Crypto Caselaw Minute #9–11/8/2018

This week we look at John Doe’s day in court, centralized control over coins in an ICO, and a throw-back to the Dread Pirate Roberts showing just how compelling circumstantial evidence can be. These topics (and more) in today’s Crypto Caselaw Minute. (As always, Rosario summaries are “NMR” and Palley summaries are “SDP.” Palley and I are happy to be joined by Canadian lawyer Evan Thomas, who provides an update on the PlexCorps case from Quebec).

Disclaimer: These summaries are provided for educational purposes only. They are not legal advice. These are our opinions only, aren’t authorized by any past, present or future client or employer. Also we might change our minds. We contain multitudes. (Picture credit:, License: CC0 Creative Commons).

Bitmain v. John Doe (W.D. Washington, № 2:18-cv-1626, November 7, 2018). [SDP]

Link to Complaint on Sribd: Bitmain v. John Doe

Did you know you can sue someone without even knowing their name? The device of a “John/Jane Doe” complaint allows a plaintiff to sue an unknown person and then use subpoena power to figure out who they are. That appears to be what’s going on in this new lawsuit by Bitmain against a John Doe defendant, filed yesterday in federal court in Seattle. (Bitmain is an international firm that designs specialized chips for bitcoin mining).

Per the Complaint, “Bitmain brings this action against the as-yet-to-be-identified “John Doe” thief who stole valuable Bitcoin (BTC) from Bitmain through unauthorized hacking/access into online accounts. Bitmain seeks to identify the person responsible, hold them accountable, and recover its stolen property.” Bitmain alleges violation of the federal Computer Fraud and Abuse Act (“CFAA”), the Washington Cybercrime Act and common law conversion.

Bitmain alleges that the John Doe defendant broke into Bitmain’s Binance account in April 2018 and used the account to purchase the MANA token at an inflated price. Then, according to the complaint, John Doe used a seperate wallet to take the other side of the trade, effecivly useing Bitmain’s Binance account for wash trading in attempt to manipulate the price of the token. Charts in the Complaint illustrates the alleged scam:

What’s the lesson? It’s almost Captain Obvious territory folks: Stealing crypto from a centralized exchange leaves a lot of fingerprints. And your name doesn’t need to be known for you to get sued. Now that the lawsuit is on file, one assumes that Bitmain’s next step will be to issue subpoenas to Binanace and other service providers, allowing it to identify the defendant. (“But Steve,” you ask, “ what if they’re outside the United States?” If the defendant is outside the U.S. we will write a fun follow up post on how you serve subpoenas outside the United States and how Bitmain probably isn’t worried about the bill).

Autorité des marchés financiers c. PlexCorps, 2018 QCTMF 91 (CanLII) [French]. [Evan Thomas (@evanmthomas on Twitter)]

In the latest chapter of PlexCoin’s ongoing battles with securities regulators, Québec’s Financial Markets Administrative Tribunal has found that the PlexCoin ICO was an investment contract and therefore subject to Québec securities law. In doing so, the FMAT emphasized the centralization of PlexCoin, as compared to Bitcoin.

PlexCoin’s legal troubles began with an anonymous tip to the Québec Autorité des marchés financiers (AMF), Québec’s securities regulator. The AMF promptly obtained various FMAT orders to shut down the PlexCoin ICO on the grounds that it violated Québec securities law. The promoters challenged these orders at a full hearing, arguing that PlexCoin was not an investment contract.

The Québec Securities Act defines an investment contract as “a contract whereby a person, having been led to expect profits, undertakes to participate in the risk of a venture by a contribution of capital or loan, without having the required knowledge to carry on the venture or without obtaining the right to participate directly in decisions concerning the carrying on of the venture.” The alert reader will note that this definition looks very similar to the Howey test, and indeed, Howey and other U.S. cases have long influenced how Canadian courts and tribunals look at “investment contracts”.

The FMAT had little trouble concluding that the PlexCoin ICO was an investment contract because it found:

  • Participation in the PlexCoin pre-sale and/or acquisition of PlexCoin tokens was a contract.
  • Promises of profits on the PlexCoin web site and in the PlexCoin white paper established an expectation of profit.
  • Contributions were supposedly to finance PlexCoin’s development and to support markets for PlexCoin tokens, so contributors were participating in the risk of the venture by contributions of capital.
  • The contributors did not possess the knowledge required to run the business or participate directly in decisions concerning the business because the principals of PlexCoin had complete control.
  • PlexCoin’s promoters tried to argue that PlexCoin was not a security because it was a cryptocurrency similar to Bitcoin. The FMAT made short work of that theory, emphasizing that unlike Bitcoin, a few people controlled PlexCoin. The FMAT contrasted how new bitcoins are created over time through mining by “unrelated third parties spread around the world”, whereas the issue of PlexCoin occurred during a fixed period of time and was controlled entirely by the promoters.

