Cryptocurrency scam victim can seek to identify Coinbase, Binance and Gemini users

A federal court in Wisconsin allowed a cryptocurrency scam victim to try to find out who stole his cryptocurrency. It found that good cause existed to allow the plaintiff-victim to send subpoenas to Coinbase, Binance and Gemini.

cryptocurrency scam victim

The Federal Rules of Civil Procedure state that a party cannot seek discovery “from any source before the parties have conferred as required by Rule 26(f).” So plaintiff was required to get authorization from the court before seeking information from the various cryptocurrency exchange platforms onto which he believed his assets had been placed. He filed a motion requesting such authorization.

The judge first observed that various trial courts within the same federal circuit (this case arose in Wisconsin federal court, which is in the Seventh Circuit) have applied different tests when deciding whether “expedited discovery” is appropriate. One such test requires, among other things, that the party seeking discovery show that it will suffer irreparable harm if the request is not granted. The other test – the good cause standard – allows expedited discovery “when the need for [such discovery], in consideration with the administration of justice, outweighs the prejudice to the responding party.”

In this case, the court applied the good cause standard. But the court did not allow plaintiff to send subpoenas concerning all of the information he had asserted should be discoverable. For example, plaintiff asked the court for permission to seek the Doe defendant’s social security number, as well as transaction logs and correspondence. The court found such requests “go far beyond seeking the defendants’ identifying information” and would instead be the types of discovery requests the court might expect plaintiff to make once the defendants have been identified and plaintiff is seeking discovery as to his substantive allegations. Instead, the court permitted expedited discovery for the sole purpose of obtaining information to identify the John Doe defendants. This information included only the name, street address, telephone number and e-mail address of each John Doe.

The court further ordered that Coinbase, Binance and Gemini had to provide a copy of the subpoena to each John Doe and any other affected user as soon as possible after service of the subpoena. The court’s order also provided that each of the platforms and any affected user must have 14 days from the date of service of the subpoena to object to the subpoena under Federal Rule of Civil Procedure 45(d)(2)(B). The platforms were ordered not to disclose any John Doe’s identifying information, or such information for any other affected user, during that fourteen-day period (unless or until the court may otherwise order). The platforms were also ordered to preserve any material responsive to the subpoena for a period of no less than 90 days to allow the plaintiff to file a motion to compel.

Wuluvarana v. Does 1-3, 2023 WL 183874 (E.D. Wisconsin, January 14, 2023)

Evan Brown is a technology and intellectual property attorney in Chicago. Follow him on Twitter at @internetcases.

See also:

Court protects the privacy of bitcoin address and transaction information

Defendant asked the court to redact his bitcoin address and transaction information from exhibits used at trial, which ordinarily would become part of the public record. He argued that for each transaction recorded on the blockchain, one could reverse engineer the entire transaction if he or she knows the individual associated with one of a number of pieces of information, including transaction ID and public bitcoin address. “[O]nce a particular individual is associated [with] any of this information, it is essentially akin to providing that individual’s financial account number.”

The court allowed the redaction of the bitcoin address and bitcoin transactions. It found that defendant had demonstrated good cause to support the redactions. The court balanced the public’s right of access to court information against defendant’s interest in keeping the information confidential. It agreed with defendant’s assertion that the bitcoin information he sought to redact is akin to a financial account number or personally identifiable information.

Kleiman v. Wright, 2022 WL 390702 (S.D. Fla., February 9, 2022)

How do you identify an anonymous hacker?

An unknown person allegedly hacked plaintiff’s information systems and temporarily rendered plaintiff’s email system inoperable. Not knowing who to sue, plaintiff sued a number of “John Doe” defendants under the Computer Fraud and Abuse Act and the Stored Communications Act. It was yet to identify the anonymous hacker.

But that was as far as plaintiff could go without the court’s help. Since plaintiff did not know the real names of the defendants, it could not serve the complaint on them. To learn defendants’ identities, plaintiff sought permission from the court to seek expedited discovery.

