The Authors Guild v. Google, Inc.
Filing
46
JOINT APPENDIX, volume 6 of 6, (pp. 1501-1640), on behalf of Appellant Jim Bouton, Joseph Goulden, Betty Miles and The Authors Guild, FILED. Service date 04/07/2014 by CM/ECF.[1196285] [13-4829]
13-4829-cv
United States Court of Appeals
for the
Second Circuit
THE AUTHORS GUILD, BETTY MILES, JIM BOUTON, JOSEPH
GOULDEN, individually and on behalf of all others similarly situated,
Plaintiffs-Appellants,
HERBERT MITGANG, DANIEL HOFFMAN, individually and on behalf of all
others similarly situated, PAUL DICKSON, THE MCGRAW-HILL
COMPANIES, INC., PEARSON EDUCATION, INC., SIMON & SCHUSTER,
INC., ASSOCIATION OF AMERICAN PUBLISHERS, INC., CANADIAN
STANDARD ASSOCIATION, JOHN WILEY & SONS, INC., individually and
on behalf of all others similarly situated,
Plaintiffs,
v.
GOOGLE, INC.,
Defendant-Appellee.
––––––––––––––––––––––––––––––
ON APPEAL FROM THE UNITED STATES DISTRICT COURT
FOR THE SOUTHERN DISTRICT OF NEW YORK
JOINT APPENDIX
(UN-SEALED REDACTED VERSION)
Volume 6 of 6 (Pages A-1501 to A-1640)
DURIE TANGRI
217 Leidesdorff Street
San Francisco, California 94111
(415) 362-6666
– and –
WILMER CUTLER PICKERING HALE
AND DORR LLP
1875 Pennsylvania Avenue, NW
Washington, DC 20006
(202) 663-6600
Attorneys for Defendant-Appellee
FRANKFURT KURNIT KLEIN & SELZ, P.C.
488 Madison Avenue, 10th Floor
New York, New York 10022
(212) 980-0120
– and –
JENNER & BLOCK
1099 New York Avenue, NW, Suite 900
Washington, DC 20001
(202) 639-6000
Attorneys for Plaintiffs-Appellants
i
TABLE OF CONTENTS
Page
District Court Docket Entries ....................................
A-1
Excerpts from the Objection of Amazon.com, Inc.
to Proposed Settlement, dated September 1, 2009
A-53
Excerpts from the Objections of Microsoft
Corporation to Proposed Settlement and
Certification of Proposed Settlement Class and
Sub-Classes, dated September 8, 2009 ..................
A-65
Excerpts from the Memorandum of Amicus Curiae
Open Book Alliance in Opposition to the
Proposed Settlement, filed September 8, 2009 ......
A-78
Excerpts from the Objection of Yahoo!Inc. to Final
Approval of the Proposed Class Action
Settlement, filed September 8, 2009 ......................
A-80
Declaration of Michael J. Boni in Support of
Motion to Approve the Amended Settlement
Agreement, dated November 13, 2009
(Omitted herein)
Exhibit 2 to Boni Declaration –
Amended Settlement Agreement, dated
November 13, 2009 ...............................................
A-83
Opinion of the Honorable Denny Chin, dated
March 22, 2011 ......................................................
A-127
Fourth Amended Class Action Complaint, dated
October 14, 2011....................................................
A-175
Defendant Google Inc.’s Answer to Plaintiffs’
Fourth Amended Complaint, dated June 14, 2012
A-191
ii
Page
Declaration of Judith A. Chevalier in Support of
Defendant Google Inc.’s Motion for Summary
Judgment, dated July 18, 2012 ..............................
A-201
Exhibit A to Chevalier Declaration –
Expert Report of Judith A. Chevalier, dated
May 4, 2012 ...........................................................
A-203
Declaration of Dan Clancy in Support of Defendant
Google Inc.’s Motion for Summary Judgment,
dated July 26, 2012 ................................................
A-222
Exhibit A to Clancy Declaration –
Cooperative Agreement between Google Inc. and
Regents of the University of Michigan/University
Library, dated June 15, 2005..................................
A-228
Exhibit B to Clancy Declaration –
Search Results Page for the Query “Steve
Hovley” ..................................................................
A-241
Exhibit C to Clancy Declaration –
Portion of an About the Book Page that is
Displayed when one clicks on Ball Four in the
Search Results Pictured in Exhibit B .....................
A-243
Exhibit D to Clancy Declaration –
Portion of the About the Book Page Depicted in
Exhibit C Showing the Snippets Displayed ...........
A-245
Exhibit E to Clancy Declaration –
Excerpt from a Search Page for Black’s Law
Dictionary ..............................................................
A-247
Exhibit F to Clancy Declaration –
Page Showing Foul Ball in Partner Program
Preview ..................................................................
A-249
iii
Page
Exhibit G to Clancy Declaration –
Webpage at http://books.google.com/
googlebooks/testimonials.html Reflecting User
Comments on Google Books .................................
A-251
Exhibit H to Clancy Declaration –
Quantitative Analysis of Culture Using Millions
of Digitized Books by Jean-Baptiste Michel .........
A-259
Declaration of Joseph C. Gratz in Support of
Defendant Google Inc.’s Motion for Summary
Judgment, dated July 27, 2012 ..............................
A-267
Exhibit 1 to Gratz Declaration –
Excerpts of Deposition Transcript of Paul N.
Courant, dated April 23, 2012................................
A-270
Exhibit 2 to Gratz Declaration –
Excerpts of Deposition Transcript of Paul Aiken,
dated April 19, 2012 ..............................................
A-283
Exhibit 3 to Gratz Declaration –
Excerpts of Plaintiffs’ Responses and Objections
to Defendant Google Inc.’s First Set of
Interrogatories, dated April 27, 2012 .....................
A-298
Exhibit 4 to Gratz Declaration –
Excerpts of Deposition Transcript of Judith A.
Chevalier, dated June 8, 2012 ................................
A-307
Exhibit 5 to Gratz Declaration –
Letter from Pamela Samuelson to the Honorable
Denny Chin, dated February 13, 2012 ...................
A-310
Exhibit 6 to Gratz Declaration –
Excerpts of Deposition Transcript of Eric Zohn,
dated April 13, 2012 ..............................................
A-316
iv
Page
Exhibit 7 to Gratz Declaration –
Exhibit 2 to the Deposition Transcript of Eric
Zohn .......................................................................
A-322
Declaration of Albert N. Greco in Support of
Defendant Google Inc.’s Motion for Summary
Judgment, dated July 23, 2012 ..............................
A-325
Exhibit A to Greco Declaration –
Expert Report of Albert N. Greco, dated
May 3, 2012 ...........................................................
A-327
Declaration of Kurt Groetsch in Support of
Defendant Google Inc.’s Motion for Summary
Judgment, dated July 25, 2012 ..............................
A-335
Declaration of Bruce S. Harris in Support of
Defendant Google Inc.’s Motion for Summary
Judgment, dated July 23, 2012 ..............................
A-340
Exhibit A to Harris Declaration –
Expert Report of Bruce S. Harris, dated
May 3, 2012, with Exhibits D-H ...........................
A-342
Declaration of Brad Hasegawain in Support of
Defendant Google Inc.’s Motion for Summary
Judgment, dated July 25, 2012 ..............................
A-392
Declaration of Stephane Jaskiewicz in Support of
Defendant Google Inc.’s Motion for Summary
Judgment, dated July 25, 2012 ..............................
A-395
Declaration of Gloriana St. Clair in Support of
Defendant Google Inc.’s Motion for Summary
Judgment, dated July 18, 2012 ..............................
A-398
Exhibit A to St. Clair Declaration –
Expert Report of Gloriana St. Clair, dated
May 3, 2012 ...........................................................
A-400
v
Page
Local Rule 56.1 Statement in Support of Defendant
Google Inc.’s Motion for Summary Judgment,
dated July 27, 2012 ................................................
A-417
Declaration of Joanne Zack in Support of Plaintiffs’
Motion for Partial Summary Judgment, dated
July 26, 2012 ..........................................................
A-429
Exhibit 1 to Zack Declaration –
U.S. Copyright Office Certificate of Registration
No. A173097 ..........................................................
A-435
Exhibit 2 to Zack Declaration –
U.S. Copyright Office Certificate of Registration
No. TX0000338841 ...............................................
A-438
Exhibit 3 to Zack Declaration –
U.S. Copyright Office Certificate of Registration
No. A346254 ..........................................................
A-441
Exhibit 4 to Zack Declaration –
Printouts from Google’s Website displaying
Search Results in Jim Bouton, Ball Four ..............
A-444
Exhibit 5 to Zack Declaration –
Printouts from Google’s Website displaying
Search Results for the Term “pitch” in Jim
Bouton, Ball Four ..................................................
A-510
Exhibit 6 to Zack Declaration –
Printouts from Google’s Website displaying
Search Results for the Term “pitches” in Jim
Bouton, Ball Four ..................................................
A-516
Exhibit 7 to Zack Declaration –
Printouts from Google’s Website displaying
Search Results in Betty Miles, The Trouble with
Thirteen ..................................................................
A-522
vi
Page
Exhibit 8 to Zack Declaration –
Printouts from Google’s Website displaying
Search Results in Joseph Goulden, The
Superlawyers: the Small and Powerful World of
the Great Washington Law Firms ..........................
A-532
Exhibit 9 to Zack Declaration –
Excerpts from a Spreadsheet produced by Google
identifying approximately 2.7 million scanned
Books Google has distributed to Libraries ............
A-542
Exhibit 10 to Zack Declaration –
Printout from http://www.authorsguild.org/about/
history. html ...........................................................
A-546
Exhibit 11 to Zack Declaration –
Printout from http://investor.google.com/
corporate/faq.html ..................................................
A-549
Exhibit 12 to Zack Declaration –
“Google Checks Out Library Books,” dated
December 14, 2004 ................................................
A-555
Exhibit 13 to Zack Declaration –
Pages 1, 2, 15, and 56 of Google Inc.’s 2011
Form 10-K .............................................................
A-559
Exhibit 14 to Zack Declaration –
Pages 1, 3, and 50 of Google Inc.’s 2010 Form
10-K .......................................................................
A-564
Exhibit 15 to Zack Declaration –
Google Print Partner Development: Global Sales
Conference
(Filed Under Seal. Reproduced in the
Confidential Appendix at pp. CA-1-CA-16) .........
A-568
vii
Page
Exhibit 16 to Zack Declaration –
Deposition Transcript of Daniel Clancy
(Filed Under Seal. Reproduced in the
Confidential Appendix at pp. CA-17-CA-83) .......
A-569
Exhibit 17 to Zack Declaration –
Google Book Partner Program Standard Terms
and Conditions .......................................................
A-570
Exhibit 18 to Zack Declaration –
Deposition Transcript of Thomas Turvey
(Filed Under Seal. Reproduced in the
Confidential Appendix at pp. CA-84-CA-115)......
A-579
Exhibit 19 to Zack Declaration –
Printout from http://support.google.com/
books/bin/answer.py?hl=en&answer=43729I .......
A-580
Exhibit 20 to Zack Declaration –
Announcement from Google, “Committee on
Institutional Cooperation (CIC) Joins Google’s
Library Project,” dated June 6, 2007 .....................
A-582
Exhibit 21 to Zack Declaration –
Declaration of Daniel Clancy in Support of
Google Inc.’s Opposition to Plaintiffs’ Motion for
Class Certification, filed February 8, 2012 ............
A-586
Exhibit 22 to Zack Declaration –
Printout from http://support.google.com/
books/bin/answer.py?hl=en&answer=43751. ........
A-591
Exhibit 23 to Zack Declaration –
Compilation of Documents produced by Google
(Portions of Exhibit 23 Filed Under Seal.
Reproduced in the Confidential Appendix
at pp. CA-116-CA-308) .........................................
A-593
viii
Page
Exhibit 24 to Zack Declaration –
Deposition Transcript of Kurt Groetsch
(Filed Under Seal. Reproduced in the
Confidential Appendix at pp. CA-309-CA-340) ...
A-685
Exhibit 25 to Zack Declaration –
Deposition Transcript of Stephane Jaskiewicz
(Filed Under Seal. Reproduced in the
Confidential Appendix at pp. CA-341-CA-372) ...
A-686
Exhibit 26 to Zack Declaration –
Defendant Google Inc.’s Supplemental Narrative
Responses and Objections to Plaintiffs’ Second
Request for Production of Documents and Things
(Filed Under Seal. Reproduced in the
Confidential Appendix at pp. CA-373-CA-388) ...
A-687
Exhibit 27 to Zack Declaration –
Excerpts from the Defendant Google Inc.’s
Responses and Objections to Plaintiffs’ First Set
of Requests for Admission .....................................
A-688
Exhibit 28 to Zack Declaration –
Printout from http://www.google.com/
googlebooks/library.html .......................................
A-705
Exhibit 29 to Zack Declaration –
QA Training Manual
(Filed Under Seal. Reproduced in the
Confidential Appendix at pp. CA-389-CA-407) ...
A-707
Exhibit 30 to Zack Declaration –
Excerpts from a Spreadsheet produced by Google
A-708
ix
Page
Exhibit 31 to Zack Declaration –
E-mail from Joseph Gratz to Joanne Zack, dated
December 9, 2011
(Filed Under Seal. Reproduced in the
Confidential Appendix at pp. CA-408-CA-409) ...
A-712
Exhibit 32 to Zack Declaration –
Library of Congress Trip Report
(Filed Under Seal. Reproduced in the
Confidential Appendix at pp. CA-410-CA-422) ...
A-713
Exhibit 33 to Zack Declaration –
Deposition Transcript of Paul Courant
(Redacted Version. Unredacted Version
Reproduced in the Confidential Appendix at pp.
CA-423-CA-437) ...................................................
A-714
Exhibit 34 to Zack Declaration –
“Google Print Full Text Book Mini-GPS,” dated
December 10, 2003
(Filed Under Seal. Reproduced in the
Confidential Appendix at pp. CA-438-CA-454) ...
A-748
Exhibit 35 to Zack Declaration –
“Google Print: A Book Discovery Program,”
dated October 15, 2004
(Filed Under Seal. Reproduced in the
Confidential Appendix at pp. CA-455-CA-478) ...
A-749
Exhibit 36 to Zack Declaration –
Deposition Transcript of Gloriana St. Clair ...........
A-750
Exhibit 37 to Zack Declaration –
Expert Report of Daniel Gervais ...........................
A-782
x
Page
Exhibit 38 to Zack Declaration –
Deposition Transcript of James Crawford
(Filed Under Seal. Reproduced in the
Confidential Appendix at pp. CA-479-CA-497) ...
A-797
Exhibit 39 to Zack Declaration –
Expert Report of Benjamin Edelman .....................
A-798
Exhibit 40 to Zack Declaration –
Deposition Transcript of Bruce Harris ...................
A-808
Exhibit 41 to Zack Declaration –
Deposition Transcript of Albert Greco ..................
A-825
Exhibit 42 to Zack Declaration –
Deposition Transcript of Judith Chevalier
(Redacted Version. Confidential Pages
Reproduced in the Confidential Appendix at
pp. CA-498-CA-501) .............................................
A-852
Exhibit 43 to Zack Declaration –
Defendant Google Inc.’s Responses and
Objections to Plaintiffs’ First Set of
Interrogatories ........................................................
A-909
Plaintiffs’ Statement of Undisputed Facts in Support
of Their Motion for Partial Summary Judgment,
dated July 26, 2012
(Public Redacted Version. Confidential Pages
Reproduced in the Confidential Appendix at
pp. CA-502-CA-508) .............................................
A-927
Plaintiffs’ Response to Defendant Google Inc.’s
Local Rule 56.1 Statement, dated
August 26, 2013
(Public Redacted Version. Confidential Pages
Reproduced in the Confidential Appendix at
pp. CA-509-CA-516) .............................................
A-949
xi
Page
Declaration of Michael J. Boni in Support of
Plaintiffs’ Opposition to Defendant Google’s
Motion for Summary Judgment, dated
August 26, 2013 .....................................................
A-979
Exhibit 1 to Boni Declaration –
Compilation of Google Snippet Displays from
Jim Bouton’s Baseball Memoir Ball Four .............
A-982
Exhibit 2 to Boni Declaration –
Google Snippet Displays from Joseph Goulden’s
History Superlawyers............................................. A-1074
Exhibit 3 to Boni Declaration –
Google Snippet Displays from Betty Miles’s
Novel The Trouble with Thirteen ........................... A-1172
Exhibit 4 to Boni Declaration –
Internal Memos produced by Google to The
American Society of Media Photographers, Inc.
(Filed Under Seal. Reproduced in the
Confidential Appendix at pp. CA-517-CA-521) ... A-1204
Exhibit 5 to Boni Declaration –
Cover, Table of Contents, and Complete Chapter
Two with Answer Key for The Seinfeld Aptitude
Test by Beth Golub (Carol Publishing Group,
1994) ...................................................................... A-1205
Exhibit 6 to Boni Declaration –
Cover, Table of Contents, and First Three Pages
of each Chapter from Welcome to Twin Peaks
(1990 Publications International Ltd.) ................... A-1244
xii
Page
Exhibit 7 to Boni Declaration –
Excerpts from the Deposition of Bradley
Hasegawa
(Filed Under Seal. Reproduced in the
Confidential Appendix at pp. CA-522-CA-538) ... A-1271
Exhibit 8 to Boni Declaration –
Printout from a Webpage on Amazon.com,
obtained by clicking on the “Amazon” Link on
the Google Books Page for Joseph Goulden’s
book Superlawyers................................................. A-1272
Exhibit 9 to Boni Declaration –
Printout from a Webpage on Amazon.com,
obtained by running a Search on Amazon.com for
“Steve Hovley” ...................................................... A-1277
Exhibit 10 to Boni Declaration –
Printout from a Webpage on Amazon.com,
obtained by running a Search on Amazon.com for
“Minoru Yasui” ...................................................... A-1287
Declaration of Paul Aiken in Support of Plaintiffs’
Opposition to Defendant Google’s Motion for
Summary Judgment, dated August 26, 2013 ......... A-1290
Attachment A to Aiken Declaration –
Amazon Press Release: “Amazon.com Launches
“Search Inside the Book” Enabling Customers to
Discover Books by Searching and Previewing the
Text Inside” ............................................................ A-1302
Attachment B to Aiken Declaration –
“The Great Library of Amazonia,” Wired
Magazine, November 12, 2003 .............................. A-1305
xiii
Page
Attachment C to Aiken Declaration –
“News: A9, Amazon’s Search Portal, Goes Live:
Reverberations Felt in Valley,” John Battelle’s
Search Blog, April 14, 2004................................... A-1314
Attachment D to Aiken Declaration –
“Can Amazon Unplug Google?” Business 2.0,
April 15, 2004 ........................................................ A-1319
Attachment E to Aiken Declaration –
“Amazon to Take Searches on Web to a New
Depth,” The New York Times,
September 15, 2004 ............................................... A-1325
Attachment F to Aiken Declaration –
“Amazon’s A9 Launches Visual Yellow Pages,”
Search Engine Watch, January 26, 2005 ................ A-1329
Attachment G to Aiken Declaration –
“Google Hires Amazon Search Chief,” Seattle
Post-Intelligencer, February 7, 2006 ..................... A-1333
Attachment H to Aiken Declaration –
“Google Announces New Mapping Innovations
at Where 2.0 Conference,” News from Google,
May 29, 2007 ......................................................... A-1337
Declaration of Joseph C. Gratz in Opposition to
Plaintiffs’ Motion for Partial Summary Judgment,
dated August 26, 2013 ........................................... A-1340
Exhibit 1 to Gratz Declaration –
Portion of the Web Page resulting from a Search
on the Library of Congress Catalog at
http://catalog.loc.gov for the Query “500 Pearl
Street” .................................................................... A-1344
xiv
Page
Exhibit 2 to Gratz Declaration –
Portion of the Web Page resulting from a Search
on https://books.google.com for the Query “500
Pearl Street” ........................................................... A-1346
Exhibit 3 to Gratz Declaration –
Portion of the Web Page that results from
clicking on the Result Alas! What Brought Thee
Hither?: The Chinese in New York, 1800-1950 in
Exhibit 2................................................................. A-1348
Exhibit 4 to Gratz Declaration –
Portion of the Web Page resulting from a Search
on https://books.google.com for the Query “Hong
Kee Kang” ............................................................. A-1350
Exhibit 5 to Gratz Declaration –
Portion of the Web Page that results from
clicking on the Result Chinese America, History
and Perspectives in Exhibit 4 ................................ A-1352
Exhibit 6 to Gratz Declaration –
Printout from http://www.amazon.com/gp/offerlisting/B002H9DITW ............................................ A-1354
Exhibit 7 to Gratz Declaration –
Marc Egnal, Evolution of the Novel in the United
States: The Statistical Evidence, 37:2 Soc. Sci.
Hist. 231 (2013) ..................................................... A-1356
Exhibit 8 to Gratz Declaration –
Written Testimony submitted by Paul Aiken to
the Committee on the Judiciary of the United
States House of Representatives in connection
with a September 10, 2009 Hearing titled
“Competition and Commerce in Digital Books” ... A-1381
xv
Page
Exhibit 9 to Gratz Declaration –
Excerpts of the Deposition Transcript of Paul
Aiken...................................................................... A-1412
Exhibit 10 to Gratz Declaration –
Excerpts of the Deposition Transcript of Betty
Miles ...................................................................... A-1419
Exhibit 11 to Gratz Declaration –
Excerpts of Plaintiffs’ Reponses and Objections
to Defendant Google Inc.’s First Set of
Interrogatories to Plaintiffs The Authors Guild,
Inc., Jim Bouton, Joseph Goulden and Betty
Miles herein, served on April 27, 2012.................. A-1425
Exhibit 12 to Gratz Declaration –
Excerpts of the Deposition Transcript of Jim
Bouton.................................................................... A-1432
Exhibit 13 to Gratz Declaration –
Excerpts of the Deposition Transcript of Joseph
Goulden.................................................................. A-1435
Exhibit 14 to Gratz Declaration –
Exhibit 6 to the Deposition of Paul Aiken ............. A-1445
Exhibit 15 to Gratz Declaration –
Deposition Transcript of Daniel Gervais ............... A-1448
Exhibit 16 to Gratz Declaration –
Deposition Transcript of Benjamin G. Edelman .... A-1509
Exhibit 17 to Gratz Declaration –
Exhibit 5 to the Deposition of Jim Bouton ............ A-1588
Exhibit 18 to Gratz Declaration –
Exhibit 2 to the Deposition of Betty Miles ............ A-1590
xvi
Page
Exhibit 19 to Gratz Declaration –
Exhibit 16 to the Deposition of Benjamin G.
Edelman ................................................................. A-1592
Exhibit 20 to Gratz Declaration –
Excerpts of the Deposition Transcript of Judith A.
Chevalier ................................................................ A-1595
Declaration of Scott Dougall in Opposition to
Plaintiffs’ Motion for Partial Summary Judgment,
dated August 22, 2013 ........................................... A-1602
Google Inc.’s Responses and Objections to
Plaintiffs’ Statement of Undisputed Facts in
Support of Their Motion for Partial Summary
Judgment, dated August 26, 2013
(Public Redacted Version. Confidential Pages
Reproduced in the Confidential Appendix at
pp. CA-539-CA-555) ............................................. A-1605
Notice of Appeal, dated December 23, 2013 ............. A-1639
A-1501
Case 1:05-cv-08136-DC Document 1075-15
Page 209
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
interest of all the parties I've already mentioned.
Q How many similar licenses have you personally
negotiated, similar to the ones that you're
hypothesizing?
A Personally negotiated?
Q Yeah.
A None.
Q How many did you review in connection with
your report?
A I'm not sure what you mean, licenses of the
typo that I -- there is no exact license that covers
exactly what I have described. I'm just saying that the
rights that would be covered by a such a license are
already aggregated, to the most part, so it would be
fairly easy to come up with a licensing arrangement to
be negotiated.
Q You said the probability was high, didn't you?
A Yes.
Q The probability is high, even though no such
license exists now?
A Yes.
Q And you know that because it makes sense to
you?
A Because I believe -- my understanding is it
makes sense for all the parties involved, and it is
Page 211
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Page 210
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
consistent with behavior I have observed, including, for
example, the proposed settlement, the fact that a lot of
major users of digital content are licensing that
content.
Q How many are licensing search?
A Alone? Search alone? Separate from other
functions, I have not seen a license that applies
strictly to search.
Q How many are licensing the return of snippets
in connection with search?
MR. SNYDER: Objection to form.
THE WITNESS: I don't -- I don't know beyond
the example that you've mentioned that you called the
Amazon search in the book. You described that as a
snippet, so . . .
Q So we've got one data point for display of
snippets in connection with search?
A Well, it's not an insignificant data point if
it is Amazon, but okay.
Q It's not one you looked at; correct?
A Not to prepare this report.
Q So we've got one data point of -- for a
license in connection with a license -- strike that.
One data point in which people opt-into a
search program. Your testimony, as I understand it, is
Filed 08/26/13 Page 54 of 61
that there's a high probability that that functionality
would be included in a license that would include
additional terms; is that your point?
A Yes.
Q What are those additional terms?
A Other uses that would be licensed in the same
contract would include, for example, making copies of
entire books, allowing Google to profit from its
scanning efforts in other ways. And I assume that this
would not be restricted by the license. I don't know.
Q Copies of entire books?
A That's what Google is doing, according to the
documents filed by Google in the case.
Q Is it displaying targets?
A Not in the snippet program, and what I
described -- what you described in the partner program,
I think they do that. But to my mind, that's not the -when I am talking Google Books, I'm talking snippets,
right. So in the snippet program, I'm not aware that
they display entire books.
Q Is it your understanding that the partner
program displays entire books?
A I remember reading that it displays more than
snippets. Whether it's entire books, I don't know.
Q So when we go back to the royalty-free
Page 212
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
question, which is where we began, your point was that
even if search is royalty free, under the license
authors who agreed might derive revenue from additional
uses. Is that your point?
A My point is that search might be free for now.
I don't know it would be forever. And, yes, I think
authors might sign that agreement if they saw value in
allowing search, without compensation, because they were
compensated in some other ways. That would be for them
to make that determination.
Q Does that compensation come from things that
Google is not presently doing?
A It may come from things that Google's not
presently doing, but would have an interest in doing to
exploit this database of millions of books that it has
scanned.
Q Have you asked anyone at Google whether they
have such an interest?
A No. My -- my understanding is based on what
would have been allowed under the proposed settlement
that I understand that Google had agreed to.
Q Do you understand that the settlement was not
accepted?
A I do, but not by Google. As I understand it,
it had been accepted by Google and other parties in the
53 (Pages 209 to 212)
A-1502
Case 1:05-cv-08136-DC Document 1075-15
Page 213
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
case.
Q And do you think that that is an important
foundation for the inference you draw that there is a
high probability?
A No. It's one factor I -- I took into
consideration. I'm much more basing my opinion on the
fact that I believe it's in the interest of all parties
involved to make this work.
Q Okay. It can work as it is right now; right?
MR. SNYDER: Objection to form.
THE WITNESS: Technically or legally?
BY MR. McGOWAN:
Q Well, legally, you told me you -- you don't -A Exactly.
Q -- take a position?
A That's correct.
Q Technically, obviously, it can?
A Technically is a matter -- technology seem
that it's working. But whether it's legal or not, I
don't know.
Q Let me take you to Paragraph 42. I want to
make sure that we have this clear on the record.
We began this line of inquiry when I asked you
what practices were included in the first line of 42,
and you said, as I recall, scanning and snippets. And I
Page 215
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Page 214
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
asked if search were included. And you say practices
like Google's -- "Allowing practices like Google's as
fair use may be expected to thwart the development of
collective management systems."
What do you mean by collective management
systems? Is that CCC?
A That is one example of such a system. A
collective management system is rights aggregated by the
plurality of rightsholders typically for one type of
content that is licensed to one or more users. And so I
do believe that if a court finds that what Google is
doing here is fair use, it will be harder, hence the
word "thwart" here, to develop collective management
systems for digital uses of books and specifically book
excerpts.
Q So would it be harder to develop systems for
the display of full text if what Google is doing here is
found to it be fair use?
A It could. It might affect existing markets
for digital uses of book experts as well. It's very
hard to predict what would happen if there was a fair
use determination. It would depend on how the court
arrives at that determination, what conditions it
imposes. It is very difficult to call the exact impact
of that determination.
Filed 08/26/13 Page 55 of 61
Q Why?
A For the reason I just stated.
Q So why would it affect the display of full
text of books, which Google does not do?
A I said it could.
Q Okay. What is the probability?
A That it would affect -- I just told you. It's
very hard to call exactly what a fair use determination
would have. If for example, a snippet is fair use and
people will say, well, how about double snippet or
triple snippet, and then we're going to get into
arguments about how far the exception goes. And I don't
know how that far it would be taken. It really depends
on if and how a court would make that determination.
Q So are those arguments that people do not have
now?
A They are not based on an actual determination
by a court about whether snippets and reproduction of
entire books by Google is, indeed, a fair use or not.
If we have that case determination, I believe
that the landscape changes very dramatically for
authors.
Q Because you now have an opinion pertaining to
an eighth of a page snippet?
A Because you have an opinion that would either
Page 216
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
say that -- that would -- if it's said it's not a fair
use, then it would need to be licensed. And I -- as I
said in my report, I fully expect that there would be
some collective management system that would emerge as a
result of a determination that this is not fair use.
Q Are you familiar with the Georgia State
opinion?
A I've heard about it; I have not read it.
Q Has it had an effect on CCC?
A I don't know.
Q Has it had an effect on collective licensing?
A I don't -- I'd have to check whether it's on
appeal. I'd have to ask CCC.
Q Well, you don't have appeal in here in
Paragraph 42, do you?
A Yes, of course, I do. I mean, determination
is something that is fair use is a final determination
in the case, that it is a fair use, which would
presumably be made by the 2nd Circuit of the Supreme
Court of the United States.
Q I see. You are -A Assuming the final determination.
Q So you don't know whether a decision that just
came down in a case underwritten by the copyright
clearance center suing one of its users that had an
54 (Pages 213 to 216)
A-1503
Case 1:05-cv-08136-DC Document 1075-15
Page 217
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
influence similar to the one you hypothesize here; is
that correct?
A I have not read that opinion. I understand
that a number of very important uses were determined not
to be fair. But I don't -- that's -- I read that on
blogs. I have not read the opinion. So I don't know
more.
Q Okay. Can you point me to an effect it's had?
A I have not researched that, so I don't know.
Q Do you have any reason to expect that the
decision in that case would have a different effect than
a decision in this case?
A If in Georgia State -- well, Georgia State, I
would have to check what exact uses were found not to be
fair uses and whether a license was already available,
whether there's been a change in the take-up rate for
that license. Again, I don't even know if that case is
a final determination. I seem to recall it's a district
court opinion, not a circuit opinion, but I may be
wrong. I have not read it, so . . .
Q Well, let me ask you this. Google Books
project started in 2004. Are you aware of that?
THE REPORTER: I'm sorry?
MR. McGOWAN: Started in 2004.
BY MR. McGOWAN:
Page 219
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Page 218
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Q Are you aware of that?
A I wasn't aware of the exact start date, but I
have no reason to doubt that.
Q Approximately, were you aware?
A Approximately.
Q Since its inception, has it had -- do you
opine in this case that it has thwarted the development
of markets?
A Well, there's -- there is no licensing market
for those type of uses. But I don't know that -- how
many other players are in the -- in the process or are
not getting in the process of offering similar services.
There is -- you're asking a negative determination about
nonfacts, which is very, very difficult.
Are there other companies that would do this
if there was clarity, if this was licensed. Amazon is
doing it, but it apparently is doing it, from what
you're saying, under license. It is very difficult to
know alternative universes or futures based on the fact
that Google has been doing this. I think everybody, or
a lot of people, know there's pending litigation, and it
may very well be that the outcome of this litigation
will, in fact, lead to developments that are hard to
predict.
Q Well, you opine on a hypothetical universe in
Filed 08/26/13 Page 56 of 61
Paragraph 42, don't you?
A Yes. I'm saying that if there is a fair use
determination, it will have a significant impact. I
cannot quantify that impact.
Q You also actually can't describe that impact
in terms of contract terms; correct?
A Well, I guess I could. You know, you have a
license to perform certain uses of parts of books. And
if, for example, they had been the fair use
determination, I'm pretty sure that those uses would not
be covered in the license.
In addition, uses that are close to those, the
so-called marginal uses I referred to earlier, would
likely be fought over in terms of both licensing rate
and possible additional litigation. So this would
definitely impact the contract in that way.
I can't point to specific words, but I can
really see how it would affect the contract negotiation.
Q I'm asking about terms. I'm trying to get an
understanding of what terms would differ?
A The uses that would be licensed would likely
differ.
Q Okay. So you said a moment ago that you don't
know whether by virtue of Google undertaking the Google
Books project, you don't know how that affected the
Page 220
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
market?
A It may have prevented certain developments.
It may have interrupted chains of events. It is very
difficult to make those calls. I also believe that the
fact that there's pending litigation as to whether this
is or isn't fair use may have impacted the development
of licensing systems because people are not sure to the
extent that this case is concerned. But even more
broadly, what uses of book excerpts online are or aren't
fair use.
And so it's very hard to negotiate a
license -- I'm talking about other players here -- with
this uncertainty. You would have to basically be
playing licensing poker by trying to figure out if this
is fair use or not.
Q Let's break this down. When you say "may,"
what steps have you taken in connection with your report
to determine whether the project has, in fact, had an
effect of altering licensing practices?
A I have not made a determination in this
specific case that something did not happen because of
the case, if that's your question.
Q You don't know?
A I don't know.
Q Whether something did not happen because of
55 (Pages 217 to 220)
A-1504
Case 1:05-cv-08136-DC Document 1075-15
Page 221
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
the project?
A No. It's very hard to know something that did
not happen.
Q That's not opinion that you're expressing?
A What is not an opinion that I'm not
expressing?
Q That there are licensing events that would
have occurred had it not been for the Google Books
project, but did not occur because of the project.
A I said I'm not aware of specific examples of
cases where this did not happen. It is entirely logical
to think that when the scope of what needs to be
licensed is unclear, people will hesitate to enter into
licensing transactions.
Q Well, the scope was unclear before the Google
Books project, wasn't it?
MR. SNYDER: Objection to form.
THE WITNESS: I'm not sure what -- you know,
you said 2004. So we're looking at 2004 and making
available book excerpts online. Situation may have
changed now. There may be companies that do not exist
because they don't -- because there's no venture capital
in this area.
What I'm saying, is there may very well be
interrupted chains of events. What I'm saying, though,
Page 223
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Page 222
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
as a matter of my report is that the uncertainty, and
specifically in my report, paragraph 42, I say, a fair
use determination that scanning entire books, making
snippets available as a fair use is likely to thwart -may be expected to thwart the development of collective
management system for digital uses of book excerpts and
books because there will be that determination and then
there will be other determinations that people will try
to make, based on whatever the determination is made in
this case -- there will be a period of uncertainty.
Uncertainty is unlikely to be conducive to these new
systems emerging rapidly.
If you're an investor, that, to me, is just -I'm using a simple determination here that to have a
collective management system, you have to have rights to
license.
Q When you say "thwart," do you mean to imply
that there are waiting in the wings services that would
develop if Google does not succeed in its fair use
defense?
A Well -Q That are only not visible now because there is
no decision yet?
A If I return to the settlement for a second,
there were uses there that were well beyond snippet that
Filed 08/26/13 Page 57 of 61
Google was interested in performing. It may have
changed it's mind, that's entirely possible, I don't
know. But at the time, those uses were possible. It
would have been possible under the settlement. So there
would have been an interest, apparently, in making those
additional uses.
That's one example of something that did not
happen. It's also the case that if other players were
looking at the situation, saying, Hey, we would like to
do this same type of thing, they're probably thinking
we're not going to do it because of the pending
indeterminacy on the scope of fair use.
Q Who are those other players?
A I don't know.
Q How do you distinguish what you just said from
pure speculation?
A Well, there's a limit between speculation and
educated guessing. What I am saying is, there is -- I
expect that there is a broader market for digital books
out there, broader than just snippets. And that market
seems to be thwarted in -- in the same way that there's
this indeterminacy on the production of snippets, there
is an indeterminacy on these other markets that would
develop if we had a license.
Q Okay. You say authors and publishers would
Page 224
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
likely development. "Likely develop" does not refer to
the search only license?
A "Likely" refers to the three verbs that
follow, so develop, join, or license. I think it's
likely that authors and publishers would do one of these
three things.
Q They likely would -A Either develop their own system, join an
existing system, or license a third party to develop a
system. I think that the online availability of books
beyond snippets, so not just snippets, is a desirable
outcome, but I believe it should be licensed and, in
appropriate cases, paid for.
Q Okay. So develop, join, or license, no one's
going to join a search only license because we don't
know of any; correct?
A I don't know that no one would ever join one.
I just said I can't identify one.
Q Is it your opinion that there likely will be a
search only license if the court does not accept
Google's fair use defense?
A I believe it's in everybody's interest to have
a system that makes available books and book excerpts in
a way that allows authors to be paid, Google to monetize
its investment in digitizing these books, and allowing
56 (Pages 221 to 224)
A-1505
Case 1:05-cv-08136-DC Document 1075-15
Page 225
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
users access to those book excerpts.
And so based on that, my appreciation, which
hasn't changed since 1998 of how the market has evolved
online, I believe that these users are desirable, and
that the market is likely to make them happen. Hence,
the word likely in Paragraph 42.
Q When you say "likely," are you talking about
full text display and full text availability?
A Not necessarily. Book and book excerpts.
Q How long are these excerpts?
A This is not something that can be uniformly
answered. So it may very well be that it will depend on
each book and each book or author or publisher. It may
very well be a case-by-case determination by the
rightsholder in that case.
Or it may not be. It may be a standard
licensing term you were referring to the CCC which had
the 20 percent upper limit on electronic course backs I
think the market should be allowed to develop.
Q So the excerpts, you don't know how long it
would be. It might be book to book, author to author?
A It might be. Or it might be a standard
solution. It depends on the companies offering the
service, how many competitors Google ends up having if
this sees the light of day, et cetera, et cetera. There
Page 227
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Page 226
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
are, admittedly, a number of unknowns but what is a
known quantity is, at least in my opinion, the
desirability of making books available online legally
and in a way that allows authors to get paid.
Q Desirability is going to be a function of cost
at some level, isn't it?
A Yes.
Q So the excerpts you're talking about here, are
these larger than snippets, or do you mean to include
snippets?
A I -- I did not consider snippet when I said
book excerpt, but to me a snippet is, technically, an
excerpt from a book.
Q The excerpts that you're talking about here,
are these tied to search or not?
A Not necessarily.
Q So in Paragraph 42, your conclusion, the
collective management systems, include excerpts that are
not connected to a search function, but are just posted?
A It would include that, but it would also
include search. You could find a book excerpt -- if you
know for a fact that you need Chapter 3 of a certain
book, is that a search, if you know exactly what you
want? I would -- I'm not sure I would qualify that as a
search, but there might very well be a market for making
Filed 08/26/13 Page 58 of 61
available chapter 3 of that book and I know I want that
chapter. And I download or otherwise access that one
chapter, and the author gets compensated for that
access.
Q All right. Suppose I find that I want
Chapter 3 by picking the book up in a library and
browsing through it. Does the author get royalty when I
do that?
A When you browse a book in the library? Well,
the library had to buy the book, in the first place, so
to that extent, the author got paid for that.
Q For my browsing?
A For your browsing, under U.S. law, no, they
don't. In certain countries they do, but not in the
United States.
Q So in your excerpts example, where I know that
I'm going to use a full chapter of a book -A Yes.
Q -- my process of browsing in the library to
find the book is not a royalty bearing process; correct?
A The royalty -- no. In the United States,
browsing in a library is not something that entails
payment of a royalty. But if you download the book
excerpt, then you can work with it. You can annotate
it, you can print it, you can do a number of things with
Page 228
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
it that have value to the user that you cannot do with
the library copy.
Q Sure. I just want to take this one step at a
time.
So the browsing in the library doesn't
generate royalty to the author in the United States.
Does browsing in a bookstore enter into the royalty in
the United States?
A Browsing in the bookstore, no.
Q And the excerpts, which may not may not
connected to search, you don't know how large they would
be in that -A I'm saying that excerpts can it be licensed
independently of how long the excerpt is. There's a
possible licensing transaction. I'm also saying I
believe there's a market for excerpts of various
lengths. If snippets are not fair use, there is a
market for that, I believe. And I believe there's a
market for more than snippets -Q Okay.
A -- as in the electronic course back example.
Q Let's focus on snippet. You said earlier, and
we read in one of your articles, that are you not in
favor of fair use?
A As I defined it earlier in my testimony.
57 (Pages 225 to 228)
A-1506
Case 1:05-cv-08136-DC Document 1075-15
Page 229
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Q Are you in favor of word-by-word licensing of
quotations by books?
A As a general principle, I can't answer that
question. I actually think there are cases where that
may be appropriate. Word-by-word licensing is not a
very common practice. I have not seen a lot of
licenses. I don't think I've ever seen a license that
counted the exact number of words, although I've seen
licenses that identified excerpts.
Q Like the Chapter 3 example?
A Or smaller excerpts.
Q The -- have you considered in your report the
likelihood that if Google does not prevail in its fair
use defense, a license would be created limited to the
actual uses in this case?
A That is a possibility.
Q Unaffiliated with any additional making
available of chapters or whole texts?
A My educated guess is that this is a suboptimal
result of the parties involved, so it is not most likely
outcome, but it is a possible outcome.
Q What methodology did you employ in reaching
that conclusion?
A I have answered that question at least twice.
Q It's an educated guess?
Page 231
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Page 230
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
A An educated guess based on the interest of the
parties, existing practices, the existence of an agreed
settlement, though rejected by the court, and the other
factors that I mentioned earlier in my testimony.
Q Okay. The settlement -- and the reason I'm
framing the question to focus on the actual uses -- you
said that the settlement went beyond what we're actually
now discussing; correct?
A A future settlement? What you do you mean?
Q I thought in your testimony you were referring
to the settlement that the court had not accepted?
A Yes, I was. That's what he said, a
settlement.
Q That pertained to things in addition to what
the case is currently about?
A The proposed settlement that was not accepted
by the court would have covered uses beyond snippets as
I read it.
Q Okay. And so -- I just want to make sure I
understand where your probabilities are coming from and
how they've been derived.
Your probability with respect to scanning and
indexing and search doesn't rest on an existing license
because you don't know of an existing license limited to
scanning, indexing, and search; correct?
Filed 08/26/13 Page 59 of 61
MR. SNYDER: Objection to form.
THE WITNESS: I do not know a license limited
to scanning, indexing, and search. But the rights
involved are already aggregated, the rights that are
necessary to make those snippets, and more, available.
Q I was setting snippets aside.
A Well, the search function, you've been doing
that for the entire afternoon, separating the search
from the snippet. But the search has to return
something, and if it returns a snippet, it's very hard,
in my mind at least, to separate the two entirely.
Q Okay. We went through that the things that
could be separated. I will add snippet in a moment.
The probability of a snippet licensing market,
meaning one-eighth of a page, roughly three lines, what
existing practices limited in length, two, three lines,
1/8th of a page, are you using as a foundation for your
probabilistic assertion?
A Well, this is, first of all, very common among
publishers to license short excerpts among one another.
I don't know if it's limited to three lines. I also
know that, as I said earlier, CCC licenses fairly short
excerpts for reuse in the commercial context. And
again, I don't have an exact number of words that they
would have licensed in this way. But I -- I know for a
Page 232
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
fact that they've licensed short excerpts for things
like corporate newsletters, websites, and other uses of
that nature.
I don't think they called them snippets, but
they resemble what you define as a snippet. So these
are fairly short excerpts, so these markets exist.
The rights involved mostly the right of
reproduction. This right is already aggregated in a
CMO, which is, in my mind, evidence that this could
apply to snippets or beyond.
Q The right of reproduction is the same right,
whether it's a paragraph or a whole book, isn't it?
A That is my exact point.
Q So you cannot, using the right of
reproduction, distinguish between reproduction of one
sentence in one book. It's the same right?
A It's the same right -MR. SNYDER: Objection to form.
THE WITNESS: -- as per the statute, it is not
the same, necessarily, for a CMO perspective. The CMO
may have limits in its authority to license on the
amount of the book. I don't -- I don't know that CCC
does, but I know of cases where, you know, a publisher
will specifically limit the amount of a book that can be
licensed in a single transaction.
58 (Pages 229 to 232)
A-1507
Case 1:05-cv-08136-DC Document 1075-15
Page 233
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
You know, those are -- those -- those things
are -- are possible. They were negotiated based on
these existing services that I have described earlier.
But the right involved is the same. The owner of the
right is known. The rights are aggregated so that it's
fairly easy to go from the existing situation to a
situation where Google's current uses are licensed and
other uses that the parties might, I believe, find
desirable, would also be licensed.
Q All right. You mentioned two sources of your
probability. One was that you said it's common for
people to license excerpts for use in business
environments?
A I didn't say -- I said I am aware that CCC
does that on a regular basis. I did not use the work
"common," I believe.
Q Okay. It's regularly done. Is that done in
conjunction with search?
A I don't know how the people who want to
license a short excerpt from -- whether it's a newspaper
article, someone found that article. Were they reading
it on the plane. Did they find it online. I don't know
how they find it. But they find it, and they want to
license it for their newsletter or their website, and
they get the right to do that.
Page 235
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Page 234
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Q But their licensing is reproduction for
purposes of display or distribution?
A I assume depending on what's in the website or
a newsletter that the license might read differently.
Q Okay. The question I'm asking is the examples
you're referring to, is CCC licensing the paragraph that
you put in your newsletter, or is it licensing you to
create a search engine and render text searchable?
A I have not looked at the license recently. My
understanding is what they allow you to do is make a
reproduction of the excerpt and then display it or
distribute it, depending on the medium.
Q And you say fairly short excerpts?
A I have seen one paragraph. Now, whether that
would correspond to three lines in a book, four lines in
a book. One newspaper paragraph. How is that? I
remember seeing at least one example of that. So, is
that three lines in the book?
Q Who is the licensor?
A I don't recall, plus I believe that would be
confidential. If I did recall, which I don't, which the
company was at the time. But it was for their
newsletter and a website. I remember that transaction.
But I don't recall who the licensor is.
Q Why do you remember it?
Filed 08/26/13 Page 60 of 61
A Why do I remember it? I think it may have
been something that came up in a meeting where they
wanted -- somebody wanted to show us an example of this
new licensing system that they had made available at CCC
that I described earlier that the user point licensing,
where it's actually not on the website of CCC, on the
website of user. I think it was an example in a
management meeting, but I do not recall which company it
was.
Q Do you remember what kind of text -- it was a
newspaper article?
A Newspaper article.
Q Do you remember what fraction of the article?
A Paragraph.
Q What fraction of the whole article?
A I do not recall.
