
             8    idea.
             9                The notion that publishing
            10    information or material on the internet is the
            11    best way to address the public; the distinction
            12    between source and object code; the kinds of
            13    uses of copyrighted materials that one in your
            14    belief would need access to to engage in what
            15    you call fair uses.  I think that was largely a
            16    topic covered by your piece with Dr. Felten.
            17         A.     That's right.
            18         Q.     And lastly there there is some
            19    benefit to probing, if you will, security
            20    systems to expose their weaknesses.
            21         A.     I would characterize the first of
            22    those four slightly differently.
            23         Q.     I'm sorry.  Please.
            24         A.     Which is that a useful April
            25    essential part of publishing scientific results

             2    is now the inclusion of source or object code
             3    as part of the publication.  Okay.  But go
             4    ahead.
             5         Q.     Okay.
             6                We talked earlier about different
             7    examples of scholarly or engineering use of
             8    code.  And I guess what I need you to clarify
             9    for us is this:  When one refers to code in the
            10    course of a discussion, is it normally -- is
            11    the code normally presented in a sort of
            12    explicated form?  And I'm using the word
            13    "explicated" in a sort of English language
            14    sense rather than in some kind of a technical
            15    term.  I'm not sure if you have a certain
            16    technical word to substitite for that.  Do you
            17    know what I -- do you understand -- what is
            18    your understanding of the word "explicated"?
            19         A.     In other words, additional
            20    commentary?
            21         Q.     Right.  Right.  And so I guess what
            22    -- what I'm -- what I'm asking you, and then
            23    I'll try to make it as clear as possible is
            24    that in kinds of scholarly discussion of code
            25    that you talked about that in your view also

             2    requires inclusion of the code, would one
             3    ordinarily expect to see the code explicated in
             4    some way in the context of a discussion?
             5                    MR. HERNSTADT:  Objection to
             6    the form of the question.  If you understand
             7    that you can answer.
             8                    THE WITNESS:  Sometimes one
             9    publishes code that contains comment within the
            10    code.  It has more often been my practice to
            11    publish the code without a large amount of
            12    internal commentary, but with a technical
            13    article that may accompany it.  And it may
            14    accompaniment -- it may accompany it only
            15    indirectly, that is in a different venue.  I
            16    might publish the article describing how the
            17    code works in a conference or a journal and
            18    distribute the code on a website.
            19         Q.     Okay.
            20                And does that answer also apply to
            21    any instance involving code relating to
            22    encryption or decryption of an encryption
            23    devise?
            24                    MR. HERNSTADT:  Objection to
            25    the form.

             2                    THE WITNESS:  My previous
             3    answer was about my practice and the articles
             4    that I have published and the code I have
             5    written and have not really been about
             6    encryption and decryption.
             7         Q.     And can you speak to the normal as
             8    you understand it in the scholarly, academic,
             9    cryptographic or other academic communities in
            10    relation to the publication of code as it
            11    applies to encryption or decryption?
            12         A.     I can't speak to a specific norm in
            13    the field of encryption and decryption.
            14         Q.     Okay.
            15                And what about reverse engineering?
            16                    MR. HERNSTADT:  Objection to
            17    the form of the question.
            18         Q.     I'm sorry.  Let me -- let me
            19    rephrase the question.  I'm sure it won't cure
            20    the form problem, but it's actually a slightly
            21    different question.
            22                What about reverse engineering of
            23    encryption systems?  Same question.
            24         A.     So I'm familiar in fair detail with
            25    the practice of science and the forms of

             2    publication in areas most related to my own
             3    research, and those have been programming
             4    languages, compilers and certain aspects of
             5    computer security.
             6         Q.     Okay.  And I -- I'm sorry.
             7         A.     And in those areas in general
             8    people public research papers in venues in
             9    which there is not much room to include a lot
            10    of code.
            11         Q.     Right.
            12         A.     And they public the code in other
            13    venues.  Partly that's because typically the
            14    articles are published in print media.
            15         Q.     Right.
            16         A.     Even though the article may be
            17    available on the web, there is some version of
            18    it in the print media.  And the code itself is
            19    not well-suited to publication in the print
            20    media.
            21         Q.     And why is that?
            22         A.     Because in order for people to
            23    search in it and manipulate it, it needs to be
            24    in digital form.
            25         Q.     And that's source code or object

             2    code or both?
             3         A.     Both.
             4         Q.     And would you expect to see the
             5    entirety of an object code utility for a
             6    decryption device being made available on the
             7    net for academic or encryption research
             8    purposes?
             9         A.     Yes.
            10         Q.     Such that it could be used by
            11    others for what we've called abusive purposes?
            12                    MR. HERNSTADT:  Objection.
            13    Assumes facts not --
            14                    MR. HART:  I'm trying to
            15    shortcut it.  If you want me to go the long
            16    way, I'll go the long way.
            17                    MR. HERNSTADT:  If he can
            18    answer the question, he's free to answer the
            19    question.  I'm just making my objection.
            20                    THE WITNESS:  When people
            21    invent let us say "encryption systems," it's
            22    common to publish a paper describing the
            23    encryption or decryption algorithm and source
            24    code for the encryption and decryption programs
            25    and object code for those programs so that