Early discovery to identify an anonymous hacker

Under the rules of procedure, a party may not start serving discovery requests (including subpoenas) until the plaintiff and defendant have held their Rule 26(f) conference. But the parties cannot hold that conference unless their identities are known. So, in circumstances where “good cause” exits, courts will allow plaintiffs to send subpoenas before the Rule 26(f) conference.

In this case, plaintiff asked for permission to send a subpoena to the internet service provider associated with the IP address used to hack plaintiff’s system.

When is there good cause to grant early discovery?

The court found good cause to permit limited discovery prior to the Rule 26(f) conference. Without information from the ISP, plaintiff could not amend its complaint to name the appropriate defendant, let alone effectuate service of that pleading.

The court recognized that the subscriber whose information was on file with the internet service provider may not be personally responsible for the allegedly wrongful access. But he or she may have information that would assist in identifying the alleged bad actor. The court found, therefore, that the subscriber’s identity was relevant and discoverable under the broad scope of applicable rules.

The court’s order allowing expedited discovery contained certain important limitations, to curb against potentially expansive and intrusive discovery. It permitted plaintiff to serve a subpoena on the internet service provider. But plaintiff could only seek the name and address of the subscriber associated with the IP address used to access plaintiff’s systems.

Re: Gaaays In Spaaace v. John Does (1-10) et al., 2020 WL 6042289 (D.N.J. October 13, 2020)

See also: Finding out who infringed copyright – identifying infringers

Evan Brown, nondisclosure agreementsEvan Brown is a technology and intellectual property attorney in Chicago. This content originally appeared on evan.law.

How Portland has not demonstrated long-term commitment to a ban on facial recognition technologies

facial recognition ban

Portland, Oregon yesterday passed a ban on facial recognition technology. Officials cited two primary reasons for the ban. First, current facial recognition technologies less accurately identify people who are not young, white and/or male. Second, everyone should have some sense of anonymity and privacy when in public places.

Should the facial recognition ban focus on disparate impact?

Do Portland’s efforts to “improve people’s lives, with a specific focus on communities of color and communities with disabilities” demonstrate an effective long-term commitment to keeping invasive facial recognition technology at bay? Such a focus implies that when facial recognition technologies get better and less biased, they should then be deployed full scale, because then everyone will be harmed equally.

That’s one of the problems with looking to ban a technology based on its nascent state and accompanying imperfect implementation. Given the choice between arguing (1) that a technology is being harmfully implemented now, and (2) that the technology, no matter how perfect it is, infringes some fundamental human right, I’d go with number (2) every time.

We will find ourselves halfway down the slippery slope

We know the accuracy of this technology will increase with the development of better cameras, smarter algorithms and more data. When that happens, if you are still seeking to argue against its harmful effects on fundamental rights such as anonymity and privacy, you will already have slid halfway down the slope. With your previous “best” argument made moot, your argument now – an appeal to fundamental rights – will have less impact.

So maybe we should focus on the real issues – the fundamental right of anonymity and privacy for everyone – rather than leading with a social justice argument. At some later point, having made it the primary argument and it having becoming moot, the rationale will be a liability.

About the author

Evan Brown is a technology and intellectual property attorney in Chicago. Follow him on Twitter at @internetcases. Phone: (630) 362-7237. Email: ebrown@internetcases.com.

See also

Police not required to publicly disclose how they monitor social media accounts in investigations

Finding out who infringed copyright – identifying infringers

Need information about finding out who infringed your copyright? This video may provide some guidance. 

Copyright owners of video and photos may find their works have been copied and posted somewhere else online and therefore need to take action for copyright infringement. But the first challenge may be to identify who the unknown defendant is. This video discusses (1) filing a copyright infringement case in federal court, (2) showing good cause for early discovery to identify the unknown alleged infringer, and (3) sending subpoenas.  Finding out who infringed copyright can be a difficult task. 

The federal courts have exclusive jurisdiction for copyright infringement cases. That means a state court will not be able to hear a copyright infringement matter. A copyright infringement case filed in state court will get dismissed because state courts cannot hear cases that are exclusively the subject of federal jurisdiction.

