Crypto Caselaw Minute #54–9/20/19
There was so much crypto caselaw this week that Nelson and I had to spend three days in an editorial meeting before we got the week’s post done. Every time we thought we had the line up down a new thing would happen. So. This week we cover a truly insane story involving something to do with ether and a lawyer and exortion, a new motion to dismiss in the ripple litigation, and a newish indictment that involves the new crime of crypto-jacking.
Disclaimer: Crypto Caselaw Minute is provided for educational purposes only by Nelson Rosario and Stephen Palley. These summaries are not legal advice. They are our opinions only, aren’t authorized by any past, present or future client or employer. Also we might change our minds. We contain multitudes.
(As always, Rosario summaries are “NMR” and Palley summaries are “SDP”. Our Image credit: https://pixabay.com/photos/dog-smile-outdoor-paste-variety-1558962/(Pixabay license).
USA v. Nerayoff and Hlady, Cr. №19-MJ-830 (E.D.N.Y. filed September 19, 2019)
A bedrock principle of the American system is the idea that you are innocent until proven guilty. The government must prove its case against you beyond a reasonable doubt before you are convicted of a crime. What does that mean? Well, without getting into the weeds too much, the evidence has to be so overwhelming that no reasonable person would look at it and think “yeah, the defendant is totes innocent.” But, remember, the government has to prove the case. This new criminal complaint comes out of the Eastern District of New York and the allegations are simply unbelievable.
The US government has arrested Steven Nerayoff and Michael Hlady for allegedly running an extortion scheme to extract funds from a Seattle based blockchain company referred to as Company 1 in the complaint run by John and Jane Doe. Who are the defendants? Well, Nerayoff is a licensed attorney in the State of New York who runs a couple of consulting companies that purport to help blockchain companies launch ICOs, etc. Also, Nerayoff is the self-proclaimed architect of the ICO, specifically, the Ethereum ICO. Hlady was hired by Nerayoff to be his Chief Operations Officer at one of his companies. According to the complaint, Hlady allegedly, and I quote:
“falsely claimed to be a former member of the United States military and a former government agent who had worked for the National Security Agency, the Federal Bureau of Investigation and the Central Intelligence Agency.”
I submit to you dear reader that almost no one fits that profile. I don’t know, maybe David Goggins, but that guy is like a superhero. I digress. Okay, so what did these two individuals allegedly do?
Allegedly, on July 22, 2017, Nerayoff was hired to help Company 1 launch an ICO for their company and take them to the moon. As compensation, Nerayoff was set to receive:
“22.5% of all the cryptocurrency tokens sold by Company 1 and 22.5% of all the funds raised by Company 1, including in the form of cryptocurrency and cash, “regardless of the method and manner in which [the funds] are raised.”
Once the contract was signed, the defendants allegedly started doing some crimes, specifically, they “took various actions to threaten John Doe, Jane Doe and Company 1 in order to extract additional compensation without promising or rendering any additional services.” In particular, the government is alleging three different instances of extortion.
Company 1’s ICO was set to launch on November 7, 2017. Some time a week before the ICO Nerayoff and a co-conspirator (sidebar: somebody else is gonna get arrested in connection with all this) demanded an additional payment of 30,000 eth or they would do everything to tank the ICO. Eventually, the Does relented and signed agreements transferring over the 30,000 eth. Allegedly, no additional services were rendered.
Some time in March, 2018, is when the second alleged extortion occurred to the tune of a 10,000 eth “loan” that Nerayoff demanded from Company 1. At this time Nerayoff introduced the Does to Hlady who allegedly told them he had taken down a head of state, could carry a firearm onto airplanes, and was a member of every special forces and intelligence agency on the planet. I’m paraphrasing. Allegedly, Jane Doe visited Nerayoff’s house and stayed there on March 21st and 22nd, because her flight was cancelled due to a snow storm in New York. According to the complaint, in the middle of the night on the 22nd both Hlady and Nerayoff entered Doe’s room where she was sleeping, and menacingly demanded that she accede to their demands or they would crush her company. Additional threats were made in the following days and eventually on April 1 an employee of Company 1 was instructed to transfer the 10,000 eth loan to Nerayoff.
Through all of this Nerayoff allegedly made multiple statements that he intended to acquire Company 1 outright. On or about May 10, 2018 an email was exchanged between Nerayoff, Hlady, and co-conspirator 1 that stated
“Something has to be done to explain when they [i.e., Jane Doe and John Doe] make a deal they stick to it regardless of the consequences. And then when we renegotiate they stick to that deal. Enough is enough. We are acquiring them and going to make them fucking rich as hell and she [i.e., Jane Doe] will pay off everything and get what she would never have without us so tell her to chill out.”
There was a meeting in a hotel room with the Does on May 15, 2018. Hlady’s threats came up, which Nerayoff acknowledged, and an employee of Nerayoff’s noted they were running an intervention concerning Hlady, and that no one was trying to gang up on the Does. I suspect the Does contacted law enforcement some time after that.
According, to 18 USC Section 1951, extortion is “the obtaining of property from another, with his consent, induced by wrongful use of actual or threatened force, violence, or fear, or under color of official right.” This initial filing was filed to get an arrest warrant for Nerayoff, and Hlady. As noted in the filing:
“…the purpose of this Complaint is to set forth only those facts necessary to establish probable cause to arrest, I have not described all the relevant facts and circumstances of which I am aware. In addition, where the contents of documents, or the actions, statements and conversations of others are reported herein, they are reported in sum and substance and in part, except where otherwise indicated.”