             2    people can make their own experiments and come
             3    to their own conclusions.
             4         Q.     Okay.
             5                And when you say that's common
             6    practice, that's what you said, right?
             7         A.     Right.
             8         Q.     By doing that, doesn't the
             9    proprietor of that system or the user of that
            10    system compromise that system by exposing the
            11    source code and the object code?
            12         A.     No.  In the field of cryptography
            13    as practiced in the last 60 years or so, it's
            14    generally accepted that the way to achieve
            15    security in a system is to publish the
            16    algorithms, the mechanisms of the system, and
            17    keep the keys secret.  And there are several
            18    reasons for that.  The first is that if a key
            19    leaks you can always choose a different key in
            20    -- in most cases.  If the mechanism of the
            21    system leaks, you can't choose another very
            22    easily.  You have the one.
            23                So -- and the second reason is that
            24    by exposing the mechanism to public scrutiny
            25    that gives experts in the field and even

             2    adversaries the opportunity to test the
             3    strength of the underlying mechanism.  So it's
             4    generally accepted that trying to achieve
             5    security of a cryptographic system by keeping
             6    the mechanism secret is a kind of fallacy and
             7    will not generally work well.  So that's why
             8    it's common practice to publish the source code
             9    and object code of cryptographic systems and
            10    rely on the keys to provide secrecy.
            11         Q.     Got you.
            12                And is that your understanding of
            13    how the CSS system works, that is, that it
            14    depended upon secrecy of the keys?
            15                    MR. HERNSTADT:  Objection to
            16    the --
            17         Q.     To the extent that you know.
            18                    MR. HERNSTADT:  Well, objection
            19    to the form of the question.
            20                    THE WITNESS:  My -- most of my
            21    understanding of the CSS encryption algorithm
            22    comes from reading Frank Stephenson's paper.
            23         Q.     Okay.
            24         A.     And in principle, one should be
            25    able to publish the algorithm and if the key is

             2    secret then one achieves security.
             3         Q.     Right.
             4         A.     His paper explains at least two
             5    reasons why the particular CSS program falls
             6    short of that goal.  And in addition, of
             7    course, there is the problem that the keys
             8    themselves leaked out.
             9         Q.     And what is your understanding of
            10    Stephenson's two reasons?
            11         A.     The first reason is that the CSS
            12    program uses keys of only 40 bits, and this was
            13    to comply with U.S. law at the time that it was
            14    designed.  And for a computer to search through
            15    the space of 40 bit keys, wouldn't take too
            16    long.  So that is the computer -- you could
            17    write a computer program to try every key.
            18                And the second reason is that even
            19    within the space of 40 bit keys, the algorithm
            20    itself seems to be badly designed so that you
            21    have an effective strength equivalent to 25 bit
            22    keys.  There are only approximately 30 million
            23    25 bit keys so it's not difficult for a
            24    computer to try them all.
            25         Q.     Do you have any understanding of

             2    how CSS was actually hacked?
             3                    MR. HERNSTADT:  If you know.
             4                    THE WITNESS:  No, I don't.
             5         Q.     Do you have any anecdotal
             6    understanding based on your reading of any
             7    materials?
             8         A.     What I have read in -- I believe in
             9    documents that are evidenced in this case is
            10    that some of the information may have leaked
            11    from a company that was licensed to make a DVD
            12    player for Microsoft Windows.
            13         Q.     Now, when you say that it's not
            14    that hard to get a computer program to run all
            15    the permutations for you before it figures out
            16    a 40 bit or 28 bit key length -- do I have that
            17    right so far?
            18         A.     Right, right.
            19         Q.     Do you know if that is in fact,
            20    based on what you've heard or read, what
            21    happened here?
            22         A.     What I've read leads me to believe
            23    that that is not what happened.
            24         Q.     Right.
            25         A.     And that the keys themselves were

             2    leaked from one of the companies licensed to
             3    make a DVD player.
             4         Q.     Got you.
             5                Is the effort to discern the
             6    various permutations leading to the key through
             7    the application of computer programs called a
             8    brute force attack?  Is that -- do I have the
             9    terminology right?
            10         A.     More or less.
            11         Q.     Okay.
            12         A.     Let us say that searching through
            13    the space of 40 bit keys would be a brute force
            14    attack, and Stephenson's description of an
            15    algorithm it would take time proportional only
            16    to 2 to the 25th instead of 2 to the 40th would
            17    not be a brute force, it would be something
            18    some what more elegant than brought force.  And
            19    --
            20         Q.     Sorry, I thought it was 2 to the
            21    28th, not the 25th.
            22         A.     It was the 25th.
            23         Q.     25th.  Excuse me.
            24         A.     And that kind of search would be
            25    approximately 30,000 times faster than

             2    searching through a 2 to the 40th.
             3         Q.     Because that wasn't done in this
             4    case as far as you know?
             5         A.     From reading the documents it
             6    appears that that was not how --
             7         Q.     Right.
             8         A.     -- it was originally cracked.  And
             9    it may be that somebody like Frank Stephenson
            10    did the experiment to see whether it would have
            11    been possible from the beginning.
            12         Q.     After he had the algorithm?
            13         A.     That's right.
            14         Q.     After it was discerned from the
            15    fact that the keys, I think as you said, were
            16    exposed?
            17         A.     Right.
            18         Q.     Now, using the key analogy, again
            19    to the best of your understanding, where does
            20    DeCSS fit into the process?  Does DeCSS include
            21    the keys?
            22                    MR. HERNSTADT:  Objection to
            23    the form of the question.
            24                    THE WITNESS:  Yes.  I believe
            25    that DeCSS as it's distributed contains keys.