When a party has filed suit, it usually knows who the defendant is. But sometimes it is necessary to file suits against “John Doe” defendants. In the online copyright infringement context, the copyright owner will need to take early discovery. This requires persuading the federal judge that good cause exists for taking early discovery. To show good cause, a party will need to show that an actual person has infringed, that it has taken as many steps possible to unmask the anonymous copyright infringer, and that its copyright infringement case is strong enough to survive a motion for summary judgment. 

Once these things are shown, the court will allow the plaintiff to send subpoenas to the host of the infringing content and to the internet service providers associated with the IP address that uploaded the copyright infringing content. Then, if the plaintiff is successful in unmasking the unknown defendant, the copyright infringement case can actually begin .

More information: Identifying unknown online copyright infringers: court gives guidance

finding out who infringed copyright

Identifying unknown online copyright infringers: guidance

unmasking online copyright infringers

A recent case addressed the problem of identifying unknown online copyright infringers. Plaintiff sued some unknown “John Doe” defendants who infringed plaintiff’s copyrights. To keep the lawsuit moving forward, plaintiff needed to serve the complaint on the defendants. But this presented a challenge, since plaintiff did not know to whom it should deliver the documents. So plaintiff filed a motion with the court, asking for permission to send interrogatories and to take depositions that would help unmask the anonymous infringers. Plaintiffs sought to get information from parties including PayPal, Cloudflare and various domain name registrars. The court’s response provides guidance to parties seeking to learn the identities of unknown parties.

To identify unknown online copyright infringers: early discovery

The rules of procedure in federal court do not permit discovery requests until the parties have had an initial conference with each other. But they cannot have that conference if the defendant is unknown. So the plaintiff needs to send discovery requests earlier than what the rules generally allow. It needs the court’s permission to do so.

A court will not permit early discovery in every instance. But courts have made exceptions, permitting limited discovery after a plaintiff files the complaint to permit the plaintiff to learn the identifying facts necessary to permit service on the defendant. Courts allow these requests upon a showing of good cause.

What constitutes good cause for early discovery?

This court applied the three part test for good cause set out more than 20 years ago in the case of Columbia Ins. Co. v. Seescandy.com, 185 F.R.D. 573 (N.D. Cal. 1999). The party seeking early discovery should be able to:

  • Identify the missing party with sufficient specificity such that the court can determine that the defendant is a real person or entity who could be sued in federal court;
  • Identify all previous steps taken to locate the elusive defendant; and
  • Establish to the court’s satisfaction that the suit against defendant could withstand a motion to dismiss.

Early discovery was appropriate in this case

Under the first prong of the test, the court found that plaintiff identified the missing parties with as much clarity as possible. Plaintiff stated that those missing parties were persons or entities, and that those parties had been observed and documented as infringing on plaintiff’s copyrights. Thus, as real persons or entities, those Doe parties could be sued in federal court.

As for the second prong, the only information plaintiff had regarding the defendants was the existence of accounts relating to the operations of the defendants’ websites. Therefore, there were no other measures plaintiff could take to identify the defendants other than to obtain their identifying information from the parties from whom it was sought.

Finally, on the third prong, for identifying unknown copyright infingers, the court found that plaintiff had pled the required elements of direct and contributory copyright infringement. Plaintiff claimed (1) it owned and had registered the copyrighted work at issue in the case; (2) defendants knew of the infringing activity and were conscious of their infringement; and (3) defendants actively participated in this infringement by inducing, causing and contributing to the infringement of plaintiff’s copyrighted work. Since plaintiff had alleged each of these elements properly, this cause of action could withstand a motion to dismiss.

MG Premium Ltd. v. Does, 2020 WL 1675741 (W.D. Wash. April 6, 2020)

Related: 

Court denies porn company’s request to unmask anonymous copyright infringers

Serial copyright plaintiff Strike 3 Holdings filed a number of copyright complaints against defendants – known only by their IP addresses – for copyright infringement. Since plaintiff needed to know the identities of the defendants to move forward, it asked the court for leave to seek expedited discovery. In a consolidated matter – addressing a number of complaints – the court denied the motion.

The main reason for denying the motion was that, in the court’s view, as pleaded, plaintiff’s complaints were futile – they did not meet the standard for a motion to dismiss under Rule 12(b)(6).

