Cryptocurrency scam victim can seek to identify Coinbase, Binance and Gemini users

A federal court in Wisconsin allowed a cryptocurrency scam victim to try to find out who stole his cryptocurrency. It found that good cause existed to allow the plaintiff-victim to send subpoenas to Coinbase, Binance and Gemini.

cryptocurrency scam victim

The Federal Rules of Civil Procedure state that a party cannot seek discovery “from any source before the parties have conferred as required by Rule 26(f).” So plaintiff was required to get authorization from the court before seeking information from the various cryptocurrency exchange platforms onto which he believed his assets had been placed. He filed a motion requesting such authorization.

The judge first observed that various trial courts within the same federal circuit (this case arose in Wisconsin federal court, which is in the Seventh Circuit) have applied different tests when deciding whether “expedited discovery” is appropriate. One such test requires, among other things, that the party seeking discovery show that it will suffer irreparable harm if the request is not granted. The other test – the good cause standard – allows expedited discovery “when the need for [such discovery], in consideration with the administration of justice, outweighs the prejudice to the responding party.”

In this case, the court applied the good cause standard. But the court did not allow plaintiff to send subpoenas concerning all of the information he had asserted should be discoverable. For example, plaintiff asked the court for permission to seek the Doe defendant’s social security number, as well as transaction logs and correspondence. The court found such requests “go far beyond seeking the defendants’ identifying information” and would instead be the types of discovery requests the court might expect plaintiff to make once the defendants have been identified and plaintiff is seeking discovery as to his substantive allegations. Instead, the court permitted expedited discovery for the sole purpose of obtaining information to identify the John Doe defendants. This information included only the name, street address, telephone number and e-mail address of each John Doe.

The court further ordered that Coinbase, Binance and Gemini had to provide a copy of the subpoena to each John Doe and any other affected user as soon as possible after service of the subpoena. The court’s order also provided that each of the platforms and any affected user must have 14 days from the date of service of the subpoena to object to the subpoena under Federal Rule of Civil Procedure 45(d)(2)(B). The platforms were ordered not to disclose any John Doe’s identifying information, or such information for any other affected user, during that fourteen-day period (unless or until the court may otherwise order). The platforms were also ordered to preserve any material responsive to the subpoena for a period of no less than 90 days to allow the plaintiff to file a motion to compel.

Wuluvarana v. Does 1-3, 2023 WL 183874 (E.D. Wisconsin, January 14, 2023)

Evan Brown is a technology and intellectual property attorney in Chicago. Follow him on Twitter at @internetcases.

See also:

How do you identify an anonymous hacker?

An unknown person allegedly hacked plaintiff’s information systems and temporarily rendered plaintiff’s email system inoperable. Not knowing who to sue, plaintiff sued a number of “John Doe” defendants under the Computer Fraud and Abuse Act and the Stored Communications Act. It was yet to identify the anonymous hacker.

But that was as far as plaintiff could go without the court’s help. Since plaintiff did not know the real names of the defendants, it could not serve the complaint on them. To learn defendants’ identities, plaintiff sought permission from the court to seek expedited discovery.

Early discovery to identify an anonymous hacker

Under the rules of procedure, a party may not start serving discovery requests (including subpoenas) until the plaintiff and defendant have held their Rule 26(f) conference. But the parties cannot hold that conference unless their identities are known. So, in circumstances where “good cause” exits, courts will allow plaintiffs to send subpoenas before the Rule 26(f) conference.

In this case, plaintiff asked for permission to send a subpoena to the internet service provider associated with the IP address used to hack plaintiff’s system.

When is there good cause to grant early discovery?

The court found good cause to permit limited discovery prior to the Rule 26(f) conference. Without information from the ISP, plaintiff could not amend its complaint to name the appropriate defendant, let alone effectuate service of that pleading.

The court recognized that the subscriber whose information was on file with the internet service provider may not be personally responsible for the allegedly wrongful access. But he or she may have information that would assist in identifying the alleged bad actor. The court found, therefore, that the subscriber’s identity was relevant and discoverable under the broad scope of applicable rules.

The court’s order allowing expedited discovery contained certain important limitations, to curb against potentially expansive and intrusive discovery. It permitted plaintiff to serve a subpoena on the internet service provider. But plaintiff could only seek the name and address of the subscriber associated with the IP address used to access plaintiff’s systems.