             2         Q.     Okay.
             3                So the notion that you described
             4    earlier in terms of an acceptable cryptographic
             5    model for publication and external testing,
             6    namely to publish the mechanism but not the
             7    keys, if I got it right, is not equivalent of
             8    make DeCSS available on the internet is it?
             9         A.     When I talked about the general
            10    procedure of publishing the mechanism but not
            11    the keys, I was talking about the designers and
            12    commercializers of the cryptographic system
            13    itself.  I wasn't really talking about people
            14    who were reverse engineering the system.
            15         Q.     Right.
            16         A.     That is, it's very typical for
            17    people inventing and marketing a cryptographic
            18    system to themselves publish the details of the
            19    algorithm.
            20         Q.     Got you.
            21         A.     So I think the analogy doesn't
            22    really hold for that reason.
            23         Q.     Right.
            24                Is there, in your view, reverse
            25    engineering utility to the publication of

             2    DeCSS?  And by "publication" I mean making
             3    available of the software, not descriptions
             4    about it.
             5         A.     Yeah, it enables the use of DVD
             6    movies that people purchase on other kinds of
             7    encryptment than those licensed by the DVD
             8    manufacturers.
             9         Q.     How do you know that?
            10         A.     From -- I guess from my reading of
            11    claims about DeCSS in the documents relating to
            12    this case.
            13         Q.     Would you say that Linux users are
            14    mainstream or more sort of esoteric level
            15    computer users generally?
            16                    MR. HERNSTADT:  Object to the
            17    form of the question.
            18         Q.     And you can use your owning words.
            19    I'm just --
            20         A.     Right.
            21                Linux is very widely used.  It's an
            22    operating system that runs on many mainstream
            23    servers, it's supposed by IBM and other
            24    companies for use on equipment that they sell
            25    because in many ways it's more secure and more

             2    reliable than Microsoft Windows.  I use Linux
             3    in my daily research.
             4         Q.     At school.
             5         A.     Yes, at Princeton University.
             6         Q.     Right.
             7         A.     I use a machine in which, you know,
             8    some of the windows on my screen are open to
             9    Linux servers and others are open to Microsoft
            10    windows machines as a matter of course.
            11         Q.     Okay.
            12                But leaving aside sort of
            13    industrial level computers, leaving aside what
            14    you have in the university right now, I guess,
            15    and looking at it from the standpoint of
            16    playing back DVD movies which you just
            17    mentioned a moment ago, what's a basic system
            18    comprised of Linux operating system, what have
            19    you, cost?  I mean, are we talking about
            20    something that's the equivalent in place of an
            21    IBM P.C. plus the accessories or --
            22                    MR. HERNSTADT:  Objection to
            23    the form of the question.
            24                    MR. HART:  Okay.
            25                    MR. HERNSTADT:  To the extent

             2    that it was intended to be a restatement it
             3    wasn't.  To the extent it wasn't intended to be
             4    a restatement, then it's just a confusing
             5    question.  But I think it's -- that's clear.
             6         Q.     Leaving aside the servers that are
             7    available in universities right now, okay, for
             8    a home P.C. Linux user, what are we talking
             9    about in terms of the price of a normal kit?
            10         A.     The equipment that runs Linux is
            11    basically the same equipment that runs
            12    Microsoft Windows.  And that ranges, you know,
            13    from a thousand dollars on up.
            14         Q.     Okay.
            15                    MR. HERNSTADT:  Off the record.
            16    Does this mean that you're done?
            17                    MR. HART:  Excuse me?
            18                    MR. HERNSTADT:  Does this mean
            19    you're done?
            20                    MR. HART:  No.
            21         Q.     Do you know what the cost of a
            22    commercially available CSS-licensed DVD player
            23    is?  By "cost" I mean what it would cost a a
            24    consumer to buy one.
            25         A.     No.

             2         Q.     Now, apart from enabling playback
             3    on another system -- and I believe you were
             4    talking about Linux.  I don't know if you said
             5    that explicitly or not.
             6         A.     I believe I said Linux.
             7         Q.     Yeah.
             8         A.     But it would apply in general.
             9         Q.     Okay.
            10                To your knowledge, are there any
            11    other reverse engineering values to the
            12    providing of DeCSS code?
            13         A.     It would enable the kind of
            14    scholarly research that I described in the
            15    attachment to my declaration, it would --
            16         Q.     Namely decryption for the purposes
            17    of making what you call a fair use?
            18         A.     Right.
            19         Q.     Okay.
            20                Anything else?
            21         A.     It would permit the viewing of
            22    material on many other kinds of devices perhaps
            23    not envisioned by the manufacturers of the DVDs
            24    such as, you know, large-screen displays that
            25    take a different kind of input or devices for

             2    the handicapped.  I believe that professional
             3    librarians in general have an interest in
             4    archiving the material that they purchase and
             5    to make that easier.
             6         Q.     Okay.
             7         A.     So there are many such uses.
             8         Q.     Now, does the provision of DeCSS
             9    code in itself enable such uses or are we
            10    talking about using DeCSS in conjunction with
            11    other things that have to be developed in order
            12    to engage in the kinds of uses that you are
            13    talking about?
            14                    MR. HERNSTADT:  Objection to
            15    form.  Go ahead.
            16                    THE WITNESS:  I believe that
            17    for many of these kinds of uses one would
            18    connect the DeCSS to an Mpeg player, and Mpeg
            19    players are and have been available.  So I
            20    guess DeCSS is the component that fills the
            21    major hole in this process.
            22         Q.     By unlocking the encryption?
            23         A.     Right.
            24         Q.     But DeCSS in itself is not a player
            25    or a playback device as far as you know?

