On April 26, 2007, Unspam Technologies Inc., doing business as "Project Honey Pot" sued an unknown number of "John Doe" defendants for violations of the CAN SPAM Act (15 U.S.C. 7701 et seq.).
These are the documents in that case.
UNITED STATES DISTRICT COURT
FOR THE EASTERN DISTRICT OF VIRGINIA,
ALEXANDRIA DIVISION
Project Honey Pot, a dba of Unspam
Technologies, Inc.
Plaintiff,
v.
John Does Injuring PHP and its Members
By Harvesting Email Addresses,
Transmitting Spam,
And Posting Comment Spam,
Defendants.
Project Honey Pot's Complaint For Violations
Of the Federal CAN-SPAM Act and the Virginia Computer Crimes Act
I. Spam is a global problem of epidemic proportions, and the trend lines are headed in the wrong direction. By some estimates, spam now constitutes over 90% of all email traffic. Using vast networks of hijacked computers, counterfeiters, thieves and hi-tech snake-oil salesmen now have instant access to a global marketplace. No longer relegated to dark street corners, basement labs, and the trunks of seedy cars, illegal and dangerous products are now only a mouse click away from every Internet user. Spammers don't even need to have a product to sell to make money. Identity thieves, extortionists and phishers have opened Internet storefronts, and unwitting victims fall prey to them every day without ever leaving their living rooms. Children are also victimized by spam, which offers them easy access to illicit drugs, prescription drugs that need no prescription, gambling websites, pornography, fake IDs, spyware disguised as computer games, and a host of other temptations. Nation-states, too, are falling victim to spam [2] and the international criminal gangs that are increasingly behind it. Government corruption, failed legal systems and safe haven rules that generate a substantial portion of the nation-state's GDP all contribute to the problem, and are all being exploited by spammers.
2. A long list of laws prohibits spam. Perhaps the most elegant is the centuries old common law of trespass to chattels, which one judge in this District suggested fit the spam problem like a hand in glove. Notwithstanding that suggestion, a flurry of state and federal statutes has been passed over the last decade in an attempt to stop spam (or at least slow its growth) without unduly burdening "ham" (non-spammy email). The culmination of this legislative activity was the Federal CAN-SPAM Act of 2003 (15 U.S.C. § 7701 et seq.).
3. CAN-SPAM, it was hoped, would help stop spam by clarifying the rules that bulk emailers were supposed to follow. The reality is that legitimate emailers generally complied with CAN-SPAM long before it was enacted, or at least complied to the degree that the identity of someone who accepted responsibility for the mailing could be found on the face of the message itself. Spam is different. On its face, spam never identifies anyone willing to accept responsibility for the mailing. The reason is simple - spam violates the most basic standards of good conduct. Once identified, spammers cannot defend their "business" practices to anyone, let alone to an upstream webhost, email service provider or judicial fact finder.
4. If there were ever any doubt, today it is clear that the key to stopping spam is identifying those responsible for it, and getting that information into the hands of those willing and able to do something about it.
5. Discovering a spammer's identity is not simple, but it is not impossible either. To hide successfully, spammers have to do more than just avoid putting their name in their messages. Everything they do has to be anonymous; they have to hide while [3] simultaneously fooling their victims (and everyone else who is providing them with some service essential to their criminal enterprise) into thinking they are running a legitimate business.
6. The first thing a spammer needs is a long list of email addresses to spam. Spammers get your email address in two primary ways. They steal them (via harvesting) or they guess them (via dictionary attacks). The most common way spammers steal email addresses is by harvesting them from websites, using web spiders. This makes life difficult for the rest of us because posting email addresses on a website is a convenient way to facilitate communications between visitors to a website and the owners of the website. Owners of websites who want to display email addresses can obtain some protection from harvesters by installing a Project Honey Pot on their website, and displaying this Project Honey Pot logo on their website:1
[IMAGE NOT DISPLAYED]
The logo serves as a warning to harvesters that all of the email addresses displayed anywhere on the website are protected by Project Honey Pot and deters harvesters by putting them at legal risk if they spam any addresses harvested from the website.
7. Domain name owners who want to protect their email system from spam can obtain some protection by donating an MX record to Project Honey Pot, and then publicly disclosing the fact of their donation (but they should not disclose the specific MX record donated, as spammers will simply avoid this MX record and continue to send spam to MX
1 The website for the logo can be found at http://www.projecthoneypot.org/how_to_avoid_spambots_5.php.
[4]records not donated to PHP). By publicly disclosing their affiliation with Project Honey Pot, PHP members warn spammers that their domain names are protected by Project Honey Pot.
Project Honey Pot a dba of Unspam Technologies. Inc.