Re: Gaaays In Spaaace v. John Does (1-10) et al., 2020 WL 6042289 (D.N.J. October 13, 2020)

See also: Finding out who infringed copyright – identifying infringers

Evan Brown, nondisclosure agreementsEvan Brown is a technology and intellectual property attorney in Chicago. This content originally appeared on evan.law.

Finding out who infringed copyright – identifying infringers

Need information about finding out who infringed your copyright? This video may provide some guidance. 

Copyright owners of video and photos may find their works have been copied and posted somewhere else online and therefore need to take action for copyright infringement. But the first challenge may be to identify who the unknown defendant is. This video discusses (1) filing a copyright infringement case in federal court, (2) showing good cause for early discovery to identify the unknown alleged infringer, and (3) sending subpoenas.  Finding out who infringed copyright can be a difficult task. 

The federal courts have exclusive jurisdiction for copyright infringement cases. That means a state court will not be able to hear a copyright infringement matter. A copyright infringement case filed in state court will get dismissed because state courts cannot hear cases that are exclusively the subject of federal jurisdiction.

When a party has filed suit, it usually knows who the defendant is. But sometimes it is necessary to file suits against “John Doe” defendants. In the online copyright infringement context, the copyright owner will need to take early discovery. This requires persuading the federal judge that good cause exists for taking early discovery. To show good cause, a party will need to show that an actual person has infringed, that it has taken as many steps possible to unmask the anonymous copyright infringer, and that its copyright infringement case is strong enough to survive a motion for summary judgment. 

Once these things are shown, the court will allow the plaintiff to send subpoenas to the host of the infringing content and to the internet service providers associated with the IP address that uploaded the copyright infringing content. Then, if the plaintiff is successful in unmasking the unknown defendant, the copyright infringement case can actually begin .

More information: Identifying unknown online copyright infringers: court gives guidance

finding out who infringed copyright

Identifying unknown online copyright infringers: guidance

unmasking online copyright infringers

A recent case addressed the problem of identifying unknown online copyright infringers. Plaintiff sued some unknown “John Doe” defendants who infringed plaintiff’s copyrights. To keep the lawsuit moving forward, plaintiff needed to serve the complaint on the defendants. But this presented a challenge, since plaintiff did not know to whom it should deliver the documents. So plaintiff filed a motion with the court, asking for permission to send interrogatories and to take depositions that would help unmask the anonymous infringers. Plaintiffs sought to get information from parties including PayPal, Cloudflare and various domain name registrars. The court’s response provides guidance to parties seeking to learn the identities of unknown parties.

To identify unknown online copyright infringers: early discovery

The rules of procedure in federal court do not permit discovery requests until the parties have had an initial conference with each other. But they cannot have that conference if the defendant is unknown. So the plaintiff needs to send discovery requests earlier than what the rules generally allow. It needs the court’s permission to do so.

A court will not permit early discovery in every instance. But courts have made exceptions, permitting limited discovery after a plaintiff files the complaint to permit the plaintiff to learn the identifying facts necessary to permit service on the defendant. Courts allow these requests upon a showing of good cause.

What constitutes good cause for early discovery?

This court applied the three part test for good cause set out more than 20 years ago in the case of Columbia Ins. Co. v. Seescandy.com, 185 F.R.D. 573 (N.D. Cal. 1999). The party seeking early discovery should be able to:

  • Identify the missing party with sufficient specificity such that the court can determine that the defendant is a real person or entity who could be sued in federal court;
  • Identify all previous steps taken to locate the elusive defendant; and
  • Establish to the court’s satisfaction that the suit against defendant could withstand a motion to dismiss.

Early discovery was appropriate in this case

Under the first prong of the test, the court found that plaintiff identified the missing parties with as much clarity as possible. Plaintiff stated that those missing parties were persons or entities, and that those parties had been observed and documented as infringing on plaintiff’s copyrights. Thus, as real persons or entities, those Doe parties could be sued in federal court.

As for the second prong, the only information plaintiff had regarding the defendants was the existence of accounts relating to the operations of the defendants’ websites. Therefore, there were no other measures plaintiff could take to identify the defendants other than to obtain their identifying information from the parties from whom it was sought.

Finally, on the third prong, for identifying unknown copyright infingers, the court found that plaintiff had pled the required elements of direct and contributory copyright infringement. Plaintiff claimed (1) it owned and had registered the copyrighted work at issue in the case; (2) defendants knew of the infringing activity and were conscious of their infringement; and (3) defendants actively participated in this infringement by inducing, causing and contributing to the infringement of plaintiff’s copyrighted work. Since plaintiff had alleged each of these elements properly, this cause of action could withstand a motion to dismiss.