             2         A.     As far as I know.
             3         Q.     And DeCSS has no utility to decrypt
             4    anything other than CSS as far as you know; is
             5    that right?
             6         A.     That's right.
             7         Q.     Apart from the filing of the
             8    affidavits that you mentioned in the Younger
             9    and Bernstein cases, have you ever been
            10    testified in any court cases?
            11         A.     No.
            12         Q.     And apart from the filing of those
            13    two affidavits and the declaration that you
            14    filed in this case, have you made any other
            15    filings in any court proceedings?
            16                    MR. HERNSTADT:  No.  Was your
            17    earlier question meant to ask if he testified
            18    in Younger and Bernstein?  Because you said
            19    that he filed papers and said other than that
            20    well, you know, I --
            21                    MR. HART:  Thanks.  That's a
            22    good clarification.
            23         Q.     You didn't personally testify
            24    beyond supplying affidavits in this case, did
            25    you?

             2         A.     That's right.
             3         Q.     Now, is it your concern that by
             4    prohibiting the trafficking in decryption
             5    devices that the kinds of uses that you've
             6    described in your article and that you've
             7    described here in your deposition would be
             8    inhibited or impeded?  Is that the basic gist
             9    of your testimony?
            10         A.     That's one of the two basic gists.
            11         Q.     Okay.
            12                What's the other?
            13         A.     That by prohibiting the
            14    dissemination of DeCSS then the freedom to
            15    concretely discuss security systems in general
            16    will be inhibited.
            17         Q.     Are you aware that there are
            18    exceptions in the DMCA circumvention provisions
            19    regarding encryption research and reverse
            20    engineering and the like?
            21         A.     Yes.
            22         Q.     And you make this statement not
            23    withstanding the existence of those exceptions?
            24                    MR. HERNSTADT:  Objection to
            25    the form.  Argumentative.  You can answer.

             2                    THE WITNESS:  I'm not familiar
             3    in great detail at the moment with the text of
             4    that law.
             5         Q.     I understand.
             6         A.     And one of my concerns is that in
             7    the free scholarly discussion of any issue one
             8    is never sure who are the interested audience.
             9         Q.     Who do you mean by that?
            10         A.     When I publish a paper I have some
            11    idea of the community of scholars who are going
            12    to read it.
            13         Q.     Right.
            14         A.     And yet most of the people who are
            15    going to read it and make use of it, I don't
            16    know in advance who they are.  And I would not
            17    like to be limited to speak only to those
            18    identified in advance about the results of my
            19    research.
            20         Q.     And is there something that
            21    suggests to you that the statue would so limit
            22    you?
            23         A.     If the distribution of research
            24    results about security is limited to those who
            25    are officially identified as experts in

             2    cryptography, that would in my view make it
             3    quite a bit more difficult to widely
             4    disseminate the results of the research to the
             5    best audience.
             6         Q.     Okay.
             7                And in what you're referring to as
             8    dissemination of research you are also
             9    including the provision of code including
            10    executable utility?
            11         A.     That's right.
            12         Q.     Including an executable utility
            13    that could decrypt an encryption system?
            14         A.     That's right.
            15         Q.     So do you have a better approach?
            16    I mean, do you -- and I'm not saying this
            17    facetiously.  I need to understand where you
            18    come out Andrew Appel.  Does that mean that
            19    there shouldn't be any laws regarding
            20    circumvention or the proliferation of
            21    circumvention devices?
            22                    MR. HERNSTADT:  Objection.  The
            23    form of the question.  And there is a couple of
            24    ones there.  You can answer, I guess, the last
            25    question.

             2         Q.     Yeah.
             3         A.     In the case where a circumvention
             4    device has important social useful purposes or
             5    in the case where the discussion of how secure
             6    a system really is has a socially useful
             7    purpose, then I think it's important to freely
             8    discuss and publish the circumvention devices.
             9         Q.     Okay.
            10                So to take the second part of what
            11    you said to its logical conclusion, if a system
            12    can be hacked, then the results of the hack
            13    including the utility to accomplish he
            14    defeating the system should be published for
            15    the reasons you described notwithstanding the
            16    fact that as we talked about earlier there is
            17    potential for abuse?
            18                    MR. HERNSTADT:  Objection to
            19    the form of the question.  It is a mish-mash of
            20    hypothetical and --
            21                    MR. HART:  Fine.  You got your
            22    objection on.
            23                    MR. HERNSTADT:  Right.
            24                    THE WITNESS:  Perhaps I can
            25    answer that with a concrete example.  There

             2    have been systems published in the form of
             3    executables that allow people to scan the
             4    internet for sites that have left doors open,
             5    so to speak.  And many of the users of those
             6    tools are system administrators who scan their
             7    own sites to see if the doors have been left
             8    open.  And if those system administrators could
             9    not get access to the tools by being able to
            10    freely download them from the web, then the
            11    only people who would have those tools are the
            12    ones to develop them.  Which might not be the
            13    good guys.
            14         Q.     Right.
            15                Now give me a concrete example of
            16    now pointing out the security flaws of CSS is
            17    helpful to the people that rely on CSS for
            18    encryption.
            19         A.     Suppose there is a content provider
            20    who is considering the possibility of using
            21    CSS, licensing it from the Copy Control
            22    Association, and they are not sure of how
            23    secure the system is.  Then having had a open
            24    discussion of the level of security achieved by
            25    CSS would be to the advantage of that party.