8. Project Honey Pot (www.projecthoneypot.org) is a distributed network of spam-tracking honey pots. The project allows spammers, phishers, and other e-criminals to be tracked throughout the entire "spam cycle." On information and belief, Project Honey Pot was the first distributed e-mail harvesting research effort linking those that gather e-mail addresses by scraping websites with those that send unsolicited and frequently fraudulent messages. Tens of thousands of users from at least 100 countries actively participate in Project Honey Pot's effort to track criminals who break the law via email. Project Honey Pot was created by Unspam Technologies, Inc (www.unspam.com) - an anti-spam company with the singular mission of helping design and enforce effective anti-spam laws. Unspam Technologies, Inc. is a Delaware corporation with its principal place of business at 1901 Prospector Ave., Suite #200, Park City, Utah 84060.
9. Project Honey Pot receives MX record donations from the owners of Internet domain names. Through those donations, email messages addressed to any username hosted at a donated domain name are directed to email servers owned and maintained by Project Honey Pot, and those email messages are then processed by and stored on computer equipment owned and maintained by Project Honey Pot. Project Honey Pot also makes available to Internet website owners email address honey pots that can be installed on their webpages. When a harvester visits those webpages looking for email addresses to steal, the harvester is handed a unique email address hosted within Project Honey Pot's distributed network of donated MX records. The harvester's IP address, the date and time of the visit and other characteristics of the [5] harvester are recorded by Project Honey Pot and maintained for analysis and tracking. When a spam message is received thereafter at the unique email address, Project Honey Pot can tie the spam message (and the spammer) to the harvester that was given that email address.
10. Project Honey Pot is currently monitoring over 2.1 million honey pot addresses for annoying spam and dangerous phishing messages. Between January 2005 and April 2007, John Doe spammers transmitted over 6.1 million spam messages to tens of thousands of unique email addresses belonging to PHP members that have donated an MX record to, and are receiving anti-spam protection from, Project Honey Pot. All of these email addresses were illegally harvested by the spammer (or one of his co-conspirators) from a website hosting a PHP honey pot, or were the subject of dictionary spam attacks that indiscriminately targeted random usernames hosted within Internet domain names that have donated an MX record to, and are receiving anti-spam protection from, Project Honey Pot.
11. To date, Project Honey Pot has identified 2,489,814 unique spam server IP addresses, 15,570 unique harvester IP addresses, 87,643 unique dictionary attack spam server IP addresses, and since April 2007, has identified 630 comment spam server IP addresses.
12. Every spam message transmitted to a Project Honey Pot honey pot email address harms Project Honey Pot. Each spam message is received by a mail server controlled by and paid for by Project Honey Pot, which then must process, store and analyze the message to help protect the website owners who have installed honey pots on their webpages from harvesters, and to protect the domain name owners who have donated MX records from spam attacks.
13. By this action, Plaintiff seeks: (i) an injunction to prevent further unlawful conduct; (ii) compensatory damages; (iii) punitive damages; (iv) attorneys' fees and costs of suit.
[6]John Doe Defendants
14. Defendants' identity is currently unknown to Plaintiff because Defendants have intentionally acted to hide their identity to evade detection.
JURISDICTION AND VENUE
15. This action arises out of Defendants' violation of the Federal CAN-SPAM Act. The Court has subject matter jurisdiction of this action based on 28 U.S.C. § 1331.
16. Pursuant to 28 U.S.C. § 1391(b), venue is proper in this judicial district. A substantial part of the events or omissions giving rise to Plaintiffs claims, together with a substantial part of the property that is the subject of Plaintiff s claims, are situated in this judicial district. For example, 166 PHP members self-report they are located in Virginia. PHP members have installed honey pots on 175 websites that are located in Virginia, and these Virginia-based honey pots have distributed 36,402 email addresses to identified harvesters world-wide. In addition to PHP's substantial presence in Virginia, the John Does also have substantial connections to Virginia. For example, the John Doe spammers have used 111 harvester IP addresses in Virginia to harvest 848 PHP member honey pot email addresses. The John Does have also used 20,778 spam server IPs located in Virginia to transmit 60,143 spam messages to PHP member honey pot email addresses. And on 245 occasions, the John Does have relied entirely on Virginia IP addresses to further their illegal enterprise - by harvesting a PHP member email address from a Virginia-based IP address and then sending spam to that address from a spam server using a Virginia-based IP address. In addition, the webpages advertised in the spam messages were all visible in Virginia, and (on information and belief) many of the products and services advertised in the spam messages were shipped or delivered to physical addresses in Virginia.