MG Premium Ltd. v. Does, 2020 WL 1675741 (W.D. Wash. April 6, 2020)

Related: 

Court denies porn company’s request to unmask anonymous copyright infringers

Serial copyright plaintiff Strike 3 Holdings filed a number of copyright complaints against defendants – known only by their IP addresses – for copyright infringement. Since plaintiff needed to know the identities of the defendants to move forward, it asked the court for leave to seek expedited discovery. In a consolidated matter – addressing a number of complaints – the court denied the motion.

The main reason for denying the motion was that, in the court’s view, as pleaded, plaintiff’s complaints were futile – they did not meet the standard for a motion to dismiss under Rule 12(b)(6).

Further, even if plaintiff had pled a cognizable copyright infringement claim, the court would still have denied the requests for expedited discovery. Good cause for the expedited discovery did not exist because:

  • plaintiff based its complaints on unequivocal affirmative representations of alleged facts that it did not know to be true
  • plaintiff’s subpoenas were misleading and created too great of an opportunity for misidentification of the unknown defendants
  • the linchpin of plaintiff’s good cause argument, that expedited discovery was the only way to stop infringement of its works, was wrong – plaintiff could have sent takedown notices under the Digital Millennium Copyright Act
  • plaintiff had other available means to stop infringement besides suing individual subscribers in thousands of John Doe complaints
  • the deterrent effect of plaintiff’s lawsuits was questionable
  • substantial prejudice may have inured to subscribers who were misidentified; and
  • plaintiff underestimated the substantial interest subscribers had in the constitutionally protected privacy of their subscription information.

On balance, therefore, the court found that the overall administration of justice and the prejudice to subscriber defendants outweighed plaintiff’s interest in expedited discovery.

Strike 3 Holdings, LLC v. Does, 2019 WL 5446239 (D.N.J. October 24, 2019)

Fact that others had access to defendant’s wi-fi was no reason to quash subpoena in copyright case

In a suit against John Doe defendant for copyright infringement arising from defendant’s alleged distribution of plaintiff’s movies via BitTorrent, plaintiff sent a subpoena to Comcast – defendant’s ISP – seeking defendant’s identify.

Defendant moved to quash the subpoena, contending that being the target of the civil action was an undue burden, because there was a substantial likelihood that plaintiff would be unable to establish that defendant was actually the person responsible for the alleged infringement. Defendant also included a letter from his neighbor describing how that neighbor and others had used defendant’s wireless network.

The court denied the motion to quash. It held that even though defendant may turn out to be innocent, at this stage plaintiff was merely seeking to uncover his identity. The fact that other people had access to defendant’s unsecured wi-fi was immaterial. 

Strike 3 Holdings, LLC v. Doe, 2019 WL 1865919 (N.D.Cal. April 25, 2019)

Court takes into consideration defendant’s privacy in BitTorrent copyright infringement case

Frequent copyright plaintiff Strike 3 Holdings filed a motion with the U.S. District Court for the District of Minnesota seeking an order allowing Strike 3 to send a subpoena to Comcast, to learn who owns the account used to allegedly infringe copyright. The Federal Rules of Civil Procedure created a bootstrapping problem or, as the court called it, a Catch-22, for Strike 3 – it was not able to confer with the unknown Doe defendant as required by Rule 26(f) because it could not identify the defendant, but it could not identify defendant without discovery from Comcast.

The court granted Strike 3’s motion for leave to take early discovery, finding that good cause existed for granting the request, and noting:

  • Strike 3 had stated an actionable claim for copyright infringement,
  • The discovery request was specific,
  • There were no alternative means to ascertain defendant’s name and address,
  • Strike 3 had to know defendant’s name and address in order to serve the summons and complaint, and
  • Defendant’s expectation of privacy in his or her name and address was outweighed by Strike 3’s right to use the judicial process to pursue a plausible claim of copyright infringement.

On the last point, the court observed that the privacy interest was outweighed especially given that the court could craft a limited protective order under Federal Rule of Civil Procedure 26(c) to protect an innocent ISP subscriber and to account for the sensitive and personal nature of the subject matter of the lawsuit.

Strike 3 Holdings, LLC v. Doe, 2018 WL 2278110 (D.Minn. May 18, 2018)

About the Author: Evan Brown is a Chicago technology and intellectual property attorney. Call Evan at (630) 362-7237, send email to ebrown [at] internetcases.com, or follow him on Twitter @internetcases. Read Evan’s other blog, UDRP Tracker, for information about domain name disputes.