There is more to the story, and we haven’t heard the defendants side of the story yet. The charges are quite serious. What is interesting to consider is if Nerayoff was indeed the architect of the Ethereum ICO he necessarily would be influential in the crypto community. What connections does he have? What other projects did he work on? Who helped Nerayoff as he ran his businesses? There is a hearing scheduled for September 24th. This is just the beginning of this tale.
In Re Ripple Labs Inc. Litigation, Case №18-cv-06753-PJH, N.D. Cal, “Motion to Dismiss”, 9/19/2019 [SDP]
The Ripple class action continues to poodle forward. The most recent development is a Motion to Dismiss filed on September 19 by the Defendants.
The procedural history to this case is already labyrinthine and involves multiple lawsuits combined into one and several trips back and forth between state and federal court, where this case now resides after an attempt to “remand” it was denied earlier this year and a “Consolidated Class Action Complaint” (“Complaint”) was filed on August 5, 2019. The Complaint caught some news attention and some people made A Really Big Deal about it because it cited the SEC’s Digital Asset Framework, though some commentators (waves) didn’t think it mattered all that much.
So, anyhow, lawsuits in federal court are called “Complaints” and after one of these bad boys gets filed a defendant has a couple of options, one of which is to file a Motion to Dismiss, which is exactly what happened here and is not much of a surprise tactically.
The particular type of Motion filed here is a 12(b)(6) motion for “failure to state a claim.” This means, with apologies to my civ pro professor, the allegations in the lawsuit can’t possibly give rise to any legal liability on behalf of the defendants. That’s the gist. So if I sued Nelson because I didn’t like the way I eat herring he would file a 12(b)(6) motion because, well, my lawsuit is total rubbish and doesn’t state a legal claim.
Here, Ripple and its CEO Brad Garlinghouse (“the Defendants”) argue in their motion that the lawsuit doesn’t state a claim for a couple of reasons.
First, the Defendants argue that the federal securities laws claims in the lawsuit are barred by a three year “statute of repose” that applies to claims involving the unregistered sale of securities (which is part of what the lawsuit involves).
Under federal law, defendants argue that the statute of repose — which is an outside limit on the time in which a claim can be filed, regardless of the plaintiff’s knowledge of the claim — is three years. Because XRP was first offered to the public in 2013, plaintiffs reason that a claim based on the alleged failure to register XRP as a security is barred:
“[U]nder Plaintiff’s own allegations, Defendants offered XRP to the public throughout 2013 through 2015. Accordingly, the three-year statute of repose expired as of 2016 (three years after the sales cited in the May 2015 settlement) and in no case later than May 2018 (three years after the May 2015 settlement agreement in which “Defendants acknowledged that they had sold XRP to the general public,” Complaint ¶ 25). The Securities Act claims in the Complaint, filed August 5, 2019, are therefore untimely and barred by the statute of repose.”
Plaintiffs attempt to get around this limitation period in their Complaint by arguing that the XRP was and is a “continuing ICO”, so the violation of securities laws is continuing. Defendants argue that this dog doesn’t hunt because under a bunch of cases “slow offerings” — “sales of the same security in one offering over an extended period” are still subject to the rule that the statute begins to run as of the date of the first sale.
Defendants also argue that the securities law claims fail because plaintiff (1) doesn’t allege that he bought his XRP in the initial sale from the defendants but instead (2) may have done so on the secondary market and (3) in any event did not solicit his purchase. For these reasons, they say the securities law claim should be thrown out.
The lawsuit also includes California state law claims. Defendants makes some similar arguments here — they say that there’s no contractual relationship (“privity”) between them and the plaintiff and also that there’s no allegation that the XRP transactions at issue took place in California. Related to these points is an argument that no misstatements were made by the defendants to the plaintiff and that alleged misrepresentations aren’t detailed with the kind of specificity required by law.
It’s hard to know how a court will rule until we see the response to this motion but so far Ripple has done pretty well — keeping the case in federal court was slick, procedurally. And whether you are or are not an XRP fan this motions makes a number of credible substantive arguments that will require skill to defeat. An outright loss for the plaintiffs isn’t out of the realm of possibility, particularly on the federal securities claims.
United States v. Paige Thompson, CR19–159 (W.D. Washington, 8/28/2019) [SDP]
This is a criminal indictment that involves, among other things, alleged “cryptojacking”, which is why you are reading about it here in crypto caselaw minute.
Per the indictment, the “object of the scheme was to exploit the fact that certain customers of [a] Cloud Computing Company had misconfigured web application firewalls[.]” The defendant allegedly used these errors to swipe data — including PII for 100,000,000 people who had applied for credit cards from Capital One — and also access customer servers for use in a cryptojacking scheme. In particular, the indictment says:
It was further part of the scheme and artifice of that [the defendant] used her unauthorized access to certain victim servers — and the stolen computing power of those servers — to “mine” cryptocurrency for her own benefit[.]
Interestingly (ish) the indictment says that Thompson used TOR and VPN (from a company called IPredator) to try to cover her tracks. Apparently, this didn’t work so well.
Anyhoo, if you’re curious what federal law stealing someone else’s compute power to mine crypto might involve it appear it’s … a little bit vague. The indictment contains two counts. The first is for violation of the Federal Wire Fraud statute and the second is for violation of the Computer Fraud and Abuse Act. Both of these statutes are broad enough to arguably include accessing someone else’s server in interstate commerce and using that access to mine crypto for yourself, unknown to the owner.
For some reason, even though the cryptojacking is described with some specificity, the specific act that seems to be the focus of both counts is the theft of PII — count I describes this under a paragraph described “execution” that details how the alleged crime was committed and Count II also focuses specifically on the theft from Capital One.