Q And that was not in conjunction with search?
A I do not know how they found the paragraph.
Q Sorry. CCC did not license the paragraph to
enable a search function; they licensed it for inclusion
of a bulletin or something like that?
A For reproduction display or distribution, yes.
Q The probabilities that a market would likely
develop, to the extent they incorporate search and do
not extend beyond snippet display, are there any other
Page 236
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
examples that you can think of in the current practices
that inform your thinking, that inform your -A The company -Q -- probability?
THE REPORTER: I'm sorry. What was the last
word?
MR. McGOWAN: Your thinking.
THE WITNESS: The company I mentioned earlier,
icopyright.com, at the time I checked which was a while
back -- by this, I mean, it would have been over a year
or two ago -- but was precisely in the business of
licensing short excerpts of digital content for online
uses. But I did not review their website for the
preparation of this report.
BY MR. McGOWAN:
Q I understand that. What I'm trying to do is
find out in connection with ascertaining the method by
which you derived your probability, your educated guess.
I'm trying to find out what the closest case to Google
Books is, and I want to include the search component in
the base case because search is a component of Google
books. And I want to know what the closest case you
have examined to Google Books, including search, is?
MR. SNYDER: Objection to form.
THE WITNESS: I did not opine about search. I
59 (Pages 233 to 236)
A-1508
Case 1:05-cv-08136-DC Document 1075-15
Filed 08/26/13 Page 61 of 61
Page 237
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
opined about reproduction of whole books and making
snippets available mostly. I did not opine specifically
about search. And what I am saying is, if the
reproduction and the display of snippets are not fair
uses, they can be licensed because this very much
resembles the reproduction of books and book excerpts
that is currently licensed by CCC, probably by
icopyright.com and by RROs in 30 countries, at least
now, worldwide.
MR. McGOWAN: Let's take a short break.
VIDEOGRAPHER: Off the record at 4:14.
(Recess taken.).
VIDEOGRAPHER: On the record at 4:31.
BY MR. McGOWAN:
Q Professor Gervais, with respect to the
licenses that the Copyright Clearance Center has entered
into with universities, do you know whether, as part of
those licenses, the Copyright Clearance Center sometimes
allows universities to scan content and make it
available digitally for students to use?
A I believe they do in their electronic course
back service.
Q Do you know whether, in connection with those
licenses the Copyright Clearance Center requires
universities to adopt specified security protocols
Page 239
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
STATE OF CALIFORNIA ) ss:
COUNTY OF SAN FRANCISCO )
I, STACEY M. DIODATI, C.S.R. #11925, a Certified
Shorthand Reporter in and for the State of California,
do hereby certify:
That prior to being examined, the witness named in
the foregoing deposition was by me duly sworn to testify
the truth, the whole truth, and nothing but the truth.
That said deposition was taken before me at the
time and place set forth and was taken down by me in
shorthand and thereafter reduced to computerized
transcription under my direction and supervision, and I
hereby certify the foregoing deposition is a full, true
and correct transcript of my shorthand notes so taken.
I further certify that I am neither counsel for nor
related to any party to said action nor in anywise
interested in the outcome thereof.
IN WITNESS WHEREOF, I have hereunto subscribed
my name this 18th day of June, 2012.
_________________
Stacey M. Diodati
Certified Shorthand Reporter
Page 238
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
pertaining to that content?
A At the time I was there, I believe they did.
I do not know if they do that now.
Q Do you recall what they were?
A I recall that they had conditions imposed, but
as I said, I was on the rightsholders side and
international side. I did not deal with individual
users. So I had with limited contact with users and
with the contracts with users.
Q You don't remember any specific terms?
A No.
MR. McGOWAN: That is all I have. Thank you
for your time.
MR. SNYDER: I have no questions. Thank you.
VIDEOGRAPHER: This the end of Disk 3 of
Daniel Gervais. Off the record at 4:33.
THE REPORTER: Would you like a copy?
MR. SNYDER: Yes.
(WHEREUPON, the deposition of DANIEL GERVAIS
was concluded at 4:33 p.m.)
60 (Pages 237 to 239)
A-1509
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 1 of 79
EXHIBIT 16
A-1510
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 2 of 79
Page 1
Page 3
INDEX
1
2
UNITED STATES DISTRICT COURT
SOUTHERN DISTRICT OF NEW YORK
------------------------THE AUTHORS GUILD, INC., )
ASSOCIATIONAL PLAINTIFF, )
BETTY MILES, JOSEPH )
GOULDEN, AND JIM BOUTON, )
INDIVIDUALLY AND ON )
BEHALF OF ALL OTHERS )
SIMILARLY SITUATED, ) C.A. 05 CV 8136-DC
Plaintiffs
) Volume: I
vs.
)
GOOGLE, INC.
)
Defendant
)
-------------------------
WITNESS
DIRECT CROSS REDIRECT RECROSS
3
BENJAMIN G. EDELMAN
4
BY MR. GRATZ 6
5
6
7
8
EXHIBITS
NUMBER
PAGE
9
Exhibit 1 Expert Report of Benjamin Edelman
17
Exhibit 2 Whenu.com Emergency Motion
98
10
11
12
13
14
15
DEPOSITION OF EXPERT WITNESS, BENJAMIN G. EDELMAN,
before Avis P. Barber, a Notary Public and Registered
Professional Reporter, in and for the Commonwealth
of Massachusetts, at the Harvard Business School,
Baker Library, 25 Harvard Way, Boston, Massachusetts,
on Thursday, June 14, 2012, commencing at 10:03 a.m.
16
17
Exhibit 3 Initial Expert Report of Doctor
Benjamin Edelman Concerning Industry
Practices and Activities of
Valueclick
101
Exhibit 4 Expert Report of Benjamin Edelman 112
Exhibit 5 Document entitled "Google Toolbar
Tracks Browsing even after User
Choose Disable"
129
Exhibit 6 Search Engine Land, Blog Post,
131
1/26/10
18
19
20
Exhibit 7 Document entitled "Privacy Lapse at
Google JotSpot"
137
Exhibit 8 Document entitled "Google's JotSpot
Exposes User Data"
139
21
Exhibit 9 Declaration of Benjamin Edelman
143
22
Job No. 148413
PAGES 1 - 312
23
24
25
Exhibit 10 Supplemental Declaration of Benjamin
Edelman
143
Page 2
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Page 4
1
2
APPEARANCES:
On behalf of the Plaintiffs:
BONI & ZACK, LLC
15 St. Asaphs Road
Bala Cynwyd, Pennsylvania 19004
By: Michael J. Boni, Esquire
Tel: 610-822-0201
Fax: 610-822-0206
mboni@bonizack.com
On behalf of the Defendant
DURIE TANGRI
217 Leidesdorff Street
San Francisco, California 94111
By: Joseph C. Gratz, Esquire
Tel: 415-362-6666
Fax: 415-236-6300
jgratz@durietangri.com
ALSO PRESENT: Jody Urbati, Videographer
NO.
3
4
5
6
7
E X H I B I T S (Continued)
PAGE
Exhibit 11 Document entitled "The Online
Economy: Strategy and
Entrepreneurship"
156
Exhibit 12 Declaration of Benjamin G. Edelman 161
Exhibit 13 Document entitled "Advertisers Using
WhenU"
164
8
Exhibit 14 Exhibit 1
171
9
10
Exhibit 15 Document entitled "Google Books
Partner Program Standard Terms and
Conditions"
213
11
Exhibit 16 Search Inside, Publisher Sign-Up
221
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Exhibit 17 Participating Authors' Reprint
Agreement v2.0
228
Exhibit 18 Cooperative Agreement
267
Exhibit 19 Document entitled "NDA Never Existed" 270
Exhibit 20 Benjamin Edelman's Thesis
306
EXHIBITS RETAINED BY THE COURT REPORTER
1 (Pages 1 to 4)
Veritext National Deposition & Litigation Services
866 299-5127
A-1511
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 3 of 79
Page 5
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
PROCEEDINGS
THE VIDEOGRAPHER: Good morning. We
are on the record at 10:03 A.M. on June 14th,
2012. This is the videotaped deposition of
Benjamin Edelman. My name is Jody Urbati, here
with our court reporter Barbara Avis. We are
here from Veritext National Deposition and
Litigation Services at the request of counsel.
This deposition is being held at
Harvard Business School in the city of Boston,
Massachusetts. The caption of this case is the
Authors Guild versus Google, Inc. Please note
that the audio and video recording will take
place unless all parties agree to go off the
record. Microphones are sensitive and may pick
up whispers, private conversations and cellular
interference.
At this time will counsel and all
present identify themselves for the record.
MR. GRATZ: Joseph Gratz from Durie
Tangri, LLP in San Francisco for defendant
Google.
MR. BONI: Michael Boni from Boni &
Zach, Bala Cynwyd, Pennsylvania for plaintiffs.
THE WITNESS: Benjamin --
Page 7
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Q. You have an undergraduate degree and
a Ph.D. in economics; is that right?
A. Yes.
Q. Do any of the opinions stated in your
report apply economic analysis?
A. I think they do broadly understood,
yes.
Q. How so?
A. The report considers the incentives
of various parties, the factors motivating them
to act or not to act and the likely consequences
of those incentives.
Q. Are there any specific economic
methods that are applied in your report?
MR. BONI: Object to form.
A. I'm not sure I understand what you
mean.
Q. What economic methods are applied in
your report?
MR. BONI: Same objection.
A. My training and economics teaches me
to understand and analyze incentives in
considering the actions of any rational actor.
That method of analysis of considering and
applying incentives is applied throughout the
Page 6
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
MR. BONI: I'm sorry, and here
representing the witness.
THE VIDEOGRAPHER: Thank you. The
witness will be sworn in and we can proceed.
BENJAMIN G. EDELMAN,
A witness called for examination, having been
duly sworn, testified as follows:
DIRECT EXAMINATION
BY MR. GRATZ:
Q. Good morning.
A. Good morning.
Q. Could you state your name for the
record, please.
A. Benjamin Edelman.
Q. And you're an assistant professor at
Harvard Business School; is that right?
A. Yes.
Q. Do you have tenure?
A. No.
Q. You have a number of degrees from
Harvard; is that right?
A. Yes.
Q. Are any of those degrees in computer
science?
A. No.
Page 8
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
report.
Q. Can you tell me more about that
method?
MR. BONI: Objection to form.
A. Well, you know I think it's pretty
intuitive. It can be structured in a formal
algebraic model when a particular situation
calls for that approach. It can be studied
empirically through large sample or small sample
data when the context calls for that approach.
It can also inform understanding and analysis
without specific application of modeling or of
large sample data analysis.
Q. Did you apply any algebraic modeling
in preparing your report?
A. No.
Q. Did you apply any empirical large
sample data analysis in preparing your report?
A. I wouldn't call it large sample data
analysis. There are sections that draw on
specific examples considered individually which
probably is a better example of small sample
data analysis.
Q. And those are the particular
anecdotes that you set forth in your report?
2 (Pages 5 to 8)
Veritext National Deposition & Litigation Services
866 299-5127
A-1512
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 4 of 79
Page 9
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
MR. BONI: Object to form.
A. The particular examples that are
detailed in my report, yes.
Q. And do you extrapolate from those
examples to reach conclusions that are more
general?
A. I interpret those examples in order
to reach conclusions that are more general, yes.
Q. By what means do you interpret those
examples to reach more general conclusions?
A. I'm thinking in particular of a
section of my report about defects in other
Google offerings and the security and design
thereof. And I examine a series of such defects
and conclude that defects are possible, indeed
even likely, even for products coming from a
company as esteemed and trusted as Google. So
an argument from analogy, I suppose it's an
existence proof. If one exists, then others
could also exist. Straightforward, logical
reasoning to my eye.
Q. And the proposition that if one
exists than others could also exist is an
application of your training in economics?
MR. BONI: Object to form.
Page 11
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
not whether there are necessarily other needles
in the haystack; is that right?
A. I'm not sure. Looking at the
specific examples can be quite informative and
understanding the kinds of problems that occur,
the frequency with which they occur, the
probability with which they occur.
Q. How can you determine a probability
by looking at a single example?
MR. BONI: Object to form.
Mischaracterizes the testimony.
A. At first you can draw inferences
about a probability from a single example. If
we saw that it rained on one out of five days,
we could draw inferences about the probability
of rain, even if those were the only five days
in which we had ever experienced a particular
city. We could say the probability of rain
probably isn't 90 percent and probably isn't one
one-thousandth of a percent. It's probably
something closer to 20 percent, and of course
with more data points you could draw a better
inference.
Q. And those are the types of inferences
that you draw in your report?
Page 10
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
A. You know, I think it's a principle
that comes from multiple disciplines, training
and mathematics, statistics, economics, logic,
all the areas in which I have some training.
And all of which speak to the same underlying
logical principle which I don't think really
requires all that much specialized training.
Q. And that principle is that the
existence of one example suggests that such an
example is, at least, not impossible and there
might be others.
A. Precisely. If one thought there were
no needles in a haystack, finding the first
needle suggests there might be more.
Q. It doesn't make it certain that there
are any others; is that right?
A. That's right.
Q. And the only thing it tells you about
the probability of there being others is that -strike that.
The only thing it tells you about the
probability of there being any needles in the
haystack -- strike that.
The only thing it tells you is about
the existence of any needles in the haystack,
Page 12
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
A. That method of analysis consistent
with my training and my research and my
background informs the conclusions drawn in my
report.
Q. That if something happens with a
certain frequency, it's likely to happen with
that frequency in the future?
A. I wouldn't have put it quite as
simply as that, but that looking at the past can
inform inferences about the future. That much,
absolutely.
Q. Does that require economic analysis?
A. I think economic analysis is quite
useful, particularly in understanding the
incentives that make it more or less likely that
a given problem will or won't occur.
Q. Does the existence of the issue in
the first place inform you about what the
incentive structure is?
MR. BONI: Object to form.
A. Sometimes it does. Sometimes seeing
a specific example helps crystalize
understanding of the problem. Ah, I see because
of this problem, well, that resulted because of
this incentive, and so the specific example
3 (Pages 9 to 12)
Veritext National Deposition & Litigation Services
866 299-5127
A-1513
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 5 of 79
Page 13
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
really can help inform understanding.
Q. Can you give me an understanding of
such an instance?
A. Sure.
Q. Please go ahead and do so.
A. In January 2010 I uncovered the
Google Toolbar continuing to track user
behavior, what web pages users viewed even after
users had specifically disabled the toolbar,
even after the toolbar had confirmed that it was
disabled and even after the toolbar had
disappeared from view, seemingly further
confirming that it had ceased operation, but, in
fact, it continued operation. It continued to
track users' most sensitive online activities.
That example helped me understand
Google's incentive to collect the data at issue,
users browsing. Namely, it was always in
Google's interests to collect more data, the
more data the better for reasons that Google
well knows.
Users, meanwhile, were most concerned
about the appearance of their data being
collected. What bugged users wasn't the actual
collection but the knowledge that the data was
Page 15
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Had it failed to collect any data
someone at Google would have noticed that in a
hurry; whereas, when it collected too much, that
was something that the Google engineers were
much less likely to notice.
Q. Your master's degree is in
statistics; is that right?
A. Yes.
Q. Do any of the opinions stated in your
report apply statistical methods?
A. As in our prior discussion, I think
the report is grounded in the approach of
statistics, in the analytical structure of
statistics, but doesn't apply the formal methods
of statistics; for example, the algebraic method
of statistics.
Q. What methods of statistics does your
report apply?
A. Hereto drawing on information from a
sample, history, in order to make inferences
about a larger population, that is, the future.
That's the essence of statistical inference, and
that's something that my report does repeatedly.
Q. Does your report draw on any
statistical methods that are different from the
Page 14
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
being collected. Users really had no way to
tell one way or the other whether or not the
data was being collected. All they could tell
was whether they thought the data was being
collected.
So the understanding of the
incentives on both ends helped me understand the
cause of this problem, how it came to be that
Google allowed this defect to occur in quite a
widely used product and how it came to be that
users had failed to notice this defect, even
when it had been extant for several months at
that point.
Q. This led you to the conclusion that
Google had an incentive to cause its software to
operate in that manner?
A. At the very least, Google had little
incentive to check for this defect or to prevent
this defect. One could consider the opposite
defect. Suppose the toolbar had failed to
collect any of the data that Google wanted to
collect. Would anyone have noticed that?
Absolutely. Because the whole purpose of this
data collection system was, in fact, to collect
data.
Page 16
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
economic methods we've already discussed?
A. I don't always draw a crisp
distinction between statistical methods and
economic methods, but I think we've discussed
the relevant methods of both of those
disciplines.
Q. You have a law degree as well; is
that right?
A. Yes.
Q. Do you express any legal opinions in
your report?
A. No.
Q. In your course work, did you take any
courses dedicated to how to secure networked
computers from intrusion?
A. I did not take any such courses as a
student.
Q. Are you familiar with the
certification known as Certified Information
Systems Security Professional or CISSP?
A. Yes.
Q. What is it?
A. It's a certification consistent with
the name, purporting to certify the skills and
background of a certified person in the area of
4 (Pages 13 to 16)
Veritext National Deposition & Litigation Services
866 299-5127
A-1514
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 6 of 79
Page 17
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
information security.
Q. Are you certified as a CISSP?
A. No.
Q. Do you hold any other certifications
related to information security?
A. Nothing comes to mind.
MR. GRATZ: I'd like to mark as
Edelman Exhibit 1, this document.
(Report marked as Exhibit No. 1 for
identification.)
Q. Do you recognize this document,
Mr. Edelman?
A. Yes.
Q. What is it?
A. It's my expert report on this matter.
Q. Turning your attention to
Paragraph 1, you say, "My research focuses on
the design of electronic marketplaces, including
Internet advertising, search engines, privacy
and information security. Do you see that?
A. Yes.
Q. Turning first to advertising, what
Internet advertising systems have you done
research on?
A. I've written about a variety of
Page 19
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
them to be labeled in a way different from the
way they are labeled. Whether consumers can
distinguish between advertising content and
non-advertising content.
Q. Did your research into advertising
relate to information security as it relates to
those marketplaces?
A. In some instances, yes.
Q. What instances are those?
A. My understanding of information
security in the context of advertising would
certainly need to include whether an advertiser
charged the right amount, whether their ads are
placed in the correct places, whether they are
given truthful information about where and how
their ads performed. And I've written about all
of those questions, including defects and
shortfalls in those areas.
Q. Have you ever written about
intrusions into advertising systems by hackers?
A. I have.
Q. In what instances?
A. I've written about a series of
hackers, fraudsters of multiple sorts who have
taken money from advertisers, money that they
Page 18
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Internet advertising systems, including search
engines and their paper click advertising
platforms, display advertising systems, and
display advertising exchanges, affiliate
marketing, listing services, for example, real
estate listings, apartment rentals. There
probably are some more online advertising that
permeates my writing of the last decade.
Q. What aspects of Internet advertising
systems did you research?
MR. BONI: Object to form. You can
answer.
A. My best known academic article
explores the game theory of online advertising
and search engines, how much to bid, assuming
that the rules are structured in a particular
way. I've written about fraud in advertising
marketplaces, whereby advertisers are
overcharged. I've written about fraud, whereby
consumers are deceived, where an advertisement
offers something other than what it purports to
offer.
I've written about advertisement
labeling, whether advertisements are labeled as
such, whether applicable legal doctrines require
Page 20
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
were not entitled to according to any applicable
contract. I've written about the methods
whereby they did so, the computer code that
allowed them to take the money, and the methods
that I used in order to catch them, the proposed
remediation of this problem, both in the short
run, how to get the money back, and in the long
run, how to make sure that it doesn't reoccur in
the future.
Q. The code that you spoke of in your
previous answer, did it result in intrusion into
any computer systems?
A. Yes.
Q. What computer systems are those?
A. The advertising tracking systems of
the victims of the respective frauds.
Q. And how were those systems intruded
upon?
A. Well, it varies from example to
example. In one example that I'm -- that I'm
thinking of the intruder caused other people's
computers to connect to the victim's computer in
a way that caused false records to be created as
to the supposed efficacy of an advertising
system that, in fact, wasn't working at all, but
5 (Pages 17 to 20)
Veritext National Deposition & Litigation Services
866 299-5127
A-1515
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 7 of 79
Page 21
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
the intrusion caused records to indicate that
the system was working quite well and caused the
advertiser to pay actually in the millions of
dollars of unearned commission payments.
Q. Have they hacked into the tracking
system itself or merely caused other computers
to make false reports of ad impressions?
MR. BONI: Object to form.
A. I'm not sure I know what you mean by
the word "hacked" in that context.
Q. Had they gained access to the -strike that.
In the instance you're discussing,
had the fraudsters gained access to confidential
information on the systems of the ad network,
and by that I mean stored on the servers
operated by the ad network?
A. In the example that I described, no
confidential information was involved one way or
the other.
Q. It was a situation in which the
fraudsters were causing third-party computers to
make false reports to that ad tracking system;
is that right?
A. That was one aspect of the problem.
Page 23
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
A. No.
Q. Were the fraudsters operating a
server?
A. Yes.
Q. And that server communicated with
third-party computers?
A. Yes.
Q. And the communication between the
third-party computers and the server caused
those third-party computers to make reports to
the ad network; is that right?
A. Yes.
Q. And that was the method by which the
fraud was achieved; is that right?
A. That's the essence of it.
Q. And it was because those false
reports were made that the fraudsters were able
to make millions of dollars; is that right?
A. That was one of the necessary steps,
multiple lines of causation, of course,
necessary to get such a large check.
Q. Sure. They had to actually write the
check. They had to not have it caught by the
fraud systems and so on?
A. Among others, yes.
Page 22
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Q. What were the other aspects?
A. The fraudster was causing the ad
tracking system to believe that the
advertisements had been delivered and had caused
purchases to occur, when, in fact, neither of
those was the case.
Q. How did they achieve that?
MR. BONI: Object to form.
A. That was achieved by a set of
computer codes using multiple programming
languages, at least one server, multiple client
computers and the victim's server all operating
in concert in a way directed by the perpetrator
in order to cause the false records to be
created.
Q. Did the fraudsters have control of
the ad networks server?
A. I don't know what you mean by
"control" in this circumstance.
Q. Did the fraudsters gain information
from the ad networks server?
A. I don't think the fraudsters wanted
information so much as millions of dollars which
they did gain successfully.
Q. Was this a Botnet?
Page 24
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Q. Any other instances in which your
research on advertising has related to
information security?
A. So of course, there are other
examples in the realm of advertising fraud of
which I've just given you one. A big one with a
large amount of money at issue and a criminal
indictment and so forth, but there are others
very much in the same vein.
Q. In which the fraudsters are causing
false reports to be made to advertisers or
advertising networks; is that right?
A. Broadly understood, yes.
Q. What peer review publications
resulted from your research on Internet
advertising systems?
A. The best known is my American
Economic Review article as to the gain theory of
sponsored search auctions. There are various
others, I believe each of them listed on my CV.
Q. Is your research on Internet
advertising a basis for any of the opinions in
your report?
A. Not specifically. In some areas
probably what I've learned about Internet
6 (Pages 21 to 24)
Veritext National Deposition & Litigation Services
866 299-5127
A-1516
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 8 of 79
Page 25
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
advertising informs my understanding of other
information security matters and other matters
detailed in my report.
Q. In what way?
A. For example, information in
electronic form can be copied, often quite
easily and at minimal cost. A gives it to B, B
gives it to C, and the chain can continue more
quickly and more easily and more accurately in
electronic form than, for example, on paper.
I've seen that in spades in online advertising
where the supply chain between an advertiser and
a publisher can have literally a dozen
intermediaries all made possible by the low cost
of electronic copying. That's broadly at issue
in this case also and comes up in my report in
several areas.
Q. Are there any other ways in which
your research on Internet advertising systems
forms a basis for any of the opinions in your
report?
A. I'm just not sure. I could reread
the report with an eye to that question. I
considered the totality of my experience and
research, professional activities and so forth
Page 27
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
engines was about certain results that were
systematically missing in certain countries. So
you'd go to the French version of Google, and
there would be some sites that would never come
up. Sometimes sites with terrible content that
might even be unlawful in France and sometimes
sites that seemed pretty unremarkable but
strangely would be missing nonetheless.
Other articles about quote unquote
bias, that is, the systematic favorable
treatment of some sources or some viewpoints
relative to others, methods of evaluating
whether such bias exists, preserving proof,
drawing comparisons and drawing inferences
between search engines on that question.
Q. Anything else?
A. I believe I've written about privacy
on search engines, about privacy of records of
users' activities.
Q. Anything else?
A. The size and prevalence of
advertising on search engines, other changes to
the layout, structure of visual presentation of
search engine results, the interaction between
Spyware and Adware on users' computers and
Page 26
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
in drawing the conclusions that are in the
report.
Q. Nothing else, specifically, comes to
mind right now?
A. Not right now.
Q. The second item you mentioned is
search engines. What search engines have you
done research on?
A. I've looked at a variety of search
engines. I spent most of my time looking at
Google's practices, and Google is, of course,
the largest and most popular search engine in
most countries. I've also looked at Yahoo.
I've looked at Bing and its predecessors. I've
looked at Ask.com. I've looked at AOL. Various
others whose names aren't familiar to the
typical American consumer, but whose practices
I've also examined.
Q. What research did you do relating to
search engines?
A. I've written a variety of articles
about search engines. I've written about the
labeling of advertising on search engines. I've
written about the patterns of which results
appear where. My first article about search
Page 28
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
search engines, search engine results.
Q. Anything else?
A. There probably are some more aspects
of search engines that I've written about.
Q. Do they come to mind?
A. Not right now.
Q. Did any of your research relate to
the security of search engines against attacks
from hackers?
A. Some of it, yes.
Q. What research is that?
A. For example, the research on Spyware
and Adware speaks to security issues on multiple
levels, security of the users' computers as
against the Spyware and Adware that have some
effects, potentially harmful effects, and
security and integrity of the search engine
result page to present results in the order and
format that the search engine intended, rather
than in some modified presentation, modified in
large part by the Spyware or Adware.
Q. The security issues you described in
your previous answer are security issues that
relate to the security of an Internet user's
computer rather than to a server; is that right?
7 (Pages 25 to 28)
Veritext National Deposition & Litigation Services
866 299-5127
A-1517
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 9 of 79
Page 29
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
MR. BONI: Object to form.
A. I guess I don't think of it quite
that way.
Q. Are you aware of any instance in
which Spyware or Adware has been installed on a
search engine's server?
A. I guess I wouldn't use those terms to
describe the kinds of problems that I've been
looking at.
Q. Are you aware of any situation in
which the data being served by a search engine's
servers has been affected by Spyware or Adware?
A. I'm aware of many instances where the
data served by a web server has been affected by
software installed onto the web server. Whether
that has occurred with search engines
specifically, I'm not sure one way or the other.
Q. You don't know of any such instance?
A. I guess it wouldn't usually be via
the mechanism of spyware or adware. If one
wanted to influence the results shown by a
search engine, there would be other ways to make
that influence, but typically one wouldn't use
the words Spyware or adware to describe those
practices.
Page 31
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
search for a map, if you typed in Boston map
into Bing, I would expect that a map would
appear, and that it would be a Bing map, and
that there's a software program installed into
the Bing server that causes that Bing map to
appear.
Q. And that software was installed with
the authorization of the operator of that
server; is that right?
A. That's right.
Q. Are you aware of any instance in
which search rankings have been modified by
software which was installed without the
authorization of the operator of the search
engine?
A. I've perceived some ambiguity in your
question which makes it hard for me to answer.
Q. What's ambiguous about it?
MR. BONI: Object to form.
A. Why don't you just restate the
question.
Q. Sure. Are you aware of any instance
in which someone other than the search engine
has been successful in installing software on a
search engine's server for some purpose that was
Page 30
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Q. Are you aware of any instance in
which a party seeking a higher search engine
ranking has been successful in installing
software on a search engine's servers to achieve
that goal?
A. Yes.
Q. What instance is that?
A. Google, itself, in order to grant its
own services preferred ranking installs software
onto its own search engine in order to achieve
that goal.
Q. Are you aware of any other such
instances?
A. Yes.
Q. What instances are you aware of?
A. I think other search engines also
typically do that to favor their own services
and their partner services and their prospective
partner services and others consistent with
their business objectives.
Q. Does Bing do that?
A. In some areas they do.
Q. What areas are those?
A. Well, I need to look at specific
searches, but, for example, if you were to
Page 32
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
not authorized by the search engine?
MR. BONI: Object to form.
A. Well, the notion of installing
software onto the server has multiple levels.
Certainly, providing data to a server that the
server then processes, it's quite routine for
publishers to provide data to a search engine in
hopes that the search engine process it in a way
that provides the publisher with preferred
listings. And it's quite routine to do that
with predictable consequences; namely, obtaining
the preferred placement that is sought. That
happens, sadly, every day.
Q. What is the nature of the data that
you referred to that's sent to the server in
your previous answer?
A. Well, it's computer code. It's
interpreted by the server. Is it executed by
the server? I guess it depends. Some of the
code actually does have to be executed in order
to have meaning because it doesn't have any
meaning until it is executed. It can't stand
alone.
Q. What programming language is that
data written in?
8 (Pages 29 to 32)
Veritext National Deposition & Litigation Services
866 299-5127
A-1518
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 10 of 79
Page 33
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
A. It can be written in multiple
languages. Classically, it would be written
simply in HTML. More recently it would often be
written in JavaScript, in Flash. It could be
written in a variety of other languages also.
Typically, a modern search engine would
nonetheless be able to receive that computer
code, execute it, interpret it and draw
conclusions about its implications.
Q. And the code that you're talking
about is code that someone would post on their
website in order for the search engine to
download and index or otherwise -- or otherwise
use; is that right?
A. That's one way it could happen.
Q. What are the other ways?
A. One could provide that code solely to
the search engine and not to anyone other than
the search engine, and indeed I've found
examples of that and have written about that.
In fact, was invited to the Google campus for
the first time after I had found a particularly
notable example of that.
Q. And that is a situation in which a
web server operator would give a different
Page 35
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
the search engine ranking for some other website
or increase the search engine ranking for some
other website; is that right?
A. Those are other common objectives.
Q. And the way that they're trying to do
that is by providing input to the search engine
that the search engine will interpret in a way
that causes it to give that page a higher
ranking, for example; is that right?
A. That's one common strategy.
Q. They're not changing the algorithm
that's used to rank web pages; is that right?
A. The examples we've been discussing so
far don't change the algorithm.
Q. Are you aware of any instance in
which a hacker has been able to change the
search engine's algorithm.
A. Yes.
Q. What instances are those?
A. Google engineers last year fed
systemically deceptive, maybe false data, to
Microsoft's search engine in an attempt to
sabotage Microsoft search engine and cause it to
display results that were nonsensical and
purportedly incriminating.
Page 34
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
response to a request coming from a search
engine than coming from some other user?
A. That's right.
Q. And that response would be in the
form of sort of the elements that would
otherwise make up a web page like HTML,
JavaScript, CSS and so on?
A. Yes.
Q. Are you aware of any instance in
which the way in which the search engine
operates has been able -- has been able to be
modified by code that was downloaded from a
website that search engine was attempting to
index?
MR. BONI: Object to form.
A. I perceive some ambiguity in the
phrased way in which the search engine operates.
Q. The point of these web pages that are
served just to the search engine is to try and
get a higher search engine ranking for that
website, generally; is that right?
A. That is a common objective. It's not
the only objective, but it probably is the most
common.
Q. It might also be to try and reduce
Page 36
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Q. Could you tell me more about that?
A. Google engineers believed correctly
that Microsoft Internet Explorer and certain
Microsoft toolbars when configured with certain
optional advanced features would track users'
clicking on results both at Microsoft's search
engines and other search engines such as Google
in order to draw inferences about developments
of particular results to particular queries.
Google engineers on multiple
computers, all off of the Google campus, rather
in the engineers' residences, intentionally
provided false data to Microsoft in order to
contaminate the data collected by Microsoft in
order to demonstrate that this feature was
working exactly as Microsoft had stated that it
would work and exactly as Microsoft had intended
it to work. But by providing false data, they
were able to push the algorithm towards results
that were, in fact, nonsensical, thereby in
Google's view and the view of these staff
persons in some way demonstrating the
impropriety of Microsoft's activities in this
regard.
Q. Do you think that was wrong?
9 (Pages 33 to 36)
Veritext National Deposition & Litigation Services
866 299-5127
A-1519
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 11 of 79
Page 37
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
A. I'm not sure.
Q. What factors go into that answer?
MR. BONI: Object to form.
A. Well, on one hand, it's fair game to
do what you want on your own computer in
general; to install software, run searches and
click results. One wouldn't think that by
taking those steps with nothing more one had
done anything improper. All of these searches
were actual searches run by people, not by
robots or automation. The results were clicked
again by people not by robots or automation.
Where I thought Google went the most
astray was in their interpretation of what
occurred. Had Microsoft done anything wrong?
Google says they had. Google says that
Microsoft shouldn't have collected this data.
That even when users granted permission for
Microsoft to collect the data, the permission
wasn't the users' permission to give. Only
Google can grant the permission for this data to
be collected or so Google would have us believe,
according to Google's statements on the subject.
And there I'm not so sure that's a notion of
two-party consent that, I think, just isn't
Page 39
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
A. I'm not sure.
Q. Are you aware of any instance in
which the operation of a search engine has been
modified by hackers other than the instance in
which you just described?
A. Yes.
Q. What instance is that?
A. I'm aware of a series of instances
whereby hackers have intentionally sent clicks,
either genuine clicks or fake clicks in order to
inflate the apparent click-through rate of
particular algorithmic results and particular
advertisements in order to influence search
engines' decisions about which algorithmic
results and which advertisements to display and
in what order to display them.
Q. So by appearing to interact with the
search engine as if they were search engine
users, but, in fact, intending to manipulate the
search engine itself, these hackers were able to
change the internals of the search engine in
that way?
MR. BONI: Object to form.
A. They were certainly able to change
the order in which results appeared and which
Page 38
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
grounded in any principle, regulation, law or
other such authority in this area.
Q. So the thing that Microsoft had done
that Google said was inappropriate in your view,
Google was not correct in their -- in their
assessment?
A. I'm sorry. I got a little bit
muddled about who thought what.
Q. Sorry. Do you think that Google was
correct in their assessment of what Microsoft
had done?
A. I think they were correct on the
facts of what data Microsoft had collected and
how Microsoft had analyzed it.
Q. Are you aware of any -- actually let
me ask another question.
Did the Bing search ranking algorithm
change the result of Google's actions?
A. I'm not sure.
Q. Are you aware of any instance in
which -- actually, strike that.
Did any internal portion of the Bing
search engine other than, of course, its index
of all of the websites that it had indexed
change as a result of Google's actions?
Page 40
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
results appeared. You asked about the internals
of the search engine. I'm not so sure about
that, but it seems to me that the essence of the
search engine is the output, and so if they were
able to change the output, I think they were
probably content with that.
Q. But you don't know of any changes
that have ever been made other than to the
output as a result of hackers attempting to
intrude upon search engines; is that right?
A. As to hackers attempting to intrude
on search engines, I know about some changes
other than -- well, I know about some actions
taken other than changes to the output.
Q. Actions taken by whom?
A. By the hackers.
Q. What actions are those?
A. It was reported in public news
sources, I believe cited in my expert report
that the Chinese hackers or suspected Chinese
hackers who intruded into Google systems one to
two years ago obtained access to source code,
including obtaining the ability to change source
code. Whether or not they used that ability,
news coverage indicated that they obtained that
10 (Pages 37 to 40)
Veritext National Deposition & Litigation Services
866 299-5127
A-1520
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 12 of 79
Page 41
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
ability. And that would be an action taken
other than the action of changing result
ordering.
Q. Do you know whether those news
reports were accurate?
A. I think there were multiple indicia
of accuracy.
Q. Do you know what source code was
accessed?
A. I don't recall specifically.
Q. Do you know whether that source code
had anything to do with books?
A. I'm not sure.
Q. Do you know one way or the other?
A. I think the source cited in my expert
report probably could tell us in short order,
but I don't recall sitting here today.
Q. What is the source cited in your
expert report?
A. Shall I flip to it?
Q. Sure. I'll direct your attention to
the top of page 8, the bottom of page 7.
A. Great. So you've directed my
attention correctly first as to the indicia of
the liability. Footnote 18 cites the official
Page 43
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Q. Do you recall one way or the other
whether that cited article discusses whether
those responsible for the intrusion discussed in
the blog post or the intrusion discussed in
Paragraph 35 gained access to Google's source
code?
A. I don't recall.
Q. Do you know whether the McAfee report
mentions Google at all?
A. I think it does, but I'd want to go
and look at it again. It seems like the easier
way to answer your questions would be to review
the document itself.
Q. So you don't have a recollection as
to whether the document cited states that
hackers had specifically sought access to the
source code for Google systems and that hackers
had obtained the ability to alter the source
code for Google systems?
A. That quoting verbatim from my expert
report when I wrote that sentence of my report,
I reviewed the McAfee document at issue and
summarized it in that sentence, and I believe
the summary is accurate as written.
Q. But you don't remember whether that
Page 42
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Google blog and a statement from none other than
David Drummond. So if David says it is so, I
think that's a good prima facia reason to think
that it is.
Secondly, the analysis by McAfee, one
notch removed from Google to be sure, but with
the defensible methodology grounded in data that
they obtained from multiple sources, and
McAfee's trustworthiness I think requires no
further elaboration. Look, if McAfee says that
this is what happened and no one rebuts it, I
think that's a pretty good reason to believe
that it is so.
Q. Does the statement from David
Drummond that you cite in this report discuss
whether the hackers had access to source code?
A. It does not.
Q. Does the McAfee Labs blog post that
you cite in your report discuss whether hackers
had access to Google's source code?
A. I think the report does discuss it.
Footnote 19 gives you the URL to the full
original report. I'd want to review it further
before attempting to opine on exactly what it
says.
Page 44
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
document mentioned Google at all?
MR. BONI: Object to form.
A. I think it did. It's just that the
fact that you ask about it in that way suggests
maybe you think it didn't, and rather than
speculate sitting here, I'd just take a moment
to go back and read the document to find out one
way or the other.
Q. Maybe we'll do that later today.
What peer review publications -- actually strike
that.
Other than the instances we've
discussed, that is, attempting by interaction
with the search engine by its ordinary
interfaces to modify search engine rankings or
by the intrusions described in Paragraph 35 of
your report, are you aware of any other
intrusions into search engines?
A. Yes.
Q. What intrusions are those?
A. First, I'm not sure that I'd describe
the actions of Google engineers using the
toolbar manipulation as the ordinary interfaces.
There's some of that that's ordinary, and
there's some of that that's quite extraordinary.
11 (Pages 41 to 44)
Veritext National Deposition & Litigation Services
866 299-5127
A-1521
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 13 of 79
Page 45
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Putting that aside, I'm aware of other instances
in which website publishers have managed to
modify the operation of search engines in ways
not yet discussed.
Q. And did they do that by manipulating
the data that their own web pages sent to the
search engine's crawler?
A. In the example I'm thinking of right
now, yes.
Q. Do you know of any instances in which
that -- a different method was used?
A. Yes.
Q. What instance is that?
A. Some search engines including Google
search engine obtain a portion of their data,
not by a crawl but by a data feed, a particular
document using a particular pre-agreed structure
that provides particular information in a
particular format. And through certain methods
pertaining to the data feed, putting data in a
particular format, it's possible to manipulate
the results obtained by that data feed collector
in order to alter both the substance of the
results that are displayed and the format of the
display.
Page 47
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
intrusion that you're discussing right now; is
that right?
A. No. I had in mind a different kind
of intrusion.
Q. What did you have in mind?
A. It's possible, at least historically
has sometimes been possible, to produce an
invalid syntax in your data feed such that the
very attempts to process your invalid data feed
can corrupt either the data stored in the search
engine servers or the method whereby the search
engine presents results to users causing
something else altogether to appear when a user
runs a search.
Q. What search engines have been the
victims of that type of attack?
A. I think multiple search engines have
been the victims of that kind of attack.
Q. Can you list the ones that you know
of?
A. I can't recall specifically. They're
not the big five U.S. search engines.
Q. And by providing data in a corrupted
form to these search engines, the fraudsters
were able to manipulate the results or change
Page 46
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Q. Is that data feed known as a site
map?
A. A site map is an example of a data
feed, but that's not what I was thinking of,
specifically.
Q. What were you thinking of?
A. I was thinking of a product data
feed.
Q. What's a product data feed?
A. Typically, it's a list of products
usually accompanied by descriptions, pricing
availability, perhaps images, other such
details.
Q. That's information that a search
engine takes in in order to know what products
are offered by a particular website; is that
right?
A. That's right.
Q. And by manipulating the data that's
given to the search engine you might be able to
appear to have products you don't or appear to
have products with different qualities than your
actual products; is that right?
A. Among other benefits.
Q. And that's the -- that's the type of
Page 48
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
them in some way?
A. Yes.
Q. Were they able to gain root access to
the search engine's servers?
A. I don't think they sought root access
to the search engine's servers. I don't know
whether they were able to obtain it.
Q. Are you familiar with the term "root
access"?
A. Yes.
Q. What does root access mean?
A. Typically, the term "root access" is
used to refer to an operation mode of a computer
system where it's possible to change any aspect
of the computer system without any limitation
whatsoever.
Q. Are you aware of any situation in
which an outside intruder has been able to gain
root access to a search engine's servers?
A. I'm not aware one way or the other.
Q. What peer review publications have
resulted from your research on search engines?
A. Can I flip through the CV?
Q. Sure.
A. Be quickest that way. So that papers
12 (Pages 45 to 48)
Veritext National Deposition & Litigation Services
866 299-5127
A-1522
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 14 of 79
Page 49
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
previously discussed as to advertising, many of
them are as to search engine advertising and
thus fit dually. For example, the first three
under the heading "Representative Research" all
are as to search engine advertising. Others in
this list also as to search engine advertising,
the article about typo-squatting is about a
particular place where advertisements can be
placed via a search engine onto other sites. If
there's an element of advertising, there's an
element of search engines.
The article titled "Adverse
Selection" and "Online Trust Certifications" in
search results contains quite an extended
discussion of the trustworthiness of certain
search results.
The "Rustlers and Sheriff's" piece
considers certain practices at search engines.
Internet filtering in China discusses the
filtering of certain search results, advertising
disclosures, label search engines. It
continues. There are quite a few.
Q. Is your research on search engines a
basis for any of the opinions in your report?
A. I think it is generally, yes.
Page 51
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
my writing in this area began with an instance
in which Buy.com, a popular online retailer, was
mistakenly publishing the names, street address
and phone number of every customer who had ever
made a product return to Buy.com. That was an
error, a breach of their privacy policy, which
to they credit, they corrected after I brought
to their attention.
I've uncovered other privacy errors,
instances in which the Google JotSpot service
was sharing documents specifically contrary to
users' instructions to JotSpot. You tell it not
to share your document with anyone, and they
share it anyway. And a problem that was
corrected by Google somewhat after I brought it
to their attention.
Q. Did any of your research on privacy
relate to security against computer intrusion?
A. I think of privacy and security as
two sides of the same coin. Privacy is security
of your private information, and so I would say
that all of the privacy matters relate to
security. Security from what? Security from
viewing, security from intrusion, broadly
understood.
Page 50
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Q. How so?
A. My work on search engines explores
the operation and incentives of interconnected
systems the way that the systems can be used and
have been used and the consequences of that use.
Q. What does that have to do with the
opinions you set forth in your report?
A. My report discusses the way that
certain books search services can be used and
what's likely to happen if they are used in that
way, which is informed by the way other online
systems that are already more broadly in use,
the way that they have been used and what has
happened there.
Q. So they influence your opinions in
that that which has happened already to search
engines may happen to book search engines in the
future?
A. That's right.
Q. The next area of interest or research
that you mention is privacy. What research have
you done on electronic privacy?
A. I mentioned one article as to the
Google Toolbar privacy problems. I've written a
series of other pieces about privacy. I think
Page 52
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Q. Do you draw a distinction between
unauthorized access to computer systems and
malfunctioning computer systems that disclose
private information?
MR. BONI: Object to form.
A. I certainly draw a distinction
between systems that are malfunctioning versus
systems that are functioning in the way that
their designers intended. Though, of course,
figuring out what their designers intended and
whether a malfunction has actually occurred can
sometimes be difficult. I'm not so sure about
the specific distinction that you raise. Maybe
you could rephrase it, and I could give you a
better answer.
MR. GRATZ: Let's change the tape.
THE VIDEOGRAPHER: The end of Tape 1.
Off the record 11:03 a.m.
(Brief recess.)
THE VIDEOGRAPHER: Here begins Tape
No. 2 in today's deposition of Benjamin Edelman.
Back on the record 11:09 a.m.
Q. Mr. Edelman, when you refer to
security, you're speaking broadly of everything
from avoiding intrusions into computer systems
13 (Pages 49 to 52)
Veritext National Deposition & Litigation Services
866 299-5127
A-1523
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 15 of 79
Page 53
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
to steal confidential data to ensuring that the
data collected by websites is fully disclosed to
users; is that right?
MR. BONI: Object to form.
A. I wouldn't ordinarily say that
disclosing information collection practices
falls within security. I think it does on a
broad understanding of security, but I probably
wouldn't have used the term that way in the
ordinary course.
Q. In your report when you discuss
security, are you applying the broad -- the
broad view of security you mention in your last
answer or some narrower view?
A. In general, I think I'm applying a
slightly narrower view than the -- than my last
answer and then the question that preceded my
last answer.
Q. What scope of the term "security" do
you apply in your report?
A. When I use the term "security" in the
report, I begin with notions that attach to
changing the underlying code of the computer
system; for example, obtaining root access and
the benefits associated with that, but I
Page 55
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
engineer intended, that the telephone rings when
it is called, and yet in a way quite contrary to
what the user intended, probably even contrary
to what the phone company intended, at least in
a marketing sense when they touted the benefits
of obtaining a telephone to your residence.
Q. And that is encompassed in the use of
the term "security" as you use it in your
report?
A. The analog in an information system
is encompassed.
Q. What is the -- sorry, I don't mean to
interrupt. What is the analog in an information
system?
MR. BONI: Why don't you ask the
question and let him answer the question. You
were in the middle of an answer, but let's make
sure we're clear on what the question was. So
that you can answer it. You want to read back
the last question, please.
(Last question read back.)
Q. Are prank calls in the middle of the
night encompassed within the term "security" as
you use it in your report?
A. I think prank calls may not be the
Page 54
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
definitely also include taking advantage of the
computer system working in exactly the way that
it's installed or operator intended.
So for example, Frank calls in the
middle of the night calling your telephone over
and over when you're trying to sleep. That's
not a malfunction of the telephone. The
telephone is working exactly as intended when
someone calls you, the ringer activates and
makes a sound. And yet from your perspective,
your telephone is quite insecure because it
keeps waking you up when you're trying to sleep.