             2         Q.     And it would be needful to also
             3    provide the executable utility to inform that
             4    person?
             5         A.     Any kind of scientific claim is
             6    best supported by evidence.
             7         Q.     I understand.
             8         A.     So that the reader of that claim
             9    can repeat the experiment and replicate the
            10    results.
            11         Q.     And it's on that basis that you
            12    believe with respect to the second prong of
            13    your testimony that there is value in the
            14    trafficking of CSS as an executable utility
            15    because it allows people to verify the fact
            16    that CSS indeed can be defeated and somehow
            17    even enures to the benefit of potential
            18    licencees of CSS?  Is that a good one to sum
            19    that up?
            20                    MR. HERNSTADT:  Objection.
            21    Misstates the testimony of the witness.
            22                    THE WITNESS:  I think that's a
            23    good approximation of some of what I said.
            24         Q.     Okay.
            25                Now, let's go to the first prong of

             2    your testimony that somehow any law prohibiting
             3    trafficking in circumvention devices would
             4    prevent people from making uses of copyrighted
             5    content that they should otherwise be able to
             6    make.  That's the first prong, right?
             7         A.     Right.
             8         Q.     We've recognized, at least
             9    theoretically, the potential for abuse of
            10    proliferating decryption devices?
            11         A.     Right.
            12         Q.     You need to -- thank you.
            13                Is it your testimony that if there
            14    are some good uses in your estimation, that
            15    that has to outweigh the risks of abuse or are
            16    you setting a higher standard by saying that it
            17    has to be the preponderant use that's a good
            18    use before you'll let that outweigh the
            19    potential for abuse?  I'm just trying to get a
            20    sense again of where you draw the line here.
            21                    MR. HERNSTADT:  Objection to
            22    the form of the question.
            23                    MR. HART:  That's fine.
            24                    THE WITNESS:  I'm not sure
            25    where I would draw the line in general.  In

             2    this case, there are very substantial good uses
             3    to which this tool can be put, and in my
             4    opinion outweighs the potential for abuse in
             5    this particular case.
             6         Q.     Can you give me an example of the
             7    decryption device that in your estimate would
             8    not satisfy your test and that should be
             9    prohibited?
            10                    MR. HERNSTADT:  Objection.
            11    Calls for speculation.
            12         Q.     Or is there one?  I mean, that may
            13    be an answer, too.
            14                    MR. HERNSTADT:  Objection.
            15                    THE WITNESS:  Most uses of
            16    encryption involve the publication of the
            17    encryption and decryption programs.  Could you
            18    repeat the question?
            19                    MR. HERNSTADT:  Can we stop for
            20    a second?
            21                    THE VIDEOGRAPHER:  Off the
            22    record.  The time now is 4:56 p.m.  We are
            23    going off the record.
            24                (Informal discussion held off the
            25                record)

             2                    THE VIDEOGRAPHER:  This is
             3    Videotape Number 3 of the continued videotape
             4    deposition of Andrew Appel.  The time is 5:03
             5    p.m. and we are back on the record.
             6                    MR. HART:  There was a question
             7    pending during this interruption.  And --
             8                    MR. HERNSTADT:  Can you repeat
             9    the question?
            10                    MR. HART:  I think to save time
            11    I will just restate it.
            12                My question is, in view of
            13    everything you've said about what you view as
            14    reasons to circumvent encryption systems for
            15    what you consider to be legitimate purposes,
            16    are there any situations that you envision in
            17    which the proliferation of a circumvention
            18    device would be inappropriate?
            19                    MR. HERNSTADT:  Objection to
            20    the form of the question.  Misstates the
            21    testimony.
            22                    THE WITNESS:  In the two
            23    particular criteria that I have used in this
            24    case are that there are substantial legitimate
            25    fair uses of the circumvention device and

             2    substantial interest in freedom to discuss the
             3    implementation and evaluation of security
             4    devices.
             5         Q.     Right.
             6         A.     And I suppose if there were some
             7    decryption system where neither of those issues
             8    came up, I don't know how I'd feel.
             9         Q.     Can you envision such a situation?
            10    I mean, isn't the purpose of an encryption
            11    device to beat an encryption system, to get
            12    into the content?
            13                    MR. HERNSTADT:  Objection to
            14    the form of the question.  Argumentative.
            15                    THE WITNESS:  The usual purpose
            16    of a decryption device is to decrypt encrypted
            17    material, and anyone who uses encrypted
            18    material legitimately or otherwise needs a
            19    decryption device.
            20         Q.     Now, in some of the examples that
            21    you posed in your article you I think
            22    acknowledged earlier, say, in the case of
            23    Shakespeare that there was no copyright problem
            24    with getting at Shakespeare.
            25                    MR. HERNSTADT:  Object to the

             2    form of the question.  I'm not sure what
             3    "getting at" means.
             4         Q.     I'll rephrase that.  Sorry.
             5                You wouldn't have a copyright
             6    problem in reproducing the works of William
             7    Shakespeare, right?
             8                    MR. HERNSTADT:  Subject to the
             9    stipulation.  He's not a lawyer.
            10                    MR. HART:  Right.  I know.
            11                    THE WITNESS:  But if a scholar
            12    purchased the works of Shakespeare in digital
            13    form with a -- an access -- technological
            14    access control device on it, then he would need
            15    to circumvent that access control device to do
            16    that research regardless of whether the
            17    material was legally under copyright or not.
            18         Q.     Got you.
            19                And one of your concerns is that if
            20    someone encrypted Shakespeare that the law
            21    could be read to basically prevent the people
            22    from getting access to Shakespeare even though
            23    it was no longer in copyright; is that -- is
            24    that right?
            25                    MR. HERNSTADT:  Objection to

             2    the form.
             3                    THE WITNESS:  It will always
             4    been possible to get access to Shakespeare in
             5    printed books, I imagine.
             6         Q.     No, I meant in the encrypted form.
             7         A.     But access in a particular digital
             8    form that might be most useful for the
             9    scientific research might be hindered by the
            10    technological device even though Shakespeare is
            11    not under copyright.
            12         Q.     Got it.
            13                You are aware that right now there
            14    are currently now prohibitions against acts of
            15    ircumvention?
            16                    MR. HERNSTADT:  Objection to
            17    form.
            18                    THE WITNESS:  What you mean is
            19    the date on which certain provisions of the
            20    DMCA become effective?  Yes, I'm aware of that.
            21                    MR. HART:  I think I'm going to
            22    thank you for your time. I'm sorry that we did
            23    not get to see some of the documents that you
            24    had, but that counsel apparently advised you
            25    you shouldn't turn over.  So I'm not going to

