Sim swaps, default judgments, and international satoshi depositions — such law, much crypto! This week we look at a high profile crypto case involving sim swapping and a $24 million crypto loss, a default judgment involving bitcoin where the plaintiff’s damages benefitted by a number go up market, and international deposition intrigue in the ongoing Kleiman v. Wright litigation.
Disclaimer: These summaries are provided for educational purposes only by Nelson Rosario and Stephen Palley. They are not legal advice. These are our opinions only, aren’t authorized by any past, present or future client or employer. Also we might change our minds. We contain multitudes.
(As always, Rosario summaries are “NMR” and Palley summaries are “SDP”. Image credit: https://pixabay.com/photos/roll-mops-fish-hangover-breakfast-4028046/ (Pixabay license).
Terpin v. AT&T Mobility, LLC, 2019 U.S. Dist. LEXIS 121905 (D. C.D.Cal., 2:18-cv-06975-ODW, 7/19/2019) [SDP]
This case involves SIM swapping, cryptocurrency theft and black letter law. Plaintiff had cell phone service via AT&T and a significant amount of cryptocurrency. According to the opinion, “[a]fter hackers attempted and failed eleven times to change Mr. Terpin’s AT&T password in AT&T stores, the hackers were able to change his password remotely.” This allowed them to access accounts for which he used his telephone for authentication, and also allowed the hackers to convince Plaintiff’s client to send them cryptocurrency. By the time AT&T was able to get control of the number back to Plaintiff, he says he had lost “substantial funds.”
Two days after this initial loss, Plaintiff met with AT&T representatives and they “alleged promised” to put a higher level of security on his phone, including a six-digit passcode, that would prevent anyone other than he or his wife to transfer the phone number to another phone. Alas, this didn’t work and in January 2018 an AT&T store employee in Connecticut “assisted an impostor with a SIM card swap.” Long story, short: over a two day period plaintiff says the impostor stole $24 million worth of cryptocurrency from him.
Plaintiff sued AT&T, alleging 16 causes of action, which I am not going to list in detail here. They include a bunch of claims for state and federal statutory violations, a bucket full of tort claims, and a request for a declaratory judgment. You will see why I don’t go into detail about the causes of action in a second.
AT&T filed a motion to dismiss under Rule 12(b)(6) of the Federal Rules of Civil Procedure, saying that the plaintiff had failed to state a claim upon which relief could be granted. This is an early motion that you file in a case and when ruling on it the Court has to take the facts alleged at face value and assume they are true. The question is whether (if the facts are true) there’s a legally plausible claim. With one exception the Court says, no, there isn’t.
Here’s the problem. In order to prove damages you have to show something called proximate cause. Proximate cause is also sometimes referred to as legal cause (as opposed to cause-in-fact). AT&T made two arguments: “(1) the independent, intervening criminal acts of others, the hackers/imposter, destroy proximate cause; and (2) Mr. Terpin failed to adequately allege how the flaws in AT&T’s security resulted in Mr. Terpin’s funds being stolen.”
The Court agreed with AT&T, for the most part. On the one hand, the Court agrees that Plaintiff “has sufficiently alleged that the criminal acts of a third party were reasonably foreseeable by AT&T.” On the other hand, “Mr. Terpin fails to sufficiently allege proximate cause. Mr. Terpin does not connect how granting the hackers/fraudsters access to Mr. Terpin’s phone number resulted in him losing $24 million. Based on the allegations of the Complaint, Mr. Terpin asserts that AT&T assisted the hackers with a SIM card swap, thus granting the hackers access to Mr. Terpin’s phone number. This allegedly resulted in Mr. Terpin losing $24 million in cryptocurrency. However, Mr. Terpin does not explain how the hackers accessed Mr. Terpin’s cryptocurrency account(s), whether they sold Mr. Terpin’s cryptocurrency then transferred the money, or whether they transferred the cryptocurrency to a cold wallet. At this stage, the Court is left to speculate how having access to Mr. Terpin’s phone number resulted in the theft of cryptocurrency.”
Because of this basic pleading flaw, the Court dismissed every cause of action in the complaint except for a declaratory judgment claim, with leave to amend in a twenty day period. I suspect that Plaintiff will be able to overcome the pleading defect in an amended pleading, but the question about proximate cause, and whether or not the damages were caused by independent third party criminal acts will certainly reappear as a defense — and not a bad one — later in the case. Also, if this was foreseeable to AT&T it’s not clear why it wasn’t foreseeable to Plaintiff, and one would expect to AT&T to raise this as a defense as well. It does seem rather astonishing that a sophisticated crypto holder would leave this much crypto on an exchange, continuing to use SMS two factor authentication with a phone that had already been compromised. This isn’t to excuse AT&T but, well, you can see the argument they will make.
The Court did deny the motion to dismiss regarding the declaratory judgment count, which may or not be a pyrrhic victory for plaintiff. In short, the Court agreed that the DJ claim was sufficiently alleged and that a decision about whether or not the AT&T wireless agreement is unconscionable and void as against public policy is ripe for adjudication. Basically, plaintiff wants to get the agreement thrown out because it would require arbitration of the claim. Of course this all moot if plaintiff can’t get damages, but it does seem likely that we will see a ruling on the enforceability of the agreement and that Plaintiff will be able to replead his complaint so that he sufficiently alleges proximate cause.