So too in the context of obtaining
information online. If a large amount of
information can be obtained perhaps piece by
piece, that could be an example of a lack of
security.
Q. What security issue is presented by
prank calls in the middle of the night? I'm
asking in what sense is that a security issue?
A. One wouldn't ordinarily use the word
security to describe the freedom from being
awoken by the telephone. The sense in which
that example is helpful is that it gives an
example of a system working exactly as the
Page 56
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
most helpful example in understanding what I
mean by the word "security." But a very similar
example actually may be more helpful; Spam
e-mail, unsolicited commercial e-mail, is an
example of the e-mail system on one view working
completely reliably. The Spamer sends you 4,000
e-mails, and your e-mail program displays to you
4,000 e-mails. It's working perfectly, a
hundred percent, and yet from your perspective
as a user, your e-mail is quite insecure. It
has been clogged up by the Spamer, and then the
important message from your friend or associate
is buried under the mountain of Spam. So I
would use the word "security" to describe that
problem and that concern.
Q. And that category of concern and that
scope of security is -- strike that.
That's the scope of the term
"security" that you use in your report?
A. That kind of problem, a system that
works maybe too well, that works in a way
different from what the marketing folks
intended, yet consistent with what the
engineering folks intended, that's an example of
something that I believe does fall within the
14 (Pages 53 to 56)
Veritext National Deposition & Litigation Services
866 299-5127
A-1524
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 16 of 79
Page 57
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
meaning of the word "security."
Q. Is your research on electronic
privacy a basis for any of the opinions in your
report?
A. It is.
Q. What opinions are those?
A. I have opinions on the difficulty of
securing access to information, of limiting
access so that particular users can obtain
particular information in particular
circumstances, but not other information in
other circumstances. Those are questions and
concerns that arise often in the context of
privacy and also arise in the context of the
book services here at issue.
Q. What has your research into privacy
shown you that you relied on in forming your
opinions in your report?
A. First, my research into privacy has
shown me just how difficult these challenges
are, that even excellent companies with capable
engineers and diligent managers sometimes fail
to achieve what they set out to achieve. They
make mistakes, frankly. These are difficult
areas where perfection is unlikely and not often
Page 59
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
systems other than the example you gave of
setting the information on fire and never
looking at it again, what infor -- electronic
information storage systems do not present that
difficulty?
A. For example, information that is
freely available to the public in unlimited
quantity and without restriction, the U.S.
government printing office allows you to obtain
the U.S. code in whatever quantity you want as
often as you want, free of charge. They face
minimal need to restrict access to the
information that they provide.
Even ordinary Google search, you can
run as many searches as you want and no great
harm results if you run too many searches. The
operators of the search service might try to
figure out if you're a robot, and if you are,
they might try to stop you from running
searches, but if they fail to stop some robots
some of the time, no great harm results. So
those are much lower stakes games.
Q. Is there an index underlying the
Google search service?
MR. BONI: Object to form.
Page 58
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
seen.
Second, my work on privacy has
distinctively shown the difficulty of securing
information so that some people can get some of
it some of the time, but not everyone can get
everything all of the time. I suspect it
wouldn't be hard to design an information system
for which no one can get information ever. Step
one, set the information on fire. Step two,
wait for the fire to consume it completely. The
end. That would be straightforward actually. I
think we could run that system so reliably that
it would operate with a very, very high level of
performance.
On the other hand, securing the
information so that only some people can get it
or people can only get part of it, requires
engineering decisions that are actually quite a
bit more difficult.
Q. Is that a task that is undertaken by
every electronic information storage system?
MR. BONI: Object to form.
A. I wouldn't say every electronic
information storage system undertakes that task.
Q. What electronic information storage
Page 60
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
A. My understanding is that there is an
index underlying the Google search service.
Q. And one can by running searches query
that index at least in part; is that right?
A. Yes.
Q. Are you aware of any instance in
which the entire Google search index has been
acquired by an outside party?
A. I'm not aware of any instance in
which an outside party has obtained the entire
Google search index.
Q. So in that sense, Google has been
successful in permitting access to certain
information under certain circumstances and not
to a bulk download of the whole; is that right?
A. I don't think that the facts just
discussed supported the conclusion in your last
question.
Q. Why not?
A. There have been instances in which
users have used the Google search service to
obtain more information than Google intended to
provide and use that information even for
harmful purposes. So the fact that Google
managed to prevent any single person from
15 (Pages 57 to 60)
Veritext National Deposition & Litigation Services
866 299-5127
A-1525
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 17 of 79
Page 61
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
obtaining all of the information doesn't mean
that the system is working as well as your last
question suggested.
Q. Google has successfully permitted
access to certain information and not other
information with respect to its search service;
is that right?
A. You know the word "successful" is
tricky. When an editor at CNET obtained the
home address and charitable contributions of the
then CEO of Google, Google, using the Google
search tools, Google responded in quite a
negative way, including banning that publication
from interviewing any Google staff for a full
year.
So that seems to be an instance
wherein Google thought that its own search
service had either malfunctioned or had been
abused by someone who had taken advantage of the
search engine providing more information than it
should have provided.
Q. Did the search engine malfunction in
that instance?
A. In my view it did not. In my view it
functioned exactly as the engineers intended.
Page 63
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
A. I probably wouldn't have used the
phrase "security breach" to characterize that
occurrence.
Q. Are you aware of any instance in
which Google's search ranking algorithm has been
made public?
A. I'm aware of some instances where a
portion of -- portions of the algorithm,
specific decisions and specific circumstances
have been made public.
Q. That's because they had been deduced
by looking at the results of searches; is that
right?
A. That's one way, but it's not the only
way.
Q. Had they been acquired by intruding
into Google's servers?
A. I'm not sure. It's possible that
some have, but I don't have any examples of that
in mind.
Q. You don't know that that's ever
happened?
A. I don't know that anyone has ever
obtained information about algorithms by, for
example, obtaining root level access as
Page 62
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Q. Did the search engine provide any
information in that instance that its technical
design indicated that it should not provide?
A. I don't think so.
Q. That was an instance in which the
search engine provided information that had been
indexed from a third-party website; is that
right?
A. At least in part.
Q. And the information, the presence of
the information on a third-party website was
that which was objected to rather than the fact
that Google search engine had made that
information able to be found; is that right?
A. I'm not quite sure what -MR. BONI: Object.
A. -- Google objected to in that
circumstance.
Q. Do you think that that was a security
breach -- strike that.
Do you think that the instance in
which a Google employee's home address was able
to be found from a third-party website using the
Google search engine was a security breach?
MR. BONI: Object to form.
Page 64
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
discussed.
Q. Would you agree with me that the
Google search engine is not -- strike that.
Would you agree with me that the
Google search engine is a way of allowing people
to get access to some but not all of the
information that Google stores?
MR. BONI: Object to form.
A. Certainly there's some information
that Google stores that you can't access using
the Google search engine. You can't access
Google's internal payroll data using Google
search engine, and yet that is data that Google
stores. So does the Google search engine
provide access to some but not all? Yes, it
provides access to some but not all.
Q. And there are some search results
that would otherwise be displayed in Google's
search results that have been removed for one
reason or another; are you familiar with that?
A. Yes.
Q. And those search results are not
displayed to users; is that right?
A. In certain circumstances some of the
results are not displayed to users.
16 (Pages 61 to 64)
Veritext National Deposition & Litigation Services
866 299-5127
A-1526
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 18 of 79
Page 65
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Q. Are you aware of any instance in
which an intruder has been able to gain access
to those search results which Google has
removed?
A. Yes, I think I've done that
personally.
Q. Could you tell me about that?
A. So the project I described previously
where certain sites were missing from Google.FR,
the French version of Google, I ran a set of
comparisons, and I recall tens of thousands of
comparisons between Google.com and Google.FR.
As an intruder I was able to nonetheless make
that comparison between the two Google search
services and determine which results were
omitted.
Q. In what sense were you an intruder?
A. I was certainly an outsider to
Google. I had no privileged access to their
computer systems, no special account, no root
access, and yet I was able to obtain this
information which Google didn't otherwise make
available to the public and use that information
to demonstrate that Mr. Drummond himself had
made false statements on an official written
Page 67
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
A. One that I've been thinking about in
some detail is the claim that results come from
an algorithm, which I think is at the very least
deceptive because it fails to give full credit
to the significant control and judgment that
staff exercised in configuring the algorithm and
in otherwise overriding the algorithm, adjusting
search results. I think that that false
statement probably is material. It's quite a
few users who care quite a bit about whether
they're getting a computer's opinion or a
person's opinion, and that's a subject on which
Google has made very firm commitments over a
period of years.
Q. Do you think that Google was doing
something bad by making those commitments?
MR. BONI: Object to form.
A. I think there were multiple forces
within Google. Some staff wanted the service to
work in one way. Some wanted it to work in a
different way. And we see that internal tension
borne out in inconsistent statements by various
Google staff, as well as inconsistent practices,
both inconsistent at a given moment in time and
inconsistent over time.
Page 66
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
statement of Google policy statements that
turned out to be contrary to the facts as I
demonstrated them.
Q. Do you think that Mr. Drummond was
lying?
A. He wasn't telling the truth.
Q. Do you think that that was wrong?
A. I'm not sure if he knew subjectively,
internally at the time when he made the false
statement, I don't know whether he knew that it
was false.
Q. Do you think that Google should be
punished for that?
A. You know, the damage to the consumer
public was that people thought Google was a
little bit better as a search engine than it
really was. Of all of the misrepresentations of
product attributes or qualities, I don't think
this is the most significant or the most
material.
Q. Of all of Google's
misrepresentations?
A. Yes.
Q. Tell me about Google's other
misrepresentations?
Page 68
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Q. Do you think that Google lied to the
public?
MR. BONI: Object to form.
A. I think there are some subjects on
which Google has been less than forthright.
There probably are some areas where Google's
staff simply didn't tell the truth. But
sometimes, perhaps mistakenly, based on
incomplete information available to the given
person making the statement, there might be
instances in which Google affirmatively made
false statements.
Just yesterday, I suppose the UK
privacy commissioner announced their
investigation alleging exactly that, and so I
wouldn't be alone in thinking that some false
statements may have been made.
Q. Do you think that Google should be
punished for making those statements?
MR. BONI: Object to form.
A. I guess you'd have to look at the
specific statement, the specific statutory basis
for any enforcement action, but I think all the
laws should be enforced strictly as to all
potential violators, and so I'd have to look one
17 (Pages 65 to 68)
Veritext National Deposition & Litigation Services
866 299-5127
A-1527
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 19 of 79
Page 69
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
by one.
Q. Have you ever created a data
base-backed website?
A. Yes.
Q. Could you give me an example of such
a site?
A. Sure. I have a website that gives
examples of false and deceptive advertisements
that I saw at Google, and I stored those
advertisements in a database and then displayed
that database to interested viewers of that
portion of my website.
Q. What's the URL of that website?
A. Ben Edelman.org/PPC-scams maybe slash
list. I'm not sure about the slash list, but I
think that's correct.
Q. This is a website that you've created
that includes a number of advertisements shown
via Google's ad network; is that right?
A. These are all advertisements that I
personally saw on the Google search engine which
is -- you could call it the Google ad network.
I'd probably call it just the Google search
engine, to be very clear about it. There might
be a very few that were submitted by outsiders
Page 71
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
portion of the Google results page where I saw
that advertisement.
Q. What sort of database is behind this
page?
A. I believe this one actually is a text
file that is processed by text to database
engine and then sorted and output into the HTML
in the way that you may be viewing now.
Q. Do any database queries occur at the
time a user visits the web page?
A. Yes.
Q. Is there any information in the
database that's not displayed?
A. Yes.
Q. What information is that?
A. I think the exact date and time of
submission, the IP address of submission, the
e-mail address of the user who made the
submission. There probably are some other
fields.
Q. And have you been successful in
preventing that other information from being
displayed?
A. I've been successful in preventing
that information from being displayed at the
Page 70
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
that I personally verified before adding them to
this list.
Q. Does this include ads from any other
search engines?
MR. BONI: I'm sorry, Joe, does what
include? The list?
Q. Does your PPC -- so this web page is
about false or deceptive paper click ads; is
that right?
A. Yes.
Q. Does it include false or deceptive
paper click ads from anywhere but Google?
A. I don't recall.
Q. Can you think of any ads that it
includes from places other than Google?
A. I suspect that many of these
advertisers were using other search engine
advertising platforms, also.
Q. But your website is just about the
Google ads; is that right?
A. I believe my website lists the search
term that I entered into Google and the position
and location on which I saw that ad at Google,
and, in fact, in general provides an image
screen shot, a partial image screen shot of the
Page 72
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
specific URL that I dictated to you. Whether
I've been successful in preventing that
information from being obtained by others at
other URLs, I'm not sure.
Q. Could you explain your last answer.
A. Maybe someone knows how to get that
material from my web server even though I didn't
intend to provide it.
Q. Do you know whether anyone has?
A. I don't know one way or the other.
Q. Have you taken measures to prevent
that?
A. I've attempted to.
Q. And as far as you know, you've been
successful?
MR. BONI: He just said he doesn't
know one way or the other.
A. I'm really not sure in that if I had
been unsuccessful, I doubt anyone would tell me
that I had been unsuccessful.
Q. How many submissions on this page are
from people other than you?
A. I think not very many. It never
really took off. I wouldn't be surprised if it
was less than ten.
18 (Pages 69 to 72)
Veritext National Deposition & Litigation Services
866 299-5127
A-1528
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 20 of 79
Page 73
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
MR. BONI: Joe, by "this page," could
you just put into the record what you're
referring to that you have up on your laptop,
the website URL in question.
MR. GRATA: Sure.
MR. BONI: So the record's complete.
MR. GRATZ: It was the URL -- I'm
referring by "this page" to the URL that
Mr. Edelman dictated to me; namely,
www.BenEdelman.org/PPC-scams/list.
MR. BONI: Thank you.
Q. If you were unsuccessful in
preventing that information in the database from
being taken by an intruder, the private e-mail
addresses of those who submitted advertisements
to you for display on this page would be
disclosed; is that right?
A. Yes.
Q. And their IP addresses would be
disclosed; is that right?
A. I believe it would be the IP address
of the user at the time of submission, which
might or might not be quote unquote their IP
address in any lasting sense.
Q. Do you consider that to be private
Page 75
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Google offers vouchers and similar prepurchase
discounts. And then in light of the user's
concern, this tool will actually write a
complaint letter grounded in applicable law at
the user's direction customized in light of the
user's concerns, the user's state of residence,
the merchant's states of the residence, the
voucher services state of residence, citing
appropriate authority for the user then to
submit if they so choose.
Q. Does it store the submission in a
database?
A. It does.
Q. And those submissions include the
e-mail addresses of those who submit?
A. Yes.
Q. Are you aware of any intrusion into
that database resulting in the -- resulting in
the taking of those e-mail addresses?
A. I am not.
Q. What security measures do you have in
place to prevent that sort of intrusion?
A. One important security measure that
my technician student installed at my direction
was that the system never stores the voucher
Page 74
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
information nonetheless?
A. It depends, but sometimes it is.
Q. And you consider this security of
this website from intrusion good enough to
include that private information in the database
which lies behind it; is that right?
MR. BONI: I'm sorry. Object to
form. That characterizes the witness's
testimony.
A. I consider this approach suitable
under the circumstances, primarily due to the
nature and quantity of the information being
secured.
Q. And if there were higher value
information, you would regard greater security
measures as being necessary?
A. Certainly appropriate and possibly
necessary.
Q. Have you -- do you operate any other
database-backed website?
A. Yes.
Q. What websites are those?
A. I have a website called Voucher
Complaints.org whereby users can register their
consumer law grievance as to Groupon vouchers,
Page 76
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
number of a user's pre-purchased voucher. That
means that the most important piece of
information, the information that actually has
cash redeemable value is not in our server ever,
not even for instant. So if we got hacked,
there wouldn't be any money to be taken, nor
anything that's redeemable for goods or
services.
Q. Do you operate any other data
based-back websites?
A. Yes.
Q. What websites are those?
A. The website query.ipensatori.com.
That's i-p-e-n-s-a-t-o-r-i.com.
Q. What is ipensatori.com?
A. That's a domain name registered by my
friend, and for some purposes, business partner,
Wesley Brandi.
Q. For what purposes is Mr. Brandi your
business partner?
A. We have a collaboration in detecting
certain online advertising fraud and certain
other improprieties.
Q. What other improprieties are those?
A. We're still figuring it out. But we
19 (Pages 73 to 76)
Veritext National Deposition & Litigation Services
866 299-5127
A-1529
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 21 of 79
Page 77
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
have a general purpose detection tool that can
detect all manner of things happening on the
Internet that shouldn't happen, and depending on
client needs, I suppose we configure it
appropriately.
Q. The database that lies behind
query.ipensatori.com, does it include any
confidential information?
A. It does.
Q. What information is that?
A. There are two separate data bases.
There's a database of the users who have made
requests to the query tool, and the query tool
retains information about who used it, name,
e-mail address, employer, what the search was.
Some of those fields, of course, being optional.
And secondly, there's a database of
our research findings. The purpose of the tool
is to allow users to view a portion of our
research findings, and so our research findings
are embodied in the database that the tool
accesses as needed.
Q. Do you make the entirety of your
research findings available for bulk download?
MR. BONI: Object to form.
Page 79
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
because even a well-secured electronic system is
not entirely foolproof in all circumstances?
A. That's one of the reasons.
Q. Why else?
A. There are quite a few attack modes
that would be unlikely to leave any records or
fingerprints or other evidence that could be
detected, or if it could be detected, then I
would actually successfully detect personally,
given my skills and capabilities, and given that
I have other activities and don't spend that
much time each day checking whether anyone has
attacked this tool.
Q. With additional skills and additional
time to do so, would that it make it more likely
that you would detect an attack?
A. Sure. Putting more time into it
would make it more likely that I would detect
it. Conversely, if I put better data into the
tool, that would make it more likely that
someone would want to attack it and would
redouble his efforts to attack it without being
detected. So there are multiple factors that
can make it both more and less likely that an
attack would occur or would be detected if it
Page 78
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
A. We do not make the entirety available
for bulk download.
Q. Why not?
A. We prefer to obtain some records.
I'll be it, limited and minimal, but still some
of who accesses which portions of the database.
Q. Would fraudsters be interested in the
results of your research?
A. I'm not sure.
MR. BONI: Object to form. Go ahead,
Ben.
A. We thought about that at some length
and concluded that we could publish this data
such that even if a fraudster took the entirety
of the data, it wouldn't really give them any
significant advantage in perpetrating their
fraud or in avoiding detection by us or anyone
else.
Q. Do you know whether the entirety of
the data lying behind the query.ipensatori.com
website that you operate has been taken by an
intruder?
A. I believe that it has not been, but
it's hard to say for sure.
Q. And you say it's hard to say for sure
Page 80
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
did occur.
Q. So you're not aware of any such
attacks sitting here today?
A. That's right.
Q. Do you operate any other data
based-backed websites?
A. I do.
Q. Could you list them for me?
A. I think there are many of them. And
even the tense of your question operate versus
used to operate.
Q. Just sticking with right now which of
the data based-backed sites -- which of the data
based-backed websites that you operate contains,
in your estimation, the most high value data?
MR. BONI: Object to form.
Q. And by "high value," let me -- let me
clarify that. The data most attractive to an
intruder?
MR. BONI: Same objection. Joe, do
you mean relative to his universe of data based
backed websites or more in the absolute.
Q. Rank them in order in your head and
give me the first one.
A. Yes. The first one is the internal
20 (Pages 77 to 80)
Veritext National Deposition & Litigation Services
866 299-5127
A-1530
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 22 of 79
Page 81
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
database that Wesley and I access internally
that keeps records of all of the advertising
fraud incidents that our tools have identified.
Q. Is that database connected directly
to any web server?
A. No.
Q. And it's a portion of that database
that's extracted and then used to provide the
query.ipensatori.com website; is that right?
A. That's one use of a portion of the
database.
Q. That database, where is it stored?
A. It's stored in Wesley's basement.
Q. Is it stored in the same computer
that runs the query.ipensatori.com website?
A. No.
Q. Why not?
A. We believe that it is more likely to
be secure if we store it on a separate computer.
Well, really there are a variety of reasons of
which that's just one.
Q. Is the computer on which its stored
connected to the Internet.
A. It is.
Q. Is it behind a firewall.
Page 83
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
engine and advertising dominates my vitae. On
the other hand, I'm proud of my work on
information security. Some of it was original
and important and set the stage for other's work
that followed. And often information security
work lays an important groundwork for some other
activity such as understanding advertising fraud
or understanding privacy problems. So they are
definitely all interrelated.
Q. When you say the "information
security work," you're referring to the
activities that we've discussed relating to
security previously today?
A. I think there also are quite a few
that we haven't discussed.
Q. Do any of them relate to gaining root
access on a server connected to the Internet?
A. I've largely been looking at aspects
of information security other than gaining
access at a root server level.
Q. Has any of your research looked at
gaining access to Internet connected servers on
a root level?
A. I certainly have written about
gaining access to Internet connected devices on
Page 82
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
A. I think broadly understood, it's
behind a fire wall. It's behind some security
apparatus that would colloquially be called a
firewall.
Q. Are you aware of any intrusion that
has allowed access to that database of all of
your research results with respect to
advertising fraud?
A. No.
Q. What's the next most valuable
database among those that you operate?
MR. BONI: Object to form.
A. Next most is probably the query tool
which we've already discussed.
Q. Turning back to Paragraph 1 of your
report, you list information security as one of
the areas of your research focus. Is research
on information security a more or a less
significant focus of your research than research
on Internet advertising, search engines or
privacy?
MR. BONI: Object to form.
A. There are multiple ways of thinking
about that. In terms of my academic vitae, I
think most people would say my work on search
Page 84
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
a root level. Much of the Spyware and adware
work entails exactly that, and I had some
important work in that vein that I could tell
you about. But those are end users devices
rather than servers.
Q. And gaining root access to an end
user device is a different enterprise than
gaining root access to an Internet connected
server; is that right?
A. Sometimes it is, and sometimes it
isn't.
Q. But as we've discussed, you're not
aware of any instances in which executable
Spyware has been executed on Internet-connected
servers; is that right?
A. I think I'm aware of such instances.
Q. Were those -- who operated those
servers in those instances?
A. There have been a set of instances in
which the servers operated by both banks and
retailers as to credit card processing have been
infiltrated by a set of devices that obtained
either root level access or other access
sufficient to obtain user's credit card numbers,
expiration dates, billing addresses and zip
21 (Pages 81 to 84)
Veritext National Deposition & Litigation Services
866 299-5127
A-1531
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 23 of 79
Page 85
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
codes and so forth, the information that the
attackers sought in any event. And those had
been attacks perpetrated by obtaining access to
servers with the required security levels.
Q. So what you're saying is banks'
servers had been hacked into, and root level
access or similar access gained somehow passed?
A. Both banks and merchants.
Q. Can you recall an instance in which
you described the areas on which your research
focuses without including information security?
A. Yes.
Q. What instance is that?
A. I suspect the bio on HBS website
doesn't use the phrase "information security,"
although I'm confident that it discusses some of
my work in the area of information security.
Q. Why didn't it use the phrase
"information security"?
A. I'm not sure. I wrote it. So I
could have used that phrase had I wanted to. I
think I was attempting to fit more within the
area of research of my colleagues of this
hallway who are largely economists. And so I
was there structuring my focus to emphasize the
Page 87
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
research focuses without including information
security?
A. I was recently evaluated for a
promotion by the Harvard Business School and had
to prepare a personal statement. I know that
the personal statement discussed my work in the
area of information security, but I doubt that
it used the phrase "information security."
Q. And the work in information security
that was discussed is the -- is the work on
spyware, advertising, privacy and so on that
we've discussed?
A. I think it includes those. There's
others also.
Q. Is there any work that you've done
that is more germane to Internet security -strike that.
Is there any work that you've done
that is more germane to information security
than the work that we have discussed thus far
today?
A. I think there is actually.
Q. What work is that?
A. The first matter which I was retained
as an expert was the matter captioned National
Page 86
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
economics aspects of my research and to somewhat
downplay the computer science aspects of the
research.
Q. Are you -- can you recall any other
instance in which you describe the areas on
which your research focuses without including
information security?
A. Sure.
Q. What instance is that?
A. I'm sure bios and converse
description and description of the speaker and
so forth, typically. Usually, any reference to
any information security.
Q. Why is that?
A. Usually, I find myself speaking to
advertisers or publishers or online business
people more generally, and they usually would
not be drawn to information security and such.
Even though it's important to what they do, they
wouldn't regard it as important or strategic,
and so presenting other aspects of my work would
be more likely to capture their interest and
attention.
Q. What other instances can you recall
in which you describe these areas on which your
Page 88
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Football League versus I Crave TV, and that was
1999 or 2000. In that matter a Canadian company
was copying American network television to a
video format, not unlike YouTube except live
rather than recorded. My work in that case and
subsequent publications, comments to regulators
and so forth, were grounded in the remarkable
difficulty of securing that video content
against those who might further copy and wish to
access it in violation of applicable law.
Q. Anything else that is more germane to
information security than that which we have
discussed so far today?
A. Yes.
Q. What's that?
A. I had a set of projects as to
Internet filtering, attempting to determine what
websites were blocked by what commercial
filters, by what library filters, by what school
filters, by what national filters. In some
instances affecting entire countries. Well, in
a portion of that project, I wished to take
apart a series of commercial Internet filters in
order to determine what websites those filters
blocked. The list was installed on a server in
22 (Pages 85 to 88)
Veritext National Deposition & Litigation Services
866 299-5127
A-1532
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 24 of 79
Page 89
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
m office, in my custody, and I needed to access
this data secured within the server, although
there were, in fact, some impediments to
accessing the data.
Q. And did you circumvent those
impediments?
A. I developed some methods to
circumvent a portion of the impediments. Other
impediments were more difficult, both for
technical and for legal reasons.
Q. Did this project result in
litigation?
A. One aspect of it did.
Q. Were you the plaintiff in that
litigation?
A. Yes.
Q. What was the claim that you made in
that litigation, and actually -- sorry, let me
ask. Was that the Edelman versus N2H2
litigation?
A. Yes.
Q. What was your claim as a plaintiff in
that litigation?
A. That was a declaratory judgment
action seeking guidance from the court as to
Page 91
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
particularly as to the significant security
vulnerabilities that had given rise to the
installation of spyware and adware and about
which I have written in great detail.
Q. Anything else?
A. And my first publication on any
subject was a manual on how to use software
called Trumpet Winsock to connect to Net.com.
Net.com, being an early unlimited Internet
service provider, which I believe uniquely at
that time would provide unlimited Internet
access for $20 a month. This was in an era of
monthly charges. I think I was about
15-years-old at the time and figured out how to
use Trumpet to connect to Netcom, which was
important at that point because Trumpet would
allow you to use Netscape and Udora and other
software that you might very much want to use.
Well, this was an information
security project because the Netcom service was
bundled with software called Net Cruiser which
was viewed as strategically significant from
Netcom corporation. I think mistakenly viewed.
They thought that it would be good for them to
provide your e-mail program and your web browser
Page 90
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
whether it would be lawful for me to circumvent
an information system that constrained access to
a list of websites being filtered.
Q. What was the result of that
litigation?
A. The court refused to give any
guidance one way or the other.
Q. On what grounds did the court so
refuse?
A. I believe it was standing mootness.
Something procedural and early in that vein.
Q. Following the court's decision, did
you proceed with the project?
A. I abandoned the project, at least in
that respect.
Q. Who was your counsel in that
litigation?
A. The American Civil Liberties Union,
national office.
Q. Do you have any other areas of
research that are more germane to information
security than those we've already discussed?
A. Well, we've discussed spyware and
adware only to a limited extent, but that's
clearly important to information security,
Page 92
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
and your Internet access service. They were
mistaken. They would have been better off
providing only Internet access, but they didn't
know that.
So they wanted users to accept the
entire bundle. I wanted to use only a portion
of the bundle and to bring my own software at my
own expense for other services, and I determined
how to do that and wrote an article explaining
how to do it which raised significant questions
of security, frankly; namely, was their system
secure against people like me, and it turned out
that it was not.
Q. Was that a peer-reviewed article?
A. Well, it wasn't published in a
traditional journal. On the other hand, I
discussed it with genuine peers, people who
really knew this material, including the
software developers who wrote development
software and later the engineers at the Netcom
Corporation. So the relevant experts were
absolutely consulted and offered feedback and
opinions in great detail.
Q. Of your research, can you recall any
other research, other than that which we've
23 (Pages 89 to 92)
Veritext National Deposition & Litigation Services
866 299-5127
A-1533
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 25 of 79
Page 93
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
discussed today, which is more germane to
information security than that which we've
discussed already?
A. Yes. Here's another one that's more
germane than much of what we've discussed.
Yahoo operates an advertising service called
Right Media which has a very, very large
proportion of deceptive advertisements. Perhaps
30 percent or more of the Right Media
advertisements are deceptive by Yahoo's own
classification system, and here's how I know
that: As a Right Media publisher, a person
authorized to put Right Media advertisements
onto my website, I logged into the Right Media
interface and carefully excluded each of the
various categories of deceptive ads,
individually and in various combinations and
noted the proportion of advertisements that were
respectively excluded when I activated the
various category exclusions.
In that way, I was able to obtain
from Yahoo's server the proportion of Yahoo's
advertisement that according to Yahoo's own
staff were deceptive and indeed unlawful. And
to demonstrate that a very sizable fraction of
Page 95
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Q. You nonetheless published it; is that
right?
A. Yes.
Q. Had you entered into any agreements
with Yahoo at the time that you published that
information?
A. There was a standard click-through
agreement for which, frankly, I don't recall the
terms one way or another.
Q. Do you recall whether there were
confidentiality terms?
A. I don't recall one way or the other.
Q. Did you check whether there were
confidentiality terms before publishing this
information?
A. I think I thought about the legal
questions posed, and I expect that I would have
checked the confidentiality terms and resolved
the question to my satisfaction before
proceeding.
Q. If there had been confidentiality
terms, would you have proceeded?
A. I might have.
Q. Why?
A. I might have concluded that the terms
Page 94
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Yahoo's advertisements had this problem and then
to post those screen shots to my website along
with a discussion of the business, marketing and
legal questions posed, which prompted an
investigation by a state attorney general,
compelling Yahoo to change some of those
practices.
Q. Do you consider your work on Right
Media an intrusion into a computer system?
A. I believe Yahoo considered it an
intrusion into their computer system.
Q. Do you consider it an intrusion into
a computer system?
A. I'm not sure. I see both sides of
it.
Q. Were you able through your intrusion
to gain access to any confidential Yahoo or
Right Media information?
MR. BONI: Object to form.
Mischaracterizes the testimony.
A. Yahoo took the position that the
information they provided to me in my capacity
as publisher was confidential and should not
have been presented on my website or disclosed
to anyone else.
Page 96
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
didn't apply to the information that I was
publishing, didn't apply to this purpose, to
demonstrate unlawful conduct and Yahoo's
knowledge thereof, were contrary to public
policy, and therefore, unenforceable or for some
other reason were deficient or defective.
Q. Do you remember what conclusion you
came to on those questions?
A. The bottom line was that I should
publish the article, and I don't recall the
specific intermediary steps that took me to that
conclusion.
Q. How is Right Media research germane
to information security?
A. There was a set of information that
Yahoo wanted to keep away from public view and
away from, for example, the attorneys general
who ultimately investigated. They wanted their
own employees to be able to classify
advertisements, and they wanted publishers to
make informed decisions about which categories
of advertisements to accept. After all,
accepting the deceptive advertisements was
actually quite important to Yahoo's business
because they could make significant money from
24 (Pages 93 to 96)
Veritext National Deposition & Litigation Services
866 299-5127
A-1534
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 26 of 79
Page 97
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
their revenue share, their commission for
putting the deceptive advertisements onto
publishers' sites.
So they wanted publishers to be able
to accept the deceptive advertisements, but they
didn't want it to be required. Good publishers
would insist on excluding them. Well, Yahoo had
this set of complicated business objectives.
They wanted the ads classified in this way.
They wanted these people to see this
information, and these people not to see it.
And unfortunately for them, it was difficult to
thread the needle, that is, difficult to provide
exactly that information only to the people that
Yahoo wanted to provide it to because as I
demonstrated, one of the people who received the
information might elect to republish it to
Yahoo's detriment.
Q. Even in the face of a confidentiality
agreement requiring to the contrary?
A. Perhaps.
MR. GRATZ: Let's change the tape.
THE VIDEOGRAPHER: Here ends Tape 2.
Off the record 12:09 p.m.
(Brief recess.)
Page 99
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Q. And it wasn't ruled upon because the
case settled very shortly after it was filed; is
that right?
A. I don't think that's correct.
Q. Why wasn't it ruled on?
A. I think it wasn't ruled on because
WhenU withdrew the motion.
Q. Did WhenU withdraw the motion
contemporaneously or roughly contemporaneously
with a settlement of litigation?
A. No. I think the litigation continued
for more than a year thereafter, as I recall.
Well, I'm not sure. But in any event, if there
was a settlement, it was unrelated to the
withdrawal of the motion, to the best of my
knowledge.
Q. What was the allegation in that
contempt motion?
A. The allegation was that I disclosed
or otherwise used testimony that was given under
seal in writing an article on my website.
Q. In describing your expertise in
previous expert reports, have you ever omitted
to include any mention of information security?
A. Usually, in an expert report, I
Page 98
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
THE VIDEOGRAPHER: Here begins Tape
No. 3 in today's deposition of Benjamin Edelman.
Back on the record, 12:13 p.m.
Q. Mr. Edelman, have you ever been the
subject of a contempt motion?
A. I have.
Q. Could you tell me about that?
A. This was a contempt motion brought by
WhenU, a spyware or adware company, depending on
who you ask, that alleged that I had violated a
portion of a protective order.
MR. GRATZ: We'll mark this as
Edelman 2.
(Document marked as Exhibit No. 2 for
identification.)
Q. You have before you what's been
marked as Edelman 2. Do you recognize this
document?
A. Yes.
Q. What is it?
A. It's WhenU's motion.
Q. Did WhenU settle -- excuse me.
Do you know whether this motion was
ruled upon?
A. It was not.
Page 100
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
discuss the experience that is relevant to that
matter. Thinking about the most recent
instances in which I've served as an expert, I
don't think information security would have been
particularly relevant, and therefore, I probably
wouldn't have mentioned it.
Q. Do you consider Internet advertising
search engines and privacy particularly relevant
to the issues in this case?
A. Some more than others, but because
those are so central to the overwhelming
majority of my research, I mentioned them almost
as a matter of course, whether or not they're
relevant.
Q. And information security falls into a
different category?
MR. BONI: Object to form.
A. I think information security is
somewhat less prominent in my research. It
still permeates the research, but particularly
given widespread view that information security
is somehow less important or is best left to
technicians and is not of general significance,
it's something I'd be less likely to mention
unless it was specifically at the core of the
25 (Pages 97 to 100)
Veritext National Deposition & Litigation Services
866 299-5127
A-1535
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 27 of 79
Page 101
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
matter.
MR. GRATZ: Let's mark this as
Exhibit 3.
(Document marked as Exhibit No. 3 for
identification.)
Q. Do you recognize this document?
A. Yes.
Q. Turning to -- actually what is this
document?
A. It begins with my expert report in a
dispute between AOL, owner of Netscape, and
Valueclick. It looks like it continues with a
set of attachments. I'd need to flip through it
all to be sure.
Q. In your expert report in the
Valueclick case, did you opine on issues of
information security?
A. I need to think back for a moment to
remember what was at issue in that case.
MR. BONI: Take your time and look at
the report.
A. I think Paragraph 11 purports to
summarize my opinions, and as I recall, it does
summarize my opinions. This is largely about
the structure of online advertising markets and
Page 103
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
information security in Paragraph 1.
Q. Do you identify expertise and
information security in any other portion of the
description of your background and
qualifications?
A. I'm sure I attach my CV to the expert
report as required by the applicable rules, and
that does discuss information security via the
various articles on that subject. The word
secure, securing does appear in the title of an
article in Paragraph 3. I think there's -there's discussion of information and security.
Q. But it's not an important enough
reason or interest to appear in the second
sentence of Paragraph 1?
A. I don't think that's the reason why
it doesn't appear. It doesn't appear in the
second sentence of Paragraph 1 because it's not
as germane to the expert opinions presented in
this expert report.
Q. Whereas affiliate marketing is
described there, but does not appear in
Paragraph 1 of your report of this case; is that
right?
A. That's true. If we were to flip
Page 102
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
the import of cookies in online advertising
markets. There's significant technical analysis
of whether or not the cookies work as
instructed, whether or not the cookies are
defective in some way, whether browsers
correctly process the cookies. All questions
very much grounded in whether information
systems work in the way that they might have
been expected to or whether they malfunction in
some way. Whether that's information security
or not, that's diagnosis and analysis of the
functioning of information systems.
Q. Would you say that your opinions in
the Valueclick case have more or less to do with
information security than your opinions in this
case?
A. Less.
Q. And in describing your background and
qualifications in the Valueclick case, you don't
identify any expertise in information security;
is that right?
A. Let me check. Well, in Paragraph 1,
for example, I discuss various aspects of
advertising which is what was at issue in the
case here, the Valueclick case. I don't discuss
Page 104
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
through a variety of my expert reports, I think
we'd find that, first, they copied this
paragraph, and second, the end of that sentence
especially tends to be customized a bit
according to the context in which that report is
being prepared.
Q. Turning to your CV in this case,
attached to your report, under experience you
identify certain research interests. Do you see
that?
A. Yes.
Q. Is information security listed among
those research interests?
A. Automated data collection actually is
quite closely related to information security,
but -- and information security permeates the
other listed research interests, but it's not
listed specifically by that name.
Q. Have you ever provided consulting
services or expert witness services with respect
to subject matter as to which you did not
consider yourself an expert?
A. No.
Q. Do you consider yourself an expert on
the subject matter of computer security?
26 (Pages 101 to 104)
Veritext National Deposition & Litigation Services
866 299-5127
A-1536
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 28 of 79
Page 105
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
MR. BONI: Object to form.
A. There are aspects of computer
security on which I do consider myself an
expert, and there are other aspects of computer
security on which I don't consider myself an
expert.
Q. On which aspects of computer security
do you consider yourself an expert?
A. I consider myself an expert in areas
of information security in a multiuser online
information system, partial access to
information, context in which some information
is made available to some people but not others,
information systems where some information is
available to the general public without
restriction or login.
Conversely, at the other end of the
spectrum, for example, as to the most technical
aspects of hacking, finding the specific
security defects that allowed an attacker to
circumvent a security control, in general,
that's something that I would have less to say
about.
Q. But you nonetheless consider yourself
qualified to opine on the subject of computer
Page 107
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
beyond what an ordinary computer professional
would be likely to know.
Q. Anything else?
A. Sure. You know, there are many
facets of information security. And we could go
through the numerous specialized fields.
Hardware security modules, specialized computer
chips that provide security benefits, I'm
familiar about them only incidentally from a
particular single matter, but wouldn't consider
myself an expert in hardware security modules in
general.
Q. How to conduct a penetration test of
a system?
A. Well, I wouldn't be so quick on that
one. There are some systems for which I could
appropriately design a penetration test. Some
systems for which I have personally performed a
penetration test and have achieved the
penetration. So it all depends on the kind of
system and the kind of testing that is under
consideration.
Q. Have you ever designed or performed a
penetration test with respect to a system which
stored digital books?
Page 106
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
security generally?
MR. BONI: Object to form. You can
answer.
A. I'm sure there are some questions of
computer security that I wouldn't consider
myself qualified to opine on, but as to the
questions presented in this report, the
questions on which I was asked to opine, I
consider myself an expert for the purpose of
those questions.
Q. So you said you don't consider
yourself an expert in sort of determining the
means by which a particular intrusion occurred
at the code level; is that right?
MR. BONI: Object to form.
A. I think that slightly
mischaracterizes it, but it's probably
satisfactory in many purposes.
Q. In what other areas of computer
security do you not consider yourself an expert?
A. There are people with specialized
expertise on physical security, vaults, tamper
proof screws, tamper evidence seals. Some very
important work, frankly. And I haven't written
on that subject, haven't learned much about it
Page 108
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
A. No.
Q. Do you consider yourself an expert on
the subject of online advertising?
A. Yes.
Q. Do you consider yourself an expert on
the subject of advertising fraud?
A. Yes.
Q. Do you consider yourself an expert on
the subject of spyware?
A. Yes.
Q. Do you consider yourself an expert on
the subject of Spam?
A. Some aspects of Spam more than
others. I wouldn't be as unqualified with that
one.
Q. Do you consider yourself an expert on
the subject of Internet filtering?
A. Certainly there was a time when I was
as close to that subject as anyone. Now I'm
less sure, but there certainly are aspects of it
where I put myself out as an expert.
Q. Do you consider yourself an expert on
the subject of geolocation?
MR. BONI: Just to be fair, what it
says in his CV is geolocation and targeting.
27 (Pages 105 to 108)
Veritext National Deposition & Litigation Services
866 299-5127
A-1537
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 29 of 79
Page 109
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Q. Mr. Edelman, do you consider yourself
an expert on the subject of geolocation?
MR. BONI: Object to form.
A. There are aspects of geolocation on
which I have offered expert opinions. And
geolocation has changed somewhat since that time
and has become more complicated in multiple
respects, so there are portions of geolocation
on which I would not put myself out as an
expert.
Q. Do you have greater or lesser degree
of expertise in the area of geolocation than in
information security?
A. It's hard to make that comparison
because the term "information security" is just
such a broad term that encompasses so much.
There are portions of information security where
I have a much deeper understanding and a much
more current understanding than I have today of
geolocation.
Q. Do you consider yourself an expert on
the subject of privacy?
A. On some aspects of privacy. Privacy
also is quite broad. Probably even broader than
information security.
Page 111
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
design do you consider yourself an expert?
A. I think my greatest expertise is at
the intersection of user interface design and
consumer law, disclosures. I would make myself
less than expert on the ordinary questions of
ease of use and user friendliness, intuitiveness
and so forth.
Q. Of the areas of expertise that we've
just discussed, are there any in which you have
a greater degree of expertise than in the area
of information security?
A. The thing about these areas is that
they vary just dramatically in their breadth.
So you see on the list that we just discussed,
you see something like advertising fraud, where
I might have coined the term "online advertising
fraud." In any event, I think I have the single
best website on that subject on the whole
Internet. I'm the guy if you want to talk about
online advertising fraud. In part because it's
kind of a small subject, and at least in the
sense that not that many people are interested.
Maybe more people should be interested.
Conversely, for a huge subject like
privacy or information security, there are just
Page 110
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Q. Do you consider yourself an expert on
the subject of online privacy?
A. Even there the term is quite broad
and comparable in breadth to information
security.
Q. What areas of online privacy do you
consider yourself an expert in?
A. I have expertise in data collection
from personal computers, especially Windows
computers, data collected by websites, data
collected through mechanisms in websites such as
HTML, JavaScript and Flash, methods of
determining forensically what data is collected
or has been collected, interpreting log files,
forensically interpreting historic records.
Those are the areas of privacy where I have done
the most work.
Q. Do you consider yourself an expert in
the subject of automated data collection?
A. Yes.
Q. Do you consider yourself an expert on
the subject of user interface design?
A. Some aspects of user interface
design.
Q. On what aspects of user interface
Page 112
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
many more subfields, and so it's like apples and
oranges to try to compare those two.
MR. GRATZ: Let's mark this as I
guess, we're on Exhibit 4.
(Document marked as Exhibit No. 4 for
identification.)
Q. We have before you what's been marked
as Exhibit 4. Do you recognize this document?
A. Yes.
Q. Is this a true and correct copy of an
expert report you submitted in Multnomah County
Public Library versus United States on October
15, 2001?
A. It seems to be.
Q. Turning to page 2, you say, "My
experience includes six years as an Internet web
server administrator, including operation of a
server ordinarily receiving more than 20,000
hits per day." Do you see that?
A. Yes.
Q. What server was that?
A. I think I must have been referring to
the main Berkman Center server as it stood at
that time.
Q. Were you the primary administrator of
28 (Pages 109 to 112)
Veritext National Deposition & Litigation Services
866 299-5127
A-1538
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 30 of 79
Page 113
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
that server as of October 15, 2001?
MR. BONI: Object to form.
A. I'm not sure if October 15th, 2001 is
the date of this report. Just take a moment to
check that. I certainly was during a period on
or about that time. I think my time as the
primary administrator might have ended shortly
before then.
Q. Are you aware of any intrusions -actually strike that.
The primary Berkman web server, are
you referring to the web server at
Ciber.law.Harvard.edu?
A. That was the domain name that
associated with the server that I administered.
Q. Was that a data based-backed website?
A. It was in part.
Q. Are you aware of any intrusions that
resulted in the disclosure of confidential
information from that server when you were its
administrator?
A. There were intrusions into that
server. I don't know what information, if any,
was obtained during those intrusions.
Q. What intrusions were those?
Page 115
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
servers improved since 1995?
A. I think the security of the servers
has improved, although some confounding factors
have caused reductions in security at the same
time, such that I'm not sure on the whole
information is a whole lot more secure than it
was in that time period. Perhaps, it's less
security.
Q. And what confounding factors are
those?
A. Attackers have become significantly
more skillful. Automatic attacking tools have
become more widely used. Information sharing
among attackers has become more common through
specialized information sharing websites such
that one defect can readily be known to others.
Economic incentives to monetize stolen
information have become significantly more
widespread such that there's a much improved
business model to attacking servers. Servers
have become much more complicated with more
software installed, more interconnections and
more exposure to possible attacks.
Q. Turning back to Exhibit 1 of your
report, in the second sentence of Paragraph 2,
Page 114
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
A. That was a Windows server, and it was
subject to the -- I believe it was called SQL
slammer, was an early worm. There were some
other worms. It's hard to recall a decade later
which one specifically managed to infect that
server and which ones I successfully blocked.
Q. But you don't recall any that
resulted in the disclosure of confidential
information?
A. Well, if they did result in that
disclosure, I don't think I learned about it. I
don't know one way or the other. One of our
main protection strategies, of course, was to
try not to keep sensitive, high-risk,
confidential information on that server for a
variety of reasons, including the perceived
vulnerabilities of the server and the fact that
it was connected to the Internet in quite an
exposed way.
Q. Did your work as an Internet web
server administrator begin in about 1995?
A. Yes.
Q. How old were you in 1995?
A. I was 15.
Q. Has the security of Internet web
Page 116
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
you say "My technical experience includes
efforts to verify the security of other
programmers' code, including uncovering
shortfalls in others' security systems." Is
there anything referred to in that sentence that
we haven't yet discussed today?
A. Yes.
Q. What's that?
A. There are several instances in which
I found significant security defect in others'
codes. I can tell you about all of them that I
remember, and you can check my CV for more. One
that's particularly vivid was the WhenU software
that we discussed on a couple of occasions. The
WhenU software had a remote execution
vulnerability; namely, it was possible for
anyone to send a purported update to the WhenU
spyware, adware application, which the WhenU
application would then install on the user's
computer with full administrative privileges,
allowing the attacker to obtain complete control
over the user's computer.