             2    close the deposition record at this point.  And
             3    obviously there may be some issues in terms of
             4    what I think we are going to get to next,
             5    namely your availability for trial and the use
             6    of that deposition.  But that need not concern
             7    you right now, Dr. Appel.  I want to thank you
             8    for your patience and your candor.
             9                    THE WITNESS:  You're welcome.
            10                    THE VIDEOGRAPHER:  Off the
            11    record for a moment?
            12                    MR. HART:  We can stay on the
            13    record.
            14                    I just want to make it clear
            15    that we object to any effort on defendant's
            16    part to try and use this deposition in lieu of
            17    having the witness appear, including the fact
            18    that despite everything that's been said or not
            19    said we were only given notice of that this
            20    morning as the deposition began.
            21                    And having said that, I would
            22    just admonish that, you know, if you have
            23    redirect or whatever you want to call it of
            24    this witness, that you keep my objection in
            25    mind because we are not waiving it.  And we by

             2    no means agree to allow this deposition to be
             3    used in lieu of trial testimony.
             4                    MR. HERNSTADT:  On the grounds
             5    of -- the grounds that you just stated?
             6         Q.     As well as any others which I don't
             7    think I need to detail right now for the
             8    purpose of this record.
             9                    MR. HERNSTADT:  Okay.
            10                      EXAMINATION
            11    BY MR. HERNSTADT:
            12         Q.     Professor Appel, you've talked a
            13    little bit about the difference between a
            14    source code and an object code.  Does it matter
            15    if you get or if you can find on the internet
            16    the utility in source code or in object code?
            17                    MR. HART:  Form.
            18                    THE WITNESS:  Matter for what
            19    purpose?
            20         Q.     Does it -- for the ability to use
            21    the utility.
            22         A.     If you get a utility in source code
            23    form you have to compile it.  This requires a
            24    compiler, compilers are generally available, so
            25    one would have to push the appropriate buttons

             2    to convert the source code form of a program to
             3    object code by running the compiler on it.
             4                For other purposes such as
             5    understanding how it works it may make a
             6    difference whether you get source code or
             7    object code.
             8         Q.     And in terms of the results --
             9    strike that.
            10                In terms of the content of the
            11    code, is there a difference between the source
            12    code and the object code?
            13         A.     The source code will have a little
            14    bit more of the structure of the program as
            15    designed by a human, and it will have
            16    components and these -- as they are named by
            17    the human, and these are generally lost in the
            18    translation from source code to object code.
            19         Q.     Okay.
            20                And is -- have computer programs
            21    always been written in source code?
            22         A.     Until about 1955 or '60, computer
            23    programs were written in object code and at
            24    that time translators were insubsequented
            25    called compilers to translate from source code

             2    to object code.
             3         Q.     Is source code a language that any
             4    person who can read English can read?
             5         A.     I think to read source code one
             6    would need some knowledge of computer
             7    programming which could be achieved by
             8    self-study or by taking a course in computer
             9    programming.
            10         Q.     So source code is not something you
            11    could pick up on a piece of paper that had
            12    source code on it, if you had no source code
            13    training you couldn't pick it up and read it?
            14                    MR. HART:  Object.  Form.
            15                    THE WITNESS:  One couldn't make
            16    much sense of it.
            17         Q.     That's what I meant.  Thank you.
            18                Can -- is there any pedagogic or
            19    pedagogical utility to having access to DeCSS
            20    in source code and/or object code?
            21                    MR. HART:  Form.
            22                    THE WITNESS:  If one is
            23    teaching, let's say, a college course on
            24    computer security or cryptography, one would
            25    want to perhaps use it as a case study.  In

             2    order to learn how to build secure systems, one
             3    needs to study what kinds of weaknesses can
             4    occur in real systems.  And this would be a
             5    good example.
             6         Q.     And what would the impact on you of
             7    a bar posting DeCSS?
             8                    MR. HART:  Object.  Form and
             9    testimony.
            10         Q.     You can answer.
            11         A.     In general, it would mean that if I
            12    were to do research in that aspect of computer
            13    security, I would not be free to publish all of
            14    my results in that area if they related
            15    specifically to CSS, and I would not be able to
            16    -- if I were not able to access DeCSS from
            17    other websites, then I would not be able to use
            18    it in experiments on computer security and I
            19    would not be able to use it if I had occasion
            20    to make the kinds of examinations of DVD movies
            21    described in the article that we submitted to
            22    the copyright office.
            23         Q.     Earlier Mr. Hart asked you about a
            24    utility called PGP.
            25         A.     Yes.

