Expedited discovery may enable obtaining relief from unidentified cryptocurrency hackers



United States Publication March 2019

In the anonymous/pseudonymous world of blockchain transactions, it can be difficult to obtain effective relief against wrongdoers who cannot be identified. However, a recent court ruling authorizes using expedited discovery procedures to obtain a route to holding such wrongdoers to account.

In ZG TOP Technology Co. Ltd. v. John Doe, 2019 WL 917418 (W.D. Wash. Feb. 25, 2019), the plaintiff was a “global blockchain asset trading platform” that provided “an online digital asset trading platform for products commonly known as cryptographic tokens, digital tokens or cryptographic currency” and also hosted “custodial digital cryptocurrency wallets.” Its systems were hacked, causing it to lose hundreds of thousands of cryptocurrency tokens. ZG TOP was not able to identify the attacker but was able to document that the stolen tokens were transferred to an account at Bittrex, a Seattle-based cryptocurrency trading platform. When ZG TOP contacted Bittrex to seek information, Bittrex replied that it had identified the account holder but would not disclose the account holder’s identify absent the account holder’s consent or a court order.

ZG TOP responded by filing a “John Doe” lawsuit against the hacker whose name was not known, and then moved for permission to start taking expedited discovery before the defendant was served and the parties had had the required initial discovery planning conference. The court looked at whether ZG TOP had shown “good cause” to deviate from the usual case schedule rules, and concluded that it had, stating: “One situation in which early discovery may be necessary appears in cases in which the defendant's identity cannot be determined at the time the action is commenced. Courts accordingly routinely permit early discovery for the limited purpose of identifying ‘Doe’ defendants on whom process could not otherwise be served.”

ZG TOP argued that expedited discovery from Bittrex and possibly others was needed to (1) identify the defendant “so he/she can be named and served in this case,” (2) track and freeze the stolen cryptocurrency immediately so that ZG TOP could recover as much of it as possible, and (3) “preserve digital evidence that might otherwise be subject to being altered, deleted, or destroyed.” The Court found there was “good cause” to support ZG TOP's request for information from Bittrex identifying John Doe’s identity. The court noted that ZG TOP’s claim as pleaded against the “John Doe” hacker appeared likely to survive a motion to dismiss, and that both Bittrex and “John Doe” would still have an opportunity to raise objections if they believed the prejudice to them from the requested discovery outweighed ZG TOP’s need for the information.

The court did not grant ZG TOP open-ended carte blanche, however. It did not authorize ZG TOP’s requests for facilitating the tracking, freezing, and recovery of the allegedly stolen cryptocurrency, stating that these requests sought affirmative relief that was the subject of the lawsuit, and so were not appropriate for expedited discovery or other relief so early in the lawsuit. The court also declined at this stage to allow ZG TOP to serve discovery requests on other persons besides Bittrex who were not currently identified before any initial discovery conference with the court had been held.

This ruling illustrates how creative litigation tactics can be used to meet the challenges that disruptive technologies can pose in a legal system that was designed for the commercial world of an earlier time.

Recent publications

Subscribe and stay up to date with the latest legal news, information and events...