I uncovered that, brought it to the
attention of both WhenU and the general public,
and subsequent to my report, it was corrected.
29 (Pages 113 to 116)
Veritext National Deposition & Litigation Services
866 299-5127
A-1539
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 31 of 79
Page 117
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
That's one. There are several other examples.
Q. Do any of those examples relate to
the security of code which is run on servers?
A. Well, much of this code is right at
the intersection of desktop computers and
servers. This was a vulnerability relating to
the way that the client connected to the server.
For example, they failed to use any
cryptographic verification, and so the
correction to the problem that I just described
required changes both to the client and to the
server.
Q. It wasn't a security defect in the
server that you found though; isn't that right?
A. It was a security defect in the
overall architecture that encompassed both the
server and the client.
Q. Did the defect that you identified
allow intrusion into the server?
A. I'm not sure.
Q. It did allow intrusion into the
client, in that one could install any software
one wanted and take complete control of the
client; is that right?
A. That much definitely could be done.
Page 119
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
should -- would govern.
It was complicated and confusing. I
prefer to reread the underlying article which I
think offers a precise description of what went
wrong. Sitting here today, recalling an article
of half a decade ago, it's difficult for me to
summon the details with precision.
Q. Was that a situation in which there
was an intrusion that went past a designed
security system or a situation in which the
security settings through the security interface
didn't end up doing sort of what the user
intended?
MR. BONI: Object to form. You can
answer.
A. I think there are other possibilities
beyond the two in your question. I believe the
system didn't operate in the way that the
technical documentation said that it would
operate. I believe it didn't operate in the way
that a reasonable user would have expected it to
operate in light of the technical documentation
and the configuration screen. It's possible
that there's an engineer who knew that it would
operate this way because he designed it that
Page 118
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Q. Do you know of any other instances in
which you have verified or uncovered shortfalls
in the security of other security systems where
the security was protecting a server from
intrusion?
A. Google acquired a service called
JotSpot which suffered a defect that could be
styled as either a privacy defect or a security
defect. The result of the defect was that any
user could view the documents, even when the
author of those documents had instructed the
documents were to be kept private and secure
from other users.
Q. And that's in a situation where the
administrator of the particular wiki that was
involved had set all pages to be public; is that
right?
MR. BONI: Object to form.
A. As I recall, there were multiple
inconsistent settings areas, so you might set it
to be public in one place and private in another
place, and it looked from the user interface
like the private settings, the stricter of the
two settings should govern, when the fact of the
matter was that the looser of the two settings
Page 120
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
way, and he knew that he designed it that way.
Nonetheless, I would say there was a
defect in the design, if that's how he designed
it, particularly in light of the technical
documentation.
Q. Was there any security measure that
needed to be circumvented in order to access the
information in the JotSpot situation?
A. I think the main tactic that an
attacker would need to utilize was to ask. It's
like the joke about God and the lottery ticket,
meet me halfway. Buy a ticket. You have to ask
for the private information in order to get it.
The main thing, protecting the private
information here was that no one would bother to
ask, and, therefore, no one would get it.
Q. And that was the security scheme that
was circumvented in that circumstance?
A. As I recall, the main request -- the
main circumvention technique was to ask for it.
To know of something obscure, to know of the
possible existence of something obscure and to
ask for it and receive the response.
Q. Are there any other instances of
uncovering shortfalls in server-based security
30 (Pages 117 to 120)
Veritext National Deposition & Litigation Services
866 299-5127
A-1540
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 32 of 79
Page 121
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
systems -- strike that.
Are there any other instances in
which you have uncovered shortfalls in the
security systems that allowed intrusions into
servers other than those which we've discussed
so far?
A. Yes. Here's one actually not
reflected in my CV because it didn't result in a
published article. It did result in a New York
Times article. American Airlines had an
internal website whereby documents were provided
to flight attendants and ground staff, maybe one
or the other, maybe both. Training documents,
policy documents and so forth. It turned out
thereto that the method of securing documents
was importantly defective. Documents provided
as plain text were appropriately secured with a
user name and password, and I guess you could
guess someone's user name and password to access
them, but I didn't do that.
In contrast, documents provided as
attachments were available to anyone who
happened to guess the attachment number, and the
numbers were sequential beginning with one and
continuing to some maximum, such that it was
Page 123
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Q. Do you know of any techniques that
can be used to avoid such an attack?
A. Yes.
Q. What techniques are those?
A. One could avoid publishing these
files with predictable file names. Instead of
using numbers like 1.PDF, you could have a
lengthy number too long to guess. You could
restrict access to -- even to these raw binary
files, restrict access to those users who have,
in fact, entered a user name and password.
That's a little bit more complicated but
certainly doable for an engineer who needs to.
Q. And those are two separate methods.
One would be choosing file names that are
predicable. Another would be sort of requiring
a user name and password before providing access
to the files?
A. There are some other methods also.
Certainly it could be done for someone who
recognized the vulnerability and elected to take
steps to defend against it.
Q. Are there any other instances in
which you have uncovered shortfalls in the
security of servers against intrusion other than
Page 122
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
quite straightforward to download all of them,
which I did.
And then I read the documents in
sequence from one to the last and found some
that were quite embarrassing to the company, in
fact, which I provided to the New York Times
which wrote an article about them.
Q. Do you think that what you did was an
intrusion into American Airlines systems?
A. I'm not sure. Actually, I found the
articles using Google. I found the first one
using Google because Google had previously found
the very same PDF attachments and directed me to
one of them as I was attempting to find records
of a relevant American Airlines policy. So if
it was an intrusion, Google did it first, and
then I identified the pattern and continued it
from there.
Q. That was because the files at issue
were publicly available on the Internet. All
one had to do was type in the URL, and they
would come up; is that right? If one knew the
URL?
A. If one knew the URL, they were
available upon request.
Page 124
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
those we've discussed?
A. We discussed Buy.com previously.
Q. Yes.
A. That was very much in the same vein
as the American Airlines example just discussed.
Namely, the name, address and phone number were
provided on UPS prepaid shipping labels, which
were posted in some binary format like a gift or
a PDF or a PNG with sequential numbers, so that
by guessing numbers, Buy.com/returns/17 dot,
yes, you'd be able to see the seventeenth return
and thereby obtain that information directly
from the Buy.com server, again, without any
defect in any client software.
Q. That would be avoided by choosing
unpredictable file names or the other methods
which we've discussed?
A. Yes.
Q. Anything else?
A. The I Crave TV case which we've
discussed already.
Q. And in what sense was that a -- why
don't we discuss that in more detail. Anything
else?
A. I think there probably are more. I
31 (Pages 121 to 124)
Veritext National Deposition & Litigation Services
866 299-5127
A-1541
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 33 of 79
Page 125
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
have never thought of myself as limited to
client-side security. I've certainly always
been interested in server security. It's just
that there were other people doing server-side
security, and so I was better able to
distinguish myself in the realm client-side
security which others weren't focused on. But I
think there are other publications. I could
flip through my whole CV line by line to try to
identify some more for you.
Q. Do any others come to mind?
MR. BONI: Do you want him to look
through his CV?
Q. You're welcome to look through your
CV?
A. Sure, I'll take a minute and look.
Okay, here we go, the second item
under the heading "website writings" on page 3
of the CV is entitled "Hack-based
Cookie-Stuffing by Bannertracker-script."
Q. And what's that?
A. So this is an article very much at
the intersection of security and advertising,
advertising fraud. Bannertracker-script is the
controlling domain name used by a set of hackers
Page 127
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
to their own code and use their own code to
create the invisible eye frame window that loads
Amazon that makes the putative referral.
Q. And this is through an exploit in
software called vBulletin?
A. That's my understanding.
Q. Anything else? Actually let me ask
this: Did you analyze that exploit in
vBulletin?
A. I didn't analyze the exploit. I was
able to determine forensically from the location
of the insertion and from others discussing this
method of insertion that it had been perpetrated
by exploit. It was clear from the circumstance,
the same insertion on hundreds, even thousands
of unrelated websites, that it had to be an
exploit, and I quickly confirmed to my
satisfaction that it was.
Q. Do you know whether any confidential
information from these bulletin board sites was
compromised as a result of this exploit?
A. There were some losses to the
bulletin board sites. The bulletin board sites
began to load more slowly for users. Users had
to waste bandwidth, and Amazon, of course, pays
Page 126
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
who attack discussion board sites, online
bulletin boards, to insert their code into the
bottom of the bulletin board site, and having
inserted their code, they then perpetrate
advertising fraud, primarily against Amazon,
claiming to have referred users to Amazon, such
that if users make a purchase from Amazon within
the 24 hours after the putative referral, Amazon
will pay a commission of as much as 8 percent to
the putative referrer.
Q. And this is a way in which sites
which display advertisements from certain ad
networks may result in the unintended data going
to users?
A. Not at all of. This is a genuine
hack. The perpetrators of this hack identify a
defect in the code that allows them to put their
code onto the fixed-in websites without any
permission whatsoever. It's not via an ad
network. It's via a security exploit. I
reserve the word "hack" typically for that kind
of circumstance. So they exploit a defect in
the victims's web server or application level
server sitting on top of the web server and use
that defect to install the JavaScript reference
Page 128
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
significant funds. But the main losses here are
not in user privacy. The losses here are
measured in dollars actually, dollars taken out
of the pockets of Amazon shareholders.
Q. So the answer to that question is,
no, you don't know of any confidential
information having been taken as a result of
this exploit?
A. I think what was taken was money and
bandwidth but not information.
Q. In the next sentence of paragraph -little bit lower down in Paragraph 2, you say,
"For example, I have personally uncovered
multiple Google privacy flaws, including
improper data collection by Google Toolbar as
well as improper data distribution by Google
JotSpot." Do you see that?
A. Yes.
Q. Do you claim to have uncovered any
Google privacy flaws other than the two you
claim to have uncovered in this sentence?
A. It's possible that there are some
more Google privacy flaws that I know about and
could be taking credit for, but I can't remember
any sitting here today. I don't think I've
32 (Pages 125 to 128)
Veritext National Deposition & Litigation Services
866 299-5127
A-1542
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 34 of 79
Page 129
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
written about any others. I think there
probably are some more. There probably are some
that I know about that I haven't written about
or have disclosed only peripherally in
presentations or otherwise.
Q. Do any come to mind?
A. No.
MR. GRATZ: We'll mark as Exhibit 5.
(Document marked as Exhibit No. 5 for
identification.)
Q. Do you recognize Exhibit 5?
A. Yes.
Q. What is it?
A. This is a article published on my
website in January 2010.
Q. Is this the research referred to by
the phrase "improper data collection" by Google
Toolbar in Paragraph 2 of your report?
A. Yes.
Q. What methodology did you use to reach
these results?
A. I tested Google Toolbar forensically
using a virtual computer, using a set of virtual
computers in my home office.
Q. And your research found that Google
Page 131
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
thing than disabling the Google Toolbar only for
this window that you've been tracking?
A. You're right, that's a different
thing, and, in fact, there's yet another example
on page 3 that's another different thing.
Q. These -- and all of these settings
properly take effect after the user restarts
their browser; is that right?
A. That's right.
Q. But what you found was that these
settings didn't properly take effect until the
user restarted their browser; is that right?
A. That's true, with the additional
concern that as to the first example, the whole
purpose was for it to take effect immediately
for the current browsing session. By the terms
of the user's instruction, it was to take effect
only for that session and for no other, and so
restarting your browser was supposed to
terminate it, meaning the feature was completely
defective in the mechanism presented in the
first section.
MR. GRATZ: We'll mark this document
as Exhibit 6.
(Document marked Exhibit No. 6 for
Page 130
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Toolbar -- certain features of Google Toolbar
continued to operate after the feature had been
turned off and the toolbar had been hidden, at
least until the user restarted the browser; is
that right?
A. That's right.
Q. And if the user restarted their
browser, than the settings would take effect; is
that right?
A. When the user restarted his or her
web browser, the disabling which had always been
described as only for this window would by its
term expire, and, therefore, the feature would
be re-enabled, the toolbar would reappear, and
the user would rightly expect that the tracking
would continue.
Q. Does your research discuss only the
disable only for this window feature?
A. That's right.
Q. Turning to the second page of Exhibit
5, it says, "Google Toolbar continues tracking
browsing even when users disable the toolbar via
manage add-ons." Do you see that?
A. Yes.
Q. Is that the same thing or a different
Page 132
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
identification.)
Q. Turning back to Exhibit 5 for a
moment, this is a blog post from January 26,
2010; is that right?
A. Yes.
Q. Turning to Exhibit 6, this is also a
blog post from January 26 of 2010 on a blog
called Search Engine Land; is that right?
A. Yes.
Q. This includes a statement from Google
responding to your blog post; is that right?
A. Yes.
Q. The last sentence of that statement
is "A fix that doesn't require a browser restart
is now available on www.Google.com/toolbar and
in an automatic update to Google Toolbar that we
are starting tomorrow." Is that right?
A. That's what it says.
Q. Do you know whether that was a true
statement as of January 26, 2010?
A. I agree that effective roughly 24
hours thereafter the Google Toolbar began to
update itself to a version that no longer had
the defects described in my article.
Q. The next sentence, and this is not
33 (Pages 129 to 132)
Veritext National Deposition & Litigation Services
866 299-5127
A-1543
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 35 of 79
Page 133
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
from Google's statement, but from the author of
the blog post on Search Engine Land, says, "I
wonder if Ben Edelman knew about restarting I.E.
would fix the issue and left it out." When you
wrote Exhibit 5, did you know that restarting
Internet Explorer would cause the settings to
take effect?
A. I think this misunderstands -- the
Barry Schwartz article misunderstands the scope
of the problem, particularly as to the first
section of my article.
Q. Turning your attention to the
sections of your article other than the first
section, were you aware at the time you
published Exhibit 5 that restarting the browser
would cause the settings to take effect?
A. Well, when I published the article,
it included the first and second sections, and
the third section, captioned, "Google Toolbar
Continues Tracking Browsing When Users Disable
the Toolbar Via Right Click," was added late on
the night of January 26th, and it even includes
a parenthetical and italics to that effect. So
we should be limiting ourselves to the first two
sections for purposes of discussing what I knew
Page 135
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
data collection by Google Toolbar?
A. Well, an interesting twist about
Exhibit 5 is that I know Google knew about the
problem for more than a month before I wrote it
up on my website.
Q. How do you know that?
A. A state attorney general told me,
staff of a state attorney general.
Q. What's that person's name?
A. I can't recall.
Q. What state was it?
A. I don't recall.
Q. About when did they make that
statement to you?
A. I was at a meeting of staff of state
attorneys general in Florida, somewhere in Miami
vicinity, and someone told me that.
Q. When was that roughly?
A. It was in the same winter when I
published this article, so it must have been
February or March 2010.
Q. Was it before or did -- so it was
after the publication of this article?
A. That's right.
Q. And what basis did the person who
Page 134
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
when I published the article.
Q. Let me be -- let me be very precise
as to the time. When you published the section
of Exhibit 5 marked "Google Toolbar Continues
Tracking Browsing Even When Users Disable the
Toolbar Via Manage Add-Ons." Do you see that
portion?
A. Yes.
Q. Did you know that that disabling
setting took effect when the user restarted
their browser?
A. Well, the article right now as I'm
looking at it, page 3, says -- not only says
that I knew, but alerts readers to that very
fact in the paragraph that begins "In my tests,"
towards the top of page 3. It says exactly
that. Maybe Barry Schwartz didn't notice that
paragraph of the article.
Q. Are you aware of any intrusion to
Google's servers related to the issue set forth
in Exhibit 5?
A. This problem isn't about intrusion
into Google's servers.
Q. Other than what's described in
Exhibit 5, have you found any other improper
Page 136
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
told you this have for making that statement?
MR. BONI: Object to form.
A. It purported to be personal
knowledge.
Q. Personal knowledge of that?
MR. BONI: Object to form.
A. Personal knowledge as conveyed to me
of some sort of a dispute between Google and
Microsoft pursuant to a Microsoft antitrust
consent decree and the ongoing oversight
therefrom; wherein, Google complained that
Microsoft was doing this, and Microsoft
complained that Google was doing that. And the
state attorney general staff person was on a
phone call where all of that was discussed and
perhaps an e-mail exchange. In some other way
it was all made known to this person.
Q. Do you think that person was telling
the truth?
A. I do. I wish I knew the person's
name. Unfortunately, it was all in, you know, a
reception or other social function at that
event.
Q. Turning back to Paragraph 2 of your
report, you mention improper data distribution
34 (Pages 133 to 136)
Veritext National Deposition & Litigation Services
866 299-5127
A-1544
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 36 of 79
Page 137
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
by Google JotSpot. Do you see that?
A. Yes.
MR. GRATZ: I'd like to mark this as
Exhibit 7.
(Document marked as Exhibit No. 7 for
identification.)
Q. You have before you what's been
marked as Exhibit 7. Do you recognize this as
an October 30th, 2008 blog post by you?
A. I don't recall the date, but maybe
if -MR. BONI: There's a different -there's a different date on that.
A. That's the date on the last page. I
think that's probably correct.
Q. Is this the research referred to by
the phrase "improper data collection" by Google?
Excuse me.
Is this the research referred to by
the phrase "improper data distribution" by
Google JotSpot in your report?
A. This is what I had in mind, yes.
Q. What methodology did you use to reach
the results set forth in Exhibit 7?
A. Direct hands-on testing and screen
Page 139
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
third grader could do it also.
MR. GRATZ: Mark this as Exhibit 8.
(Document marked as Exhibit No. 8 for
identification.)
Q. Do you recognize what's been placed
before you as Exhibit 8?
A. I don't really recall it one way or
the other, but I can see what it must be.
Q. What is it?
A. It seems to be news coverage of the
Google JotSpot article that I wrote.
Q. Turning to the second page of Exhibit
8, under the screen shot, there's a statement
from a Google spokesman; do you see that?
A. Yes.
Q. Could you read that statement,
please.
A. This is a statement from a Google
spokesperson, giving his view of the issue. He
says, "This is not a security issue. The
information in these wikis is accessible because
they have been set to public on the site
permissions page. Users are always in control
of the information they share. If wikis are set
to private, no information will be publically
Page 138
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
shot evidence.
Q. You used a web browser; is that
right?
A. A web browser, a screen shot tool,
potentially a packet sniffer. I don't recall.
Q. What is a packet sniffer?
A. A packet sniffer is a specialized
tool for reviewing and confirming all data sent
over a network connection.
Q. Did you use a packet sniffer in
conducting the research set forth in Exhibit 7?
A. I often run one in the background
while doing this kind of test. Let me skim
through the article and see whether there's any
discussion of the fruits of that methodology.
Okay, there's no discussion of use a
packet sniffer. I believe I probably ran one
anyway, checked its output, found that there was
nothing notable in the packet sniffer output,
above and beyond what the screen shot showed,
and, therefore, had no need to mention it.
Q. Were there any other elements of your
methodology?
A. No. I think what's beautiful about
this article is it's just so simple, a typical
Page 140
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
accessible."
Q. Was it true that the information in
the wikis which were the subject of your article
had been set to public in the site permissions
page?
A. I think it may not be as simple as
that. I think there was an import from one
JotSpot system to another as part of the
acquisition, and something might have been
changed during the import. I definitely think
this engineer is only telling part of the story.
Q. Do you know what the other parts of
the story are?
A. I think it's along the lines just
described, that some options had been added,
something had been converted, perhaps subsequent
to the acquisition or in some other upgrade.
And so things that had started out more private
had become less private over time.
Q. Were you aware that the wikis that
were the subject of your blog post had been set
to public on their site permissions page?
MR. BONI: Object to form.
A. First had been set is nicely in the
passive voice. Who did the setting is exactly
35 (Pages 137 to 140)
Veritext National Deposition & Litigation Services
866 299-5127
A-1545
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 37 of 79
Page 141
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
the question. Whether it was the site
administrator or Google who set it that way.
But I think, yes, the article discusses that and
discusses the contrary and inconsistent
statements, inconsistencies between this screen
and that screen and the help file all discussed
in the body of Exhibit 7 as it is before us.
Q. Google fixed this issue within 48
hours; is that right?
A. That wasn't my recollection actually.
Q. How long did it take for Google to
fix this issue, in your recollection?
A. I thought Google's initial position
was that everything was working perfectly.
Nothing at all was wrong, and that's consistent
with the quote from the Google spokesman in the
CNET article. I don't really recall
specifically.
Q. Turning to the last paragraph of
Exhibit 7, does this refresh your recollection
as to the time that it took to remedy this
issue?
A. That suggests it took about a week
after I first notified Google. I had thought it
took longer than that. But this paragraph seems
Page 143
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Back on the record 2:13 p.m.
Q. Turning your attention to the final
paragraph of Paragraph -- strike that.
Turning your attention to the final
sentence in Paragraph 2 of Exhibit 1, it says,
"I also found and demonstrated to a court's
satisfaction that an early online video service,
iCraveTV, had failed to secure video contents in
the way that it had previously represented to
that court." Do you see that?
A. Yes.
MR. GRATZ: I'd like to mark this as
Exhibit 9.
(Documents marked as Exhibit Nos. 9
and 10 for identification.)
Q. You have before you what has been
marked as Exhibit 9 and 10. Do you recognize
these documents?
A. Yes.
Q. Is Exhibit 9 your initial declaration
in a case titled "National Football League
versus TVRadioNow Corporation"?
A. Yes.
Q. And is Exhibit 10 a supplemental
declaration that you submitted in that case?
Page 142
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
to indicate that a week is about as long as it
took.
Q. This was a week after you sent
notification to Google, but as of the same day
you posted this publicly; is that right?
MR. BONI: Object to form.
A. That's what this says. It's possible
that my last paragraph here is inaccurate, that
in some sense the problem lingered. I just -I just don't know. But if the paragraph of my
article is correct, then it was fixed the same
day that I posted the article. Although it
wasn't fixed during the intervening week when I
hadn't posted the article. When Google was just
on notice of the problem, but there was no
public concern and no article neatly laying it
out, Google dragged its feet a little bit. Then
when I twisted their arm, they finally fixed it
that same day.
MR. GRATZ: We can change the tape.
THE VIDEOGRAPHER: Here ends Tape
No. 3. Off the record 1:15 p.m.
(Recessed for lunch.)
THE VIDEOGRAPHER: Here begins Tape
No. 4 in today's deposition of Benjamin Edelman.
Page 144
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
A. Yes.
Q. Are these expert declarations?
A. Yes.
Q. You are an expert retained by the
plaintiffs in that case; is that right?
A. Yes.
Q. And these declarations were submitted
in January and February of the year 2000
respectively; is that right?
A. Yes.
Q. What opinions did you render?
A. I could take a moment to refresh my
recollection of these documents of 12 years ago,
but generally I offered the opinion that
iCraveTV security systems were not properly
designed to limit access to Canadian users only,
and, that, in fact, significant American and
other users could access and were accessing the
video contents that was supposed to be limited
to Canadians only.
Q. So the system was designed based on
the IP address of the user to either grant or
deny access based on whether that user was
coming from an IP address associated with the
United States; is that right?
36 (Pages 141 to 144)
Veritext National Deposition & Litigation Services
866 299-5127
A-1546
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 38 of 79
Page 145
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
A. Well, there were a series of security
systems. You described a portion of one of the
security systems.
Q. What were the other security systems
about which you rendered opinions in Exhibits 9
and 10?
A. Some of the security systems predated
my opinions, and I believe are not discussed
here. There was one that was grounded in typing
in an area code. If you knew a Canadian area
code, that would prove that you were Canadian.
I don't know that I had to offer an opinion as
to the defects of that security, but that was
one that was also an issue.
You describe restrictions based on
the IP address which is true but only in part.
That was a restriction on access to a portion of
the web server; whereas, what was actually
desired was the video which was provided by a
different server; namely, a streaming video
server from a company called Real Networks,
which didn't have any such access restriction.
And so it was possible completely to circumvent
the IP address filter that you just described.
Q. Did your opinions in the National
Page 147
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
users who, in fact, have done so. There might
have been students at Harvard College, and we
could even identify them by name from
information present within the defendant's log
files. I don't recall whether we identified any
of them by names in the context of the
declaration. We might have thought that was a
much notch too personal, but we could, and I
think that might have come out in the oral
testimony, if not in the deposition.
Q. This was a system that had both a web
server and a media server or a set of web
servers instead of media servers; is that right?
A. That's right.
Q. And on the web servers, there was an
attempt to restrict access to users outside the
United States; is that right?
A. That's right.
Q. And on the media servers, there was
no such attempt; is that right?
A. That's true.
Q. Were the log files you were looking
at log files from the media servers?
A. I believe I looked at both sets of
log files.
Page 146
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Football League case relate to the area
code-based security system?
MR. BONI: Object to form.
A. I know that I formed opinions.
Whether those opinions are expressed in this
declaration, I'd need to read through both of
the declarations to say for sure. My opinion
was and is that the area code system didn't work
very well for reasons that are probably
apparent, and I might have mentioned that in a
paragraph, or that might have gotten deleted
when the defendants abandoned that system.
Q. So the opinion that you were
rendering in this case is that users from the
United States were, in fact, able to access
television programming where the system had been
attempted to be designed to prevent users in the
United States from accessing that program; is
that right?
A. I demonstrated both the users were
able to and that they, in fact, and did so in
significant quantities.
Q. Did you demonstrate anything else in
these reports?
A. I gave specific examples of specific
Page 148
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Q. Did you find that the IP -- what is
IP geolocation?
A. IP geolocation is a set of systems
that convert an IP address to a geographic
location or a likely geographic location, an
inference as to geographic location.
Q. In your report did you find errors in
the IP geolocation database used by the
defendant in this case, in Exhibits 9 and 10?
A. I believe I did find and discuss some
errors.
Q. Did you also find that users from the
United States had, in fact, accessed the media
server?
A. I found that users from the United
States could access the media server. I believe
there was evidence that they actually had done
so, including discussions on web pages directing
users as to how to do so.
Q. Were those people hackers?
MR. BONI: Object to form.
A. It depends on the definition of the
word "hackers," but on some definitions
including reasonable definitions, they were.
Q. In that they were gaining access to a
37 (Pages 145 to 148)
Veritext National Deposition & Litigation Services
866 299-5127
A-1547
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 39 of 79
Page 149
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
system when they knew that they weren't supposed
to have access to it?
A. Right.
Q. They weren't -- they didn't have the
root access to the system; is that right?
A. They didn't even want root access.
All they wanted was to watch the video content
that was available via this much easier
mechanism.
Q. And this much easier mechanism more
or less amounted to directing their software to
a particular address which held the video
content in an unprotected form; is that right?
A. Yes.
Q. Other than that, are you aware of any
intrusion into iCraveTV's servers relating to
the issues discussed in Exhibits 9 and 10?
A. Immediately after that, they faced an
injunction requiring them to shut down the
servers, and at that point, I don't think it
would have been possible to intrude because they
were no longer operating. So that was the end
of the line for them.
Q. But you're not aware of any intrusion
prior to the time the servers were shut down; is
Page 151
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
knew their name and their home address.
Q. And that was a designed feature of
that website; is that right?
A. I think it was, although some -subject to some caveats. Maybe it wasn't
supposed to be quite so easy to put in someone
else's name and address. I'd need to refresh my
recollection by rereading that article.
Q. Anything else?
MR. BONI: Anything else what?
Q. Any other relevant technical
experience other than that which we've discussed
on which you've relied in preparing your report?
MR. BONI: Object to the form. Vague
and ambiguous to the extent of what you mean by
technical as opposed to any other kind of
experience.
A. There have been other defects in the
privacy and security -- privacy and information
security of software systems that I've examined.
There was, I think, a compete toolbar that would
send your credit card number in plain text, so
that anyone in a nearby Internet cafe could see
your credit card number. That sort of
difficulty of properly securing information in a
Page 150
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
that right?
A. I didn't really look at it one way or
the other, but I'm not aware of any intrusion
like that.
Q. Other than that which we have
discussed so far, do you have any other
technical experience on which you rely in
forming your opinions in this case?
A. As I walked back in from lunch, I saw
the related project as to the Sears' privacy
violation linked at the top of Exhibit 7. It's
not that I specifically relied on it, but it is
yet another of these examples of a server side
security defect that allows the access of
information the users weren't intended to be
able to access.
Q. And was that through predictable
URLs?
A. No, it wasn't.
Q. By what means were they able to
access that information?
A. I think last name, plus street
address, plus zip code. You could see what
anyone had bought from Sears, maybe what major
appliances anyone had bought from Sears if you
Page 152
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
multiuser information service is again on my
mind when I evaluate the book service here at
issue, but it's not that I specifically relied
on it. It just informs the totality of my
professional experience in this area.
Q. Anything else?
A. Nothing else comes to mind.
Q. Turning to Paragraph 3, you highlight
two publications as being particularly relevant
to the opinions you render in your report, and
the first of those is titled "Shortcomings and
Challenges in the restriction of Internet
Retransmissions of Over-the-Air Television
Content to Canadian Internet Users." Do you see
that?
A. Yes.
Q. Was that about largely the same
subject matter as your expert reports in the NFL
case?
A. Well, it was related, but a little
bit broader.
Q. Broader in what way?
A. The NFL case was limited to the
specific facts at hand. One specific defendant
with one specific set of security systems. In
38 (Pages 149 to 152)
Veritext National Deposition & Litigation Services
866 299-5127
A-1548
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 40 of 79
Page 153
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
contrast, the submission to Industry Canada was
about all the matters that could potentially
arise if such retransmissions were to be
permitted, all of the possible systems that
future defendant infringers might design and the
likely defects and consequences of those
systems.
Q. Is the thesis of that article that IP
geolocation as a security mechanism is
imperfect?
A. That was one of the points raised and
one of the bases for concern.
Q. Were there any other bases for
concern that were of the same level of
importance?
A. Well, it's not just that it's
imperfect in the sense of one in a thousand
times it makes an error or two in 10,000 times
it makes an error. It's imperfect in the sense
that once an error is identified, it can be
systematically exploited such that 1,000 users
drive through that one-in-a-thousand hole, and
then it becomes a thousand in a thousand because
everyone knows that's where the hole is. Just
like a hole in a damn, you might say there's
Page 155
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
mention "Securing Online Advertisers, Rustlers
and Sheriffs in the New Wild West." What was
that article about?
A. That's a cross-cutting article really
surveying a series of other articles, including
problems affecting consumers; for example,
deceptive advertising, as well as problems
affecting advertisers, including overcharging in
advertising fraud and presenting the
relationship between those problems and the
underlying computer security systems that are
closer to the core of what the readers of this
multiple author bound volume would be likely to
be familiar with.
Q. That relates primarily to the
security of end user computers; is that right?
A. A portion of it does, but not all.
For example, the deceptive advertisements are
equally deceptive no matter how well secured
your end user device might be.
Q. Does this article mention in
Paragraph 3, securing online advertising,
discuss intrusion to servers connected to the
Internet?
A. I don't recall one way or the other.
Page 154
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
only one square inch of the damn that has a
hole, but never mind, a lot of water can pour
through that one hole.
I also pointed out in that article
the importance of user incentives, that users
will jump through quite a few hoops to get the
content that they want, particularly if they
don't have another good way to get it. And so
the users' willingness to find the hole and to
exploit the hole is likely to be commensurate
with the value of the content that they would
receive. So one shouldn't assume that users
won't do it because they haven't done it to get
something they didn't want very much. The more
they want it, the more they'll be willing to do
to get it.
Q. So the amount of effort that one
needs to put into securing a system is
commensurate with the level of demand for the
material being protected?
MR. BONI: Object to form.
A. I think that's right, with the right
understanding of demand, the level of user
interest vis-a-vis possible alternatives.
Q. In Paragraph 3 you also say --
Page 156
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
I can't think of a specific section in which it
would be likely to do so. But it might.
Q. Are there any other academic
publications of yours which you consider more
relevant to the questions at issue in this case
than those identified at the end of Paragraph 3?
A. I don't usually draw a distinction
between academic publications and other
publications. They're all important to me.
Some are peer reviewed and some aren't. I think
we've discussed all of the publications, be they
peer reviewed or otherwise, that are most
relevant to my opinions.
Q. In Paragraph 4, it says that your
teaching assignment currently consists of a
Harvard Business School elective course called
"The Online Economy" which analyzes strategies
for all manner of online businesses, and that
the course includes concerns arising out of
information security. Do you see that?
A. Yes.
MR. GRATZ: Mark this as Exhibit
13 -- 11.
(Document marked as Exhibit No. 11
for identification.)
39 (Pages 153 to 156)
Veritext National Deposition & Litigation Services
866 299-5127
A-1549
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 41 of 79
Page 157
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Q. Do you recognize this document?
A. Yes.
Q. What is it?
A. This is the syllabus of the course as
presented on the course website.
Q. Could you identify for me the section
of the course that deals with information
security?
A. Information security is a theme that
arises in a variety of the cases taught in this
course. I can go through the cases, the days of
the course one by one and flag contents in which
information security arises. In online
apartment rentals as to Rent Jungle and its
scrapers, there's quite a bit of discussion
there, of whether scrapers are an appropriate
technique, whether it's appropriate to scrape
your competitors' sites in order to make your
own site, how would your competitors feel about
that, is there anything they can do to stop you,
is there anything you can do to stop them from
stopping you.
Q. What do you mean by scraping?
A. In this context the term "scraper"
refers to a software system that collects
Page 159
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Airlines PDF example I just discussed where to
get the underlying text would require a user
name and password, but to get the attachments
mistakenly, no password was required.
Q. Does any of the material in your
online economy course relate to the intrusion
into servers for the purpose of gaining root
access?
A. I don't think we discussed security
in that context in this class. It comes up more
in some of the executive education teaching that
I've done, and other notions of security other
than obtaining root access arise often in this
class.
Q. Do they include gaining access to
information hosted on web servers which one is
not permitted to access?
A. Yes.
Q. In any situations other than those
which we've already discussed to today?
A. No. I think we've discussed the
examples that arise.
Q. Turning to Paragraph 5, Paragraph 5
of your report, you discuss previous expert
work. Was your first expert engagement the NFL
Page 158
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
information from another website.
Q. That's information that that other
website makes available publicly; is that right?
MR. BONI: Object to form.
A. It makes it available on its website,
perhaps to the general public, perhaps only to
users who log in with a password, perhaps
without restriction of any of kind, perhaps
subject to a terms of use restriction imposed in
some way.
Q. And the same restrictions that would
be imposed on an ordinary web browser are
imposed on a scraper; is that right? For
example, if an ordinary user would need to enter
a user name and password, then the scraper would
need to provide the same credentials; is that
right?
A. Often that's true, although I
wouldn't want to be too sweeping about it.
There might be ways to circumvent that sort of
thing, and I've seen some of those ways from
time to time.
Q. Do you discuss any of those ways in
your class?
A. Sometimes we discuss that American
Page 160
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
versus TVRadioNow case?
A. Yes.
Q. Was your second expert engagement the
Multnomah County Libraries versus the United
States case?
A. I'm not sure that was second or if
there was something else in between. That was
surely the next significant engagement.
Q. Was the next significant engagement
Washington Post versus Gator Corporation?
A. That was certainly shortly
thereafter, and was one of the larger cases.
There might have been something else in between.
Whether that was significant or not...
Q. In what area of expertise did you
testify in the Washington Post case?
A. My testimony there consisted solely
of expert reports and deposition. The case
settled before trial.
Q. And what were your opinions in that
case?
A. That was a case about spyware and
adware installed on users' computers. Initially
replacing the ads on websites with other ads,
later showing pop-up ads and pop-under ads. My
40 (Pages 157 to 160)
Veritext National Deposition & Litigation Services
866 299-5127
A-1550
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 42 of 79
Page 161
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
opinions went to the methods of installation,
the disclosures that were shown, the pop-ups
themselves, the circumstances in which the
pop-ups would appear, user perception of the
pop-ups, perhaps other aspects of the pop-ups.
Q. Did you render any opinions in that
case?
A. I think I did.
Q. What opinions were those?
A. It's a little bit difficult to recall
based on the duration, since the case as well as
the significant subsequent work in that area.
MR. GRATZ: We'll mark this as
Exhibit 12.
(Document marked as Exhibit No. 12
for identification.)
Q. Do you recognize this document?
A. This is a declaration I wrote in the
Gator matter.
Q. Is it an expert declaration?
A. I believe I was anticipating being
designated as an expert, or maybe I had been
designated as an expert, so yes, it is an expert
declaration.
Q. What opinions are contained in
Page 163
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
right?
MR. BONI: Object to form.
A. Gator did not intrude onto the
plaintiff's servers in that case.
Q. In 2003 did you submit an expert
report in connection with the case, Wells Fargo
& Company and Quicken Loans Inc. versus
WhenU.com?
A. Yes.
Q. What was the subject matter of your
declaration in that case?
A. It was generally similar to the Gator
declaration just discussed. Namely, methods of
installation, methods of operation and the
advertisements that were displayed.
Q. Did it involve any intrusions into
servers?
A. WhenU software also didn't intrude
onto plaintiffs' servers.
Q. Did it intrude onto anyone's servers?
A. WhenU never needed to place code into
the server in order to accomplish its business
objectives.
MR. GRATZ: I'd like to mark this as
Exhibit 13.
Page 162
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Exhibit 12?
A. I discussed the Gator software
generally, including its methods of installation
and the advertisements that it displayed.
Q. Are those facts or expert opinions?
MR. BONI: Object to the form.
A. Some of the contents of this
declaration reflects my firsthand personal
observation and would be appropriate for a fact
witness. Other portions of the declaration
reflect the judgment and experience of an expert
and probably would require that.
Q. Did any of your work in the
Washington Post case relate to intrusions into
servers?
A. Significantly at issue was how
exactly Gator managed to replace the ads on
websites with Gator's own ads and later to show
pop-ups and pop-unders. That was all done
wholly on the client side, without making an
intrusion onto web servers. Although users
probably wouldn't understand that and would
perceive it otherwise.
Q. So no intrusion into servers was
involved in the Washington Post case; is that
Page 164
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
(Document marked as Exhibit No. 13
for identification.)
Q. Do you recognize this document?
A. Yes.
Q. Is this the blog post that gave rise
to the motion for contempt in the WhenU case?
A. It is.
Q. At the time you wrote this blog post,
were you in possession of confidential WhenU
information?
A. I believe I had been present in the
courtroom at a time when confidential
information was presented orally. I don't know
whether I was in possession of any written
confidential information.
Q. Did you in -- strike that.
Did you testify in a case called
WhenU versus State of Utah?
A. Yes.
Q. Was the subject matter of your
testimony in that case similar to that in the
other WhenU case and in the Gator case?
A. Similar, although with some different
twists based on the procedural context in the
specific substantive issues in dispute there.
41 (Pages 161 to 164)
Veritext National Deposition & Litigation Services
866 299-5127
A-1551
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 43 of 79
Page 165
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Q. How was it different?
A. WhenU argued that it would be
difficult for WhenU to keep out of the state of
Utah because their software operated the same on
a nationwide or worldwide basis. I demonstrated
that quite the contrary, WhenU's system utilized
geolocation to identify the users' geographic
location or apparent geographic location, that
WhenU told advertisers that the system worked
reliably, and that WhenU's system had an
adequate geolocation system to substantially
avoid showing certain ads or even all ads in
Utah.
Q. Was it your opinion that WhenU could
effectively limit usage to users outside of
Utah?
A. It could certainly avoid showing ads
to users in Utah and could otherwise allow usage
of its software if they so chose.
Q. That would be through -- by means of
geolocation; is that right?
A. The existing geolocation system that
they had already installed for their own
business purposes.
Q. It was your opinion that that
Page 167
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
A. Casale Media produced a software
program purporting to clean spyware off of a
user's computer, and it was advertised as having
that benefit, even when it didn't really do all
that much, and furthermore, at least as
important, the advertisements overstated the
user's need for the software, in particular, the
advertisements would make statements like, your
computer is infected when the fact of the matter
was Casale had no information one way or the
other as to whether or not your computer was
infected.
Q. And what were the opinions to which
you testified in that case?
A. First, I needed to reconstruct
historic records of what advertisements were
shown and how they looked. The advertisements
were no longer running as of the commencement of
litigation, and I needed to reconstruct how the
software worked, what the software said. The
software also had been withdrawn from the market
by the date of commencement of the litigation.
So there was significant forensic work necessary
to lay the groundwork.
Then, for basically just fact witness
Page 166
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
geolocation system was effective?
A. That it was sufficiently effective
for WhenU's own business purposes and
sufficiently effective to comply with the
statute in the state of Utah.
Q. Is that consistent with your opinion
in the National Football League case regarding
the reliability of geolocation?
A. It is.
Q. How so?
A. Users attempting to get copyrighted
media content would be highly likely to find
ways to circumvent any geolocation that was
denying them access. You want to watch the
video, you pretend you're in Chicago so you can
watch the video. In contrast, it would be quite
unusual for a user to pretend they were in a
different state in order to receive extra pop-up
ads which are widely regarded as unwanted rather
than as desirable.
Q. Did you testify in a case called
South Carolina v. Casale Media?
A. Yes.
Q. What was the subject matter of your
testimony in that case?
Page 168
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
work to say what was on the screen after I got
it to work again. I believe there was also
discussion of user perceptions of these offers,
how a user would respond upon receiving a
particular message.
Q. Did you do any forensic work as a
basis for the opinions you expressed in your
report in this case?
MR. BONI: Object to form.
A. I didn't examine any historic sources
or any archives or anything of that sort.
Q. Did you examine any computer systems?
A. Yes.
Q. What computer systems did you
examine?
A. Well, I reviewed the documents that
are cited in the attachment to the report. I
also wanted to check the availability of
copyright infringing books right now online as
it stands. If you wanted to find a copy of
Malcolm Gladwell's new book, how easily could
you do that. And if you wanted to find some
other book, again in copyright, how easily could
you do that, how easily could you get it for
free via some unlawful copyright infringement
42 (Pages 165 to 168)
Veritext National Deposition & Litigation Services
866 299-5127
A-1552
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 44 of 79
Page 169
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
website.
Q. Did you examine the security of any
computers in connection with this report?
A. I wasn't checking for security. I
was checking for the availability of the
copyright infringement materials.
Q. And it wasn't copyright infringement
materials that were available by breaking
through security but because the infringing
materials were intended to be accessible by the
operator of that website; is that right?
A. That's right.
Q. Did you testify in a case called
Arista against Myxer?
A. Yes.
Q. In what area of expertise did you
testify in that case?
A. As I recall that, my expert work in
that case was as to the financial benefit that
the defendant there reaped by showing
advertising on a website with copyright
infringing material.
Q. Did you render any opinions about
copyright law?
A. No, I didn't render any opinions
Page 171
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
isn't publicly known.
Q. What was the name of that case?
A. I would have great difficulty
summoning it for you from memory and I
apologize.
Q. In the UMG against Veoh case, in what
area of expertise did you testify?
A. I think it was the same as the Myxer
case just described.
Q. In the Lens against UMG case, in what
area of expertise did you testify?
A. I think it was the same as what was
just discussed, but I prefer to check the expert
report to confirm.
Q. So it is before you as I believe -- I
believe it's before you. It's not before you.
MR. GRATZ: We'll mark this as
Exhibit 14.
(Document mark as Exhibit No. 14 for
identification.)
Q. So you have before you what's been
marked as Exhibit 14. You recognize this as
your expert report in the Lens against UMG case?
A. Yes.
Q. In what areas of expertise did you
Page 170
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
about any law.
Q. Did you render any opinions about
security in the Myxer case?
A. I don't recall.
Q. You don't recall any such opinions?
A. I don't recall one way or the other.
There were a series of these cases. I get them
confused to this day. I think there might have
been three. There were the number that are
listed in the attachment to my expert report.
All of them are properly listed, and what was at
issue in one versus what was at issue in
another, I would be on very thin ice if I tried
to recite that from memory.
Q. The three cases you're talking about
are Arista against Myxer in which Arista is a
record Company on the one side; UMG against
Veoh, which UMG is a record company on one side;
and Lens verus UMG, which UMG is a record
company. You're talking about the three record
company cases?
A. There are those three. There might
have been another one that didn't make it to the
point where I had my deposition taken, and,
therefore, it isn't disclosed. It probably
Page 172
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
testify in that case?
A. I believe Paragraph 7 details the
expert opinions as to the scope of copyright
infringing material or in any event copyrighted
material present without permission from the
rights holders, the difficulty of applying fair
use analysis, the information that the defendant
in that case considered before sending his
take-down request and the damage that results
from a mistaken take-down request in light of
the counter-notification provided by law.
Q. Did you render any legal opinions in
your report in the Lens case?
A. My intension was not to render any
legal opinions, and I believe I succeeded in not
rendering any legal opinions.
Q. When you say at the top of -- I want
to direct your attention at the top of what's
marked at the bottom as page 3 in Exhibit 14.
Do you see that?
A. Yes.
Q. It says, "The type of fair use
analysis that would be conducted in infringement
litigation cannot readily be conducted using the
information available to a rights-holder upon
43 (Pages 169 to 172)
Veritext National Deposition & Litigation Services
866 299-5127
A-1553
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 45 of 79
Page 173
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
sending a takedown request." Do you see that?
A. Yes.
Q. Was that one of the opinions you
expressed in the report in the Lens case?
A. Yes.
Q. Is that still your opinion today?
A. It's my opinion as to the facts of
this matter. There might be other contacts in
which it would be possible to conduct that fair
use analysis with the information available, but
thinking about the context in which I offered
this report, I think this opinion is correct,
and it's still my view.
Q. When you say the type of fair use
analysis that would be conducted in infringement
litigation, what do you mean by that?
A. I believe the expert report details
that further, for example, 13, and follows from
there, listing the factors that need to be
considered in order to apply a fair use
analysis.
Q. And that's set forth in Paragraph 14?
A. Fourteen discusses the factors, and
then 15 and 16 discussed the limited information
available to rights-holder confronting an
Page 175
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
offer an opinion.
MR. BONI: Joe, we're not proffering
him as a fair use expert at all. This has
nothing to do with the report he's doing in this
case.
Q. Turning your attention to Paragraph
17, in the middle of the paragraph it says,
"Even when all the facts are known, it is
difficult to apply the required legal standards
to those facts, which makes fair use
particularly difficult to apply in any sort of
perfunctory or quick look review." Do you see
that?
A. Yes.
Q. Is that a statement that you can
continue to consider true?
MR. BONI: Object to form.
A. I think it's true in context. Of
course, there would be some sets of facts that
are sufficiently clear-cut that one could make a
fair use determination one way or the other.
It's not that every case is a difficult case,
but that there are some difficult cases.
Q. Did you identify any of those
difficult cases in your report in the Lens case?
Page 174
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
unauthorized video at YouTube.
Q. In Paragraph 14 you say, "Nor do the
examples of Section 107 limit what may be fair
use." What do you mean by that?