             2         Q.     What is PGB?
             3         A.     PGP stands for pretty good privacy.
             4    It was invented approximately 10 years ago by
             5    Phil Zimmerman.  It implements the RSA
             6    cryptographic algorithm which can be used to
             7    encrypt computer files and also to
             8    authenticate, that is digitally sign computer
             9    files.
            10         Q.     And so has this program been around
            11    for about 10 years you said?
            12         A.     Approximately 10 years.
            13         Q.     And has it been available for 10
            14    years?
            15         A.     At the time that the program was
            16    invented, United States State Department
            17    regulations prohibited that export of
            18    cryptographic algoritms, so there was a legal
            19    restriction on posting it to the web.  However,
            20    it was posted to the web from Finland and other
            21    places.  So that it was generally available.
            22         Q.     And was it generally used?
            23         A.     I think there may have been a few
            24    people that used it regularly at that time, and
            25    maybe more who tried it out to see how it

             2    worked, such as I did.  I think it's in
             3    substantially wider use now and very likely in
             4    many commercial applications.
             5         Q.     When you say "now," what do you
             6    mean?
             7         A.     I mean in the last two or three
             8    years.
             9         Q.     Okay.
            10                And when did it stop being illegal
            11    to use?
            12         A.     I think it's never been illegal to
            13    use it.  It's been illegal to export the
            14    program.
            15         Q.     Okay.
            16                Does that mean it's illegal to post
            17    it on the internet?
            18         A.     Recent changes announced by the
            19    administration in the last few months have
            20    liberalized the controls on the export of
            21    Kirkpatrick software.  So I believe that it is
            22    now legal to post that software on the
            23    internet.  But at least according to the
            24    administration's interpretation of the laws
            25    until this year, they would say that it was not

             2    previously legal to post that software to the
             3    internet.
             4         Q.     Okay.
             5                Now, Mr. Hart asked you before
             6    about using a CD rom to access music in a
             7    digital form as opposed to -- for research
             8    purposes as opposed to downloading the digital
             9    information onto hard disk.  Are there reasons
            10    why you would want to put that music on a hard
            11    disk in order to use it for research purposes?
            12         A.     You might wish to scan more than
            13    one disk's worth at once or the access to the
            14    material might be faster from a hard disk from
            15    than from the CD rom drive.
            16         Q.     Okay.  Do you want to --
            17                You were asked a number of
            18    hypothetical questions or even non-hypothetical
            19    questions about posting DVD movies on the
            20    internet.  Is -- do you understand that it's
            21    possible to -- that's practical to post DVD
            22    movies on the internet?
            23                    MR. HART:  Object.  Form and
            24    prior testimony.
            25         Q.     I'm asking specifically in

             2    connection with the questions that Mr. Hart
             3    asked about --
             4                    MR. HART:  Go ahead.
             5         Q.     -- posting an unencrypted content
             6    on the internet.
             7                    MR. HART:  I maintain the
             8    objection.
             9                    THE WITNESS:  From documents
            10    that I've read in connection with this case I
            11    have the impression that a DVD movie is several
            12    gigabytes.  One can certainly put a several
            13    gigabyte file on a website.  It might be quite
            14    inconvenient and time consuming to download it.
            15         Q.     Is -- are DVD movies the only
            16    copyrighted material that can be put on the
            17    internet in a digital form?
            18         A.     Many kinds of copyrightable digital
            19    materials are described in the paper that we've
            20    been discussing that Ed Felten and I wrote
            21    including text such as books and articles;
            22    audio, such as music and other kinds of sounds;
            23    video, such as movies and basketball games; and
            24    even computer programs themselves.
            25         Q.     I'd like you to take a look at

             2    Exhibit 1, which is your declaration.  And
             3    turning to Paragraph 3, could you tell me what
             4    the basis is for the statement you make that
             5    Paragraph 3, "publication of ideas which
             6    includes in particular publication by means of
             7    posting and linking on the internet is a
             8    fundamental part of the academic world"?
             9         A.     Doing scientific research does the
            10    world no good if the results of the research
            11    can't be understood and used by other than the
            12    scientist who invented it.  So we need to
            13    publish in order to get those ideas out into
            14    the world so they can be used.
            15                Furthermore, some of the results we
            16    come up with are not actually correct or if
            17    correct, they are sometimes not useful or if
            18    useful, they are sometimes not interesting.  So
            19    one purpose of publication is to allow the
            20    community, the scientific community and the
            21    broader community to evaluate those ideas and
            22    respond to them.
            23         Q.     Okay.
            24                And the basis of that statement is
            25    what?

             2         A.     That -- that I myself have used the
             3    results of other people's scholarship that I
             4    learned of by reading published papers and I
             5    have seen papers published that refute some of
             6    the claims made by other published papers which
             7    helps me in that don't rely so heavily on
             8    refuted ideas.
             9         Q.     Do you have any personal experience
            10    in the publishing of academic papers?
            11         A.     Yes.  I've published a few does
            12    papers that are listed in the vita attached to
            13    my declaration.  And I have had civil graduate
            14    students who have published papers that I've
            15    advised on how to write papers and publish
            16    them.
            17         Q.     Have you been involved in any
            18    editorial capacity in the publishing of papers?
            19         A.     Yes.  I've served on programming
            20    committees of conferences where we decide which
            21    papers are correct enough and interesting
            22    enough to merit publication in a conference,
            23    and I've served as associate editor of two
            24    different journals as the editor-in-chief of
            25    one journal where I decide on editorial

             2    policies and work with associate editors to
             3    decide which papers are worthy of publication.
             4         Q.     Turning to Paragraph 4 of your
             5    declaration, what's the basis for the -- the
             6    examples that you set forth in this paragraph?
             7         A.     In this paragraph I was
             8    specifically discussing a published idea that
             9    looked apparently correct to the editor of the
            10    jornal and to the external referees selected by
            11    that editor.  So that the article in question
            12    was published in the ACM transactions on
            13    programming languages and systems.  And only a
            14    few years later, after evaluation by other
            15    members of the academic community by specific
            16    people who could not have envisioned,
            17    specifically by the editors of the journal at
            18    the time the paper was submitted, found an
            19    error in the paper and so they published a
            20    response paper that was then published in the
            21    same journal.
            22         Q.     Okay.
            23                And what is the basis for the
            24    statements you include in Paragraph 6 of the
            25    declaration?