Further, even if plaintiff had pled a cognizable copyright infringement claim, the court would still have denied the requests for expedited discovery. Good cause for the expedited discovery did not exist because:

  • plaintiff based its complaints on unequivocal affirmative representations of alleged facts that it did not know to be true
  • plaintiff’s subpoenas were misleading and created too great of an opportunity for misidentification of the unknown defendants
  • the linchpin of plaintiff’s good cause argument, that expedited discovery was the only way to stop infringement of its works, was wrong – plaintiff could have sent takedown notices under the Digital Millennium Copyright Act
  • plaintiff had other available means to stop infringement besides suing individual subscribers in thousands of John Doe complaints
  • the deterrent effect of plaintiff’s lawsuits was questionable
  • substantial prejudice may have inured to subscribers who were misidentified; and
  • plaintiff underestimated the substantial interest subscribers had in the constitutionally protected privacy of their subscription information.

On balance, therefore, the court found that the overall administration of justice and the prejudice to subscriber defendants outweighed plaintiff’s interest in expedited discovery.

Strike 3 Holdings, LLC v. Does, 2019 WL 5446239 (D.N.J. October 24, 2019)

Plaintiff failed to make key arguments in bid to unmask anonymous online defendants

Plaintiff sued some unknown defendants for breach of contract and violations of the Computer Fraud and Abuse Act, based on the defendants’ deceptive conduct that tricked some internet users into signing up for plaintiff’s paid services. The unknown defendants would receive affiliate commissions from operating this scheme. This caused reputation problems for plaintiff.

Plaintiff sought early discovery to ascertain the identities of the unknown defendants. The court denied the motion.

The Federal Rules of Civil Procedure do not permit a party to seek discovery from the adverse parties in the case until all parties have conducted an initial conference under Rule 26(f). But when the defendants are unknown, that conference cannot take place. So the plaintiff needs to conduct discovery to find out who they are. In situations like these, for the required early discovery to occur and the unknown defendants to be identified (so that the conference can take place), the court must enter an order permitting early discovery.

A court can authorize early discovery to identify unknown defendants if there is good cause. In determining whether there is good cause, courts consider whether the plaintiff:

  • can identify the missing party with sufficient specificity such that the court can determine that defendant is a real person or entity who could be sued in federal court;
  • has identified all previous steps taken to locate the elusive defendant; 
  • has articulated claims against defendant that would withstand a motion to dismiss; and 
  • has demonstrated that there is a reasonable likelihood of being able to identify the defendant through discovery such that service of process would be possible.

In this case, the court found that plaintiff failed to identify the defendants with sufficient specificity, and did not demonstrate that each defendant was a real person or entity who would be subject to jurisdiction in the Northern District of California. Plaintiff had not explained why defendants would be subject to the jurisdiction of the court, as defendants’ activities seemed directed at Argentina, and plaintiff’s harm was felt in Argentina and other parts of Latin America. The only apparent connection defendants had with the Northern District of California was that they used domain name services from California companies. Plaintiff provided no authority to suggest this was sufficient to create jurisdiction.

Plaintiff also failed to explain what steps it had taken to locate defendants. Citing to Columbia Ins. Co. v. seescandy.com, 185 F.R.D. 573 (N.D. Cal. 1999), the court noted that “[t]his element is aimed at ensuring that plaintiffs make a good faith effort to comply with the requirements of service of process and specifically identifying defendants.” 

In its motion, plaintiff only stated that there were no more practical measures that would permit it to identify the unknown defendants, but did not identify what measures – if any – were taken. For example, plaintiff was apparently able to identify defendants as affiliates, and that a contract existed, giving rise to legal liability. It was therefore not clear why plaintiff was unable to identify defendants based on the contract.

Binbit Argentina, S.A. v. Does 1-25, No. 19-5384, 2019 WL 4645159 (N.D. Cal., September 24, 2019)

See also:

Court allows blockchain platform to send subpoena seeking info about hacker

Plaintiff provides a blockchain asset trading platform and claimed that a hacker broke in and transferred 330,000 Tether and 100 Ether to a Bittrex account. Though Bittrex told plaintiff it had identified the relevant Bittrex account holder, it would not disclose the identity to plaintiff without a court order.