A. I think the portion of the sentence
after the colon is informative, quoting some
authority from a case interpreting the Section
107, fair use defense.
Q. It says that the examples in the
preamble to Section 107 are illustrative and not
limitative. You see that?
A. Yes.
Q. Do you agree with that today?
A. I think I correctly characterized the
holding of Campbell. Whether or not I would
have decided it the same way had I been
presiding in that matter, I guess I haven't
really thought it through, but I don't hold that
position.
Q. You agree that that's currently the
law?
A. I don't know. I'm not enough of a
scholar -MR. BONI: Objection.
A. -- of fair use law to attempt to
Page 176
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
A. I guess I cited some cases that were
reversed, including the three cases cited within
Paragraph 17. So those must have been difficult
facts if in each of those three instances the
cases were twice reversed.
Q. Do you know what the use at issue in
the Lens case was?
A. It was background music to a home
video.
Q. Do you think that the use in the Lens
case was fair use?
MR. BONI: Object to form.
A. I'm not sure.
MR. BONI: Joe, we're not proffering
him as a fair use expert. This is improper
questioning.
Q. You weren't asked to opine on that
matter in the Lens case?
A. That's correct, I was not asked.
Q. And you never, in fact, formed an
opinion on the question?
A. I didn't. It's a difficult question
to me, and no one wanted to pay me to figure it
out, so I spent my time on other matters
instead.
44 (Pages 173 to 176)
Veritext National Deposition & Litigation Services
866 299-5127
A-1554
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 46 of 79
Page 177
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Q. What makes it a difficult question?
MR. BONI: Object to form.
A. Well, some of the factors cut in one
direction. Some of the factors cut in the other
direction. And it leaves me uncertain about the
correct way to apply the Section 107 factors.
Q. Which factors cut against fair use in
the Lens case?
MR. BONI: Object to form. Joe, I'm
going to stop the questioning. You keep going
down this path that has nothing whatsoever to do
with qualifying him for the report for which he
proffered in this case. It has nothing to do
with security or his report.
Q. You can answer the question.
A. For example, the Lens video used the
most distinctive part of a song. I can't recall
what song it was. But, you know, it has a
chorus or something, the part that everyone
hums, and wouldn't you know it, in her 30-second
clip, she manages to get that part. The video
was set to be viewable by the entire world. It
wasn't limited just to her family and friends.
It was accessible by everyone. Those are
factors that would seem to cut against fair use.
Page 179
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Q. In what cases have you practiced as
an attorney?
MR. BONI: Object to form.
A. I brought a class action against
Yahoo as to overcharging of certain advertisers.
Q. Anything else?
A. I was co-counsel in a class action
against Google as to certain type of squatting
practices.
Q. Anything else?
A. I am currently counsel in a case
against Apple as to charges incurred by minors
and charges without a user entering a password
to authorize the charges.
Q. Anything else?
A. I'm currently counsel in a case
against Facebook as to charges incurred by
minors.
Q. Who's your co-counsel in the Facebook
case?
A. I need to discuss with my attorney.
Q. Do you need to discuss -A. Yeah.
Q. Okay.
THE VIDEOGRAPHER: You want to go
Page 178
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Q. What factors weighed in favor of fair
use in your view in the Lens case?
A. It would be seem to be a
noncommercial use, although to be sure, these
days Google pays significant royalties to those
who upload videos. So maybe not so
noncommercial after all. The quality of the
audio and video were consistent with a home
recording which is to say not all that good,
which maybe could cut either direction, in fact,
depending on how you think about it. It's not
much of a substitute, but then again, the artist
would never have allowed his recorded music to
be presented in this way.
Q. And on balance, you don't have a view
one way or the other as to how the fair use
analysis comes out?
MR. BONI: Asked and answered.
A. I don't have a view one way or the
other.
Q. In addition to your expert work, have
you practiced as an attorney?
A. Yes.
Q. In what cases?
MR. BONI: In what cases?
Page 180
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
off.
MR. BONI: Go off.
THE VIDEOGRAPHER: Off the record
3:02 p.m.
(Brief recess.)
THE VIDEOGRAPHER: Back on the record
3:07 p.m. Could we have the last question read
back please.
(Last question read back.)
A. The firm is Kershaw, K-e-r-s-h-a-w.
There are some more names after that.
Q. Are there any other cases in which
you are or have been counsel?
A. There are.
Q. How many?
A. Some individual disputes, you know,
airline overcharged money. There are some for
which I have a confidential role, not on the
paper as an advisor, co-counsel. I think I've
listed all of the significant matters, all of
the matters in which I appear on the papers, for
example.
Q. Turning to Paragraph 6 of your report
it says, "I am being compensated for my work in
this matter at the rate of $450 per hour"; is
45 (Pages 177 to 180)
Veritext National Deposition & Litigation Services
866 299-5127
A-1555
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 47 of 79
Page 181
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
that right?
A. Yes.
Q. Is payment contingent on the outcome
of the litigation?
A. No.
Q. Is payment contingent on any opinions
you render?
A. No.
Q. When were you first contacted by
counsel for plaintiffs in this case?
A. Several years ago counsel for
plaintiffs asked me about a different aspect of
this case.
Q. What aspect was that?
MR. BONI: I'm going to instruct the
witness not to answer on the grounds of the
attorney work product.
Q. When did counsel for plaintiffs first
contact you about putting forward subject matter
set forth in Exhibit 1?
A. That's sometime this winter to spring
after the new year.
Q. Who contacted you?
A. Mr. Boni.
Q. Have you spoken with any of
Page 183
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
A. Not really.
Q. Before today, how many hours had you
spent on this engagement?
A. I'd estimate about 20.
Q. Did anyone assist you?
A. No.
Q. Have you received payment for your
work on this case?
A. No.
Q. Do you anticipate receiving payment
for your work on this case?
A. Yes.
Q. Who is going to be paying you?
A. I think the Boni & Zach firm will be
paying me.
Q. Turn to Paragraph 7 of your report.
In the middle of that paragraph it says, in this
report I address and opine on risks of a
security breach exposing widely online the
contents of in-copyright books from a number of
sources. Do you see that?
A. Yes.
Q. Do you provide opinions in your
report regarding any matters other than risks of
a security breach exposing widely online the
Page 182
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
plaintiffs' counsel other than Mr. Boni?
A. Ms. Zack.
Q. Anyone else?
A. A fellow named Josh.
Q. Anyone else?
A. I think that's all.
Q. Have you spoken with anyone regarding
this engagement other than Mr. Boni, Ms. Zack
and Josh?
A. I discussed it with my father,
spiritual guidance on all important questions.
Q. What did you discuss with your
father?
A. The case generally, my role in it,
the extent of my opinions, the substance of my
opinions.
Q. What did your father tell you?
A. He supports my work and supportive of
my work in this area.
Q. Anything else?
MR. BONI: Anything else that his
father told him?
MR. GRATZ: Correct.
A. Nothing of any great significance.
Q. Nothing that comes to mind?
Page 184
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
contents of in-copyright books?
A. I'm sure I do.
Q. What opinions can you identify in
your report where you express those opinions?
A. Well, for example -MR. BONI: Go ahead. That's okay.
A. The boldface heading midway through
this page 2 that piracy of books is already
real. I don't think that speaks to the risks of
a security breach exposing in-copyright books.
This is something that's already happening
without any security breach above and beyond
what has already happened.
Q. Any other opinions that are not
related to the risks of a security breach
exposing widely online the contents of
in-copyright books?
MR. BONI: Let me object to the form,
and say that the report speaks for itself. It
is what it is. If you want a thorough, complete
answer, then the witness should go through line
by line and see what exactly there is other than
what he saw on this page.
Q. Mr. Edelman, you're welcome to take a
look at any portions of the report you need to
46 (Pages 181 to 184)
Veritext National Deposition & Litigation Services
866 299-5127
A-1556
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 48 of 79
Page 185
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
to fully answer my question. The question is
could you identify for me other than the portion
you identified in your previous answer about
present book piracy any opinions you expressed
in your report other than opinions on the risks
of a security breach exposing widely online the
contents of in-copyright books?
A. I think the rest of the declaration
fits within that sentence, broadly understood.
Q. Is it your opinion that the level of
security afforded to the scanned books is
relevant to the fair use analysis in this case?
MR. BONI: Object to form.
A. I think it could be.
Q. How?
A. In a couple of ways. One, the level
of security that Google is providing, can
provide, will provide speaks to the effect on
the market for the books, a factor under Section
107. Second, the practices of other sites that
might engage in book scanning of their own with
quite different security practices potentially,
could certainly affect those same Section 107
factors.
Q. By those same Section 107 factors, do
Page 187
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
factors. Subject to the proviso that, of
course, we must consider all of the other sites,
book scanning services that might seek to engage
in similar conduct if this were ruled to be a
fair use.
Q. Is there any other way in which it's
your opinion that the level of security afforded
to the scanned books is relevant to the fair use
analysis?
MR. BONI: Object to form.
A. I think it's mostly through the
fourth factor, as I've already discussed.
Q. In Paragraph 8 you say, "I conclude
that unrestricted and widespread conduct of the
sort engaged in by Google would result in a
substantially adverse impact on the potential
market for books."
A. Yeah.
Q. Do you see that?
A. Yes.
Q. Is that the conclusion of your
report?
MR. BONI: Object to form.
A. That is a conclusion of my report.
Q. Is that the most important conclusion
Page 186
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
you mean the fourth factor, the effect on the
market?
A. That one in particular, yes.
Q. Is there any other way in which the
level of security afforded to the scanned books
is relative to the fair use analysis?
A. The level of security is certainly
related to the character of the use. If the
level of security was to store them on a hard
drive, put the hard drive-in a vault, put the
vault at the bottom of the ocean, that would be
one character of use. And a different character
of use is to connect the hard drive to a set of
servers and display the contents in some form
for all the world to see, but I think it could
go to the first factor also.
Q. So a site with better security would
have a purpose or character of use that is more
likely to favor fair use?
MR. BONI: Object to form. He's not
here as a fair use expert, Joe. And he's not
offering an opinion for that reason.
Q. You can answer.
A. I think all else equal, that's the
way I've been taught to apply the fair use
Page 188
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
of your report?
MR. BONI: Object to form.
A. I guess I hadn't ranked the
conclusions in order of importance.
MR. BONI: Important to whom?
Important in what way? It's too vague and
ambiguous a question.
MR. GRATZ: Please let the witness
finish.
MR. BONI: I'm sorry.
MR. GRATZ: I'll ask it again. Could
we have the question read back.
Q. Is the statement in Paragraph 8 the
most important conclusion in your report?
MR. BONI: Object to form. Vague and
ambiguous as to the term "important."
A. I hadn't ranked the conclusions by
importance, so I'm not sure.
Q. Referring to Paragraph 8, what do you
mean by unrestricted?
A. There are several kinds of
restrictions that could in principle attach to
anyone engaged in the kind of conduct Google has
been engaged in. By unrestricted I meant to
convey that perhaps few to none of those
47 (Pages 185 to 188)
Veritext National Deposition & Litigation Services
866 299-5127
A-1557
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 49 of 79
Page 189
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
restrictions would, in fact, be in place.
Q. What are those restrictions?
A. For example, there could be
restrictions as to the length of each snippet,
the number of snippets per page, the number of
times a user can view snippets from a single
work, the systems to keep out automated crawling
software, the systems to prevent users from
pooling their snippets in order to slowly piece
back together the entire work, a variety of
restrictions in that vein.
Q. And your conclusion is that without
those restrictions, the use would result in a
substantially adverse impact on the potential
market for books?
A. That's certainly true.
MR. BONI: Object to form. Doesn't
limit it to unrestricted. You're not reading it
accurately, Joe. You left out unrestricted and
widespread conduct of the sort engaged in by
Google.
Q. So I just want to make sure I
understand what you mean by unrestricted, and by
unrestricted in your previous answer I
understand you to mean that it's not -- it
Page 191
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
sort engaged in by Google?
A. I mean the large-scale scanning of a
large number of in-copyright books, the digital
archival of those scans, and the presentation
of, at least, portions of those works through an
interactive website.
THE VIDEOGRAPHER: Here ends Tape 4.
Off the report, 3:21 p.m.
(Brief recess.)
THE VIDEOGRAPHER: We're back on the
record. It's 3:24 p.m.
Q. Mr. Edelman, I understand that
following our break and your discussion with
Mr. Boni, you have a clarification for one of
your previous responses.
A. Yes.
Q. Go ahead.
A. The word "unrestricted" in Paragraph
8, what I meant to convey when I wrote this
paragraph was that the word "unrestricted"
refers to the sort of conduct that might be
permitted if the court were to rule that
Google's conduct was a fair use, and, therefore,
that other sites and services could engage in
the same conduct, consistent with that ruling.
Page 190
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
wouldn't be subject to restrictions such as
restricting the length of the snippet,
restricting the number of snippets per page and
so on; is that right?
A. That's what I have in mind sitting
here today rereading the sentence. There may be
other restrictions that could reasonably be read
into that word.
Q. The next word is -- it says
unrestricted and widespread. What do you mean
by widespread?
A. Affecting a large number of works, a
large number of books, accessible to a large
number of users, unreasonable price. If you
told me that, you know, the subscription would
be $1 million a year to be able to search the
books, that wouldn't be widespread. Few people
would be willing to pay it. It would be less
likely to have an adverse impact on the
potential market for books.
Q. In Paragraph 8 you referred to
unrestricted and widespread conduct of the sort
engaged in by Google. Do you see that?
A. Yes.
Q. What do you mean by conduct of the
Page 192
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Q. What restrictions would not be in
place in such a circumstance making it
unrestricted?
A. The restrictions of the copyright
act, I suppose, would not be in place if this
were deemed to be a fair use, and, therefore,
permissible notwithstanding restrictions of the
copyright act.
Q. So do I understand you to be
testifying that what unrestricted means is
permissible under the Fair Use Doctrine?
A. What I intended to convey in
Paragraph 8 was that if the fair use ruling were
in Google's favor and if other sites arose on a
widespread basis with conduct similar to
Google's, then there would be a substantially
adverse impact on the potential market for
books.
Q. Does the word "unrestricted" in
Paragraph 8 refer to restrictions on the length
of a snippet?
A. The length of a snippet is surely a
factor that would be considered for purposes of
a finding of fair use, but the word
"unrestricted" there was intended, perhaps
48 (Pages 189 to 192)
Veritext National Deposition & Litigation Services
866 299-5127
A-1558
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 50 of 79
Page 193
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
somewhat unclearly, but intended to capture all
that would follow if a fair use ruling were to
find that the Google conduct in this area is a
fair use.
Q. When you refer in this sentence to
conduct of the sort engaged in by Google, are
you including or excluding from what you mean by
that phrase the security measures put in place
by Google?
MR. BONI: Object to form. You can
answer.
A. Well, the security measures
encompasses certainly multiple aspects; for
example, one could think of the duration, the
length in words of a snippet as a security
measure, the number of snippets per page as a
security measure, the way Google secures its
network and secures its server is surely a
security measure.
What I envision here is the state of
affairs in which a court offers a fair use
finding in Google's favor, and then others begin
to install similar services in their own way.
They probably do it somewhat differently than
Google. They might have 20 percent more words
Page 195
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
doing, I bet you could add 20 percent to it, and
if Google's use is a fair use, that plus 20
percent version might also be a fair use, and
how about plus 40 percent. One gets into some
interesting questions of the gray area.
Q. Is it your view that if what Google
is doing is found to be a fair use, then showing
20 percent larger snippets is necessarily also a
fair use?
A. Not necessarily. There has to be a
line somewhere. But, surely, there will be some
difficult line-drawing exercises in that event.
Q. Who would be the arbitrator in those
line-drawing exercises?
MR. BONI: Object to form.
A. I think it's beyond the scope of my
report, but I'm happy to try to answer. I think
it would have to be a judge when the case was
brought, if such a case was brought.
Q. And that judge could decide whether
these different circumstances were, likewise,
fair use or whether the differences meant that
the later user was not engaged in fair use; is
that right?
A. I think that would be the question
Page 194
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
in their snippet. Their servers might be a
little bit less secure because they're not quite
as clever as Google in securing them. Exactly
which things they do differently and how they do
them differently is hard to predict sitting here
today, but in Paragraph 8, I intended to
contemplate the state of affairs where they
begin to head down that road.
Q. Could those differences between those
later users and Google affect whether the use by
the later user you're hypothesizing is, in fact,
a fair use?
A. Yes, they could.
Q. So a ruling that what Google is doing
is fair use doesn't necessarily mean that what
someone else would be doing, to the extent it
was different from what Google was doing, would,
likewise, be a fair use; is that right?
A. I think that's true. At least when
taken to the extreme. If there was a site whose
idea of a snippet was up to 500 words, one would
scoff at the idea that a snippet could have 500
words, and it's possible that Google's use is a
fair use, and that site's use is not a fair use.
On the other hand, whatever Google is
Page 196
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
posed, yes.
Q. What does "substantially adverse
impact" mean in Paragraph 8?
A. I was thinking about the word
substantial with its meaning in multiple
contexts, material, substantial, that is,
something that an author or publisher would need
to consider when deciding whether or not to
engage in the economic enterprise of writing or
publishing a book.
Q. And you use the word "would" in
Paragraph 8. Do you see that?
A. Yes.
Q. Does that indicate that it is your
view that the probability of such a
substantially adverse impact is 100 percent?
A. In this state of affairs discussed
here, I think the probability is very, very
high. I wouldn't call it 100 percent. Nothing
is certain. But it's sufficiently likely that
the word "would" is an appropriate word to use.
Q. You've referred in your previous
answer "the state of affairs discussed here."
What did you mean by that?
A. The hypothesis of Paragraph 8.
49 (Pages 193 to 196)
Veritext National Deposition & Litigation Services
866 299-5127
A-1559
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 51 of 79
Page 197
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Q. The hypothesis is that if
unrestricted and widespread conduct of the sort
engaged in by Google, that is, widespread
scanning, archiving and presentation of portions
through web services without necessarily the
limitations and security measures put in place
by Google were to occur, then that would result
in a substantially adverse impact on the
potential market for books; is that right?
A. I was with you except for the clause
that began "without."
Q. Did you not understand it or not
agree with it?
A. I thought that when you said it it
differed from what I intended to convey. The
meaning of the word "unrestricted," as I
intended to use it here, is not restricted by
the Copyright Act because the fair use defense
offers that exception of the Copyright Act.
Q. So if that conduct, that is,
scanning, archiving, and presentation of
portions of works was found to be fair use,
regardless of security measures, it's your view
that that would result in a substantially
adverse impact on the potential market for
Page 199
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
that would result in a substantially adverse
impact on the potential market for books?
A. If they were doing it exactly the
same as Google, that is not my view. But I
didn't intend to address that situation either.
I intended to address the situation where
they're doing it like Google except, except that
they're doing it themselves, and they're not
quite as diligent, or they're cutting some
corners, but nonetheless, they manage to fall
within the Google fair use ruling.
Q. You say it would result in a
substantially adverse impact on the potential
market for books. Do you mean that on balance
the effect would be negative?
A. We haven't discussed any positive
effects.
MR. BONI: Object to form.
Q. Does Google's current conduct with
respect to in-copyright books have any positive
effects on copyright-holders?
A. It could in some situations.
Q. Would the conduct you hypothesize in
Paragraph 8 have any positive impact on
copyright-holders?
Page 198
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
books?
MR. BONI: Object to form. Joe,
that's mischaracterizing the nature of our
claims by leaving out the fact that we also
allege that the conduct engaged in by Google
includes distribution of the scans back to the
libraries.
Q. You can answer the question, Mr.
Edelman.
A. Again, you've inserted into the
question the hypothesis that the other sites
have no restriction as to snippet length or
quantity or what have you, and that certainly
makes the conclusions of Paragraph 8 even more
certain. If the other sites are offering
snippets of exceptional length, then I
definitely stand by the conclusion of
Paragraph 8. But even if we don't add that
additional hypothesis, I still stand by
Paragraph 8 as written.
Q. So is it your view, as expressed in
Paragraph 8, that if there were a dozen or 100
other enterprises doing in every respect exactly
what Google does with all of Google's security
measures and all of Google's resources, that
Page 200
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
A. It might. We'd need to look at the
sites and their specific practices to see.
Q. By the "sites," you mean the future
sites that could come into being?
A. Precisely.
Q. Is the effect you hypothesize on
books in general or on particular books?
A. I meant to cover the full universe of
books that are subject to the scanning.
Q. The scanning by the future users?
A. Right. Although to be sure, in
principle, there might be some effect even on
books that were never scanned. The book that I
declined to write because I anticipated that it
would be scanned, not knowing that every single
one of the scanners would hate my book so much
that they wouldn't bother to scan it. It's the
threat of scanning and the threat of
distribution that has the preclusive effect,
discouraging the production of the book, for
example.
Q. Would the effect be the same for all
authors?
MR. BONI: Object to form.
A. I think there are some important
50 (Pages 197 to 200)
Veritext National Deposition & Litigation Services
866 299-5127
A-1560
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 52 of 79
Page 201
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
effects that would be the same, substantially
the same for all authors. There might be some
others that would differ in idiosyncratic ways.
Q. How would those differ?
A. There might be some authors for whom
the snippet better captures the essence of the
work than others, where the work must be read as
a whole. There might be some authors who are so
well known that they've already sold every
possible copy they could sell, others who could
benefit from visibility links to Google, others
who would suffer because the online copy of
their book would be a realistic substitute for
purchasing the book.
Q. Any other way?
MR. BONI: Again, this is not what
the witness is here to testify about. He's here
to testify about security.
MR. GRATZ: Well, I'm asking about
his opinion that something would result in a
substantially adverse impact on the potential
market for books, and I want to figure out what
he means by that.
Q. So is there any other way that
books -- that the conduct you hypothesize would
Page 203
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
an expert about. He's not here to tell you
whether in print or out of print differs.
That's a legal question, and he is not here to
opine about that area of this case. You really
ought to stick to what he's proffered for.
Q. Referring to Paragraph 8 of your
report, Mr. Edelman, the last word in that
paragraph is "books." Do you see that?
A. Yes.
Q. And I want to ask you a question
about what books you are referring to by that
reference in Paragraph 8 of your report. The
substantially adverse impact you referred to in
Paragraph 8 of your report on the potential
market for books, does that substantially
adverse impact, will it vary, depending whether
the book is in print or out of print?
MR. BONI: Object to form.
A. It's not a question I thought about
when drafting the report.
Q. The substantially adverse -actually.
Let me ask this: Do you have a view
about it?
A. Every book is in print when it's
Page 202
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
differ in its effect from book to book?
MR. BONI: Object to form.
A. There probably are some books that
are more amenable to being used in snippets.
Others for which having the entire work is
particularly important. Probably some you need
in your bag, and some where you can accept an
online substitute. There could be differences
of this sort. I think these differences in
general are smaller than the overall effect.
Q. Would it matter to the amount of the
adverse impact on the potential market for a
book in the situation you hypothesized if that
book was in print or out of print?
MR. BONI: Object to form. He's not
here as a fair use expert, Joe.
MR. GRATZ: I'm not asking about fair
use.
MR. BONI: You are. That's a --that's a legal -- you're calling for a legal
conclusion there, and you know you are.
Q. You can answer the question.
MR. BONI: No, at this point, I'm
going to cut it off. That's not what he's here
to -- that's not what he's proffered himself as
Page 204
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
published. The day I publish it, it's in print.
The day I consider writing it, I'm planning for
it to be in print for a while, so that I can
sell some copies and be paid for my efforts in
writing it. No one expects their book to be in
print forever. You do expect it to be in print
for a while. If digital copies reduced your
ability to sell it when it's in print for a
while, then you'll enjoy lesser revenue and
lesser profit from selling it.
So I would think it would affect all
books. As to the guys who are dead, we can't
motivate Ben Franklin to write any more books.
No matter what we do with the Copyright Act,
he's still dead, and he's not going to write any
more books for us, be that as it may.
Q. That means that with respect to books
that are already out of print, there wouldn't be
an impact one way or the other, as long as they
were out of print at the time the scanning took
place; is that right?
MR. BONI: Object to form.
A. That's beyond what I've thought about
previously. There might be some factors I'm not
considering.
51 (Pages 201 to 204)
Veritext National Deposition & Litigation Services
866 299-5127
A-1561
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 53 of 79
Page 205
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
MR. BONI: You should stick to what
you were -MR. GRATZ: Please don't interrupt
the witness.
MR. BONI: He was finished -- he was
finished, and I'm cautioning the witness to
testify about the subject matter of the expert
report and your qualifications.
Q. So, Mr. Edelman, that means that with
respect to books that are already out of print
at the time the hypothesized scanning took
place, the substantially adverse impact on the
potential market for those books couldn't occur
because they're already exited from the market;
is that right?
MR. BONI: Object to form. You can
answer.
A. I'm not sure. There could be -there could be effects that I haven't
considered. It's just so far outside of what
the expert report is about that I shouldn't
speculate.
Q. So you didn't consider the effect on
in-print versus out-of-print books in forming
the opinions set forth in your expert report?
Page 207
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
A. Yes.
Q. If -- if the Google Library Project
is found to be a fair use, then books could,
likewise, in your view, be digitally copied,
distributed and displayed in their entirety
through licenses that include secured protocols
and a damages structure for breaches of those
protocols; is that also true?
A. Thanks to the breadth of the word
"could," it's true, but the reality is that the
Google Library Project would have no reason to
enter into a license that includes security
protocols, nor would any other site have reason
to enter into a license that includes security
protocols because they can instead take the
material without license and without security
protocols.
Q. What security terms do you
hypothesize?
A. My thinking here is guided by
approaches used in other sectors. For example,
the credit card network has quite well-developed
security rules as to what a merchant or bank
must do to secure this valuable material in
order to avoid causing harm to others in that
Page 206
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
A. I considered all books taken as a
whole, taken collectively.
Q. Did you take any steps to quantify
the effect referred to in Paragraph 8?
A. I did not.
Q. The effect referred to in Paragraph
8, is it an effect that would result -- it's an
effect that would result from follow-on behavior
by third parties in the event of a ruling of a
certain sort in your view, not as a result of
Google's current actions; is that right? In
other words, you aren't opining here about the
effects of what Google has done to date?
A. I'm not opining on the effects of
what Google has done to date. It's about
something else, either what Google might do in
the future or what others might do in the
future.
Q. Turning to Paragraph 9 of your
report, you say "If the Google Library Project
is found not to be a fair use, then books could
be digitally copied, distributed and displayed
through licenses that include security protocols
and a damages structure for breaches of those
protocols." Do you see that?
Page 208
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
ecosystem. So there are specific actions that
must be taken, specific audits, specific
technologies that must be used, and then there
are a set of damages, both actual damages and
liquidated damages in the event of breach,
compensation to be paid to those who suffer harm
as a result of a breach.
Q. And those damages are -- in your
previous answer are you referring to something
called PCI?
A. PCI is one of the requirements of
that web of contract, although there are others
beyond PCI. PCI largely refers to the technical
standards, but then there's a set of contracts.
If you fail your PCI, if you had a breach during
a period where you hadn't complied with your
PCI, then you must pay this much money to these
victims.
Q. Are you aware of any such agreements
in The Book Space?
A. My understanding is that the
proposed, now defunct settlement agreement in
this case had provisions in that vein.
Q. Are you aware of any others?
A. In the related context of digital
52 (Pages 205 to 208)
Veritext National Deposition & Litigation Services
866 299-5127
A-1562
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 54 of 79
Page 209
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
music and digital movies, my understanding is
that there are confidential contracts typically
between the right-holders and the technology
providers offering certain compensation in the
event of certain breaches.
Q. Do you know the terms of those
contracts?
A. Some of them may be publicly
available. My understanding was that most of
them are confidential and not readily available.
Q. I'm not asking whether they are
available. I'm asking whether you know the
terms of any of those contracts governing the
storage of digital music or movies?
A. I haven't had the opportunity to read
the contract. I know about them only
secondhand.
Q. And what you know secondhand is that
they include liquidated damages for security
breaches?
A. They include the kinds of methods
just discussed, some combination of liquidated
damages, perhaps actual damages, perhaps
specific actions to be taken, specific
technologies to be implemented.
Page 211
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
opinions set forth in the first sentence of
Paragraph 9 of your report?
A. The first sentence there discusses
what could be done, and to see what could be
done, I need look no further than the proposed
settlement agreement in this case and consider
what I as an attorney or a business person might
do if I were trying to solve this problem.
Q. Did you do a survey of contracts
governing the digital storage of books in
connection with forming the opinions you
expressed in your report?
A. I did not do such a survey.
Q. Have you ever seen such a contract,
setting aside the settlement agreement in this
case that was rejected by the court?
A. I'm not sure.
Q. Do any come to mind?
A. Nothing comes to mind.
Q. Were there any on which you relied in
forming the opinions set forth in your report?
A. No.
Q. Do you know whether any such
contracts include the security term which you
hypothesize in the first sentence of
Page 210
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Q. And how do you know that?
A. I'm not sure. I've a few
possibilities in mind. People who might have
told me this previously.
Q. What are those people?
A. My contact at Universal Music Group
pursuant to the cases previously discussed is
the general counsel at Universal Music Group,
and I think his name is a Mr. Geller.
Q. Is that Harvey Geller?
A. That's right. It might be from him.
It might be from someone else. It might be from
discussions at an executive education program
here on the HBS campus where I spent some time
with music industry participants.
Q. Did you rely on your conversations
with Harvey Geller in forming your opinions set
forth in Paragraph 9 of your report?
A. No.
Q. Did you rely on any discussions with
any content industry participant in forming the
opinions set forth in Paragraph 9 of your
report?
A. No.
Q. On what did you rely in forming the
Page 212
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Paragraph 9?
A. I guess I don't know for sure.
Q. Do you know whether any include the
damages term which you hypothesize in the first
sentence of Paragraph 9?
A. I don't know for sure.
Q. Are you aware of something called the
Google Books Partner Program?
A. Yes.
Q. What is it?
A. That's a program whereby publishers
can provide copies of their books to Google for
display in any of several versions to users who
enter relevant searches.
Q. Is it your understanding that there
are more than 45,000 publishers participating in
that program?
A. I'm not sure.
Q. Do you know the terms of any of the
Google Books Partner Program agreement?
A. I'm not sure. If the contract is
posted. I might have read it, but I don't
recall one way or the other.
MR. GRATZ: I'd like that marked as
Exhibit 19, this document.
53 (Pages 209 to 212)
Veritext National Deposition & Litigation Services
866 299-5127
A-1563
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 55 of 79
Page 213
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
(Document marked as Exhibit No. 15
for identification.)
Q. Have you seen this document before,
Mr. Edelman?
A. I think I've seen this at least once,
yes.
Q. What is it?
A. It says it's the "Google Books
Partner Program standard terms and conditions."
Q. Does Exhibit 15 include the security
and damages terms that you hypothesize in
Paragraph 9 of your report?
A. It includes at least some, for
example, Paragraph 4.
Q. In Paragraph 4 says that, "Google
will use commercially reasonable efforts to
limit the number of pages viewed and to disable
right-click cut, copy and paste functions,
provided that Google does not guarantee that its
efforts to prevent or limit the actions stated
above will in every instance be effective." Is
that right?
A. Yes.
Q. Does that differ from the terms you
have hypothesized would be negotiated in
Page 215
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
contract.
Q. So when you say in Paragraph 9 that
books could be copied through licenses that
include a damages structure for breaches of
those protocols, do you mean anything other than
include promises not to breach those protocols
which could then result in contract expectation
damages in a breach of contract suit?
MR. BONI: Object to form.
Mischaracterizes his testimony.
A. I did envision something other than
expectation damages. I envisioned something
that would look more like liquidated damages due
to the significant difficulty of proving out
one's expectation damages, but in principle, the
parties could agree to do it either way. It
would be a negotiation between them, and I'm not
going to tell them where they have to end up in
that negotiation.
Q. Do you have a view as to what the
probability would be that the parties to a
license of the -- the license -- strike that.
Do you have a view as to what the
probability would be that the parties to the
license you identify in Paragraph 9 of your
Page 214
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Paragraph 9 of your report?
A. Well, this is an agreement negotiated
between Google and a publisher. The publisher
gives up some rights. On the other hand, they
stand to gain advertisement revenue from Google
pursuant to Section 8 and perhaps visibility,
perhaps some other benefits. So it's a contract
negotiated between two parties. This is a fine
example of the kind of outcome that might
result.
Q. So in your view -- actually let me
ask this.
Does Exhibit 15 include the damages
terms that you hypothesize in Paragraph 9 of
your report?
A. It doesn't include explicit terms to
that effect. On the other hand, it includes a
specific commitment, commercially reasonable
efforts, words that have meaning. If it should
turn out that Google used less than commercially
reasonable efforts, and if damages ensued, you'd
expect the relying party to be able to bring
suit for the damages that resulted from that
breach, subject to any exclusions or waivers
that might be provided elsewhere in the
Page 216
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
report would, in fact, negotiate inclusion of
liquidated damages as a term of the contract?
A. Well, I think they just might because
Google is so confident in its excellent security
that they would view that kind of promise as
cost free. If we are invaded by martians or
someone hacks our server, we'll give you a
million dollars, and neither of those things is
going to happen. We're so confident in our
engineers, that we're willing to put a million
dollars behind it.
Q. Is Exhibit 15 a counter example to
that hypothesis, in that it does not include
provision for liquidated damages?
A. You know, this is the standard terms
and conditions. Whether every publisher gets
this, I'm not sure. I wouldn't be surprised if
a big publisher, a publisher with works that
Google particularly wanted, a publisher that
possessed some market power, frankly, was able
to insist on terms superior to these standard
terms.
Q. But it's not your view that every
copyright-holder would have the power to insist
on such terms in the negotiation you hypothesize
54 (Pages 213 to 216)
Veritext National Deposition & Litigation Services
866 299-5127
A-1564
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 56 of 79
Page 217
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
in Paragraph 9 of your report?
MR. BONI: You mean with Google or
with anybody? It's a very vague question,
unless you limit it.
Q. With anybody?
A. Yeah, if there were a marketplace of
many companies all needing permission to scan
books or digitally post books, some of whom had
great difficulty getting traction, I wouldn't be
surprised if the ones having the most difficulty
were willing to put their money behind it, some
kind of a performance bond or what have you.
There have been sectors in which this sort of
thing has occurred where performance bonds
actually are quite routine for folks to
demonstrate their capability and the adequacy of
their systems.
Q. Has it occurred with respect to books
to date?
A. There haven't been that many
different companies wanting to license book
content to date, so that sort of competition
hasn't occurred with books to date. I was
thinking of construction project performance
bonds and real estate agent performance bonds
Page 219
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
each one wanted and was willing to give up; is
that right?
MR. BONI: Object to form.
A. It might. It might be that if Google
needs to enter into these contracts with
thousands of publishers, Google's standard
offer, their stock offer, their opening offer
and the standard terms and conditions would
actually become more generous because they
warned a large number of publishers to accept.
Q. Do you know what proportion of the
publishers in the Google Books Partner Program
are participating pursuant to the terms in
Exhibit 15 as opposed to other terms?
A. I don't know.
Q. Would that fact affect your last
answer or rather the answer before the answer -let me ask a slightly better question.
Would that fact affect your view of
the extent to which publishers would in the
situation you hypothesize in Paragraph 9 of your
report negotiate for and receive security terms?
A. It might. But one shouldn't read too
much into the past because publishers' decision
to accept the standard terms document in the
Page 218
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
and the myriad of other contexts in which
service providers actually do put liquidated
damages in their contract in order to prove
their seriousness about providing the required
performance.
Q. So it's your view that in the event
of competition between multiple service
providers, a market might result in which
liquidated damages clauses were included in the
licenses you discussed in Paragraph 9, but they
might or might not, depending on the market
dynamics?
A. I think that's largely consistent
with my views. To what extent it requires
competition and many services scanning or
digitally producing books, I'm not so sure, but
I do think that if a license were required, if
agreement from the publisher and/or author was
required, it would be more likely that the terms
would end up including provisions favorable to
the publisher and/or author, and the provisions
could well include these sorts of security
benefits.
Q. But that outcome would depend on the
particular parties to that negotiation and what
Page 220
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
past could reflect a variety of factors, causing
them to accept it even when in reality they
would have preferred a document rather
different.
Q. Does the acceptance of Exhibit 15 by
many publishers suggest to you that the
publishers regard the bargain set forth in
Exhibit 15 as one that is satisfactory?
MR. BONI: Objection to form.
There's no foundation for that question, Joe.
A. That's not the conclusion that I
would draw from that fact.
Q. Would you draw any conclusion from
that fact?
A. No, I wouldn't -- I would draw a
different conclusion from that fact.
Q. What conclusion would you draw?
A. I would find it evidence of Google's
market power.
MR. GRATZ: I'd like to mark as
Exhibit 16 this document. Actually before I
mark this as Exhibit 16.
Q. Are you familiar with something
called Amazon Search Inside the Book?
A. Yes.
55 (Pages 217 to 220)
Veritext National Deposition & Litigation Services
866 299-5127
A-1565
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 57 of 79
Page 221
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Q. What is it?
A. It's a program whereby publishers can
provide copies of their book contents to be
presented on the Amazon website for users to
browse or search.
Q. Have you ever seen the agreement
governing the terms under which Amazon may use
the books which are submitted through Search
Inside the Book?
A. I think I looked at it once.
MR. GRATZ: Mark this as Exhibit 16.
(Document marked as Exhibit No. 16 for
identification.)
Q. Is this the agreement governing
Amazon's use of books submitted through Search
Inside the Book?
A. It seems to be. It seems to be at
least the standard version, and what variance
might exist, I don't know.
Q. Does it include the security terms
that you hypothesize in Paragraph 9 of your
report?
A. It includes a portion of them.
Q. How do the terms of Exhibit 16 differ
from the agreement that you hypothesize in
Page 223
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Do you know how many books are in
Search Inside the Book by Amazon?
A. Quite a lot. But I don't know
specifically.
Q. Does the existence of Exhibit 16 as
the terms by which those books are digitized,
stored and shown to the public change any of the
views expressed in your report?
A. No.
Q. Is Exhibit 16 the sort of agreement
that you are referring to in the first sentence
of Paragraph 9 of your report?
A. It's the sort of agreement; albeit,
not with the substantive terms that I was
anticipating. It's a contract between the right
parties. It has the right kind of title on it.
Q. What reason do you have to think that
in the future parties would bargain for
different terms than they have in Exhibits 15
and 16?
A. In the context of Exhibits 15 and 16,
these are books in print for which the publisher
might reasonably expect to sell more if they go
along with the contracts provided in 15 and 16.
The publisher at least gets something; namely,
Page 222
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Paragraph 9 of your report?
A. Certainly the substantive commitment
is rather narrow here in Exhibit 16. Amazon
will employ available technologies to hinder
downloading. But it's something. It says
they'll do something, and if they don't, you
could try to sue them for your actual damages
that resulted from that breach.
Q. Does it include liquidated damages
for breach?
A. I don't see any liquidated damages.
I do see the remedy that at least an author or
publisher can take their books out which is a
benefit. Better than nothing, from their
perspective.
Q. Do you consider that an important
remedy for an author or publisher?
A. It's a limited remedy. You know, one
shouldn't be too effusive in the praise, but the
alternative is even worse.
Q. The alternative being the provider
being deaf to requests for removal?
A. Correct.
Q. Does the existence of Exhibit 16 as
an -- actually strike that.
Page 224
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
they get the possibility of more sales, thanks
to these examples being available.
In contrast, as to older books for
which there is less likelihood of additional
sales, maybe books out of print, it's harder to
see what the publisher's upside is. Furthermore
here, the publisher gets to choose which
specific books they want to do it for one by
one, opting in; whereas, in other contexts, the
books are chosen by someone else, not by the
publisher.
Q. In your previous answer, are you
distinguishing between a program like Amazon
Search Inside the Book and unrestricted fair use
of books or between a program like Amazon Search
Inside the Book and a future in which the Google
Library Project is found not to be a fair use?
MR. BONI: Object to form.
A. I'm getting a little bit muddled
here. I think maybe both of those, but there
might be some part of it that only makes sense
in one or the other.
Q. Let me ask this: In the first
sentence of Paragraph 9 of your report, you're
discussing the situation in which the Google
56 (Pages 221 to 224)
Veritext National Deposition & Litigation Services
866 299-5127
A-1566
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 58 of 79
Page 225
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Library Project is found not to be a fair use;
is that right?
A. Yes.
Q. And you're hypothesizing certain
terms that would be bargained for as between
parties who wanted to make use of the books and
copyright-holders of those books in that
circumstance; is that right?
A. Yes.
Q. The terms that you hypothesize in
that hypothetical negotiation, in the event the
Google Library Project is found not to be a fair
use, do they differ from the terms set forth in
Exhibit 16?
MR. BONI: Object to form.
A. Who's to say what the parties might
come up with, but the most pro-publisher,
pro-author of those terms would certainly differ
significantly.
Q. And the most pro -- the most pro-user
or most pro-Amazon version of those terms would
differ from these terms as well?
A. I suppose there's a spectrum, and you
could go either way on the spectrum.
Q. Do you know what the probability --
Page 227
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
the first sentence of Paragraph 9 of your report
would result in precisely the terms set forth in
Exhibit 15 or precisely the terms set forth in
Exhibit 16?
A. That could happen.
Q. Indeed, the terms could be worse for
the copyright-holders than these or they could
be better?
A. They could be worse or they could be
better.
Q. In your view, is one of the factors
that would make them better for
copyright-holders having an organization making
the use that was more sensitive to
copyright-holder concerns? Would that make it
more likely that the damages and security terms
would be in the agreement?
A. If the service provider needed this
agreement, because absent the agreement they
couldn't provide the service they aspire to
provide, then they would be more likely to come
with hat in hand, willing to bend over backwards
in order to make sure that they got the contract
that they needed.
Conversely, if they thought we don't
Page 226
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
so it could be -- it could be -- the negotiation
could end up anywhere on the spectrum, is that
right, between the most anti-copyright-holder
terms and the most pro-copyright-holder terms;
is that right?
A. It could end up along the spectrum, I
suppose, anywhere, although there are factors
that might make it more likely to end up on one
end or the other end.
Q. What is the probability of it ending
up on the most anti-copyright-holder end?
A. The spectrum doesn't even necessarily
have an end. You can always go further, but I
think the likelihood is that it would end up
somewhere in the middle; whereas, when I look at
15 and 16, they look like unilateral contracts
drafted by the service providers. They seem to
have an awful lot of disclaimers of liability
and disclaimers of warranty. They look like
they were drafted by Google's lawyers and
Amazon's lawyers. I think they look like that
because they were, and those lawyers did a good
job of representing their clients' interest.
Q. So you can't rule out the possibility
that the hypothetical negotiation set forth in
Page 228
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
really need this because it's just fair use
anyway, we can do what we want; if we get a
contract, that's great, if not, that's okay too,
well, then they'd be less likely to agree to
contract terms that were on the side of the
publishers.
Q. Do you think the identity of the
service provider matters in that a service
provider that was affiliated with
copyright-holders, for example, would be more
likely to include a security term in liquidated
damages?
MR. BONI: Object to form.
A. I think it's probably true that a
company that comes from the world of copyright,
and has as its constituents its management team,
its attorneys, folks who come from that world
and that view, would be more likely to be
sensitive of the concerns of those constituents.
MR. GRATZ: Mark this as Exhibit 17.
(Document marked as Exhibit No. 17 for
identification.)
MR. BONI: Seventeen?
MR. GRATZ: Yes, 17.
Q. Do you recognize what's been marked
57 (Pages 225 to 228)
Veritext National Deposition & Litigation Services
866 299-5127
A-1567
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 59 of 79
Page 229
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
as Exhibit 17?
A. I don't.
Q. Do you know -- are you aware of
something called Back In Print?
A. I think so. But I'm not sure
specifically. It's well beyond anything I
opined on in this report.
Q. Are you aware that the Authors Guild
is a party to this lawsuit?
A. Yes.
Q. And that's the party for which you -in favor of whom you submitted your expert
report; is that right?
MR. BONI: Object to form.
A. Yes.
MR. BONI: On its face for all
plaintiffs, not one as opposed to any other, but
if that's the import of your question, Joe.
MR. GRATZ: No.
MR. BONI: You said "the party," on
whose behalf.
MR. GRATZ: Sorry. One of the
parties on whose behalf.
MR. BONI: Right, I understand. I
just want it to be clear.
Page 231
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
contemplating in Paragraph 9 or what we've been
discussing in Exhibits 15 and 16.
Q. In that this is a service to sell
eBooks rather than a service to help people find
books?
MR. BONI: Object to form. That
wholly mischaracterizes the contract which says
both print copies and eBook copies. This is not
an exclusively eBook program. I mean, let's be
accurate here.
Q. Let me ask some foundational
questions. eBooks are electronic books; is that
right?
A. Yes.
Q. And eBooks are sold through
electronic means, at least today; is that right?
A. Yes.
Q. Through -- through computer networks
of one kind or another?
A. Yes.
Q. And eBook purchases take place
frequently through eCommerce websites; is that
right?
A. Yes.
Q. And eBooks are stored on those
Page 230
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Q. The author -- that same Authors Guild
is one of the parties to the Exhibit 17; is that
right?
A. Yes.
Q. Exhibit 17 is an agreement by which
an entity called iUniverse, along with the
Authors Guild, can, among other things, make
certain books of signatories to this agreement
available as eBooks; is that right?
A. So it seems.
Q. Does Exhibit 17 include any security
terms?
MR. BONI: When you say -MR. GRATZ: There's a new question
pending.
A. I don't see any security terms.
Q. Are there any liquidated damages
terms in exhibit -- are there any liquidated
damages terms in Exhibit 17?
A. I don't see any.
Q. Do the terms of Exhibit 17 differ
from the terms you hypothesize in Paragraph 9 of
your report?
A. As I understand it, so far this is
quite a different service than what I was
Page 232
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
websites, and access is given to those eBooks
only after payment is made; is that right?
A. Yes.
Q. Thus eBooks present a similar
security concern as any other service that makes
available portions of books under certain
circumstances to certain people; is that right?
A. Now I'm no longer with you.
Q. So do eBooks -- does the offering of
eBooks bring with it security concerns?
A. It does, but they're different
security concerns than the security concerns
associated with snippets.
Q. They relate to making sure that only
the people who should have access to a given
work or portion thereof have access to a given
work or portion thereof; is that right?
A. In the eBooks that I'm familiar with,
there's much less of a notion of portion. A
user who buys an eBook has access to the
entirety of the eBook. Typically, the eBook is
a single encrypted file which is provided in its
totality to the user for deployment to an eBook
reader, and that's the end of that. That
security is pretty well understood at this point
58 (Pages 229 to 232)
Veritext National Deposition & Litigation Services
866 299-5127
A-1568
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 60 of 79
Page 233
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
thanks to experience with similar technologies
in music and movies.
Q. The provider of eBooks needs to store
the entire book on its servers; is that right?