Court allows Microsoft to unmask unknown Comcast users accused of infringement

A federal court in Washington state has given the green light for Microsoft to subpoena records from Comcast to discover the identity of the person or persons associated with an IP address used to activate thousands of unauthorized copies of Microsoft software.

Statue_of_Anonymus_(Budapest,_2013)

Generally, in federal court litigation, a party cannot serve discovery requests or subpoenas until after the plaintiff and defendant have conferred (in a Rule 26(f) conference). But when the plaintiff does not know the identity of the defendant, there is a bootstrapping problem – discovery needs to be taken to find out the defendant with whom to conduct the conference. In situations like this, the plaintiff seeking to unmask an unknown defendant will file its complaint against one or more “John Does,” then ask the court for leave to serve discovery prior to the Rule 26(f) conference.

That is what happened in this case. It is a common tactic used by parties legitimately seeking to enforce intellectual property, as well as parties that may be considered copyright trolls. See, e.g., this early bittorrent case from 2011.

Microsoft filed its complaint and also filed a motion for leave to take discovery prior to the Rule 26(f) conference. Finding that good cause existed for the early discovery, the court granted the motion.

It held that

(1) Microsoft had associated the John Doe Defendants with specific acts of activating unauthorized software using product keys that were known to have been stolen from Microsoft, and had been used more times than were authorized for the particular software,

(2) Microsoft had adequately described the steps it took in an effort to locate and identify the John Doe defendants, specifically by utilizing its “cyberforensics” technology to analyze product key activation data, identifying patterns and characteristics which indicate software piracy,

(3) Microsoft had pleaded the essential elements to state a claim for copyright and trademark infringement, and

(4) the information proposed to be sought through a subpoena appeared likely to lead to identifying information that would allow Microsoft to serve the defendants with the lawsuit.

Microsoft Corp. v. John Does 1-10, 2017 WL 4958047 (W.D. Wash., November 1, 2017)

Image courtesy Dmitrij Rodionov under Creative Commons Attribution-Share Alike 3.0 Unported license. Licensed granted hereby under same terms.

Trial court erred in ordering defendant to turn over his iPhone in ediscovery dispute

AllianceBernstein L.P. v. Atha, — N.Y.S.2d —, 2012 WL 5519060 (N.Y.A.D. 1 Dept., November 15, 2012)

Plaintiff sued its former employee for breach of contract alleging he took client contact information on his iPhone when he left the job. The trial court ordered defendant to turn the iPhone over to plaintiff’s counsel so plaintiff could obtain the allegedly retained information.

Defendant sought review of the discovery order. On appeal, the court reversed and remanded.

The appellate court found that the lower court’s order that defendant turn over his iPhone was beyond the scope of plaintiff’s request and was too broad for the needs of the case. Ordering production of defendant’s iPhone (which, the court observed, has built-in applications and internet access) “was tantamount to ordering the production of his computer.” The iPhone would disclose irrelevant information that might include privileged communications or confidential information.

So the court ordered that the phone and a record of the device’s contents be delivered to the court for an in camera review to determine what, if any information contained on the phone was responsive to plaintiff’s discovery request.

Court orders in camera review of injured plaintiff’s Facebook content

Richards v. Hertz Corp., — N.Y.S.2d —, 2012 WL 5503841 (N.Y.A.D. 2 Dept. November 14, 2012)

Plaintiff sued defendant for personal injury. Defendant saw a photo plaintiff had publicly posted on Facebook of herself skiing. When defendant requested plaintiff to turn over the rest of her Facebook content (presumably to find other like-pictures which would undermine plaintiff’s case), plaintiff sought a protective order. The trial court granted the motion for protective order, but required plaintiff to turn over every photo she had posted to Facebook of herself engaged in a “sporting activity”.

woman skiing

Defendants appealed the entry of the protective order. On review, the appellate court reversed and remanded, finding that defendants had made a showing that at least some of the discovery sought would result in the disclosure of relevant or potentially relevant evidence.

But due to the “likely presence” of private and irrelevant information in plaintiff’s account, the court ordered the information be turned over to the judge for an in camera review prior to disclosure to defendants.

Whether the plaintiff effectively preserved her Facebook account information may be an issue here. The facts go back to 2009. One is left to wonder whether and to what extent plaintiff has not gone back and deleted information from her account which would bear on the nature and extent of her injuries. It goes to show that social media discovery disputes can take on a number of nuances.

Photo courtesy Flickr user decafinata under this Creative Commons license.

Scroll to top