             2         A.     When one publishes a scientific
             3    idea, one generally tries to provide with it
             4    enough convincing evidence that will allow
             5    other scientists either to duplicate the result
             6    or to fail to duplicate the result, which is
             7    also interesting, or to use the result in
             8    coming up with successor results.  And
             9    especially in the field of computer science,
            10    but now also in the field of biology and
            11    economics and chemistry and so on, many of the
            12    scientific results are partially embodied in
            13    computer programs and the effective publication
            14    of evidence for the scientific advance that
            15    requires the publication of those programs.
            16         Q.     And is that based on your
            17    experience as an academic and an editor?
            18         A.     That's right that's right.
            19                    MR. HERNSTADT:  Bill, give me
            20    give mines.  I may be able to wrap this up
            21    quickly.
            22                    THE VIDEOGRAPHER:  The time now
            23    is 5:30 p.m..  We are going off the record.
            24                (Informal discussion held off the
            25                record)

             2                    THE VIDEOGRAPHER:  The time now
             3    is 5:43 p.m.  We are back on the record.
             4         Q.     Professor Appel, looking at
             5    Plaintiff's Exhibit 1 which is your
             6    declaration, is everything in this declaration
             7    true and correct and accurate?
             8         A.     I think the sentence in Paragraph 1
             9    describing my research is a little bit out of
            10    date.  It correctly describes my research up to
            11    a couple years ago.  Now the focus of my
            12    research is more in certain aspects of computer
            13    security, more particularly in the protection
            14    of computer systems from computer viruses and
            15    in protocols for authentication over
            16    distributed systems.
            17         Q.     Okay.
            18                And with respect to your expertise
            19    in the areas of source code and object code, is
            20    that the result of your current research or is
            21    that something that you had acquired prior to
            22    beginning the current research?
            23                    MR. HART:  Object.  Form.
            24                    THE WITNESS:  I think it's
            25    both, that my previous research in compilers

             2    directly involves source code and object code
             3    and the relation between them and my current
             4    research is in finding ways to prove the safety
             5    and security of object code itself based on
             6    knowledge of the structure of the source code.
             7                    MR. HERNSTADT:  I don't have
             8    any further questions.
             9                    MR. HART:  I just have one
            10    question.
            11                     EXAMINATION
            12    BY MR. HART:
            13         Q.     Despite everything you've said
            14    about your specialization in matters of
            15    security systems and everything else, you have
            16    not at any time seen fit to post or link to
            17    DeCSS in source or object code form on your
            18    site; is that correct?
            19                    MR. HERNSTADT:  Objection to
            20    the form of the question.
            21                    THE WITNESS:  I have not posted
            22    DeCSS on my site.
            23         Q.     Pardon?
            24         A.     I have not posted DeCSS on my site.
            25         Q.     Do you link to it?

             2         A.     If I link -- link to it it's only
             3    very indirectly.
             4                    MR. HART:  Again, I thank you.
             5    Subject to all the reservations of all the
             6    appropriate rights, without belaboring them,
             7    for your benefit I won't.
             8                    Ed, just for housekeeping, the
             9    deal that you made with Leon hours ago, and it
            10    really was hours ago now, was that you'd wait
            11    until you got back to your office, give you an
            12    hour essentially and get back to the schedule.
            13                    MR. HERNSTADT:  Obviously
            14    that's been affected by the fact that the judge
            15    called and we had a conference a 3:30 and the
            16    judge instructed me to meet with Chuck Simms
            17    for as long as it takes to -- to look at all
            18    the documents.  I was pointing out the door.
            19    There is something like 15,000 pages of
            20    documents.  What I am going to do is after I he
            21    is escort Professor Appel out I'm going to call
            22    my office and where I instructed him before we
            23    went through this last bit to check all my
            24    E-mails and to check all my messages and I'm
            25    going to get another body over here so that I

             2    can do both at once.
             3                    MR. HART:  So you're going to
             4    stay here, at Proskauer's offices?
             5                    MR. HERNSTADT:  I'm going to
             6    stay here.  It's going to take a little longer
             7    to do what had to be done and I'm going to have
             8    to ask for the use of your telephone system,
             9    but I'm going to try to get that done, as well.
            10                    MR. HART:  We'll accommodate
            11    you.  I guess all I'm trying to extract for you
            12    is the assurance that you will be conferring
            13    with my colleague, Mr. Gold, this evening
            14    subject what the judge ordered to work out
            15    scheduling issues.
            16                    MR. HERNSTADT:  Subject to the
            17    requirements of the court, I will do what I
            18    said I was going to do.
            19                    MR. HART:  Thank you so much.
            20                    THE VIDEOGRAPHER:  This
            21    completes Videotape Number 3.  The time now it
            22    5:47 p.m.  We are going off the record.
            24                    ______________________________
                                  ANDREW W. APPEL

             2    Subscribed and sworn to
             3    before me on this _____ day of
             4    ______________________, 2000.
             6    _________________________________
                              Notary publish

             2                     CERTIFICATION
             4                    I, MICHELE ANZIVINO, a Notary
             5    publish in and for the State of New York, do
             6    hereby certify;
             7                    THAT the witness whose
             8    testimony is hereinbefore set forth, was duly
             9    sworn by me; and
            10                    THAT the within transcript is a
            11    true record of the testimony given by said
            12    witness.
            13                    I further certify that I am not
            14    related, either by blood or marriage, to any of
            15    the parties to this action; and
            16                    THAT I am in no way interested
            17    in the outcome of this matter.
            18                    IN WITNESS WHEREOF I have
            19    hereunto set my hand this 29th day of June,
            20    2000.
            22                        ___________________________
                                          MICHELE ANZIVINO