A. Yes.
Q. It's at least possible that the book
could be stolen from the servers by one who
intrudes upon those servers; is that right?
A. It could happen.
Q. Do you consider that more or less
likely than the taking of books from one who
stores those books who is not an eBook provider?
A. I think the snippet provider is more
vulnerable than the seller of eBooks.
Q. Why?
A. The snippet provider is offering in
all likelihood orders of magnitude more
transactions, giving away a very, very large
number of free snippets, versus selling a more
modest number of eBooks. Furthermore, giving
things away at a cost of zero, the structure of
the web services that provide that tool uses
ordinary HTML images, JavaScript, maybe Flash,
probably not, uses the most standard and
insecure of web-based systems; whereas, the
Page 235
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
installed.
MR. GRATZ: We can change the tape.
THE VIDEOGRAPHER: Here ends Tape 5.
Off the record at 4:24 p.m.
(Brief recess.)
THE VIDEOGRAPHER: Here begins Tape
No. 6 in today's deposition of Benjamin Edelman.
Back on the record. It's 4:31 p.m.
Q. Turning to Paragraph 11 of your
report, Paragraphs 11 and 12 discuss the current
state of book -- eBook piracy; is that right?
A. Yes.
Q. This eBook piracy discussed in
Paragraphs 11 and 12 isn't piracy that's
occurring via Google Books; is that right?
A. That's true.
Q. And it isn't a risk that Google Books
created; is that right?
A. That's true.
Q. And the contents of Paragraph 11 and
12 would be true whether or not Google Books
existed; is that right?
A. That's true, although it's possible
that Google Books will make the problem worse.
Q. The files you're referring to, the
Page 234
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
provision of an encrypted eBook uses highly
specialized secure file formats designed
specifically for that purpose.
Q. Do any popular eBook formats not use
encryption?
A. There are some that don't use
encryption.
Q. Can one buy unencrypted eBooks from
Barnes & Noble?
A. I don't recall one way or the other.
Q. Can one buy unencrypted eBooks from
the Google eBooks store?
A. I'm sure there are some.
Q. And with respect to those, do the
risks associated with running that sort of
service similarly -- are they comparable to
running a snippet-based or indexing service?
A. Even then, notwithstanding that the
file itself is unencrypted, the tasks are just
rather different to provide a single, large file
for deployment to the user's reader versus
providing a snippet in the browser, providing,
to be sure, orders of magnitude more snippets on
a per-second basis, just a voluminous task,
limiting the kinds of security that can be
Page 236
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
.mobi files, those are files that did not come
from Google Books; is that right?
A. That's true.
Q. Do the pirate sites referred to in
Paragraphs 11 and 12 offer snippets or whole
books?
A. Whole books.
Q. Why whole books instead of just
snippets?
A. Once you're a pirate, there's no need
to use snippets.
Q. Is it because the snippets aren't a
substitute for the whole books?
MR. BONI: Object to form.
A. In some circumstances I'm sure the
snippets are. In others, they might not be.
Q. In what circumstances would they be?
A. When one just needs a quote, needs to
find the book that has a certain distinctive
phrase, in certain reference contexts, of
course, whether or not those reference contexts
would be included in the Google program as
currently envisioned. There are other contexts
in which snippets could be sufficient.
Q. Do you know whether any pirated books
59 (Pages 233 to 236)
Veritext National Deposition & Litigation Services
866 299-5127
A-1569
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 61 of 79
Page 237
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
have ever come from Google's scans?
A. I don't know.
Q. Turning to Paragraph 13 of your
report, it says, "If Google's conduct is found
to be a fair use and others engage in similar
conduct, the risk is created of book
redistribution through piracy." By "similar
conduct" do you mean scanning, archiving and the
presentation of the portions of books through a
web service?
A. Yes.
Q. Turning to Paragraph 14, you discuss
the risk that pirates could extract book copies
through defects in the security of a provider's
systems; is that right?
A. Yes.
Q. Is that a risk that, likewise,
applies to Amazon's Search Inside the Book
service?
A. It does.
Q. Is it inherent in any sort of digital
storage of a digitized book that makes portions
of that book available, either sort of -- or
makes the whole book available to those who have
purchased it?
Page 239
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
that would be negotiated is a subject that we
discussed previously, right?
A. Right.
Q. Turning to Paragraph 16, you
discussed the risk that someone could use a
staff member's user name and password to access
books; is that right?
A. Yes.
Q. And that would happen by stealing the
service provider's staff member's user name and
password and then using it, right?
A. That's right.
Q. Is the risk you discussed in
Paragraph 16 a risk which could be mitigated by
two-factor authentication?
A. That would mitigate the risk. It
wouldn't eliminate it, but it would make some
progress.
Q. What is two-factor authentication?
A. Two-factor authentication is a
security practice whereby a user is verified
using two distinct, distinctive characteristics,
a password perhaps being one, but another also
being required.
Q. An example of one of those would be a
Page 238
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
A. With the others that we're
discussing, for example, Amazon Search Inside
the Book or those that sell books reflect a
contract, an agreement between the rights-holder
that owns rights in the books and the service
providers that's distributing it.
In contrast, this section
contemplates a finding of fair use and others
beginning to engage in similar conduct without
needing to get that permission, and so the
quality and caliber and capability of the folks
engaged in this task could be quite different.
Q. Does the risk of extraction through
defects in the security of a provider's system
necessarily depend on whether or not there is an
agreement in place regarding security?
MR. BONI: Object to form.
A. It's not that the agreement itself
changes the risks, but that agreements might be
entered into only with those whose risks are
appropriate, for example, because of their
higher level of capability or their higher level
of care that they promised to exercise.
Q. And the circumstances in which those
agreements would be entered into and the terms
Page 240
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
one-time code number that appears on a key chain
sized screen and changes every once in a while;
is that right?
A. That's an example.
Q. And so the risk hypothesized in
Paragraph 16 would be one that service providers
who did not use two-factor authentication
properly could be subject to; is that right?
A. Even two-factor authentication,
depending on how it's implemented, could still
be subject to this risk, but the risk is more
severe when a vendor uses only one-factor
authentication.
Q. And two-factor authentication would
still be subject to this risk because somebody
could steal an employee's physical key chain as
well as stealing their user name and password;
is that right?
A. If the second factor was, in fact, a
physical key chain, if it was something easier
to steal or easier to impersonate, tell me the
name of your first pet, something like that, or
you're logging in from a computer I recognize,
but maybe the attacker can impersonate that
computer, it might still be possible.
60 (Pages 237 to 240)
Veritext National Deposition & Litigation Services
866 299-5127
A-1570
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 62 of 79
Page 241
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Q. Turning to Paragraph 17, it says,
"Fourth, a rogue employee could intentionally
redistribute book copies." Is that true of any
electronic system to which employees of an
organization have access?
MR. BONI: Object to form.
A. It's true that any employee with
access to digital works could potentially
distribute them. However, in general, employees
only have access to the works licensed by their
employer for their distribution or resale;
whereas, this section as detailed in
Paragraph 13 is about companies that might begin
to redistribute books pursuant to a finding of
fair use and without permission from the
rights-holders, an important difference that
would greatly expand the number of employees who
might potentially have access.
Q. Are you aware of any circumstance in
which a rogue employee has distributed copies of
books from a book-service provider?
A. I'm not aware of anything responsive
to that specific request.
Q. How can that risk be mitigated?
A. One way to mitigate is to allow
Page 243
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
were to exist, but you're right that it's not
there.
Q. Where would we look for it?
A. We're talking about a class of
hundreds of thousands of works of market value,
God knows how much. I'd want to know how Steven
Spielberg secures the pre-release copies of his
next big movie, and there, I bet the contract
between Spielberg and his movie company and the
guy who drives the truck with the master print
actually does say something about the way that
truck has to be locked and the GPS to be
installed on the roof of the truck and the
background check required for the driver. I
would expect that all of those sorts of things
would be discussed in that contract.
Q. What's the basis for your previous
answer?
A. I've read a little bit about that
actually during the transition to digital movie
distribution, rather than movies being loaded
onto trucks. A lot of these questions were
reopened and were the subject even of the
Wall Street Journal style news coverage.
Q. What did you read?
Page 242
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
rights-holders in books to approve the specific
vendors who are holding and distributing their
works.
Q. How is that -- sorry.
A. For example, pursuant to a contract,
and the contract could, if the parties so chose,
specify background checks or three-factor
authentication or authentication by two
different people, you need the guy and his
manager in order to get the digital file out of
repository, or you can only do it during
business hours. There are lots of internal
controls that could be required through contract
if this were pursuant to the contract.
Q. Do you know of any book-related
contracts that includes those terms?
A. I don't know of that in the context
of books.
Q. And in fact, the three book-related
contracts that we've looked at today all do not
include those terms; is that right?
A. I'm not sure that those contracts
each to be exercised by -- to be entered into by
an individual publisher, those aren't
necessarily where we would look for it if it
Page 244
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
A. I don't recall specifically.
Q. Did you rely on the articles that you
referred to in your previous answer in forming
the opinions set forth in your report?
A. No.
Q. Turning to Paragraph 18, in the first
sentence you say, "Fifth, when books are scanned
by a smaller and less sophisticated provider,
there is a particular acute risk of book
contents being accessed and redistributed."
What do you mean by smaller and less
sophisticated?
A. Google is fortunate to have ample
resources and top-notch technical talents. Not
everyone will enjoy those benefits. The
discussion in Paragraph 13 at the top of the
page contemplates others entering into the book
provider sector and potentially doing that
without the significant resources that Google is
able to bring to bear.
Q. What's your basis for saying that
smaller companies do not have the capabilities
necessary to secure books adequately?
A. I'm not sure that those are my exact
words, for example, "adequately." But I think
61 (Pages 241 to 244)
Veritext National Deposition & Litigation Services
866 299-5127
A-1571
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 63 of 79
Page 245
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
it's pretty straightforward that if you have
more limited resources, your ability to expand
those resources on any given project is going to
be correspondently limited.
Q. In your view is it necessarily the
case that smaller and less sophisticated
entities have worse security than larger and
more sophisticated entities?
MR. BONI: Object to form.
A. Not always. Sometimes with simpler
systems or with less valuable contents to
safeguard, the security of a smaller entity can
be more than satisfactory. On the other hand,
when one flips around those conditions, a small
entity guarding a very large gem, one could
quickly get into trouble.
Q. Are your statements in Paragraph 18
of your report based on a survey of companies of
various sizes considering their security
measures?
A. No.
Q. Can you provide an example of one of
the smaller and less sophisticated companies to
which you refer?
A. For example, in the context of domain
Page 247
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
report, you say that attackers can take
advantage of even a brief period when a single
book provider is insecure. You see that?
A. Yes.
Q. Is that true today?
A. Today there aren't so many book
providers. We've discussed only two today.
Both of them large, sophisticated companies with
impressive information security defenses;
whereas, the premise of this section,
Paragraph 13, is that there might be
significantly more in the future, and they might
look quite different.
Q. In the event of a fair use ruling?
A. Correct, which has been the premise
of the entire section where we've been here.
Q. Have you -- so it's your view that
today's book providers like Google and Amazon
have a different and higher level of security
than tomorrow's book providers might in event of
a fair use ruling, such that smaller entities
would enter the market and present the risks
discussed in this section; is that right?
A. That's right.
Q. Turning to Paragraph 20, you say, "I
Page 246
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
names, there used to be one company, VeriSign
Network Solutions that was the sole vendor of
.com domain names. When that market was opened
up to competition, there were a variety of
benefits, but there have also been some
downsides, including that some of the smaller
guys have been hacked in various ways, have
allowed their servers to be taken down by
something as routine as a power outage and have
otherwise failed to lived up to their
contractual commitments. In contrast, the
larger vendors in that space have largely
succeeded in living up to their contractual
commitments.
Q. Are you aware of any in The Book
Space?
MR. BONI: Do you understand the
question?
A. I do, but I think it's a little bit
speculative at this point that there aren't that
many smaller sites holding digital copies of
books and presenting them in snippet form. If
there are any small such companies, I guess I
don't know about them.
Q. Turning to Paragraph 19 of your
Page 248
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
understand that the Google Library Project
includes providing to the library partners a
full digital copy of the books the libraries
allowed Google to scan. Breaches at the
security systems at these libraries" -- excuse
me -- "breaches in the security systems at these
libraries, could facilitate book piracy." Do
you know what security systems the libraries who
store books such as the University of Michigan
have in place?
A. I don't know about all of the
security systems that they have.
Q. How do they compare to the security
systems that, for example, iUniverse which is
the party to the agreement in Exhibit 17 has in
place?
MR. BONI: Object to form. He just
said he's not sure what the security systems are
in the libraries.
A. I'm also not sure what the security
systems are at iUniverse, so I really don't
think I can make a comparison.
Q. You, likewise, couldn't make a
comparison to the security systems that Google
or Amazon has in place?
62 (Pages 245 to 248)
Veritext National Deposition & Litigation Services
866 299-5127
A-1572
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 64 of 79
Page 249
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
A. I don't know everything that I'd want
to know in order to make that comparison. In
general, I think there's good reason to suspect
that the libraries will have significantly lower
levels of security.
Q. But you don't know one way or the
other?
A. I don't know one way or the other,
and furthermore, I'm not sure the answer is
knowable just yet. We need to think about what
level of security libraries will have several
years from now. It's hard to say, sitting here
today what they'll do in several years.
Q. Are you aware of any books being
pirated or stolen from a research library
archived with scans made by Google?
A. No.
Q. Turning to Paragraph 21, you say,
"I've not been informed of all the ways that
libraries intend to use the book contents data
they receive from Google, nor have I been
informed how libraries intend to secure that
data. But the information currently available
indicates that libraries' actions present a risk
of book piracy." You see that?
Page 251
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Q. Did any of your work on the Multnomah
County case or the interviews with librarians
and other librarian staff members in that case
form a basis for any of the opinions you render
in your report in this case?
A. It's not a basis. It's part of my
overall professional background consistent with
expert service.
Q. Do you know whether the University of
Michigan is storing book scans in its normal
library information systems or in a separate
system?
MR. BONI: Object to form.
A. I don't know one way or the other.
Q. What information, additional to the
information you have about the library's
security measures, would permit you to better
assess the risks?
MR. BONI: What risks?
Q. The risks you discussed in Paragraphs
20 and 21.
A. Understanding both what they do now
and what they will do in the future, what they
commit in some sort of a binding contractual
sense to do or not to do. I need to understand
Page 250
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
A. Yes.
Q. You don't know what security measures
the libraries have in place today; is that
right?
A. I don't know all of what they have in
place.
Q. What do you mean by "information
currently available" as you use it in Paragraph
21?
A. Yes, in Exhibit C, I cite the
Hathitrust materials which I did review. That
gives some information about some of the
libraries' security systems. I actually have
quite a bit of experience with library
information systems from the Multnomah County
Public Library case that we discussed
previously.
I've spent time interviewing
librarians. I've spent time with the CIOs of
libraries. I've spent time in the library
computer systems, understanding how they work
and how they interoperate and have come to have
a general understanding of the overall culture
and approach to information sharing that's
common in libraries.
Page 252
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
the servers on which the data is to be stored,
the physical security, the network security, the
logical security, software level, user accounts,
credentialing.
This sounds like a full security
audit. I'm not sure I'm the best person to do
it, but in any event, it requires understanding
quite a bit about their practices, both in the
present and their future practices, which is a
little bit harder to investigate in
anticipation.
Q. Turning to Paragraph 22, you refer to
a student who used MIT library access to
download 4.8 million articles and other
documents. You see that?
A. Yes.
Q. Is that man named Aaron Swartz?
A. Yes.
Q. Aaron Swartz is being charged
criminally for that activity; is that right?
A. Yes.
Q. And those charges are currently
pending; is that right?
A. That's my understanding.
Q. What was the effect on the value of
63 (Pages 249 to 252)
Veritext National Deposition & Litigation Services
866 299-5127
A-1573
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 65 of 79
Page 253
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
the articles from Mr. Swartz' actions?
A. As I understand it, Mr. Swartz copied
the articles but didn't redistribute them at
all. I'm not sure he even got around to
analyzing them. The effect from those actions
is probably minimal. It's probably zero.
On the other hand, had Mr. Swartz
sent them all to WikiLeaks or put them all on
BitTorrent, the consequences could have been
absolutely devastating, and I don't think it
would have been very hard for him to do that,
once he got the 4.8 million files sitting on his
hard drive. I think it would have been less
than an hour of additional work for him.
Q. Do you know Aaron Swartz?
A. I've met him.
Q. Do you charge for access to your
blog?
A. No.
Q. Why not?
A. I'm happy to give it away. Anyone
who wants to read my blog is welcome to do so.
Q. Would the distribution of articles
from your blog on BitTorrent harm the market for
those posts?
Page 255
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
A. I think some of my articles are in
JSTOR.
Q. Have you done anything to insure the
security of JSTOR's systems?
A. I have not. I leave that to JSTOR.
Q. Do you know whether JSTOR's systems
are more or less secure than Google's?
A. I think there are some respects in
which they are more secure and some respects in
which they are less secure.
Q. What are the respects in which they
are less secure? Let me ask a slightly better
question.
What are the respects in which, in
your view, JSTOR systems are less secure than
Google's?
A. I would expect that Google has more
staff dedicated to security, to making sure that
all of their servers are patched with the latest
security updates, generally to treating security
as the high priority that it should be. JSTOR,
in contrast, I would think, has fewer resources
to have a dedicated security team to have
round-the-clock monitoring and so forth.
Q. Do you know of any instances in which
Page 254
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
MR. BONI: Object to form.
A. I would be disappointed and unhappy
if someone put my articles on BitTorrent. As to
the market for it, I'm not sure, because I don't
sell these materials. It's hard to think about
what the concept of the market even means here.
Q. Would the answer be the same with
respect to your published journal articles?
A. Well, there, I don't sell them,
although the journal publisher does, which is
sometimes a source of some contention. I might
prefer that they gave it away, in fact, and they
might prefer to charge for it. So it's kind of
a messy one.
If I found those on BitTorrent -- I'm
fortunate in that all of my articles actually
can be obtained for free from my
website because I've arranged that -- so it
wouldn't make a whole lot of difference to me,
but again, I'm in a very special situation,
thanks to other sources of revenue.
Q. Turning to Paragraph 23, you refer to
JSTOR; do you see that?
A. Yes.
Q. Do you have articles posted on JSTOR?
Page 256
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
content providers allow their licensed content
to be placed on university servers?
A. Yes.
Q. What instances are you aware of?
A. Typically, in exchange for payment of
a fee.
Q. What types of content are involved in
those transactions that you're aware of?
A. Journal articles, groups of journal
articles, books, groups of books, periodicals,
almost any sort of printed media or electronic
media could be subject to such a license.
Q. Do all content providers who allow
such content to be placed on university servers
require oversight of the university's
information security implementation?
A. Do you all of them require it? I'm
sure there are some who don't require it,
particularly for the right price. If you pay
enough, they won't necessarily ask any more
questions.
Q. Do you know whether any content
providers who allow content to be placed on
university servers require oversight of the
university's information security
64 (Pages 253 to 256)
Veritext National Deposition & Litigation Services
866 299-5127
A-1574
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 66 of 79
Page 257
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
implementation?
A. I know that some of them do. For
example, the one where we're sitting right now
does have exactly that requirement.
Q. By "the one where we're sitting right
now," what do you mean?
A. I mean Harvard Business School
Publishing provides information products on a
licensed basis, but oversees some aspect of the
security of the licensees' servers.
Q. What aspect of security of the
licensees' servers does it oversee?
A. It oversees the requirement that a
user name and password are provided before
access is available and specifically searches
for and affirmatively pursued anyone who posts
files in a way that's available to the general
public.
Q. Anything else?
A. I think there are some additional
requirements. There's a team of multiple,
full-time employees who do nothing but this all
day. Actually I do know of some additional
requirements that they impose.
Q. What are those?
Page 259
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
A. It's a good case.
Q. Is it posted on your website?
A. It is not.
Q. Have you done anything to insure the
information security of Harvard Business School
Press?
A. I've offered them some advice on
various aspects of their information, security
and their user interface and multiple other
facets of their business. Acting more as a
friend and colleague than as an author wanting
to protect my interests. It doesn't really
matter to me how many copies they sell. My
royalties are pretty small either way. So I'm
not thinking about it from that purpose.
Q. Turning to Paragraph 24 of your
report, you discuss libraries permitting
researchers to copy books in their entirety
under the researcher's systems; is that right?
A. Yes.
Q. Do you know whether any of the
libraries to whom Google has -- with whom Google
has cooperated in the Library Project have
permitted researchers to store digital copies of
books on their own computers rather than on
Page 258
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
A. They disallow libraries from
collecting our case materials. A library can't
buy these. If a library did buy them, they
would be subject to for-sale rights, but a
library is ineligible to purchase. And in order
to make a purchase, you must certify that you're
not a library, which offers additional
protection to prevent this valuable,
intellectual property from being distributed in
a way that they prefer to prevent.
Q. You wrote a case study on Google; is
that right?
A. The -- I would present it in the
following way: I updated someone else's case
study to a sufficient extent, changing enough of
the sentences and enough of the paragraphs that
it was deemed a new document and given a new
document number. I would still characterize it
as an update and a revision.
Q. Do you know how much it cost to
purchase a PDF of that case study from Harvard
Business School Press website?
A. I think it's 4 and $6. There are
some discounts available.
Q. I think it's six ninety-five.
Page 260
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
secured servers?
A. I don't know.
Q. The type of research that you
describe in Paragraph 24, analyzing patterns in
book text, can you name any researchers who are
engaged in that type of research?
A. I know that there are some. I've
read some of the papers, but I don't have their
names on the tip of my tongue.
Q. Have you ever engaged in such
research yourself?
A. I haven't analyzed patterns in book
texts. I certainly have used large data sets
obtained from library-based data set archives.
I've had to learn the processes for obtaining
that and analyzing that.
Q. Have you ever spoken with a
researcher doing analysis of book text?
A. I think so. We've had at least one
come to campus for a seminar, and I spoke to him
pursuant to that.
Q. When was that?
A. Within the last two years.
Q. Did you talk to any in connection
with this report?
65 (Pages 257 to 260)
Veritext National Deposition & Litigation Services
866 299-5127
A-1575
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 67 of 79
Page 261
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
A. No.
Q. Did you do a survey of book text
analysis researchers to find out how they would
want to use book text in their research?
A. No.
Q. What is your view as to the
probability that the library would permit a book
text analysis researcher to copy the entire text
of a large corpus of books onto their own
computers in terms of a percentage?
A. I think it would be unlikely that any
library would allow that right now during the
pendency of this litigation, given the
significant concerns that are extant right now.
On the other hand, my experience with
other aspects of information security and
library information security is that there tends
to be a decrease over time where folks become
more liberal as they become more confident, and
sometimes that confidence turns out to be
misplaced confidence. I have some specific
examples in mind.
Q. What examples are those?
A. For example, sticking with the
Harvard Business School, it used to be that when
Page 263
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
research on the text of books?
A. Amazon has limited automated analysis
of specific fixed factors that are embodied in
known proven code designed by professional
full-time Amazon engineers who did this once and
then leave it running. I'm thinking about, for
example, the statistically improbable phrases
analysis that Amazon at least previously ran on
most books.
In contrast, what we were discussing
in Paragraph 24 is ad hoc analysis by professors
who come and go, students who come and go,
visiting researchers who really come and go all
in the context of a library relationship where
there's much less of a culture of supervision,
management and oversight when compared to
professional engineers designing software.
Q. That's not a necessary but instead
only a potential result of a fair use finding in
this case; is that right?
A. I didn't mean Paragraph 24 to be
limited to a fair use finding. Right now the
data sitting in libraries could already be
analyzed in this way and could give rise to the
sorts of problems discussed in Paragraph 24,
Page 262
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
we sold an electronic copy of a case, we sold it
in a special encrypted format that required that
you install a reader, not the PDF reader. You
had to get from us a special reader, and that
reader had a variety of special purpose
functions that would prevent you from printing
it, prevent you from showing it on a computer
connected to a projector, prevent you from
taking a screen capture image. It had a number
of security features.
Later, we decided to abandon that
software because it was unpleasant for users to
install a special purpose program and have
subsequently found that while our new
replacement is much more convenient to users, it
has created a certain amount of piracy, which is
a source of some concern.
Q. Does the risk set forth in Paragraph
24 of your report exist at Amazon today?
MR. BONI: At Amazon?
MR. GRATZ: Yes.
A. Gee, I really don't think so. I
hadn't been thinking of that as a risk that
would occur with Amazon today.
Q. Does Amazon engage in analysis or
Page 264
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
even prior to a court's fair use finding one way
or the other.
Q. Do you know whether problems of this
type have occurred?
A. I don't.
Q. Have you done anything to try and
find out?
A. I asked Mr. Boni.
Q. What did he tell you?
A. I think he told me he didn't know of
any specifically.
Q. Turning to Paragraph 25, have you
ever heard of a prank involving book piracy?
A. I've heard of a prank involving other
kinds of piracy.
Q. What other kinds of piracy?
A. For example, when I went to the MIT
Hack Gallery, I found quite a few that involved
use of other company's trademarks which might or
might not be trademark infringement, depending
on whether or not a fair use defense would
apply.
Q. Can you tell me about the Apple -- so
in Paragraph 25 you refer to an Apple -- the
Apple -- a prank involving the Apple logo?
66 (Pages 261 to 264)
Veritext National Deposition & Litigation Services
866 299-5127
A-1576
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 68 of 79
Page 265
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
A. Yes.
Q. Do you consider that to be in
violation of intellectual property rights?
A. I think it's an infringement of the
trademark, and the question is whether a fair
use defense applies. There is a doctrine of
fair use for trademarks and stylized images. I
think it's a plausible fair use defense. There,
I'd really have to apply the factors and read
the cases. I'm much less familiar with the Fair
Use Doctrine as it applies to stylized images
and logos.
Q. The Apple prank which you refer
occurred in October of 2011; is that right?
A. I don't recall.
Q. Did it occur shortly after the death
of Steve Jobs?
A. If you say so.
Q. Did students display the Apple logo
in the clock tower of Maseeh Hall at MIT in
honor of Steve Jobs in the prank you referred to
in Paragraph 25?
A. Now, that could be. I don't recall.
Q. Do you think that that prank is
relevant to the issues in this case?
Page 267
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
of 2004?
A. I don't know.
Q. Did it occur when the Red Sox made it
to the World Series?
A. I don't know.
Q. Were the -- do you think that the
students celebrating the Red Sox making it to
the World Series by displaying the logo on the
dome of the university building was intellectual
property infringement?
A. The law is what it is, and it's not
for me to rewrite trademark law. I wouldn't be
surprised if that is infringement as a matter of
law, and fair use defense might or might not
apply. It wouldn't shock me if you said that to
do that a license must be paid to the Red Sox,
and if you don't pay it, then you're in
violation of the law.
MR. GRATZ: Mark as Exhibit 19, this
document. I want to note for the record before
I hand it to the witness that despite the
confidential legend at the bottom of this
document, this is not a confidential document.
(Document marked as Exhibit No. 18
for identification.)
Page 266
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
A. I can certainly see how it would seem
peripheral. On the other hand, the fact that
students are well known to disregard
intellectual property is anything but
peripheral. It's well known that Napster was
most used on college campuses. There were
distinctive trends. You could see the number of
users signed into Napster decrease when major
schools went onto spring break. So the
relationship between students, university
libraries and piracy is not peripheral.
Q. Could you tell me about the Red Sox
logo prank you referred to in Paragraph 25?
A. I don't recall. I went through the
site, looked at the distinctive images
memorializing the pranks, but I didn't note them
in great specificity.
Q. Do you consider that an instance of
piracy?
A. I'm not sure. I do think it's
probably an instance of trademark infringement,
and it might be subject to a fair use defense.
Q. The prank you referred to in
Paragraph 25 with respect to the logo of the
Boston Red Sox, did that prank occur in October
Page 268
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Q. You have before you what's been
marked as Exhibit 18. Do you recognize this
document?
A. Yes.
Q. Is this the document to which you
refer in Paragraph 26 of your report?
A. I think so.
Q. Do you know what security measures
the University of Michigan has in place?
A. That's discussed in part in this
document.
Q. Aside from this document, do you have
any knowledge other than what is in this
document of security measures that the
University of Michigan has in place?
A. Aside from what's discussed in this
document, I don't think I have knowledge of
their current security.
Q. Is it your opinion that an author
would not agree to have his work stored by the
University of Michigan without greater security
terms than those set forth in Exhibit 18?
MR. BONI: Object to form.
A. I'm not sure. It all depends on what
the author gets in exchange. If they get zero,
67 (Pages 265 to 268)
Veritext National Deposition & Litigation Services
866 299-5127
A-1577
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 69 of 79
Page 269
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
it might be a pretty tough sell. If you give
them some money, that could be quite different.
Q. Can you -- do you have an assessment
of the probability that an author without
further payment would agree to the terms in
Exhibit 18?
A. I don't know. I'm sure some would
and some wouldn't.
Q. Referring to the terms of Exhibit 18
at the end of Paragraph 26 of your report, you
say that, "These vague provisions offer
significantly lower protection than Google
provides for even its routine business
confidences." Do you see that?
A. Yes.
Q. Do you mean that in terms of the
security required for the protection of the
information?
A. I meant to reference the comparisons
cited in Footnote 9 for which I note differences
in the circumstances in which information can be
shared, restrictions on recipients and
requirements as to security. I believe that the
Google NDA cited in Footnote 9 actually offers
greater protections, at least greater
Page 271
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
A. All right, I'll need just a moment.
I've done half of it. I need to find two
different provisions, and I'm working on the
second.
So we are comparing Provision 3 of
Exhibit 19 with Provision 4.4.1 of Exhibit 18.
Q. Okay. And how are those -- what's
the difference that you intended to identify?
A. Well, I said there are greater
restrictions on the circumstances in which
information can be shared; to wit, I think the
Exhibit 19 NDA doesn't allow information to be
shared, and the Exhibit 18 provision does allow
information to be shared.
Q. Within the confines of copyright law;
is that right?
A. Well, I'm not sure. Perhaps even
beyond the confines of copyright law.
Q. I direct your attention to Part 4.1
of Exhibit 18.
A. Fair enough. That section says at
least that this will be within the confines of
copyright law.
Q. So that takes care of sharing.
Certainly a nondisclosure agreement requires no
Page 270
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
specificity than what we see in Exhibit 18.
MR. GRATZ: I'd like to mark as
Exhibit 19 this document.
(Document marked as Exhibit No. 19 for
identification.)
Q. Do you recognize what's been marked
as Exhibit 19?
A. Yes.
Q. What is it?
A. It's the document cited in the
Footnote 9.
Q. Do you know whether this is a
nondisclosure agreement which has been entered
into by Google and various parties?
A. It purports to be.
Q. Do you know whether it, in fact, is?
A. I know that when I visited the Google
campus twice at the invitation of Google staff,
I was presented with a similar NDA, which in at
least one instance I refused to sign, perhaps in
both instances.
Q. Could you identify for me the more
precise requirements as to how information must
be secured in Exhibit 19 as compared to Exhibit
18?
Page 272
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
sharing, and Exhibit 18 permits sharing under
certain circumstances. The question I asked is
with respect to precise requirements as to how
information must be secured.
A. Yes. So in the NDA, Exhibit 19, the
second sentence of Provision 3 calls for the
same degree of care, no less than a reasonable
degree of care as used with respect to the
participants' own similar information, and it
continues, they must prevent, they must try to
prevent, they must actually do it. Sounds like
strict liability.
MR. BONI: Say where you are.
A. Within Clause 3, somewhere around
there. Must actually succeed in doing the tasks
detailed within A and B of that second sentence.
Q. I'm not seeing the words "must
prevent." I'm sorry.
A. The word "prevent" is on the fifth
line of -Q. And followed with a colon?
A. Yes.
Q. So "Participant will use the same
degree of care, but no less than a reasonable
degree of care, as participant uses with respect
68 (Pages 269 to 272)
Veritext National Deposition & Litigation Services
866 299-5127
A-1578
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 70 of 79
Page 273
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
to its own similar information to protect the
confidential information and to protect -prevent."
So you understand "prevent" in
Exhibit 19, the "prevent" immediately before
that colon to be an absolute requirement, not a
requirement subject to the degree of care
previous -- previously in that sentence?
A. You know, when I first read this, I
thought it was subject to the degree of care
previously in the sentence. When I just
characterized it orally a moment ago, I thought
it was strict liability. Now I'm back to the
first interpretation which I think may have been
right all along. So -Q. At any rate, you're saying that this
requires the same degree of care as the
participant used with respect to its own similar
information and that Exhibit 18 does not; is
that right?
A. That's my recollection, and now we
can go back to 4.4.1. The 4.4 -Q. So and 4.4.1 says U of M shall also
make reasonable efforts to prevent third parties
from downloading or otherwise obtaining any
Page 275
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
withstanding the very, very limited commitments
in the second sentence.
Q. I want to turn to Paragraphs 27
through 32 of your report.
MR. BONI: Done with these for now,
Joe?
MR. GRATZ: Yes, you can set those
aside.
Q. In Paragraphs 27 through 32, you
describe a number of flaws in Google's systems
which were identified. Did any result in
piracy?
A. I didn't choose any of the flaws that
resulted in piracy.
Q. Are there other flaws of which you're
aware that did result in piracy?
A. Yes.
Q. Which flaws are those?
A. The Google YouTube service, by
Google's own evaluation prior to acquiring
YouTube, was a massive source of privacy.
MR. BONI: Piracy.
A. Of piracy, excuse me.
Q. Was that as the result of security
breaches or because people were uploading
Page 274
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
portion of the U of M digital copy for
commercial purposes, redistributing, etcetera.
So you're drawing the distinction between taking
reasonable measures and using no less than a
reasonable degree of care as participant uses
with respect to its own similar information?
A. It's the -- it's that last part, what
they do for their own similar information that
first seems stricter. Secondly, a preceding
sentence in 4.4.1, implementing technological
measures, e.g. robots.txt -- technological
measures, e.g. robots.txt, to restrict automated
access seemed sort of laughable to me because
that's a known defective measure, and if one
were serious about blocking automated access,
Google is probably the world expert on having to
do that properly, and it's not via robots.txt.
Q. You're referring to the second
sentence of 4.4.1?
A. That's right.
Q. Does the second sentence of 4.4.1
limit the commitment made in the third sentence
of 4.4.1?
A. No. There are additional
commitments, so the third sentence stands, not
Page 276
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
infringing videos to YouTube?
A. It was a result of a design flaw.
Q. What was the design flaw?
A. The design flaw had several
manifestations, but it included the absence of a
report piracy button, a button that was tested
temporarily until it was removed in haste by
YouTube managers who realized that too many
users were reporting piracy.
Q. How do you know that?
A. That was all in Google documents
provided in the Viacom litigation and then
unsealed and made available for public review.
Q. Are those documents -- do those
documents form the basis for any of the material
in your report?
A. No. I relied on other Google design
flaws and security breaches to form the
conclusion in my report.
Q. And the design flaws that you're
alleging with respect to YouTube are not design
flaws that resulted in the unauthorized breach
of security measures which permitted piracy, but
instead, in your view, were measures that were
designed to -- strike that.
69 (Pages 273 to 276)
Veritext National Deposition & Litigation Services
866 299-5127
A-1579
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 71 of 79
Page 277
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
MR. BONI: Good idea.
Q. Start that question over.
The design flaws that you referred to
with respect to YouTube, were they, in your
view, design flaws that resulted in the breach
of security measures?
A. These were not design flaws that
resulted in the breach of security measures.
Instead these design flaws resulted in the
massive and unprecedented copyright infringement
of a large number of copyrighted video and audio
recordings.
Q. Do you know of any instance in which
third-party copyrighted material has been stolen
from Google servers?
A. I'm not sure what you mean by "stolen
from Google servers."
Q. I mean taken from Google servers
without Google's authorization?
MR. BONI: Object to form. Same
ambiguity.
A. There are multiple tools for, quote
unquote, YouTube stealing. Often they have
names like "YouTube stealer." These are
programs that allow a user to take the video and
Page 279
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
report, you say that outside hackers could
access or redistribute book contents. Do you
know of any instances in which hackers have
accessed or redistributed books from Amazon?
A. I have heard of that happening.
Q. Was that following the download of a
Kindle eBook file?
A. That's one mechanism by which it can
happen, but not the only mechanism.
Q. What other mechanisms are you
familiar with?
A. I understand that it is possible to
use Search Inside the Book to browse selected
pages later or another user or another computer
to browse other pages and for the book to be
stitched together, and I have found programs
that purport to do that all, although I wasn't
able to verify the efficacy of those programs.
Q. Not withstanding the existence of
those programs, publishers keep their books in
Search Inside the Book, to your knowledge; is
that right?
A. Yes.
MR. GRATZ: Let's change the tape.
THE VIDEOGRAPHER: Here ends Tape
Page 278
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
audio of a recording on YouTube and save it to a
file on their hard drive, so that, for example,
they can watch it on airline, or they can
continue to watch it, even if the file is
removed from YouTube, and they can watch it
without advertisements. Those programs exist.
Google seems to have a bit of a cat
and mouse program with them, where Google is the
cat, but it doesn't always catch the mouse.
I've confirmed repeatedly that they work, and
that Google has been less than effective in
stomping them out.
Q. How have you confirmed that they
work?
A. I've attempted to use them from time
to time.
Q. Do you know of any such tools with
respect to books?
A. I've looked for such tools and
couldn't find them in the first few minutes of
searching.
Q. Did you continue past the first few
minutes of searching?
A. Not really.
Q. Turning to Paragraph 34 of your
Page 280
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
No. 6. Off the record 5:33 p.m.
(Brief recess.)
THE VIDEOGRAPHER: Here begins Tape
No. 7 in today's deposition of Benjamin Edelman.
Back on the record, 5:41 p.m.
Q. Turning to Paragraph 36 of your
report, you say, "A single breach of the systems
that store book contents could allow book
contents to become ubiquitous online." What is
the basis for your statement?
A. There's an expression about putting
the genie back in the bottle. I think that
applies in spades here. I give two examples in
the paragraph: AOL search data that should
never have been put on the Internet and U.S.
State Department wires that again should never
have seen the light of day. Once those
materials make it onto the Internet, as we all
well know, there's no taking them off the
Internet and so too here.
Q. What's your basis for thinking that
the AOL search data is the still available on
BitTorrent?
A. I checked.
Q. Do you possess a copy of that file?
70 (Pages 277 to 280)
Veritext National Deposition & Litigation Services
866 299-5127
A-1580
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 72 of 79
Page 281
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
A. I've downloaded it maybe more than
once. I wouldn't be surprised if I still have a
copy floating around.
Q. With respect to WikiLeaks, what's
your basis for saying the information is
available?
A. I've read other sources indicating
that it's available, although I actually haven't
checked personally in any great detail.
Q. Have you downloaded any of the
WikiLeaks cables yourself?
A. I should be clear, I've read it at
the New York Times site, for example. So to the
extent that you can read the primary sources
there, as you can often, and in significant
quantities, I've read some of them there.
Q. Have you read them anywhere else?
A. Maybe other mainstream major media
publications.
Q. How large is the AOL search data in
megabytes approximately?
A. Approximately one gigabyte.
Q. How large do you estimate that
scanned images of 20 million books would be?
A. Scanned images would be much larger,
Page 283
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
book contents being available, the likelihood
rather than the magnitude of the harm larger if
there were a proliferation of book scanners?
MR. BONI: Object to form. You can
answer.
A. It makes the probability larger.
Q. Does it affect the magnitude of the
harm?
A. The magnitude also, I would expect,
to be larger in this context. In the context of
Search Inside the Book, only a portion of books
are available. I understand that the number of
books there available is smaller than the number
of books here at issue, and those, of course,
are publishers and authors who made the
considered decision to go down that route;
whereas, here no one was asked.
Q. Does Amazon store the entirety of
books in Search Inside the Book?
MR. BONI: Object to form.
A. I don't know. I would think they'd
need to store either all of it or most of it.
Q. And if Amazon's entire corpus of
digitized books, including, for example, their
eBooks were taken and distributed in the manner
Page 282
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
although after OCR, they might become much
smaller. I would think a few gigabytes of text
after OCR would probably be about right.
MR. BONI: I just want to place an
objection on the record that it's a slightly
misleading question. We're not talking about
20 million in-copyright books or books that fall
under the class definition. That's a much lower
number.
Q. Is the risk associated with a single
breach of all books resulting in the genie
coming out of the bottle, as you say, a risk
that also exists with any other digitized corpus
of a large number of books?
MR. BONI: Object to form.
A. The risk differs in some important
respects from the other corpuses we've talked
about, such as Amazon Search Inside the Book.
Q. How does it differ?
A. First, it differs because here we
must consider the effect of a possible fair use
ruling and the other travelers coming along and
storing the data in ways that might be somewhat
less secure than Google.
Q. That makes, in your view, the risk of
Page 284
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
discussed in Paragraph 36 of your report, would
the magnitude of that be similar to the
magnitude of a breach at a library?
MR. BONI: Object to form.
A. Paragraph 36 isn't about libraries.
I can consider the question nonetheless. Shall
I consider the question?
MR. BONI: Why don't you -Q. If Paragraph 36 isn't about
libraries, that clears it up for me.
In Paragraph 38 you say, "However
remote one may consider the risk of book
contents becoming available, that risk must be
considered in light of the devastating impact to
the class if book contents become available."
Here you're comparing the probability of an
event to the magnitude of harm in case -- in the
case where that event occurs; is that right?
A. The sentence discusses both the
probability and the magnitude and suggests that
in light of the large magnitude, even a small
probability should be significant cause for
concern.
Q. What is the probability of the events
discussed in Paragraphs -- Paragraph 37 coming
71 (Pages 281 to 284)
Veritext National Deposition & Litigation Services
866 299-5127
A-1581
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 73 of 79
Page 285
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
to pass in the event of a fair use ruling in
favor of Google?
MR. BONI: Object to form. You want
a mathematical response to that question?
MR. GRATZ: Whatever the response the
witness has for me.
MR. BONI: Object to form.
A. I don't know. It would be easier to
say once that fair ruling resulted, if it did
result, once we see who comes along and scans
which books and stores them in what ways, until
then, it's just a little bit too speculative for
me to want to put a number on it, but it
certainly is a serious concern.
Q. What's the magnitude of the harm in
dollars? The harm here, I mean the harm that
you were discussing in Paragraph 38.
MR. BONI: Object to form.
A. I'm not sure. It's difficult to put
a dollar value on it, but I do think it's
significant. If you asked a publisher what
would they be willing to pay to have a complete
protection against piracy, to be able to print
their books on uncopyable paper or with magical
ink, I think you'd find publishers would be
Page 287
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
MR. BONI: Objection. You know he's
not a damages expert, Joe.
Q. You can answer.
A. I have not. I'm not a damages
expert.
Q. Has a company ever come to you and
asked you to evaluate the risk of intrusion into
their computer systems which protects books?
A. No.
Q. Has a company ever come to you and
asked you to evaluate the risk of intrusion into
their computer systems at all?
A. That seems like the kind of thing
someone would have asked me to do at some point.
I just need to take a moment to think about it.
Certainly I've thought about that
question for the organizations which -- with
which I've had long-term relationships. So, for
example, when I was running the Berkman Center
server, that was a question I thought about. I
thought about it with ICANN. I've thought about
it as to portions of Harvard Business School.
I've thought about it with Wesley as to the
servers that we operate together, as to paying
clients that come specifically for that.
Page 286
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
willing to pay a significant portion of their
enterprise values in order to get that magical
technology.
Q. And you consider that to be the
measure of the magnitude of the harm set forth
in Exhibit -- in Paragraph 38?
MR. BONI: Object to form.
A. It's not that that's how you'd
measure it, but that's the sort of thought
experiment one would do.
Q. How would you measure it?
A. On thinking about the way that other
large harms are measured, how do we assess the
value of a life when a life is taken away from a
person? How do we assess the value of a plane
crash or a nuclear disaster? It's really not my
area of expertise. It's not something I've
opined on here. But here I consider the
totality of future lost profits. So I do my
best to figure out what profits would have been
and then what they will be as a result of the
loss, and I subtract those two numbers, and that
would be the starting point for the harm.
Q. Have you done that in preparing your
report?
Page 288
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
I think it would be unusual for
anyone to seek my assistance for that solely and
specifically, but if they already knew me from
something else, I can think of a couple of
clients who have sought assistance with problems
generally in that vein based on prior
relationships.
Q. If a company came to you and asked
you to evaluate the risk of intrusion into its
computer systems which protect books, would you
accept the assignment?
MR. BONI: Object to form. That's
the entire hypothetical?
MR. GRATZ: That's the question.
A. I don't think I would be the best
person to evaluate their security systems, but I
think I would be able to assist them in
selecting an appropriate person. I would be
able to guide that person towards the areas of
greatest concern, perhaps review their initial
report, and suggest areas for extension and
further inquiry.
Q. What process would you recommend be
undertaken to evaluate the risk of intrusion
into those computer systems that protect books?
72 (Pages 285 to 288)
Veritext National Deposition & Litigation Services
866 299-5127
A-1582
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 74 of 79
Page 289
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
A. I suppose it would all depend on what
books I was trying to protect, what I was trying
to protect them from, what access I needed to
allow. The easiest thing to do to prevent
unauthorized access is to prevent all access by
destroying the digital records, but I imagine
that wouldn't be what someone hired me to tell
them. They'd want some way to use it for some
purposes while disallowing use for other
purposes.
Q. If a company came to you and asked
you to evaluate the risk of an intrusion into
their computer systems which protect books and
which host books for the purpose of making
snippets available in response to searches, what
process would you take to under -- to make that
evaluation?
A. Well, I think I would -- I would
consider the sorts of security systems that
we've discussed a couple times today in
different parts of our time together as to
physical security, network security, software
security, application level security, human
resources and internal controls. I'd consider
each of those. Each would be significant. Each
Page 291
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
at Google. I'd look at my organizations's
experience or the client's organization's
experience with rogue employees.
When we have a thousand engineers,
how many of them turn out to be bad apples, how
many bad ones do you get out of a thousand? Is
there any way to prevent two of them from acting
together in concert? Could we have an audit
trail that prevents this kind of copying and
that kind of copying? Is it possible to make an
audit trail that's so robust that even a senior
engineer can't turn it off? Because we know
some of the problems occur from senior engineers
who can bypass the ordinary control.
So that's the kind of question I'd be
asking as to that facet, but to be sure, each of
the facets would require a different type of
analysis.
Q. Did you do any of that in preparing
your report in this case?
A. I considered those kinds of
approaches. The data and information required
aren't available to me and weren't necessary in
order to reach the conclusions set out in my
report.
Page 290
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
would have multiple facets within it.