A few implications. First, not surprisingly, the decision is fully in line with the numerous warnings from Canadian and U.S. securities regulators that many ICOs are subject to securities laws.

Second, to the extent there is any uncertainty about Bitcoin’s status under Québec securities law, the FMAT’s reasons imply that it did not consider Bitcoin to be a security.

Third, and perhaps most interestingly, the reasons suggest that the greater the degree of centralized control, particularly in terms of how coins or tokens are issued, the more likely that coin or token will be considered an investment contract, at least in Québec.

United States of America v. Ulbricht (2d. Cir., № 15–1815-cr, May 31, 2017). [NMR]

Link to Decision on SCOTUSBlog: USA v. Ulbricht

The case of Ross Ulbricht, aka the “Dread Pirate Roberts,” who operated the website the Silk Road is long, complex, and depending on who you talk to, highly contentious. We aren’t going to discuss any of that. Instead, the Ulbricht case is a fascinating case study in evidence, new technology, Fourth Amendment law, and how much information we put online and store in a digital manner.

Ulbricht was convicted of a long list of crimes in relation to his operation of the website the Silk Road. For those that do not know, the Silk Road was essentially an eBay for all things illegal where transactions were conducted using bitcoin. Ulbricht at trial did not contend that he created the Silk Road site, nor that he was in charge of it at the time he was arrested.

After being convicted Ulbricht appealed that conviction to the Second Circuit Court of Appeals. In particular, Ulbricht “challenge[d] several aspects of his conviction and sentence, arguing that (1) the district court erred in denying his motion to suppress evidence assertedly obtained in violation of the Fourth Amendment; (2) the district court committed numerous errors that deprived him of his right to a fair trial, and incorrectly denied his motion for a new trial; and (3) his life sentence is both procedurally and substantively unreasonable.” For purposes of this post we’ll be focusing on (1) above.

What evidence did Ulbricht want to suppress, and why, and what does this have to do with crypto? There were two sets of evidence that Ulbricht wished to suppress at trial. The first was evidence obtained as part of pen/trap orders to monitor IP traffic related to Ulbricht, and the second was evidence collected from warrants to search his laptop, Google, and Facebook accounts. We’re going to discuss the second set of evidence, but it is worth noting that the first set of evidence was the subject of an denied petition for certiorari to the Supreme Court of the United States earlier this year, and the second set of evidence was not. For those that are interested, here is the petition to the Supreme Court.

So, what was in Ulbricht’s laptop, Google, and Facebook accounts? Evidence of tons of bitcoin transactions, social media postings corroborating his identity as the Dread Pirate Roberts, and more. Ulbricht was arrested in a public library in San Francisco with his laptop open, and a consequence of that arrest was that “[t]he government seized approximately $18 million worth of Bitcoins from the wallet on Ulbricht’s laptop and analyzed their transaction history (through blockchain records) to determine that about 89% of the Bitcoins on Ulbricht’s computer came from Silk Road servers located in Iceland.” Although that evidence is circumstantial, that evidence is…compelling.

Perhaps those bitcoin arrived at Ulbricht’s laptop innocently? Ulbricht’s counsel advanced that theory in his opening statement, but as the court notes in a footnote in this decision “[n]o evidence about the source of those Bitcoins was in fact presented by Ulbricht, and neither the expert disclosures presented to the district court nor Ulbricht’s arguments on appeal suggest that either Bellovin or Antonopoulos (these were expert witnesses Ulbricht wanted to call at trial, but was unable to for other reasons not discussed here) would have provided an analysis or explanation of Ulbricht’s Bitcoin transactions that would have revealed a non-Silk Road source for Ulbricht’s Bitcoins.”

Ultimately, Ulbricht tried to argue that the search of his laptop and his Google and Facebook accounts violated the Fourth Amendment’s particularity requirement that you have to know what it is you’re searching for, and that you can’t use what is known as a “general warrant” to just go searching around for anything and everything. The court did not find this argument compelling as it explained in a thorough discussion, stating in conclusion that the warrants “satisfied all three of the particularity requirements because they listed the subject offenses, described the things to be searched, and identified the information to be seized in relation to the charged crimes.”

As always, anything you put in writing, online, on your laptop, sent via passenger pigeon, or disseminated via skywriting can be considered evidence.