So plaintiff filed suit against the John Doe hacker for conversion, violation of the federal Computer Fraud and Abuse Act, and under Washington state law. Since it could not serve the complaint on the Doe defendant without knowing his identity, plaintiff sought permission from the court to take early discovery from Bittrex. The court granted the motion.

The court permitted plaintiff to send a subpoena to Bittrex requesting the name of the Doe defendant. Federal Rule of Civil Procedure 26(d) bars parties from seeking “discovery from any source before the parties have conferred as required by Rule 26(f), except in a proceeding exempted from initial disclosure under Rule 26(a)(1)(B), or when authorized by these rules, by stipulation, or by court order.” Fed. R. Civ. P. 26(d)(1). In determining whether to permit expedited discovery, the court required plaintiff to demonstrate that “good cause” existed to deviate from the standard pretrial schedule.

In the Ninth Circuit, a court evaluating whether a plaintiff establishes good cause to learn the identity of Doe defendants through early discovery examines whether the plaintiff (1) identifies the Doe defendant with sufficient specificity that the Court can determine that the defendant is a real person who can be sued in federal court, (2) recounts the steps taken to locate and identify the defendant, (3) demonstrates that the action can withstand a motion to dismiss, and (4) proves that the discovery is likely to lead to identifying information that will permit service of process. This test is often associated with the case of Columbia Ins. Co. v. seescandy.com, 185 F.R.D. 573, 578–80 (N.D. Cal. 1999).

In this case, the court found that good cause supported plaintiff’s request for leave to take expedited discovery to ascertain sufficient identifying information about the Doe defendant. Plaintiff had provided evidence that appeared to trace the allegedly stolen funds to an account on Bittrex, and plaintiff’s conversation with Bittrex indicated that Doe’s identity as the account holder was likely already known or ascertainable. The court also found that plaintiff’s request seeking identifying information related to Doe was reasonably likely to lead to the production of information that would permit plaintiff to serve process.

ZG TOP Technology Co., Ltd. v. John Doe, 2019 WL 917418 (W.D. Wash., February 25, 2019)

Should revenge porn victims be allowed to proceed anonymously in court?

Plaintiff and her twin sister sued her ex-boyfriend and an unknown John Doe accusing them of copyright infringement and other torts such as invasion of privacy. They claimed the defendants posted intimate and nude photos of plaintiffs online without their consent. And defendants had posted one of the plaintiff’s name and other information on social media in connection with the photos.

Arguing that they had a substantial privacy right that outweighed the customary and constitutionally-embedded presumption of openness in judicial proceedings, plaintiffs asked the court for permission to proceed anonymously. But the court denied the motion.

Plaintiffs’ privacy arguments

Plaintiffs had primarily argued that proceeding under their real names would require them to disclose information of the utmost intimacy and that if they were required to attach their names to the litigation, there would be a public record connecting their names to the harm and exploitation they had suffered which could result in even more people viewing the very images that were stolen and disseminated without their consent.

Court: the harm had already been done

The court rejected these arguments. It observed that the photographs had been published on the internet for approximately seven years and had been sent to people they know. Plaintiffs admitted that one of them could be identified in some of the photographs because her face and a distinctive tattoo were visible. And John Doe had already published that plaintiff’s contact information which resulted in her being inundated with phone calls, text messages, emails, and Instagram, Facebook, and Twitter messages.

So in the court’s mind it appeared that that plaintiff’s identity was already known or discoverable. In addition, that plaintiff had obtained copyright registrations for many of the photographs and the copyright registration was a public document that clearly identified her by name.

As for the twin sister, although her identity had not been similarly made public, the court found that “no great stretch [was] required to identify her through public records as [the other plaintiff’s] twin sister.”

Consequently, the court was not persuaded that plaintiffs’ privacy interests outweighed the public’s right of access in judicial proceedings.

M.C. v. Geiger, 2018 WL 6503582 (M.D.Fla. Dec. 11, 2018)

Scroll to top