And then my analysis would be
informed, importantly, by the material that I
was holding. If it was unique and one of a kind
and highly sought after, then I would be
particularly concerned about the skills of my
intruders. And if I needed to allow massive,
high-volume access by a large number of
different users, potentially some of them fake
or automated or robotic, I would be even more
concerned, and I would need to be open to the
possibility, the very real possibility that I
couldn't do this with the required level of
quality and would need to revisit my plans.
Q. What information would you need to
evaluate the risk of intrusion into such a
system which stores books for the purpose of
making snippets available in response to
searches, for example?
A. One would need to think about each of
the aspects of security just discussed. So for
example, as to human resources security, making
sure that there isn't a rogue employee who takes
the data in the way that other rogue employees
have done other untoward things, including even
Page 292
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Q. Why weren't they necessary? Would
having them have aided you in reaching your
conclusions?
A. Perhaps I could have reached
additional conclusions. I imagine that with
enough study, I might get to the point where I
was prepared to put a number on some of the
probabilities. There's this probability per
year of this kind of bad thing happening if you
use these controls. I think that is an
estimatable number. One can estimate even these
very small probabilities with enough analysis
and enough review, but it's quite difficult, and
I didn't consider it necessary or appropriate,
given what I was asked to do in this report at
this time.
Q. Did you run any bargaining
experiments in connection with your report?
A. No.
Q. Did you perform any statistical
analysis in connection with your report?
A. No.
Q. In signing your own consulting
agreements, have you performed market checks
regarding terms?
73 (Pages 289 to 292)
Veritext National Deposition & Litigation Services
866 299-5127
A-1583
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 75 of 79
Page 293
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
MR. BONI: Object to form. I don't
know what that means. Can you explain that.
Q. Mr. Edelman, are you familiar with
the term "market checks"?
A. I've a general understanding.
Q. What is it?
A. A market check would be a comparison
of a price term or some other term with possible
alternatives, benchmarks, competitors, in order
to see whether that term is consistent with
others that are in other respects similar.
Q. Have you done that with respect to
your own consulting agreements and your
consulting rates?
A. In some instances I have.
Q. Did you do that in connection with
any of the facts or opinions you set forth in
your report?
A. I'm sorry, I don't understand.
MR. BONI: I don't understand it
either.
Q. Did you review the terms of any
agreements -- strike that.
In reaching the conclusions set forth
in your report, did you perform any market
Page 295
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
A. I didn't approach it that way.
Q. Did you determine the probabilities
for either of those terms, that the parties
would reach those terms in a negotiation?
MR. BONI: What parties? Object to
form.
Q. The parties to the hypothetical
agreement that you hypothesize in Paragraph 9 of
your report.
A. One thing that I did put a
probability on was the chance of any liquidated
damages clause becoming available without a
contract, and that was zero. So it can only go
up from there, and that much was clear to me.
As to whether or not it would go up,
it seems to me that -- that publishers, if
acting together in some way, bargaining
collectively, bargaining with Google, with
Google in a position of weakness for whatever
legal or business reason, it's possible that the
publishers would be able to get quite a bit of
the ground, particularly if they could use
Google's confidence as to the efficacy of its
security systems, frankly, to use that against
Google.
Page 294
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
checks?
MR. BONI: I object to form. I just
don't understand the line of questioning.
A. I didn't see a basis for comparison
to compare the contents of my expert report with
three similar expert reports written by others.
I didn't see the comparison group.
MR. BONI: Not what you're asking.
MR. GRATZ: Not what I -Q. Did you do a market check of -- so
some of the -- some of the opinions you state,
one of the opinions you state in your report is
it that certain hypothetical contracts would
have certain terms; is that right?
A. At least they could if they were
subject to negotiation.
Q. Or that -- right. Or that certain
hypothetical contracts could at least -- at
least potentially have certain terms?
A. Yes.
Q. In determining -- did you form an
opinion as to what the likelihood is that either
the security term or the liquidated damages term
would, in fact, end up being an element of a
bargained-for agreement?
Page 296
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
If Google is so sure that its
security is robust, then it shouldn't have any
problem making a guarantee of a thousand dollars
per work in the event of a defect, since Google
says that will absolutely never happen.
Q. Did you assign a probability to the
likelihood that that would occur?
A. I didn't assign a probability to it.
Q. Did you talk to any authors in
preparing your report?
A. No.
Q. Did you talk to any publishers in
preparing your report?
A. No.
Q. Did you talk to any staff members of
the Authors Guild in preparing your report?
A. No.
Q. Did you review the contract governing
the Back In Print program in preparing your
report?
A. No.
Q. Did you review any other publishing
agreements in preparing your report?
MR. BONI: He listed what he
reviewed, Joe, Exhibit C.
74 (Pages 293 to 296)
Veritext National Deposition & Litigation Services
866 299-5127
A-1584
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 76 of 79
Page 297
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Q. You can answer the question.
A. No.
Q. Have you ever talked to anyone at
Microsoft about its book program?
A. Not recently. It would have been a
couple of years ago. If I did, I don't really
recall it specifically.
Q. In preparing your report, did you
investigate Google's security for books?
A. I don't know what you mean by
"investigate" in this context.
Q. Did you seek to determine the
strength of Google's security for books?
A. I checked for secondary sources
indicating that others had already bypassed the
security. I didn't find sources to that effect.
Q. You didn't find any sources
indicating that others had bypassed Google's
security for books?
A. That's right, and that's something I
would have wanted to know about, if such sources
existed already.
Q. Do you possess any Google
confidential information regarding its book
project?
Page 299
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
A. In short, my advice to him -- well,
he came to me as an attorney.
MR. BONI: I was going to ask you
that. Were you rendering legal advice?
THE WITNESS: I wasn't retained.
Nonetheless -MR. BONI: Doesn't matter.
THE WITNESS: -- I think we should
stop right here.
MR. BONI: Yeah, I agree.
Q. So it's your testimony that in your
discussion with Deepak Malhotra regarding
piracy, you were having attorney/client
communications with Mr. Malhotra?
A. I think I was, yes.
Q. Other than Mr. Malhotra, have you
discussed piracy with any other authors?
A. I know that I have. But I'm having
trouble recalling specifically who.
Q. Do you remember what you said to
them?
A. Generally, my advice to individual
authors is that it's hard for any individual
author to do much about it, so they're probably
better off individually focusing their efforts
Page 298
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
A. I have specifically indicated that I
don't want any such information, and I believe I
don't have any.
Q. Have you ever tried to pirate a book
from Google Book Search?
A. I have not.
Q. Have you ever advised a -- strike
that.
Have you ever advised an author
regarding piracy?
A. I've discussed it with some authors.
Q. What was the -- what authors were
those?
A. Most recently I discussed it with my
colleague, Deepak Malhotra.
Q. Any others?
A. I have discussed it with others. I'm
having trouble recalling specifically.
Q. What did you discuss with Deepak
Malhotra?
A. The likelihood of piracy, the extent
to which a pirated copy might detract from a
ordinary purchased copy, his remedies, if any,
as against piracy and those who profit from it.
Q. What did you say to him?
Page 300
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
on writing a great book and selling as many
copies as they can to whoever is willing to pay
for it.
Q. Have you ever advised an author not
to post digital contents for fear of piracy?
A. In fact, I reached that own -- that
conclusion for myself as to the Google case. I
declined to post it on my website, even though I
have the right to do that. So I advised myself
not to do it.
Q. And by the "Google case," you mean
the case study regarding Google that you wrote
for Harvard Business School Press?
A. That's what I meant, yes.
Q. Why didn't you -- why did you decide
not to post it?
A. The school would prefer that those
cases be purchased directly from the school at
the per copy price that you saw. And so even
though it is an author's right to post it if the
author so chooses, I decided not to for that
case.
Q. Do you understand the Authors Guild
to be advising authors not to post digital
content for fear of piracy?
75 (Pages 297 to 300)
Veritext National Deposition & Litigation Services
866 299-5127
A-1585
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 77 of 79
Page 301
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
MR. BONI: Object to form.
A. I'm not sure.
Q. Are any of your articles available
for licensing by the Copyright Clearance Center?
A. I expect that they are.
Q. Have you ever negotiated with the
Copyright Clearance Center regarding those
issues?
MR. BONI: Regarding?
Q. Those issues?
MR. BONI: What issues?
Q. Regarding the availability of your
articles for licensing through the Copyright
Clearance Center?
A. I believe there's a standard form
that I filled out when I submitted by Ph.D. to
the Harvard Library system, my Ph.D.
dissertation. That is a Copyright Clearance
Center form, as I call it.
Q. Was it a UMI microfilms form?
A. This was seven years ago. Perhaps I
should refresh my recollection in some other
way. It seems perfunctory, and I signed it,
although if there were choices to be made, I
can't tell you what choice I made.
Page 303
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
MR. BONI: If there's any
confidential relationship or privileged
relationship, then you shouldn't answer.
A. There are both confidential and
privileged issues raised by that question.
MR. BONI: If there's anything you
can say outside the confines of the privilege,
to be fair, you should say that.
A. What I've said publicly and what
Microsoft has authorized me to say publicly is
that I've offered them guidance on a variety of
questions. Most of the work focused on things
other than Google, actually. Integrity and
auditing and advertising fraud and so forth.
Routine business matters, from my perspective.
Q. But some of the work focused on
Google?
A. I think I can give you a yes to that
without implicating the confidentiality or the
privilege, but beyond that, I feel I'm obliged
to tread lightly.
Q. How much money has Microsoft paid you
for your work related to Google?
A. I think that's confidential.
Q. You were opposing counsel -- strike
Page 302
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
MR. BONI: You want to show him
something or are you just fishing?
MR. GRATZ: Neither.
Q. Does the CCC, the Copyright Clearance
Center, negotiate security protocols with those
who license content from the CCC for posting on
the web, for example?
A. I don't know.
Q. Does the CCC negotiate liquidated
damages terms with its licensees?
A. I don't know.
Q. You've done consulting work apart
from your -- the expert engagements that we've
discussed; is that right?
A. Yes.
Q. And some of that consulting work has
been for Microsoft; is that right?
A. Yes.
Q. Overall how much money has Microsoft
paid you?
A. That's confidential information.
Q. Have you ever spoken with anyone at
Microsoft about Google?
A. Yes.
Q. What was said?
Page 304
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
that.
You were counsel for the plaintiff's
in the Vulcan Gulf case in which the plaintiffs
were suing Google; is that right?
A. Yes.
Q. Did you receive a fee in connection
with that litigation?
A. I did not.
Q. Was that a contingent fee
arrangement?
A. The agreement with the class
representative, the putative class
representative, was that the fees would be paid
only upon the successful conclusion of the
litigation.
Q. Did the litigation conclude
successful or successfully enough to result in
the payment of any money to you?
A. Not successfully enough to result in
the payment of any money to me.
Q. How many blog posts have you written
which were critical of Google?
A. I'm not sure. I think more than 20.
Q. How many blog posts have you written
which were supportive of Google?
76 (Pages 301 to 304)
Veritext National Deposition & Litigation Services
866 299-5127
A-1586
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 78 of 79
Page 305
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
A. More than five.
Q. Fewer than 20?
A. I think it's fair to say fewer than
20.
Q. Are you familiar with an economist
named Judith Chevalier?
A. Yes.
Q. Who is Judith Chevalier?
A. She was at the Yale School of
Management. She's an excellent economist.
Q. Have you ever cited Judith
Chevalier's work regarding the economics of the
market for books?
A. I have in at least two instances that
I'm aware.
Q. In what instances were those?
A. My undergraduate thesis used a method
that Ms. Chevalier and Austan Goolsbee developed
to convert an Amazon sales rank into an
estimated sales quantity. And so I cited their
work in the context of that in the graduate
thesis.
Then I recently published an article
about collecting data from the Internet and
using that data for economic research, and I
Page 307
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Goolsbee, the first author on that paper.
Q. Turning to page 3 of the thesis, you
cite the Goolsbee and Chevalier paper in the
center of that page; is that right?
A. Yes.
Q. Turning to page 8 of the thesis, you
cite the Goolsbee and Chevalier paper in the
last line of that page; is that right?
A. Yes.
Q. And it's also cited on the following
page in the second to last line; is that right?
A. Yes.
Q. As well as in the middle of the page?
A. So it is.
Q. Turning to page 31, you cite the
Goolsbee and Chevalier paper at the beginning of
the page?
A. I do.
Q. And then turning to page 70, you cite
the Goolsbee and Chevalier paper in the center
of the page in the middle of the line; is that
right?
A. Yes.
Q. What is your opinion of Judith
Chevalier's expertise regarding economics?
Page 306
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
cited that same article again for substantially
the same purpose.
Q. And you cited Ms. Chevalier's work
multiple times in your thesis; is that right?
A. I should think I cited it multiple
times, yes.
Q. How about six times; is that right?
MR. BONI: But who's counting?
A. I don't know. I haven't read that
often, recently.
MR. GRATZ: Let's mark as Exhibit 20
this document.
(Document marked as Exhibit No. 20 for
identification.)
Q. Mr. Edelman, is this your
undergraduate senior thesis?
A. Well, it seems to be. It's not so
easy to get. Usually, people have to ask me for
it, so I'm intrigued you managed to find it
without asking me for it. But it seems to be
what it purports to be.
Q. This is the document in which you
cited Ms. Chevalier's work?
A. I think so. Let's check the
references section. Cited under "G" for
Page 308
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
A. Well, I just loved this paper and
found it very clever. She's been quite
prolific, and I really haven't read the majority
of her work. I look forward to taking the time
to do that sometime soon I hope. But beyond
that, she's very well-published in top journals,
which means that the prevailing view among her
peer reviewers is that her work is quite good.
Q. What is your opinion of Judith
Chevalier's expertise regarding the economics of
the market for books?
MR. BONI: Object to form.
Q. What is your opinion of Judith
Chevalier's expertise regarding the economics of
the market for books?
MR. BONI: Object to form.
A. I'm not sure. I haven't read her
opinions on that in general. I know the
findings that are in the Goolsbee and Chevalier
2001 paper. As to her other conclusions, I'd
need to review both the conclusions and the
methodologies to see what I think.
Q. Are you familiar with a man by the
name of Albert Greco?
A. I don't think so.
77 (Pages 305 to 308)
Veritext National Deposition & Litigation Services
866 299-5127
A-1587
Case 1:05-cv-08136-DC Document 1075-16
Filed 08/26/13 Page 79 of 79
Page 309
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Q. Turning to the references cited page
of your senior thesis on page 77, under G, do
you see a citation to a book by A. Greco called
The Book Publishing Industry?
A. Yes.
Q. And turning to page 33 of your senior
thesis, you see the bottom of page 33 it says,
"I further add two promotion-specific variables
to investigate market trends noted by Greco
(1997) in discussing clumping of book sales over
time"?
A. Yes.
Q. Is that a citation to the Greco work
titled The Book Publishing Industry cited in
your references cited section?
A. Seems to be.
Q. Do you have an opinion as to Albert
Greco's expertise regarding The Book Publishing
Industry?
A. Not really.
MR. BONI: Are you done with this,
Joe?
MR. GRATZ: Yes. Nothing further.
MR. BONI: I have nothing.
THE VIDEOGRAPHER: Here ends this
Page 311
1
2
CERTIFICATE
COMMONWEALTH OF MASSACHUSETTS.
MIDDLESEX, SS.
3
4
5
6
7
8
9
I, Avis Barber, Registered Professional
Reporter and Notary Public, in and for the
Commonwealth of Massachusetts, do hereby certify
that:
BENJAMIN G. EDELMAN, the witness whose
deposition is hereinbefore set forth, was duly
sworn by me, that I saw a picture identification
for him in the form of his Harvard College
Identification card, and that the foregoing
transcript is a true and accurate transcription
of my stenotype notes to the best of my
knowledge, skill and ability.
10
11
12
13
14
15
16
I further certify that I am not related to
any of the parties in this matter by blood or
marriage and that I am in no way interested in
the outcome of this matter.
IN WITNESS WHEREOF, I have hereunto set my
hand and notarial seal this 20th day of June
2012.
--------------------------Avis Barber, RPR
Notary Public
My commission expires: July 30, 2015
17
18
19
20
21
22
23
24
25
Page 310
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
deposition. Off the record, 6:18 p.m.
(Whereupon, the deposition was
concluded at 6:18 p.m.)
Page 312
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
I declare under penalty of perjury
under the laws that the foregoing is
true and correct.
Executed on _________________ , 20___,
at _____________, ___________________________.
__________________________
BENJAMIN G. EDELMAN
78 (Pages 309 to 312)
Veritext National Deposition & Litigation Services
866 299-5127
A-1588
EXHIBIT 17
A-1589
boy Jim BOli to"
«
Kind le Book
S .. U Fou, IP"p.rtilck)
LOOK INSIDE!
]l!!lJ;f.I
M
......
-Irlrirlrl, I.w.)
J
~ sto.a5
( AddtOCilIl
Book secti ons
123 1I"g' 8. n.w from 50.to
q
COpyright
Front Cove r
Table of Contents
First p.,ges
Back Cover
Ind ex
Surprise Me l
I:'" Searc h rnsldc This Do ok
IW
Sa mple seercMU in this book:
ba ll four
baseb"l t commi SSioner
bull pen toMltJ nt
Print Ouok
l Zoom - I Zoom + )
................................. .. " ...., ........
10 the mkldle of Aup$! J went 10 see Marvill Milkes, the general
manager of the Seattle An~ ls. 1 lold him thllt I wanted Jam, kind of
guarantee from him about next year. There were some businesses whh
"What [ would like," I lold him, "is an understanding thot no
long-range potenlial I (ouki go into over the winter and J 'WOuld if I
was cc:rtain I W4!sn', going to be pl8)'ing bDII.
mllUer wh~1 kind of contract ),ou gi\lc me, major Icacu( or mmor league,
lhat it will ~ for !l « rUlin minimum am()um. Now, l realize you do n't
k.J1ow how much value I will be rOt yo u since yo u haven't gone th rough
the expansion drllft and d On ' ~ knOW the kind of player' YOIl '1 1 have. So
I'm not a$kiflg for a majOr-league contract, bllt just a certain minimum
amount of money."
!'How much money :ue you talking about'?" Milk~ srud shrewdly.
"I t,lked il Olitr with. my wl1e and we arrilied 4( a figure 01 S15
Or SI6,000. That', the minimum I could alford to pia)' (or, majors or
minors. Otherwise ] got to go to work,"
To this Milkes uid simply. "No."
I couldn't say I blamed him,
h was righl nbou! then, though, thai the knuckleball rd been
experimenling with for a couple o( months begin to do things. 1 won
two Eomes in five dayl. going all the way , giving up only lWO or three
hiu. I was really doing a good job and tweryone was kind or shoc::bd.
As the ~ason drew 10 a close 1 did bener and beller. The last th'e days
of the season t fil'l~hed with a flurry, and my earned-run average throwing the knuckleball WaJ 1.90. which do very good.
The la!.1 day of the seMOn I wa.~ in the clubhowe and Milkeli said
he wanted 10 see me (or a minute. I went up to his office, and he said.
"We're goint: to give you the same contract (or next year_ We'll guarantee you $22.000." This means if 1 didn't 8;tt released I'd be getting it
even if I was sent down to the minors. I fell like kwing him on bott!
cheek$. I 01$(1 felc like I IU'Id :I new lease on Iile. A knuckleball l'I:ld co
be pretty improsive to imprt'5!o a general manager $1.000 worth. Don'l
evcr Think $7,000 isn'l • lot of money in baseball. I've had hugt arguments over a lot Icn .
Feeclb"ek. 1
~
Expended
V ICW
I
Close
Books eLt l tomers .ts o boug ht could
no r b.. rew.",.d
":-1 Cust omers Al so Do ught
bu rn mor.
re~rI .\I .. d
Y(l lI r boo k h iStory .;ould n ot be
r::. Your Orowsl n g liist o rv
Hell) I
»
.l2
c
~
~
W
~
~
@»
®
A-1590
EXHIBIT 18
A-1591
~w.
t~)
by Be.try Mile.!
«
Kindle Book
The Rell Me (Plperb,c:kl
'(
~ 19 .94
( Add 10 cort )
Book s ecti ons:
2 & U!UN t. "'~w Fro m ,0 .10
8
Copyrioht
Front Cover
First Pages
Back Cover
S urprise Mel
~
Sea rc h Inside Th is Book
'---_ _-----'I
Sample seardu!s in this book:
flit
circulation man ager
chicken
/l1f~5
&~6,-Y07
1-~dj12.2la
Print Book
tide-this onc a his and hers pants show, wi th
poem s for a ll the models. Onc of the poems said :
classes aut! parties i n tl, eir .~ tril1C(l jea ns.
Pal and Paul to.qcl.IIer make m OllY scenes
IJ t
How can people wrile things like that! Ma said she
was afraid someone would see her by-line and think
slle wrote the poem s.
All Itel' articles were printed In the "Food and
Family" section of the paper. But she sald, 'Tm
heading for the fron t page. \Vait and sec. Before the
yea r is over."
Meanwhile. J WaS delivering papers every day as
thollgh ) really had the rOllte. M. had taken my
recommendations to the ci rculation m anager . She
says she told him : "This is about Barbara Fisher ,
my daugh ter . But rm not asking you to change
your ru les because she's my daughler. I'm asking
you to change them because Ihey arc d iscri mi natory and wrong,"
I bet she really m ade an impression on him. I
know I couldn't talk li ke tha i.
Bllt all tI,e circulation m anager said was. '']'m
SOffy. Marian, bu t a rule's a ru le . Tell your liLLie giTI
not 10 take it personally."
~
El
»
~
~
o
o
~
~
~
'"
~
{:.
"C
I
,.
R Custonl c rs Also Bought
r.\ You r Browsing History
Baoks c usto me/'S ahic bought !:ould
not be re trieved
A-1592
Case 1:05-cv-08136-DC Document 1075-19
Filed 08/26/13 Page 1 of 3
EXHIBIT 19
A-1593
Case 1:05-cv-08136-DC Document 1075-19
6/11/12
6/11/12
Filed 08/26/13 Page 2 of 3
Amazon.com
L
e
Add to Widtet
Add I.e VJidge(
,s\dd to aStiJre
Add to a5tore
JOSEPHs Amazon.com
JOSEPH's /tmazon.com
by
Shop by
Department
Today's Deals
TodaVs
Cards
Gift Cards
Help
Search
Search
Go
Hello, JOSEPH
Hello. JOSEPI-1
Accou nt
Your Account
()
Q
Cart
IJ\ilsh
Vtish
List
Search Insides Publisher Signup
To get started in the Search Inside the Book program, you must be the exclusive rights holder (including copyright and marketing/promotion
started in the Search Inside the Book program,
be the exclusive
holder (including copyright and marketing/promotion
To
of the titles you wish to submit to our Search Inside the Book program.
rights) of the titles you wish to submit to our Search Inside the Book program.
Once
is
you will see complete submission instructions.
Once this form is submitted, you will see complete submission instnuctions.
Search Inside the Book Participation Agreement
Welcome to
Search Inside the Book program
"Program"), which enables visitors to any Amazon Property (as defined below) to view,
Welcome to the Search Inside the Book program (the 'Program'), which enables visitors to any Amazon Property (as defined below) to view,
"page browse" through your Books. Before you may participate in the Program, you must review and agree to this agreement. Please
search, and 'page browse through your Books. Before you may participate in the Program, you must review and agree to this agreement. Please
indicate your acceptance by checking the "I Agree" on on online sign-up form page. BY BY REGISTERING FOR OR OTHERWISE USING THE
indicate your acceptance by checking the 'I Agree" boxbox the the online sign-up form page.REGISTERING FOR Oft OTHERWISE USING THE
PROGRAM, YOU, ON BEHALF OF YOURSELF AND ANY ENTITY
REPRESENT, AGREE TO BE BOUND BY ALL TERMS AND CONDITIONS OF THIS
PROGRAM, YOU, ON BEHALF OF YOURSELF AND ANY ENTITY YOU REPRESENT, AGREE TO BE BOUND BY ALL TERMS AND CONDITIONS OF THIS
AGREEMENT, AND YOU REPRESENT AND WARRANT THAT YOU HAVE THE AUTHORITY TO EXECUTE THIS AGREEMENT ON BEHALF OF THE ENTITY
AGREEMENT, AND YOU REPRESENTAND WARRANT THAT YOU HAVE THE AUTHORITY TO EXECUTE THIS AGREEMENTON BEHALF OF THE ENTITY
YOU REPRESENT AND BIND THE ENTITY TO THE TERMS OF THIS AGREEMENT.
REPRESENT AND BIND THE
TO THE TERMS OF THIS AGREEMENT.
You agree that Amazon Services LLC and its Affiliates (meaning those entities that are controlled by, in control of, or under common control with
You agree that Amazon Services LLC and its Affiliates (meaning those entities that are controlled by, in control of,
common control with
Amazon Services LLC) (collectively, "Amazon.com", ''we'' or us') may include your books offered through the Amazon Properties ("Books") in the
Amazon Services LLC) (collectively, 'Amazon.com', we' or "us") may include your books offered through the Amazon Properties ("Books") in
Program. Accordingly, you hereby
permission to Amazon.com, on a nonexciusive basis, for each of your Books, to undertake the limited
Program. Accordingly, you hereby grant pennission to Amazon.com, on a nonexclusive basis, for each of your Books, to undertake the limited
promotional activities described below:
promotional activities described below:
We may reproduce the entirety of each Book in digital farm on one or more corrputer facilities of or under the leased or Similar control
1. We may reproduce the entirety of each Book in digital form on one or more computer facilities of or under the leased or similar control of
Amazon.com or its independent
Amazon.com or its independent contractors.
2. We may allow visitors to any Amazon Property to view, search and "page browse" such digital reproductions of the Books. We may also display
any Amazon Property
search and "page
reproductions
Books. We
also display
We may allow visitors
from the Books
Amazon Properties, and a visitor
the Amazon Properties will be able to
excerpts from the Books on the Amazon Properties, and a visitor to the Amazon Properties will be able to use queries to locate, select, and display
queries to locate, select, and
short excerpts that include the search terms. The queries would locate, select and display such excerpts for every occurrence of the search
excerpts that include the search terms. The queries would locate, select and display such excerpts for every occurrence of the search
terms. A visitor will be able to view aalimited number of pages within aaBook during any single session.
A visitor will be able to view limited number of pages within Book during any single session.
3. We may use digital copies of your Books to extract factual information from your Books, such as character names, and display such information
Books to
factual infonmation from your Books, such as character names, and display such information
We may use digital copies
to visitors to any Amazon Property.
visitors to any Amazon Property.
An "Amazon Property" means any of the following websites:
the web site whose primary home
Is
at www.amazon.com (and any
An "Amazon Property" means any of the following websites: (a) the web site whose primary home page is located at www.amazon.com (and any
(b) any
successor or replacement web site) and any "mirrored" version of the Site which substantially replicates the site or a portion thereof, (b) any
replacement web site) and any "mirrored" version of the site which substantially replicates the site a portion
web sites maintained
us (including,
nat limited to, www.amazon.ca, www.amazon.co.uk, www.shelfarLcom and
other web sites maintained by or for us (including, but not limited to, www.arnazon.ca, www.amazon.co.uk, www.shelfari.com and
www.abebooks.com) and any co-branded web site thereof, that are targeted at countries for which you have appropriate publishing and
www.abebooks.com) and any co-branded web site thereof, that are targeted at countries for which you have appropriate publishing and
as indicated to us by you in accordance with our program procedures,
any other web site or online point of presence on
distribution rights, as indicated to us by you in accordance with our program procedures, (c) any other web site or online point of presence on
Amazon.com makes products or services available for discovery, (d) any site with web page widget or other web
any platform through which Amazon.com makes products or services available for discovery, (d) any site with aaweb page widget or other web
page real estate, any application for use on mcbile devices, or online point of presence maintained by or for us that enables the Program
page real estate, any application for use on mobile devices, or online point of presence maintained by or for us that enables the Program
and allows for the discovery and purchase
products from
(e) any other online point of presence or web site that you
functionality and allows for the discovery and purchase of products from us, and (e) any other online point of presence or web site that you
approve
treatment as an Amazon Property at our request, such approval not to be unreasonably withheld.
approve for treatment as an Amazon Property at our request, such approval not to be unreasonably withheld.
We may cause such transmission, reproduction, and other use
Books as mere technological incidents to and
limited purpose of
We may cause such transmission, reproduction, and other use of the Books as mere technological incidents to and for the limited purpose of
technically enabling the foregoing (such as caching to enable display).
enabling
foregoing (such as caching to enable display).
each Book.
Amazon.com will employ available technologies to hinder downloading of the
Amazon.com will errploy available technologies to hinder downloading of the displayed portions of each Book.
us permission to reproduce,
display, transmit, and use the Books as outlined in this Agreement, we are not obligated to
Although
Although you grant us permission to reproduce, store, display, transmit, and use the Books as outlined in this Agreement, we are not obligated to
exercise this
make no prorrise or representation that we
exercise this right
respect to any particular Book
every portion of
exercise this right and make no prorrlse or representation that we will exercise this right with respect to any particular Book or every portion of
each Book.
Book.
You represent and warrant that you have the right to grant the pernission set forth in in this agreement, and you will indemnify andhold us
you have the right to grant the perrrlssion set forth this agreement, and you will indemnify and hold us
You represent and warrant
arising
of this representation
harmless from all claims, damages, and expenses (including, without limitation, attomeys';
harmless from all claims, damages, and expenses (including, without limitation, attomeys'; fees) arising from your breach of this representation
and
and warranty.
The permission granted by this agreement will continue for a period of three (3) years from the date of your acceptance of this agreement (which
The permission granted by this agreement will continue for a period of three (3) years from the
of this agreement (which
"I Agree" box on the online sign-up form page)
renew automatically for
periods from each
indicate by checking
you indicate by checking the 'I Agree" box on the online sign-up form page) and will renew automatically for one-year periods from each
given by
in writing more
ninety (90) business
such expiration
In the
anniversary
unless
anniversary thereof, unless notice is given by either party in writing more than ninety (90) business days prior to such expiration date. In the
event that either party delivers such notice, you may provide Amazon.com with a list of the Books you wish Amazon.com to remove from the
that either party delivers such notice, you may provide Amazon.com
of the Books
wish Amazon.com to remove from the
Program (which list will include, but not be limited to, title, author, ISBN, and binding of each Book). Upon yoUr delivery of this list, we will use
each Book). Upon your delivery of this list, we
use
Program (which list will include, but not be limited to, title, author, ISBN, and binding
commercially reasonable efforts
remove
Books
list from the Program.
commercially reasonable efforts to remove the Books on such list from the Program.
limits
Amazon.com may have to reproduce, display, distribute, and
use
Books
Nothing herein restricts
Nothing herein restricts or otherwise limits any rights Arnazon.com may have to reproduce, display, distribute, and otherwise use the Books as
provided under applicable law or any other permission from you. You agree that all nonpublic information you receive from us regarding the
provided under applicable law or any other permission from you. You agree that all nonpublic information you receive from us regarding the
Program is confidential, and you will not disclose such confidential information to
party. Your sole and exclusive remedy
a breach of
Programis confidential, and you will not disclose such confidential information to any third party. Your sole and exclusive remedy for a breach of
agreement is to discontinue the Program
respect to your Books. This agreement is the entire agreement between you and Amazon with
this agreement is to discontinue the Program with respect to your Books, This agreement is the entire agreement between you and Amazon with
to the Program, and supersedes all prior agreements and discussions
respect to the Program.
respect to the Program, and supersedes all prior agreements and discussions with respect to the Program.
We may amend this agreement at any time and solely at our discretion. Any changes to this agreement will be effective upon posting of the
We may amend this agreement at any time and solely at our discretion. Any changes to this agreement will be effective upon posting of the
revisions on the Amazon Property where it was originally posted, www.amazon.com/searchinside. All notice of changes to this Agreement will be
revisions on the Amazon Property where it was originally posted, www.amazon.com/searchinside. All notice of changes to this Agreement will be
for thirty (30) days. You are responsible for reviewing the notice and any applicable changes. YOUR CONTINUED PARTICIPATION
posted for thirty (30) days. You are responsible for reviewing the notice and any applicable changes. YOUR CONTINUED PARTICIPATION IN THE
THE
PROGRAMAFTER AMAZON.COM'S POSTING OF ANY CHANGES WILL CONSTITUTE YOUR ACCEPTANCE OF SUCH CHANGES OR MODIFICATIONS.
PROGRAM AFTER AMAZON.COM'S POSTING OF ANY CHANGES WILL CONSTITUTE YOUR ACCEPTANCE OF SUCH CHANGES OR MODIFICATIONS.
You agree to the terms of the Participation Agreement:'"
agree to the terms the
Agreement:*
I1J I agree
agree
You are the rights holder of the titles you plan to submit:*
are the rights
of the titles
to submit:*
https://www.amazon.com/gp/html_forms_controller/SITB_Pub_Signup_Form?ie=UTF8&*Version*1 &*en...
hUps:/Iwww.amazon.com/g p/html-forms-controlierISITB_Pub_ Signup_Form?ie=UTF8&*Version*=1 &*en."
1/2
1/2
A-1594
Case 1:05-cv-08136-DC Document 1075-19
6/11/12
6/11/12
Filed 08/26/13 Page 3 of 3
Amazon.com
EJ Yes
Nanle*
Name*
Professional Title
Publishing Company Name*
Address Line 1*
Line 1*
line 2
Address line 2
City *
City*
State/Province/Region*
State/Province/Region*
Zip/Postal Code*
Zip/Postal Code"
Country *
Country"
Email Address*
Email Address"
Professional Email Address Cif different)
Email Address (if different)
Telephone Number (including area code)"
Number (including area code)*
Book Distributor (optional)
* indicates required field
" indicates required field
ubmi
k~i_
https://www.amazon.com/gp/html_forms_controller/SITB_Pub_Signup_Form?ie=UTF8&*Version*=1 &*en...
hUps:/Iwww.amazon.com/gp/html-forms-controlierISITB_Pub_Signup_Form?ie=UTF8&*Version*=1 &*en ..
2/2
A-1595
Case 1:05-cv-08136-DC Document 1075-20
Filed 08/26/13 Page 1 of 7
EXHIBIT 20
A-1596
Case 1:05-cv-08136-DC Document 1075-20
Filed 08/26/13 Page 2 of 7
Page 1
1
**C 0 N F l DEN T I A L**
2
UNITED STATES DISTRI CT COURT
3
SOUTHERN DISTRICT OF NEW YORK
4
--------------------------------------X
5
THE AUTHORS GUILD ,
et al. ,
6
Plaintiffs,
7
-
8
aqainst-
Master File No.
05 CV 8136-DC
9
10
11
GOOGLE,
INC.,
12
13
Defendant.
--------------------------------------X
14
15
June 8,
20 1 2
16
9:30 a . m.
17
18
Deposition of JUDITH A.
CHEVALIER,
19
held at the offices of Milberg,
LLP,
20
Penn Plaza,
pursuant to
21
Agreement,
22
Public of the State of New York.
New York , New York,
before NANCY SORENSEN,
One
a Notary
23
24
25
VERl TEXT REPORTING CO MPAKY
2 12-279-9424
www.veritext.com
212-490-3430
A-1597
Case 1:05-cv-08136-DC Document 1075-20
Filed 08/26/13 Page 3 of 7
Page 125
Cheval:ier
1
J.A.
2
new go o ds ;
C ON F I D E N T I
A L
is that right?
3
A.
Correct.
4
Q.
So this :is,
aga:in,
your analysis here
5
is part of the economic theory involving the
6
development of new goods?
7
A.
We can take a break for
MS.
ZACK ,
MR.
8
9
Correct .
McGOWAN :
lunch.
10
Before we do that,
11
me note for the record,
12
let
y o u asked for is Google 05004751.
13
14
MS .
that ' s
15
ZACK:
I
the document number
know what that is ,
so
the big long list .
(Luncheon recess:
12,26 p . m . )
16
17
18
19
20
21
22
23
24
25
VERl TEXT REPORTING CO MPAKY
2 12-279-9424
www.veritext.com
212-490-3430
A-1598
Case 1:05-cv-08136-DC Document 1075-20
Filed 08/26/13 Page 4 of 7
Page 126
J.A.
1
Cheval:i.er
C ON F IDE N T I
AFT ERN 0 0 N
2
(Time noted :
3
U D I T H
A.
ION
S E S S
1 : 15 p.m.)
C H E V A L I E R,
4
J
5
CONTINUED EXAMINATION
7
BY
resumed
and testified as follows:
6
A L
ZAeK:
8
Q.
9
report,
Referring you to page 9 of your
please?
You have discussion throughout
10
this section ab o ut Go ogle Books as a
11
complement,
not substitute?
12
A.
Correct.
13
Q.
And which y o u talk about the fact
14
that books get noticed, etcetera --
15
A.
Correct .
16
Q.
-- through Google Books ,
11
that's a benef:i.t.
18
and that
You conclude that's a benef:i.t
to authors ; right?
19
A.
Correct .
20
Q.
That benefit is virtually exclusive
21
22
to in-print authors ;
A.
correct?
I wouldn't say that.
I
think
23
in-print authors will benefit more , but
24
out-af-print authors may benefit under certain
25
circumstances.
VERl TEXT REPORTING CO MPAKY
2 12-279·9424
www.veritext.com
212-490·3430
A-1599
Case 1:05-cv-08136-DC Document 1075-20
Filed 08/26/13 Page 5 of 7
Page 127
1
J.A.
2
Cheval:i.er
Q.
CON F IDE N T I
A L
Can you tell me those circumstances
3
in which you think they'll benefit,
4
way Google Books works?
A.
5
Yes.
So I
given the
think they will benefit in
number of circumstances.
One would be if ,
6
a
7
even thouqh some of the authors'
8
of print and some of the books -- if in
9
circumstances where some of the authors'
books are out
hooks
10
are out of print and other of the authors'
11
are in print,
12
discover a
13
Books ,
14
those authors .
consumers may,
you know,
books
if they
book they're interested in via Google
that might lead them to other books by
It may lead them to other books on
15
16
the same topic,
probably benefitting different
11
authors.
think a1so,
18
mechanisms and those mechanisms,
19
becoming more relevant in the marketplace, where
20
if consumers,
21
you know , there are used hooks on Amazon that
22
are selling for very high prices because there's
23
a demand for the hook to come back into print .
there are some
I
think,
are
say , buy used books on Amazon and,
There may be circumstances i n wh i ch,
24
25
But I
y o u kn o w , a book could be driven back into print
VERl TEXT REPORTING CO MPAKY
2 12-279·9424
www.veritext.com
212-490·3430
A-1600
Case 1:05-cv-08136-DC Document 1075-20
Filed 08/26/13 Page 6 of 7
Page 128
1
2
3
4
5
J.A .
Cheval:i.er
C ON F I D E N T I
A L
by consumer demand.
Q.
That's true whether there is or isn't
Google Books ;
A.
isn ' t
it?
That's true whether there is or there
6
isn't Google Books, but i t ' s my testimony that
7
Google Books helps drive consumer demand for
8
books.
9
Q.
So if consumers are buying used books
10
on Amazon,
11
new books by those authors?
12
A.
that helps drive consumer books for
I ' m saying that -- I
13
two distinct things.
14
said,
I
think,
other books by the same author .
And,
15
The consumer may look f o r
you know , when consumers buy
16
used books on Amazon,
11
when i t becomes apparent that there's a
18
demand for a used book,
19
bringing the book back into print .
20
21
22
Q.
you know,
lot of
that may assist in
How does the author know if there's a
lot of demand for a
A.
when used books,
Well,
used book on Amazon?
for example,
the price at which
23
the book is selling in the Amazon Marketplace,
24
reflects the,
25
the bo o k.
ref l ects the supply and demand o f
VERl TEXT REPORTING CO MPAKY
2 12-279·9424
www.veritext.com
212-490·3430
A-1601
Case 1:05-cv-08136-DC Document 1075-20
Filed 08/26/13 Page 7 of 7
Page 129
1
J.A.
Cheval:i.er
2
Q.
Right,
CON F I D E N T I
so i t could have a
3
because i t ' s in rare supply,
4
mean there's a
A.
5
A L
high price
but that doesn ' t
lot of demand;
does it?
If there's a high price for the book,
6
and,
7
seller posted a high price for the b o ok and
8
never sells it, but if transactions are taking
9
place at a high price,
10
you know ,
I
suppose i t ' s possible that a
that means that there's
high demand relative t o supply.
11
Q.
12
publishers?
13
A.
An author c o uld easily lo o k
14
Q.
Could easily look i t up where?
15
Is that reported to authors or
that up.
Have
you looked i t uP?
A.
16
Yes,
so i f you go to Amazon and you
11
look at Amazon Marketplace,
18
I
19
author doing this for other book sellers too,
20
would look at the copies of my used book,
21
the prices that they're selling for.
22
23
24
25
would do this,
Q.
I
you would see -- and
would advise,
ff
I were an
I
and
Does that functionality tell you the
prices that -- the actual sales prices?
A.
So i t tells you the prices that
sellers have posted.
If you ,
if you were t o,
VERl TEXT REPORTING CO MPAKY
2 12-279·9424
www.veritext.com
212-490·3430
A-1602
Case 1:05-cv-08136-DC Document 1076
Filed 08/26/13 Page 1 of 3
A-1603
Case 1:05-cv-08136-DC Document 1076
Filed 08/26/13 Page 2 of 3
A-1604
Case 1:05-cv-08136-DC Document 1076
Filed 08/26/13 Page 3 of 3
A-1605
Case 1:05-cv-08136-DC Document 1077
Filed 08/26/13 Page 1 of 34
DURIE TANGRI LLP
DARALYN J. DURIE (Pro Hac Vice)
ddurie@durietangri.com
JOSEPH C. GRATZ (Pro Hac Vice)
jgratz@durietangri.com
DAVID McGOWAN (Pro Hac Vice)
dmcgowan@durietangri.com
GENEVIEVE P. ROSLOFF (Pro Hac Vice)
grosloff@durietangri.com
217 Leidesdorff Street
San Francisco, CA 94111
Telephone: 415-362-6666
Facsimile:
415-236-6300
Attorneys for Defendant
Google Inc.
IN THE UNITED STATES DISTRICT COURT
FOR THE SOUTHERN DISTRICT OF NEW YORK
THE AUTHORS GUILD, INC., Associational
Plaintiff, BETTY MILES, JOSEPH
GOULDEN, and JIM BOUTON, on behalf of
themselves and all other similarly situated,
Plaintiffs,
Civil Action No. 05 CV 8136 (DC)
v.
GOOGLE INC.,
Defendant.
GOOGLE INC.’S RESPONSES AND OBJECTIONS TO PLAINTIFFS’
STATEMENT OF UNDISPUTED FACTS IN SUPPORT OF THEIR
MOTION FOR PARTIAL SUMMARY JUDGMENT
A-1606
Case 1:05-cv-08136-DC Document 1077
Filed 08/26/13 Page 2 of 34
Defendant Google Inc. (“Google”), by its attorneys, and pursuant to Local Rule 56.1,
respectfully submits the following Response to Plaintiffs’ Statement of Material Facts. Facts
designated “Undisputed” are facts Google has elected not to dispute for purposes of Plaintiffs’
Motion for Partial Summary Judgment in this matter, and do not constitute admissions.
1.
Representative plaintiff Jim Bouton holds the United States copyright in BALL
FOUR (registration number A173097). See Copy of U.S. Copyright Registration No. A173097
for JIM BOUTON, BALL FOUR (Declaration of Joanne Zack in Support of Plaintiffs’ Motion for
Partial Summary Judgment (hereinafter “Zack SJ Decl.”) Ex. 1).
Response:
Undisputed that Bouton is the legal or beneficial owner of the identified
copyright.
2.
Representative plaintiff Betty Miles holds the United States copyright in THE
TROUBLE WITH THIRTEEN (registration number TX0000338841). See Copy of U.S. Copyright
Registration No. TX0000338841 for BETTY MILES, THE TROUBLE WITH THIRTEEN (Zack SJ
Decl. Ex. 2).
Response:
Undisputed that Miles is the legal or beneficial owner of the identified
copyright.
3.
Representative plaintiff Joseph Goulden holds the United States copyright in THE
SUPERLAWYERS: THE SMALL AND POWERFUL WORLD OF THE GREAT WASHINGTON LAW FIRMS
(registration number A346254). See Copy of U.S. Copyright Registration No. A346254 for
JOSEPH GOULDEN, THE SUPERLAWYERS: THE SMALL AND POWERFUL WORLD OF THE GREAT
WASHINGTON LAW FIRMS (Zack SJ Decl. Ex. 3).
Response:
Undisputed that Goulden is the legal or beneficial owner of the identified
copyright.
2
A-1607
Case 1:05-cv-08136-DC Document 1077
4.
Filed 08/26/13 Page 3 of 34
Each of the books identified in Nos. 1-3 above has been copied and displayed by
Google in its Library Project without plaintiffs’ permission. See Print-outs from Google’s
website displaying search results in JIM BOUTON, BALL FOUR (Zack SJ Decl. Ex. 4); Print-outs
from Google’s website displaying search results for the term “pitch” in JIM BOUTON, BALL FOUR
(Zack SJ Decl. Ex. 5); Print-outs from Google’s website displaying search results for the term
“pitches” in JIM BOUTON, BALL FOUR (Zack SJ Decl. Ex. 6); Print-outs from Google’s website
displaying search results in BETTY MILES, THE TROUBLE WITH THIRTEEN (Zack SJ Decl. Ex. 7);
Print-outs from Google’s website displaying search results in JOSEPH GOULDEN, THE
SUPERLAWYERS: THE SMALL AND POWERFUL WORLD OF THE GREAT WASHINGTON LAW FIRMS
(Zack SJ Decl. Ex. 8); Defendant Google Inc.’s Responses and Objections to Plaintiffs First Set
of Requests for Admission (hereinafter “Google Admissions”) at 11 (Zack SJ Decl. Ex. 27).
Response:
Undisputed that each of the books identified in Nos. 1-3 above has been
scanned by Google in its Library Project without plaintiffs’ permission, and that the cited printouts reflect the display of snippets from the identified books.
5.
Google had distributed approximately
-
scanned books to the partnering
libraries, as of March 26, 2012. See Zack SJ Decl. Ex. 9 (excerpts from spreadsheet produced by
Google to plaintiffs on March 26, 2012).
Response:
Undisputed that libraries chose to download approximately
-
scanned books as of March, 26, 2012 using the GRIN system. Disputed that the creation and
maintenance of the GRIN system by Google constitutes distribution on the part of Google, since
Google does not create or distribute the electronic copies that libraries make. Decl. Stephane
Jaskiewicz Supp. Def. Google Inc.’s Mot. Summ. J., ECF No. 1041 (“Jaskiewicz Decl.”) ¶¶ 6-9.
3
A-1608
Case 1:05-cv-08136-DC Document 1077
6.
Filed 08/26/13 Page 4 of 34
Digital copies of BALL FOUR and SUPERLAWYERS have been distributed to the
library: BALL FOUR on July 20, 2010, and SUPERLAWYERS twice, on
July 29, 2009, and November 16, 2010. See id.