Smoak v. 1 Bitcoin Mkt., 2019 U.S. Dist. LEXIS 123336 (D.W.D.Ok., CIV-18–1096-PRW, 7/24/2019) [SDP]
If you get sued and legally served with process, the Court will enter something called a default judgment against you. The idea is that you have sufficient notice of claims and can’t be bothered to defend against them, you’ll be found liable and you’ll end up with a judgment against you. While liability is one thing, damages are another, and as this case shows, the plaintiff doesn’t always get everything they want.
Plaintiff sued Bitcoin Market, LLC, and Dustin and Tiffany Dollar in late 2018. They never answered or moved to dismiss. Plaintiff says he is owed damages in the amount of 75 bitcoin, “the value of his lack of access to his bitcoin, $1,000 and his attorneys’ fees and costs.”
The Court held an evidentiary hearing on plaintiff’s default judgment and held that he is entitled to damages “in the amount of $723,143.50. This award is based on the following calculations: (1) the value of 75 bitcoin as of the date of entry of judgment (75 x $9,628.5810); plus (2) $1,000.00 representing the amount Plaintiff transferred to be held in his Bitcoin Market account.” To determine the value of bitcoin on that date, the Court averaged prices from CEX-IO and Coinbase, which were $9,627.70 and $9,629.46, respectively.
The Court said that plaintiff wasn’t entitled to damages for lack of access to his bitcoin because that wasn’t foreseeable at the time of contracting. Also, plaintiff wasn’t entitled to attorneys fees and costs because there’s no statutory right to them and plaintiff didn’t identify a contract provision that established this entitlement. (As a general rule, the prevailing party in U.S. litigation doesn’t get reimbursed for attorney’s fees absent a statute or contract that awards ’em — this is known, fittingly, as “the American Rule.”)
It’s kind of interesting that the Court selected the date of the default judgment as the date to fix damages. I suppose it’s good fortune that the default and damages were calculated in July of this year instead of March.
Kleiman v. Wright, Case №9:18-cv-80176-BB/BR (S.D. Fla., mailed July 22, 2019) [NMR]
The Kleiman v. Wright case has been underway since February of 2018. That’s seventeen months time, and we still have a long way to go in this case, especially if this most recent request is granted. That request relates to witnesses. People that may be able to shed some light on the whole Satoshi issue, and other matters relevant to Kleiman’s case against Craig Wright. The problem is these people are all in the UK. So, what can you do when you want to interview people in the UK? Well, you can have the court send a Request for International Judicial Assistance. A what? Time for a little international law lesson.
For those that are unaware, there are lots of international treaties between countries all around the world. Lots. Given that lawsuits involving parties in different countries are not new things, you can probably guess that some of those international treaties would deal with how to handle those lawsuits. What happened recently in the Kleiman v. Wright case, is that the Court sent a letter rogatory, or letter of request, to the Senior Master of the Queen’s Bench Division of the High Court, Royals Courts of Justice in London. There’s so much more pagentry in London, but I digress. Kleiman’s attorneys prepared this letter for the Court to send via a procedure authorized under the Convention on the Taking of Evidence Abroad in Civil or Commercial Matters, or more commonly known as the Hague Evidence Convention. This treaty was ratified by the US in 1972, and later by the UK in 1976, ergo, lawyers in both countries may leverage the Convention to get evidence when they need it. So, what evidence is Kleiman seeking here?
Well, according to the request, Kleiman’s attorneys want to interview three witnesses: Andrew O’Hagan who wrote the book The Satoshi Affair, Ramona Watts who is Craig Wright’s wife, and Robert MacGregor a business associate of Wright. As you can imagine, these people probably know some things. In the letter of request the particular documentation requested, and the proposed subject matter of questioning is laid out for the UK judge to see.
From O’Hagan the plaintiff wants to ask about the process of writing the Satoshi Affair, as well as, any statements or documents provided by Wright that related to Dave Kleiman, W&K Info, Satoshi, the creation of Bitcoin, etc., Kleiman also wants access to related emails and documents, and notably “many hours of tape” that were used to write the book.
From Ramona Watts, Kleiman’s attorneys want testimony concerning anything non-privileged Wright told her about Dave Kleiman, W&K Info, Satoshi, the creation of Bitcoin, Uyen Nguyen, the ATO investigation, the deal with MacGregor, Matthews, and Ayre, and intellectual property matters. As you can see, there’s some new players on the board. They also want any documents and communications that Watts has “dated prior to February 14, 2018, between Ms. Watts and either (i) Robert MacGregor, (ii) Stefan Matthews, (iii) Calvin Ayre, (iv) or their agents that relate to W&K Info Defense Research, Dave Kleiman, Satoshi Nakamoto, or the Tulip Trust.”
MacGregor was involved in a deal with Wright to sell the life rights to Satoshi’s story, and Kleiman’s attorneys want information about that, as well as anything related to Kleiman, Nakamoto, W&K, the Trust, the ATO investigation, IP matters, and the allegedly mined bitcoin. Just like Watts, the plaintiff wants documents and communications related to Dave Kleiman, W&K Info, Satoshi, the creation of Bitcoin, Uyen Nguyen, the ATO investigation, the deal with MacGregor, Matthews, and Ayre, and intellectual property matters. Needless to say, there is a lot of potential new evidence that may come into this case.
What happens next is that the UK judge will review letter and decide whether or not to grant the request. The UK judge could deny the request, and there wouldn’t be anything that the parties here in the US could do about it. So, hopefully, for Kleiman, the request is compelling and is not an afront to the sensibilities of the UK judge. We shall see.