Response:
Undisputed that the
chose to download BALL
FOUR and SUPERLAWYERS using the GRIN system. Disputed that the creation and maintenance
of the GRIN system by Google constitutes distribution on the part of Google, since Google does
not create or distribute the electronic copies that libraries make. Jaskiewicz Decl. ¶¶ 6-9.
7.
The Authors Guild, Inc. is the nation’s largest organization of published authors.
Print-out from http://www.authorsguild.org/about/history.html (Zack SJ Decl. Ex. 10).
Response:
8.
Undisputed.
The Authors Guild advocates for and supports the copyright and contractual
interests of published writers. Id.
Response:
9.
Undisputed.
Defendant Google Inc. (“Google”) owns and operates the largest Internet search
engine in the world. See Print-out from http://investor.google.com/corporate/faq.html (“Google
is now widely recognized as the world’s largest search engine.”) (Zack SJ Decl. Ex. 11, p.1).
Response:
10.
Undisputed.
Each day, millions of people use Google’s search engine free of charge, while
commercial and other entities pay to display ads to visitors to Google’s websites and other
websites that contain Google ads. See Google Dec. 14, 2004 press release, “Google Checks Out
Library Books,” p.2 (Zack SJ Decl. Ex. 12).
Response:
Undisputed.
4
A-1609
Case 1:05-cv-08136-DC Document 1077
11.
Filed 08/26/13 Page 5 of 34
For the year ended December 31, 2011, Google reported over $36.5 billion in
“advertising revenues.” 2011 Google Form 10-K, p.56 (Zack SJ Decl. Ex. 13).
Response:
12.
Undisputed.
For the year ended December 31, 2010, Google reported over $29 billion in
revenue generated “primarily by delivering relevant, cost-effective online advertising.” See 2010
Google Form 10-K, p.3 (Zack SJ Decl. Ex. 14).
Response:
13.
Undisputed.
In October 2004, Google first announced its digital books program, calling it
Google Print. See GOOG000101103 (noting that Google Print was launched on October 6,
2004) (Zack SJ Decl. Ex. 15); see also Transcript of deposition of Daniel Clancy taken February
10, 2012 (hereinafter “Clancy Dep.”) at 93-94 (Zack SJ Decl. Ex. 16).
Response:
Undisputed that Google announced a digital books program called
“Google Print" involving the hosting and display of material provided by book publishers or
other rightsholders in October 2004. As outlined in the cited document, however, “Google
Print” involved only the hosting and display of material provided by book publishers or other
rightsholders, not the scanning of books from the collections of libraries. See Zack SJ Decl. Ex.
15 at GOOG000101103 (discussing deals with publishers, not libraries).
14.
Google Print later became Google Books. Clancy Dep. at 94 (Zack SJ Decl. Ex.
16).
Response:
Undisputed that Google Print, which involved the hosting and display of
material provided by book publishers or other rightsholders, became the “Partner Program”
portion of Google Books. However, “Google Print” involved only the hosting and display of
material provided by book publishers or other rightsholders, not the scanning of books from the
5
A-1610
Case 1:05-cv-08136-DC Document 1077
Filed 08/26/13 Page 6 of 34
collections of libraries. See Zack SJ Decl. Ex. 15 at GOOG000101103 (discussing deals with
publishers, not libraries).
15.
Google’s Partner Program together with Google’s Library Project comprise the
Google Books program. Id.
Response:
16.
Undisputed.
Works in the Partner Program are displayed with permission of the rightsholder.
Clancy Dep. at 215 (Zack SJ Decl. Ex. 16); Google Books Partner Program Standard Terms and
Conditions (hereinafter “Terms and Conditions”) 2-3 (Zack SJ Decl. Ex. 17).
Response:
17.
Undisputed.
Since 2004, the Partner Program has allowed publishers and other rightsholders to
permit Google to display their works in exchange for a split of ad revenue. GOOG000101103
(Zack SJ Decl. Ex. 15); Clancy Dep. at 93 (Zack SJ Decl. Ex. 16).
Response:
Undisputed that Google shared revenue from ads shown next to full pages
of books with the publishers or other rightsholders who asked that Google host the books for
them. However, not all publishers chose to display ads in connection with their books, and
Google has stopped displaying ads next to full pages of books in the Partner Program. Decl.
Scott Dougall Opp’n Plas.’ Mot. Partial Summ. J. (“Dougall Opp’n Decl.”) ¶¶ 5-8.
18.
The Partner Program is aimed at “help[ing] publishers sell books” and “help[ing]
books become discovered,” while “adding authoritative content” to Google’s website. Transcript
of the deposition of Thomas Turvey taken February 17, 2012 (hereinafter “Turvey Dep.”) at 1819 (Zack SJ Decl. Ex. 18).
6
A-1611
Case 1:05-cv-08136-DC Document 1077
Response:
Filed 08/26/13 Page 7 of 34
Undisputed, except that the cited passage indicates that the purpose was
“[a]dding authoritative content” to “Google’s search results,” not to “Google’s website” in
general. Zack SJ Decl. Ex. 18 (Turvey Dep.) at 19:7-17.
19.
To participate in the program, rightsholders enter into a contract with Google and
send a printed copy of their books to Google for scanning (or provide Google with an existing
digital copy). Clancy Dep. at 215 (Zack SJ Decl. Ex. 16); Terms and Conditions 2-3 (Zack SJ
Decl. Ex. 17).
Response:
20.
Undisputed.
Partners decide “how much of the book is browsable” on Google, “anywhere
from a few sample pages to the whole book.” See Print-out from
http://support.google.com/books/bin/answer.py?hl=en&answer=43729/ (Zack SJ Decl. Ex. 19).
Response:
21.
Undisputed.
Google agrees to share with its partners a portion of the revenue it earns from ads
shown next to pages of books searched in the Partner Program. Turvey Dep. at 31 (Zack SJ
Decl. Ex. 18); Terms and Conditions 8 (Zack SJ Decl. Ex. 17).
Response:
Undisputed that Google shared revenue from ads shown next to full pages
of books with the publishers or other rightsholders who asked that Google host the books for
them. However, not all publishers chose to display ads in connection with their books, and
Google stopped displaying ads in connection with any books in 2011. Dougall Opp’n Decl. ¶¶
5-8.
22.
During 2004, Google entered into dozens of contracts with publishers covering
tens of thousands of books. GOOG000101103 (Zack SJ Decl. Ex. 15).
Response:
Undisputed.
7
A-1612
Case 1:05-cv-08136-DC Document 1077
23.
Filed 08/26/13 Page 8 of 34
By 2004 year end, Google had received nearly
-
books for the Partner
Program, even though Google’s extensive outreach efforts focused almost exclusively on
publishers, with little or no attempt to sign up authors. Id.; Turvey Dep. at 76-80 (Zack SJ Decl.
Ex. 18); Clancy Dep. at 93 (Zack SJ Decl. Ex. 16).
Response:
24.
Undisputed.
As of early 2012, the Partner Program included approximately 2.5 million books,
by permission of approximately 45,000 rightsholders, with the number of partners continuing to
grow. Turvey Dep. at 32 [sic] (Zack SJ Decl. Ex. 18).
Response:
25.
Undisputed.
Google publicly announced a new program in December 2004, stating that it had
entered into agreements with four university libraries (Harvard, Stanford, the University of
Michigan, and Oxford) and the New York Public Library to “digitally scan books from their
collections so that users worldwide can search them in Google.” Dec. 14, 2004 Google press
release, “Google Checks Out Library Books” (Zack SJ Decl. Ex. 12, p.l).
Response:
26.
Undisputed.
Google refers to the endeavor identified above in No. 25 as its Library Project.
Clancy Dep. at 33-34 (Zack SJ Decl. Ex. 16); June 6, 2007 Google press release, “Committee on
Institutional Cooperation (CIC) Joins Google’s Library Project” (Zack SJ Decl. Ex. 20).
Response:
27.
Undisputed.
Since its December 2004 announcement, Google has entered into agreements with
additional libraries (such as the Library of Congress, University of Texas at Austin, University of
Virginia, University of Wisconsin-Madison, Columbia University, Cornell University, Princeton
University, University of California, and the Committee on Institutional Cooperation (a
8
A-1613
Case 1:05-cv-08136-DC Document 1077
Filed 08/26/13 Page 9 of 34
consortium of twelve research universities)). June 6, 2007 Google press release, “Committee on
Institutional Cooperation (CIC) Joins Google’s Library Project” (Zack SJ Decl. Ex. 20); Zack SJ
Decl. Ex. 23 (compilation of agreements between Google and the various libraries, hereinafter
“Library Agreements”).
Response:
28.
Undisputed.
Google has also developed and patented scanning technology that allows library
books to be copied. Clancy Dep. at 14, 211 (Zack SJ Decl. Ex. 16).
Response:
29.
Undisputed.
Google has used this technology to copy the entirety of over twenty million
books. See id. at 30; Declaration of Daniel Clancy in Support of Google Inc.’s Opposition to
Plaintiffs’ Motion for Class Certification (hereinafter “Clancy Decl.”) 4 (Zack SJ Decl. Ex. 21).
Response:
30.
Undisputed.
In exchange for access to a library’s print books, Google distributes digital copies
of the scanned books to the contributing library. See Print-out from
http://support.google.com/books/bin/answer.py?hl=en&answer=43751 (“Each library will
receive a digital copy of every book we scan ... from their respective collections.”) (Zack SJ
Decl. Ex. 22); Clancy Dep. at 44-45 (Zack SJ Decl. Ex. 16).
Response:
Undisputed that a library can download a digital copy of each book
Google scanned from its collection using the GRIN system. Disputed that the creation and
maintenance of the GRIN system by Google constitutes distribution on the part of Google, since
Google does not create or distribute the electronic copies that libraries make. Jaskiewicz Decl.
¶¶ 6-9.
9
A-1614
Case 1:05-cv-08136-DC Document 1077
31.
Filed 08/26/13 Page 10 of 34
--
To carry out its scanning en masse, Google set up scanning facilities
, as well as in
Clancy Dep. at 180-81 (Zack SJ Decl. Ex. 16).
Response:
and
.
Undisputed.
32.
.
Response:
Undisputed.
33.
Response:
34.
Undisputed.
Google engaged in “bulk scanning,” with libraries providing “carts of books” for
Google to scan. Id. at 15, 103.
Response:
Undisputed, except that Google also refrains from scanning books as to
which a rightsholder has requested that Google exclude the book from the program. Clancy
Decl. ¶ 11.
35.
Google’s scanning operations involved approximately
machines, and reached an annual budget of
--
for the scanning alone. Id. at 84-
85, 179.
Response:
-
36.
scanning
Undisputed.
Some libraries (e.g.,
) allowed Google to scan only public domain works, while others (e.g.,
10
A-1615
Case 1:05-cv-08136-DC Document 1077
Filed 08/26/13 Page 11 of 34
)
allowed Google to scan in-copyright works as well. See generally Library Agreements (Zack SJ
Decl. Ex. 23); Clancy Dep. at 19 (“
”).
Response:
Undisputed.
37.
Response:
Undisputed.
38.
Response:
Undisputed that
. However, human operators do examine the
contents of books to determine whether the book should be placed in “snippet view.” Clancy
Decl. ¶ 11.
39.
. See Transcript of the deposition of Kurt Groetsch
(hereinafter “Groetsch Dep.”) at 27-31 (Zack SJ Decl. Ex. 24); Transcript of the deposition of
Stephane Jaskiewicz (hereinafter “Jaskiewicz Dep.”) at 16-17 (Zack SJ Decl. Ex. 25); Clancy
Dep. at 182-87 (Zack SJ Decl. Ex. 16).
Response:
Undisputed.
11
A-1616
Case 1:05-cv-08136-DC Document 1077
40.
Filed 08/26/13 Page 12 of 34
Each book copied by Google as part of its Library Project was copied by Google
in its entirety multiple times. Jaskiewicz Dep. at 22-29 (Zack SJ Decl. Ex. 25); Defendant
Google Inc.’s Supplemental Narrative Responses and Objections to Plaintiffs’ Second Request
for Production of Documents and Things (hereinafter “Supplemental Narrative”) at 5-6 (Zack SJ
Decl. Ex. 26); Google Admissions at 8 (Zack SJ Decl. Ex. 27).
Response:
Undisputed that Google “creates and maintains, as necessary for its fair
uses, more than one copy of the books it scans from library collections.” Google Admissions,
Response No. 10 (Zack SJ Decl. Ex. 27).
41.
Google maintains digital copies of each book it copied as part of its Library
Project on its servers and on back-up tapes. Jaskiewicz Dep. at 22-29, 69 (Zack SJ Decl. Ex. 25).
Response:
42.
Undisputed.
In response to search inquiries by users of its search engine, Google searches the
complete text of books copied in its Library Project. Id. at 45-46; Supplemental Narrative at 8
(Zack SJ Decl. Ex. 26); Google Admissions at 11 (Zack SJ Decl. Ex. 27).
Response:
Undisputed, except that Google does not search the text of books scanned
but later excluded by request of a rightsholder. Clancy Decl. ¶ 11.
43.
Since 2005, pursuant to uniform rules of its own devising, Google has displayed
verbatim expression from these books on the Internet in response to search requests by users of
its search engine. See Google Admissions at 10 (Zack SJ Decl. Ex. 27); Supplemental Narrative
at 11-12 (Zack SJ Decl. Ex. 26).
Response:
Undisputed that, as stated in the cited documents, Google has displayed
“snippets” from millions of books in response to queries entered by users, but has not displayed
snippets from books which are not in “snippet view” or “full view.”
12
A-1617
Case 1:05-cv-08136-DC Document 1077
44.
Filed 08/26/13 Page 13 of 34
Google generally divides each page into eighths, each of which Google calls a
snippet. Supplemental Narrative at 11-12 (Zack SJ Decl. Ex. 26); Print-out from
http://www.google.com/googlebooks/library.html (Zack SJ Decl. Ex. 28); see also Print-out from
http://support.google.com/books/binlanswer.py?hl=en&answer=43729/ (Zack SJ Decl. Ex. 19).
Response:
45.
Undisputed as to books in “snippet view.”
By performing multiple searches using different search terms (including multiple
search terms suggested by Google), a single user can view far more than three snippets from a
Library Project book. See Print-outs from Google’s website displaying search results in JIM
BOUTON, BALL FOUR (Zack SJ Decl. Ex. 4); Clancy Dep. at 43-45 (Zack SJ Decl. Ex. 16).
Response:
Undisputed that different searches sometimes return different snippets,
subject to the security limitations set forth in Zack Decl. Ex. 26 (Supplemental Narrative) at 913.
46.
Zack SJ Decl. Ex. 4 demonstrates that Google displayed to one user- making a
series of consecutive searches within BALL FOUR - about 37 different snippets, consisting of over
1900 words of verbatim expression.
Response:
47.
Undisputed.
Even minor variations in search terms will result in different displays of text.
Compare snippet results for search term “pitch” in BALL FOUR (Zack SJ Decl. Ex. 5) with
snippet results for search term “pitches” in BALL FOUR (Zack SJ Decl. Ex. 6); see also Clancy
Dep. at 44 (Zack SJ Decl. Ex. 16) (“[F]or a given query, we might display up to three snippets,
but then if you entered a different query, you might see different snippets.”).
13
A-1618
Case 1:05-cv-08136-DC Document 1077
Response:
Filed 08/26/13 Page 14 of 34
Undisputed that minor variations in search terms, as in the case of the
cited search queries, will sometimes result in the display of different snippets, subject to the
security limitations set forth in Zack Decl. Ex. 26 (Supplemental Narrative) at 9-13.
48.
Google shows its users snippets from all portions of the books displayed in its
Library Project, except for the small proportion of each book that it “blacklists.” Supplemental
Narrative at 11 (Zack SJ Decl. Ex. 26); Clancy Decl.10 (Zack SJ Decl. Ex. 21).
Response:
Undisputed that, in response to a search query from a user, if a book is in
“snippet view,” any portion of the book can be displayed if the user searches for text appearing
in that portion, subject to the security limitations set forth in the cited documents, including
“blacklisting” of portions of books so that they are never displayed in snippets. See Zack Decl.
Ex. 26 (Supplemental Narrative) at 9-13
49.
For those books in snippet view, Google blacklists 10% of the pages of books and
one snippet per page. See Supplemental Narrative at 11 (Zack SJ Decl. Ex. 26); Clancy Decl. 10
(Zack SJ Decl. Ex. 21).
Response:
Undisputed, except that Google sometimes blacklists more than 10% of
the pages in a book, as noted in the above-cited Supplemental Narrative at 11. See also Decl.
Brad Hasegawa Supp. Def. Google Inc.’s Mot. Summ. J., ECF No. 1040, ¶ 4.
50.
For those books in snippet view, Google makes the vast majority of the text
available for verbatim display to its users collectively. See Supplemental Narrative at 6-7 (Zack
SJ Decl. Ex. 26); see also Zack SJ Decl. Ex. 4.
Response:
Undisputed that the text in each non-blacklisted snippet of each book in
“snippet view” could be displayed if a user entered a search query seeking text in that snippet,
and that Google does not blacklist the “vast majority” of snippets. Disputed to the extent this
14
I A-1619 I
Case 1:05-cv-08136-DC Document 1077
Filed 08/26/13 Page 15 of 34
paragraph is intended to mean that Google makes the “vast majority” of any book available to
any user, an assertion which would be contradicted by the cited documents. Supplemental
Narrative at 6-13 (Zack SJ Decl. Ex. 26).
51.
Some of the books copied in the Library Project are placed by Google into
metadata only view, where no text is displayed. See Supplemental Narrative at 6-7 (Zack SJ
Decl. Ex. 26).
Response:
52.
Undisputed.
In general, reference works
, and works for which the
rightsholder has instructed Google not to display the work are placed in metadata only view. Id;
“QA Training Manual,” at GOOG05002440 (Zack SJ Decl. Ex. 29).
Response:
53.
Undisputed.
To date, in its Library Project, Google has digitally copied over
-
in-
copyright English language books (Clancy Decl. ¶ 4) (Zack SJ Decl. Ex. 21); see also Zack SJ
Decl. Exs. 30-31 (spreadsheet and accompanying email from Google identifying a list of over
-
English language books copied and that Google has determined not to be in the
public domain); distributed complete digital copies of over
-
of in-copyright books to
libraries (see Zack SJ Decl. Ex. 9) (spreadsheet from Google identifying the scanned books
which have been distributed to the partnering libraries, including certain books distributed more
than once); and displayed verbatim expression as snippets from millions of in-copyright books
15
A-1620
Case 1:05-cv-08136-DC Document 1077
Filed 08/26/13 Page 16 of 34
over the Internet in response to search requests from its users. Google Admissions at 10 (Zack
SJ Decl. Ex. 27).
Response:
copied over
-
Undisputed that “To date, in its Library Project, Google has digitally
in- copyright English language books” and “displayed verbatim
expression as snippets from millions of in-copyright books over the Internet in response to search
requests from its users[,]” as the paragraph states. Undisputed that libraries have chosen to
download, using the GRIN system, digital copies of more than
-
books not known to
be in the public domain, each library able to download only books scanned from the collection of
that library. Disputed that the creation and maintenance of the GRIN system by Google
constitutes distribution on the part of Google, since Google does not create or distribute the
electronic copies that libraries make. Jaskiewicz Decl. ¶¶ 6-9. Disputed that Exhibits 30-31 of
the Zack Declaration list books “that Google has determined not to be in the public domain.”
Instead, as noted in Exhibit 31, list books “which are not known to be in the public domain[]”
and which Google conservatively treats as though they are not in the public domain, but which
may be revealed to be in the public domain through further investigation.
54.
Google did not seek or obtain permission from copyright owners before it made
the uses described in No. 53 above. Google Admissions at 12-14 (Zack SJ Decl. Ex. 27).
Response:
Undisputed, except as to the disputes identified in connection with No. 53
above.
55.
Google has not compensated copyright owners for its copying, distribution to
libraries, or display of verbatim expression from these books. Id. at 13.
Response:
Undisputed, assuming that “these books” refers to those referred to in No.
53 above, except as to the disputes identified in connection with No. 53 above.
16
A-1621
Case 1:05-cv-08136-DC Document 1077
56.
Filed 08/26/13 Page 17 of 34
Google has admitted in its responses to Plaintiffs’ Requests for Admissions that it
digitally copies books in their entirety- including in-print and out-of-print books, fiction and
nonfiction books, reference books, anthologies, educational books, textbooks, dissertations,
monographs, journals, government publications, and other types of works; provides entire digital
copies of books to libraries, and displays snippets from books in response to user requests, all
without copyright owner permission. Id. at 5-12; see also Supplemental Narrative at 5-9 (Zack
SJ Decl. Ex. 26).
Response:
57.
Undisputed.
Pursuant to their cooperative agreements with Google, each library provides
books to Google, Google scans the books, makes a digital file of the books for Google’s use, and
distributes digital copies of scanned books to the providing library. Clancy Dep. at 44-45 (Zack
SJ Decl. Ex. 16); Library Agreements (Zack SJ Decl. Ex. 23).
Response:
Undisputed that “[p]ursuant to their cooperative agreements with Google,
each library provides books to Google, Google scans the books, [and] makes a digital file of the
books for Google’s use[.]” Undisputed that the providing library can make its own copy from
Google’s digital files using the GRIN system. Disputed that the creation and maintenance of the
GRIN system by Google constitutes distribution on the part of Google, since Google does not
create or distribute the electronic copies that libraries make. Jaskiewicz Decl. ¶¶ 6-9.
58.
One of Google’s earliest library agreements, its digitization agreement with
Stanford University, summarizes their agreement as follows:
17
A-1622
Case 1:05-cv-08136-DC Document 1077
Filed 08/26/13 Page 18 of 34
See Digitization Agreement
with Leland Stanford Junior University, p.1 (Zack SJ Decl. Ex. 23 at GOOG05002264).
Response:
Undisputed.
59.
See, e.g., Cooperative Agreement with
the University of California, p.1 (Zack SJ Decl. Ex. 23 at GOOG05000306).
Response:
60.
Undisputed.
Google’s agreements with each of the libraries have many of the same or similar
terms. See Library Agreements (Zack SJ Decl. Ex. 23).
Response:
Undisputed.
61.
Response:
62.
Undisputed.
Google executed the digitization by scanning the covers and every page of in-
copyright books, performing optical character recognition on the scanned images to obtain
machine-readable text, and then, through an “automated process compil[ing] a digital copy of the
book.” Supplemental Narrative at 5-6 (Zack SJ Decl. Ex. 26); see also Jaskiewicz Dep. 25-30
(Zack SJ Decl. Ex. 25).
Response:
Undisputed.
18
A-1623
Case 1:05-cv-08136-DC Document 1077
63.
Filed 08/26/13 Page 19 of 34
To facilitate the mutual interest in making information available to the public (see
No. 59 above), Google will “digitize” mass quantities of books, with “digitize” defined as “to
convert content from a tangible, analog form into a digital representation of that content.”
Cooperative Agreement with the University of Michigan, p.1 (Zack SJ Decl. Ex. 23 at
00000500355).
Response:
Undisputed.
64.
Response:
Disputed to the extent this paragraph suggests that the creation and maintenance of the GRIN
system by Google constitutes distribution on the part of Google, since Google does not create or
distribute the electronic copies that libraries make. Jaskiewicz Decl. ¶¶ 6-9.
65.
Google itself explained that after the library requests a copy of a particular book
that Google has scanned, Google provides its digital copy by placing the file of the book on a
server that the requesting library can access to download the file over the Internet. See
19
A-1624
Case 1:05-cv-08136-DC Document 1077
Filed 08/26/13 Page 20 of 34
Supplemental Narrative at 8 (Zack SJ Decl. Ex. 26); see also Jaskiewicz Dep. at 65 (Zack SJ
Decl. Ex. 25); Clancy Dep. at 217-19 (Zack SJ Decl. Ex. 16).
Response:
Undisputed that the automated GRIN system creates encrypted copies of
books that libraries can download in response to requests made by libraries. Disputed to the
extent this paragraph suggests that the creation and maintenance of the GRIN system by Google
constitutes distribution on the part of Google, since Google does not create or distribute the
electronic copies that libraries make. Jaskiewicz Decl. ¶¶ 6-9.
66.
The distribution of the digital copies to the libraries was an important component
of the Library Project. See Clancy Dep. at 44 (Zack SJ Decl. Ex. 16); Zack SJ Decl. Ex. 23.
Response:
67.
Undisputed.
Dan Clancy stated at his deposition, “it is part of the Library Project that- as I
stated- that we provide a copy, the ability to get a copy, for our library partners of the books we
scan, in addition to any other uses.” Clancy Dep. at 45 (Zack SJ Decl. Ex. 16).
Response:
68.
Undisputed.
Google also transfers ownership of the distributed copies to the libraries,
Response:
-
Disputed. Google does not create or distribute the electronic copies that
libraries make using the GRIN system. Jaskiewicz Decl. ¶¶ 6-9. Thus, the libraries own their
copies from the time they are created.
20
A-1625
Case 1:05-cv-08136-DC Document 1077
Filed 08/26/13 Page 21 of 34
69.
Response:
-
Undisputed.
70.
See, e.g., Cooperative Agreement with the University of Michigan, p.5 (Zack SJ Decl.
Ex. 23 at GOOG05000359) (“As between Google and U of M ... U of M shall own all rights,
title, and interest to the U of M Digital Copy.”);
Response:
Disputed.
Google does not create or distribute the electronic copies that libraries make using the GRIN
system. Jaskiewicz Decl. ¶¶ 6-9.
71.
21
A-1626
Case 1:05-cv-08136-DC Document 1077
Response:
72.
Filed 08/26/13 Page 22 of 34
Undisputed.
For example, Google’s agreement with the University of Michigan specifically
allows for the use of Michigan’s copies for “inclusion in Michigan’s search services.”
Cooperative Agreement with the University of Michigan, p.1 (Zack SJ Decl. Ex. 23 at
GOOG0500355); see also Clancy Dep. at 35 (Zack SJ Decl. Ex. 16) (“In addition, libraries
receive a copy, and with that copy, they may use it for similar search and indexing or other
nondisplay uses, various different research initiatives and, also, archiving it for posterity.”)
Response:
73.
Undisputed.
The University of Michigan has included the books that Google copied for it in its
own digital library, HathiTrust. Transcript of the deposition of Paul Courant taken April 23,
2012 (hereinafter “Courant Dep.”) at 15, 20-21 (Zack SJ Decl. Ex. 33).
Response:
74.
Undisputed.
Michigan’s Dean of Libraries, Dr. Paul Courant, testified that “Google did scan
works from the University of Michigan libraries, and Google- and we did indeed receive copies
of those scans”; that the University of Michigan made backup copies of the files it received; and
that it included those files, including of works that are in-copyright, in its HathiTrust database
index, which is accessible to “essentially everyone in the United States with an Internet
connection.” Courant Dep. at 15, 20-21, 43-45 (Zack SJ Decl. Ex. 33).
Response:
Undisputed, except to the extent that the quoted language is interpreted to
mean that the Univeristy of Michigan made any content from any books in the HathiTrust
database available to the general public, which the cited passage does not support.
22
A-1627
Case 1:05-cv-08136-DC Document 1077
75.
Filed 08/26/13 Page 23 of 34
Google undertook the Library Project for commercial reasons. GOOG05004756
(Zack SJ Decl. Ex. 34); GOOG000645741 (Zack SJ Decl. Ex. 35); Supplemental Narrative at 9
(Zack SJ Decl. Ex. 26); Clancy Dep. at 84-85, 117, 120, 141, 198-203 (Zack SJ Decl. Ex. 16)
Response:
Undisputed that Google undertook the Library Project in part for
commercial reasons. The cited documents do not support the proposition that Google undertook
the Library Project entirely for commercial reasons. Clancy Decl. ¶¶ 3-4.
76.
A Google internal presentation in 2003 states that
Response:
Disputed.
77.
Response:
23
A-1628
Case 1:05-cv-08136-DC Document 1077
78.
Dan Clancy testified that,
Response:
79.
Filed 08/26/13 Page 24 of 34
Undisputed.
Google monetizes its search product by running advertisements in response to
search queries. Id. at 117.
Response:
Undisputed that advertisements appear on Google pages containing a list
of search results.
80.
Response:
81.
Undisputed.
Clancy testified that during the six years he was chief engineer for Google Books,
Google invested
Response:
Undisputed.
82.
Response:
Undisputed in that facts 83 and 84 below are Undisputed.
24
A-1629
Case 1:05-cv-08136-DC Document 1077
83.
As Clancy testified,
Response:
84.
Undisputed.
Clancy testified that
Response:
85.
Filed 08/26/13 Page 25 of 34
Undisputed.
Google has stated: “Google admits that it has entered into agreements with certain
libraries, pursuant to which those libraries have requested that Google scan books, including incopyright works, provided to Google by the library, and Google has provided digital copies of
millions of those books to the libraries....” Google Admissions at 7 (Zack SJ Decl. Ex. 27).
Response:
86.
Undisputed.
Google also makes a number of non-display uses of Books it copies in its Library
Project. Supplemental Narrative at 9 (Zack SJ Decl. Ex. 26).
Response:
87.
Undisputed.
The non-display uses identified in No. 86 above have commercial benefits to
Google. Id.
Response:
Undisputed that some of the non-display uses Google makes of the books
have some indirect commercial benefit to Google, in addition to their benefits to scholarship and
the public interest. Clancy Decl. ¶¶ 3-4, 15.
88.
Google makes available over
See Zack SJ Decl. Exs. 30-31.
Response:
-
Undisputed that more than
25
books on the Internet in snippet display.
books are in snippet view.
A-1630
Case 1:05-cv-08136-DC Document 1077
89.
Filed 08/26/13 Page 26 of 34
An “index” of books’ metadata already exists. Transcript of the deposition of
Gloriana St. Clair taken May 31, 2012 (hereinafter “St. Clair Dep.”) at 46-48 (Zack SJ Decl. Ex.
36).
Response:
Undisputed that electronic card catalogs, which allow searching only by
metadata (rather than searching the text of the book), existed before Google Books was created.
90.
Libraries use what is known as MARC records to catalog books. Id. at 48.
Response:
91.
Undisputed.
“MARC records are essentially the electronic version of a card catalog record,”
and contain the book’s metadata, such as author, title, publishing information. Id. at 46, 48.
Response:
Undisputed that MARC records contain the same information as a
traditional paper card catalog.
92.
To create MARC records, the book does not need to be scanned or copied.
Clancy Dep. at 25-26 (Zack SJ Decl. Ex. 16); Groetsch Dep. at 21-25 (Zack SJ Decl. Ex. 24).
Response:
93.
Undisputed.
The cataloging of metadata through MARC records is done by hand with the
cataloger reviewing the physical book and identifying enumerated fields of information. See
Groetsch Dep. at 21-25 (Zack SJ Decl. Ex. 24).
Response:
94.
Undisputed.
The Copyright Clearance Center presently licenses “essentially printed content,
much of the same nature as the material scanned by Google.” See Report of Daniel Gervais ¶ 11
(Zack SJ Decl. Ex. 37).
Response:
Undisputed that the Copyright Clearance Center licenses uses of printed
content, albeit for different uses than the conduct at issue in this litigation. See Decl. Joseph
26
A-1631
Case 1:05-cv-08136-DC Document 1077
Filed 08/26/13 Page 27 of 34
Gratz Opp’n Plas.’ Mot. Summ. J. (“Gratz Opp’n Decl.”) Ex. 15 (“Gervais Dep. Tr.”) 119:7-22;
169:14-176:2; 209:8-9, 11-12; 235:19-22.
95.
If Google’s uses are found to be fair, this will legitimize widespread digital
copying without permission, thereby impeding the development of collective license for digital
uses of books and excerpts from books by search engines, libraries, and others. Id. ¶¶ 17, 42.
Response:
This paragraph recites conclusions based on an incomplete hypothetical
involving parties other than Google. To the extent this paragraph recites any material facts, they
are not supported by any competent evidence because Mr. Gervais has no basis for the
conclusions he recites in the cited paragraphs. See Gervais Dep. Tr. 138:21-140:2; 192:14196:16; 207:1-7; 210:5-15; 214:16-25; 199:16-23; 217:21-218:24. See also id. at 159:22-25;
164:7-17; 167:4-9; 167:25-168:5.
96.
Collective management of copyright provides important advantages in licensing
uses of copyrighted works, as it reduces transaction costs, benefitting authors and users. Id. ¶ 19.
Response:
97.
Undisputed.
Collective management of copyright has existed for more than two centuries and
is indispensable for many types of copyright uses. Id. ¶¶ 12, 15.
Response:
98.
Undisputed.
For example, in the United States, ASCAP, BMI and SESAC are well-known
organizations that license the use of music. See id. ¶ 18.
Response:
99.
Undisputed.
The Copyright Clearance Center (“CCC”) is another well-known collective
management organization (“CMO”). Id. ¶ 28.
Response:
Undisputed.
27
A-1632
Case 1:05-cv-08136-DC Document 1077
100.
Filed 08/26/13 Page 28 of 34
If they wish to participate, authors or publishers register their works with the
CCC, which offers per-use and annual repertory licenses. Id.
Response:
101.
Undisputed.
A business or academic institution can enter into an agreement with the CCC that
permits it to, for instance, photocopy a periodical article or create an electronic coursepack. Id.
Response:
102.
Undisputed.
CMOs typically pay authors and other rightsholders based on actual usage of their
works, id. ¶ 5, which can result in substantial revenue to rightsholders.
Response:
103.
Undisputed.
In its 2011 fiscal year, CCC reported revenues in excess of $238 million, with
payments to rightsholders exceeding $171 million. Id. ¶ 28. The difference between the two
numbers includes but is not all a service charge. Due to the time period required to process
usage data, the 2011 distributions were mostly of 2010 collections which were significantly
lower than 2011 collections. Id. at 9 n.15.
Response:
104.
Undisputed.
Collective licensing markets have often developed in response to new
technologies: “Often, after a new form of use has emerged collective management systems are
established to license uses that have been found to be desirable but unauthorized.” Id. ¶ 41.
Response:
105.
Undisputed.
A collective management system “would develop here if some or all of Google’s
uses are found not to be fair.” Id. ¶ 17.
Response:
This paragraph recites a conclusion based on an incomplete hypothetical,
not a fact. To the extent this paragraph recites a fact, it is not supported by any competent
28
A-1633
Case 1:05-cv-08136-DC Document 1077
Filed 08/26/13 Page 29 of 34
evidence because Mr. Gervais has no basis for the conclusion he recites in the cited paragraphs.
See Gervais Dep. Tr. 138:21-140:2; 192:14-196:16; 207:1-7; 210:5-15; 214:16-25; 199:16-23;
217:21-218:24. See also id. at 159:22-25; 164:7-17; 167:4-9; 167:25-168:5.
106.
If Google’s conduct is permitted as fair use and becomes widespread, such an
outcome can be expected to thwart the development of collective management systems for the
digital uses of books (and book excerpts) that would otherwise likely develop. Id. ¶ 42; see also
id. ¶ 17.
Response:
This paragraph recites a conclusion based on an incomplete hypothetical,
not a fact. To the extent this paragraph recites a fact, it is not supported by any competent
evidence because Mr. Gervais has no basis for the conclusion he recites in the cited paragraphs.
See Gervais Dep. Tr. 138:21-140:2; 192:14-196:16; 207:1-7; 210:5-15; 214:16-25; 199:16-23;
217:21-218:24. See also id. at 159:22-25; 164:7-17; 167:4-9; 167:25-168:5.
107.
Google admits in its Form 10-K that its “security measures may be breached due
to the actions of outside parties, employee error, malfeasance, or otherwise, and, as a result, an
unauthorized party may obtain access to our data or our users’ or customers’ data. Additionally
outside parties may attempt to fraudulently induce employees, users, or customers to disclose
sensitive information in order to gain access to our data or our users’ or customers’ data. Any
such breach or unauthorized access could result in significant legal and financial exposure,
damage to our reputation, and a loss of confidence in the security of our products and services
that could potentially have an adverse effect on our business. Because the techniques used to
obtain unauthorized access, disable or degrade service, or sabotage systems change frequently
and often are not recognized until launched against a target, we may be unable to anticipate these
29
A-1634
Case 1:05-cv-08136-DC Document 1077
Filed 08/26/13 Page 30 of 34
techniques or to implement adequate preventative measures.” Google 2011 Form 10-K, at 15
(Zack SJ Decl. Ex. 13).
Response:
108.
Undisputed.
Google
does not in practice, monitor or
control the security of the digital copies of books provided by it to libraries in its Library Project,
and the security measures of libraries who receive digital copies of books from Google are
subject to similar breaches. Clancy Dep. at 195-202 (Zack SJ Decl. Ex. 16); Courant Dep. at 5253 (Zack SJ Decl. Ex. 33); Transcript of the deposition of James Crawford taken April 10, 2012
(hereinafter “Crawford Dep.”) at 56 (Zack SJ Decl. Ex. 38); see generally Expert Report of
Benjamin Edelman (hereinafter, “Edelman Report”) (Zack SJ Decl. Ex. 39).
Response:
Undisputed that Google is not obligated to, and does not in practice,
monitor or control libraries’ security measures. Disputed that libraries are subject to security
breaches, for the reasons discussed with respect to paragraph 109 below.
109.
Subsequent copying by the libraries of the digital files received by them from
Google, see Courant Dep. at 22-27 (Zack SJ Decl. Ex. 33), risks further security breaches.
Edelman Report ¶¶ 20-26 (Zack SJ Decl. Ex. 39).
Response:
Disputed. Mr. Edelman admits he has no knowledge of the security
measures put in place by the libraries, and thus has no basis to opine regarding whether their
activities create security risks. See Edelman Report ¶ 21 (Zack SJ Decl. Ex. 39) (“I have not
been informed of all the ways that libraries intend to use the book contents data they receive
from Google, nor have I been informed how libraries intend to secure that data.”); Gratz Opp’n
Decl. Ex. 16 (“Edelman Dep. Tr.”) 247:25-252:11. See also Decl. Joseph C. Gratz Supp. Def.
30
A-1635
Case 1:05-cv-08136-DC Document 1077
Filed 08/26/13 Page 31 of 34
Google Inc.’s Mot. Summ. J., ECF No. 1036 (“Gratz SJ Decl.”) Ex. 1 (“Courant Dep. Tr.”)
106:23-107:9.
110.
As the number of unlawful copies of an in copyright book increases, so does the
risk of further infringement and/or piracy of the work. Id. ¶¶ 14-19.
Response:
This paragraph recites a conclusion based on an incomplete hypothetical,
not a fact. To the extent this paragraph purports to recite a fact, it is not supported by any
competent evidence because Mr. Edelman has no basis for the conclusions he recites in the cited
paragraphs. See Edelman Dep. Tr. 237:12-240:25. See also id. at 244:6-20; 245:17-246:24;
246:25-247:24; 296:9-298:6; 290:15-292:22.
111.
The copyright holder’s control over the distribution and publication of his or her
work becomes increasingly threatened when multiple unauthorized digital copies are created, and
even more so when they are placed on and/or distributed over the Internet. Id. ¶¶ 34, 36.
Response:
This paragraph recites a conclusion based on an incomplete hypothetical,
not a fact. To the extent this paragraph recites a fact, it is not supported by any competent
evidence because Mr. Edelman has no basis for the conclusion he recites in the cited paragraphs.
See Edelman Dep. Tr. 280:6-20. See also id. at 244:6-20; 245:17-246:24; 246:25-247:24; 296:9298:6; 290:15-292:22.
112.
If Google’s bulk and indiscriminate copying is found to be “fair,” other website
operators, no matter how small, will also be given sanction to create online databases of books
and other works. Id. ¶¶ 9, 13, 18.
Response:
This paragraph recites a legal conclusion, not a fact. To the extent this
paragraph recites a fact, disputed; Mr. Edelman testified to the contrary. Edelman Dep. Tr.
193:20-196:1.
31
A-1636
Case 1:05-cv-08136-DC Document 1077
113.
Filed 08/26/13 Page 32 of 34
These website operators may have insufficient security to prevent widespread
piracy of such works. Id. ¶¶ 18-19.
Response:
This paragraph recites conclusions based on an incomplete hypothetical
involving parties other than Google. To the extent this paragraph recites any material facts, they
are not supported by any competent evidence because Mr. Edelman has no basis for the
conclusions he recites in the cited paragraphs. See Edelman Dep. Tr. 244:6-246:24; 246:25247:24. See also id. at 210:16-212:23; 212:24-217:23.
114.
In particular, less sophisticated operators have a reduced capability to design,
install, and maintain systems to secure books, as well as a lesser ability to screen their internal
staff to prevent data theft by rogue employees or to adapt their systems to prevent hacking by
outsiders. Id. ¶ 18.
Response:
This paragraph recites conclusions based on an incomplete hypothetical
involving parties other than Google. To the extent this paragraph recites any material facts, they
are not supported by any competent evidence because Mr. Edelman has no basis for the
conclusions he recites in the cited paragraph. See Edelman Dep. Tr. 244:6-246:24.
115.
These concerns will only be amplified if “numerous companies and organizations
scan books,” because “attackers can focus their efforts on whichever installs the weakest
security. Similarly, attackers can take advantage of even a brief period when a single book
provider is insecure....” Id. ¶ 19.
Response:
This paragraph recites conclusions based on an incomplete hypothetical
involving parties other than Google. To the extent this paragraph recites any material facts, they
are not supported by any competent evidence because Mr. Edelman has no basis for the
conclusions he recites in the cited paragraph. See Edelman Dep. Tr. 246:25-247:24.
32
A-1637
Case 1:05-cv-08136-DC Document 1077
116.
Filed 08/26/13 Page 33 of 34
These are not merely hypothetical risks, but reveal a real danger to authors, as
book piracy is already occurring. Id. ¶¶ 11-12; see also id. ¶¶ 13-17 (discussing multiple ways in
which books may be redistributed through piracy).
Response:
Undisputed that unauthorized copies of some books, taken from sources
other than Google Books, are available on the Internet. To the extent this paragraph recites any
other facts, they are not supported by any competent evidence because Mr. Edelman has no basis
for the conclusion he recites in the cited and referenced paragraphs of his report, as described in
connection with the above paragraphs. See Edelman Dep. Tr. 235:9-19; 236:4-7; 236:25-237:2;
241:19-242:18; 249:14-17.
117.
A security breach could have a “devastating impact” on the Class. Id. ¶ 38; see
also id. ¶ 36 (describing how information may remain widely available, even after measures are
taken to correct the breach, as information cannot be “unpublished” once it becomes publicly
available on the Internet).
Response:
This paragraph recites conclusion based on an incomplete hypothetical,
not a fact. To the extent this paragraph recites a fact, it is not supported by any competent
evidence because Mr. Edelman has no basis for the conclusion he recites in the cited paragraphs.
See Edelman Dep. Tr. 284:24-287:9. See also id. at 244:6-20; 245:17-246:24; 246:25-247:24;
296:9-298:6; 290:15-292:22.
118.
If Google’s unauthorized reproduction, distribution and display is found not to be
fair, licenses will be required for such uses, and copyright owners can require in such licenses
that financial responsibility for the risks of unauthorized uses of the copies be fairly allocated
between the parties to the license. Id. ¶¶ 9, 39.
33
A-1638
Case 1:05-cv-08136-DC Document 1077
Response:
Filed 08/26/13 Page 34 of 34
This paragraph recites a legal conclusion, not a fact. To the extent this
paragraph recites a fact, it is not supported by any competent evidence because Mr. Edelman has
no basis for the conclusion he recites in the cited paragraphs. See Edelman Dep. Tr. 206:6208:7; 210:16-212:23; 212:24-217:23; 218:17-219:10; 221:6-23; 224:23-225:24; 226:24-227:10;
302:4-11. See also id. at 244:6-20; 245:17-246:24; 246:25-247:24; 296:9-298:6; 290:15-292:22.
Dated: August 26, 2013
Respectfully submitted,
By:
Joseph C. Gratz
Daralyn J. Durie (pro hac vice)
ddurie@durietangri.com
Joseph C. Gratz (pro hac vice)
jgratz@durietangri.com
DURIE TANGRI LLP
217 Leidesdorff Street
San Francisco, CA 94111
Telephone: 415-362-6666
Facsimile: 415-236-6300
Attorneys for Defendant Google Inc.
34
A-1639
Case 1:05-cv-08136-DC Document 1092
Filed 12/23/13 Page 1 of 2
UNITED STATES DISTRICT COURT
SOUTHERN DISTRICT OF NEW YORK
------------------------------------- x
The Authors Guild, Inc., Associational Plaintiff,
Betty Miles, Joseph Goulden, and Jim Bouton,
individually and on behalf of all others similarly
situated,
Plaintiffs,
v.
Google Inc.,
Defendant.
:
:
:
:
:
:
:
:
:
:
:
:
Case No. 05 CV 8136-DC
------------------------------------- x
NOTICE OF APPEAL
NOTICE IS HEREBY GIVEN that Plaintiffs The Authors Guild, Inc., Associational
Plaintiff, Betty Miles, Joseph Goulden and Jim Bouton, individually and on behalf of all others
similarly situated (“Plaintiffs”) in the above-captioned action hereby appeal to the United States
Court of Appeals for the Second Circuit from the Judgment entered on November 27, 2013 and
the Amended Judgment entered on December 11, 2013 granting Defendant’s motion for
summary judgment, denying Plaintiffs’ motion for partial summary judgment, and dismissing
Plaintiffs’ claims with prejudice.
Respectfully submitted on this 23rd day of December, 2013.
FRANKFURT KURNIT KLEIN & SELZ, P.C.
By: /s/ Edward H. Rosenthal
Edward H. Rosenthal, Esq.
Jeremy S. Goldman, Esq.
488 Madison Avenue, 10th Floor
New York, New York 10022
Phone (212) 980-0120
Fax: (212) 593-9175
A-1640
Case 1:05-cv-08136-DC Document 1092
Filed 12/23/13 Page 2 of 2
Michael J. Boni (pro hac vice)
Joshua D. Snyder
John E. Sindoni
BONI & ZACK LLC
15 St. Asaphs Rd.
Bala Cynwyd, PA 19004
Tel: (610) 822-0200
Fax: (610) 822-0206
mboni@bonizack.com
jsnyder@bonizack.com
jsindoni@bonizack.com
Robert J. LaRocca (pro hac vice)
KOHN SWIFT & GRAF, P.C.
One South Broad Street, Suite 2100
Philadelphia, PA 19107
Tel: (215) 238-1700
Fax: (215) 238-1968
rlarocca@kohnswift.com
Sanford P. Dumain
MILBERG LLP
One Pennsylvania Plaza
New York, NY 10119
Tel: (212) 594-5300
Fax: (212) 868-1229
sdumain@milberg.com
Attorneys for Plaintiffs
2
Disclaimer: Justia Dockets & Filings provides public litigation records from the federal appellate and district courts. These filings and docket sheets should not be considered findings of fact or liability, nor do they necessarily reflect the view of Justia.
Why Is My Information Online?