[7]17. The federal District Court for the Eastern District of Virginia has personal jurisdiction over Defendants based on the following facts: Defendants initiated emails from the Eastern District of Virginia, gained unauthorized access to computer servers located in the Eastern District, caused tortious injury in the Eastern District, and conducted business in the Eastern District of Virginia.
COUNT I
Violation of the Federal CAN-SPAM Act (15 U.S.C. § 7701 et seq.)
18. Plaintiff repeats and re-alleges the allegations in paragraphs 1 through 17 of this Complaint.
19. Defendants initiated the transmission, to a protected computer, of a commercial electronic mail message that contained, or was accompanied by, header information that was materially false or materially misleading, in violation of 15 USC § 7704(a)(l).
20. In a pattern or practice, Defendants initiated the transmission to a protected computer of a commercial electronic mail message that did not contain a functioning return electronic mail address or other Internet-based mechanism, clearly and conspicuously displayed, that a recipient could use to submit, in a manner specified in the message, a reply electronic mail message or other form of Internet-based communication requesting not to receive future commercial electronic mail messages from that sender at the electronic mail address where the message was received, in violation of 15 USC § 7704(a)(3).
21. In a pattern or practice, Defendants initiated the transmission of a commercial electronic mail message to a protected computer and failed to provide: (i) clear and conspicuous identification that the message was an advertisement or solicitation; (ii) clear and conspicuous notice that the recipient could decline to receive ftirther commercial electronic mail [8] messages from the sender; and (iii) a valid physical postal address of the sender, in violation of 15 U.S.C. § 7704(a)(5).
22. Plaintiff is an Internet access service adversely affected by the above violations, and is entitled to an injunction barring further violations, statutory damages of $100 for every attempted transmission of a spam message that contains false or misleading transmission information, statutory damages of $25 for every attempted transmission of a spam message that otherwise fails to comply with the Federal CAN-SPAM Act, treble damages resulting from Defendants' use of email harvesters and dictionary attacks to facilitate their violations of the CAN-SPAM Act, and attorney fees and costs, as authorized by 15 USC § 7706(g).
COUNT II
Violation of Virginia's Anti-Spam Statute (18 Va. Code § 18.2-152.3:1 et seq.)
23. Plaintiff repeats and re-alleges the allegations in paragraphs 1 through 22 of this Complaint.
24. Defendants used a computer or computer network with the intent to falsify or forge electronic mail transmission information or other routing information in any manner in connection with the transmission of bulk electronic mail through or into the computer network of an electronic mail service provider or its subscribers.
25. Defendants' transmissions were in contravention of the authority granted by or in violation of the policies set by Plaintiff. Defendants had knowledge of the authority or policies of those email service providers, or the authority or policies were available on Project Honey Pot's website.
26. As a result of Defendants' actions, Plaintiff has suffered injury, and is entitled to an injunction, and to recover actual damages, or in lieu thereof $1 for each and every [9] unsolicited bulk electronic mail message transmitted in violation of the statute, or $25,000 per day any offending message was transmitted, plus attorneys' fees and costs of suit.
PRAYER FOR RELIEF
WHEREFORE, Plaintiff requests entry of judgment in its favor and against Defendants:
1. Granting preliminary and permanent injunctive relief against Defendants, and all those in privity or acting in concert with Defendants, enjoining them from directly or indirectly violating the terms of the CAN-SPAM Act or the terms of the Virginia anti-spam statute;
2. Awarding Plaintiff compensatory and punitive damages in an amount to be proven at trial;
3. Awarding Plaintiff attorneys' fees and costs associated with prosecuting this action; and
[10]4. Granting Plaintiff such other or additional relief as this Court deems just and proper under the circumstances.
Dated: April 26, 2007
Respectfully submitted,
INTERNET LAW GROUP
Jon L. Praed
4121 Wilson Boulevard, Suite 101
Arlington, Virginia 22203
Attorneys for Plaintiff Project Honey Pot, a
dba ofUnspam Technologies, Inc.
This is the Civil Cover Sheet in this cause.
Not really an important document, but put here for completeness.
Project Honey Pot is asking for permission to conduct limited discovery to find out who the John Doe defendants are. This will involve the issuance of subpoenas to ISPs and NSPs as they try to find out who are behind the IP addresses they have cataloged.
Originally, this motion was set for Friday, May 4, 2007, but on Tuesday, May 1, 2007, it was reset for Thursday, May 3, 2007, at 10:00 a.m. EDT before Magistrate Judge O'Grady.
UNITED STATES DISTRICT COURT FILED
FOR THE EASTERN DISTRICT OF VIRGINIA
ALEXANDRIA DIVISION
Project Honey Pot, a dba of Unspam
Technologies, Inc.
Plaintiff,
v.
John Does Injuring PHP and its Members
By Harvesting Email Addresses,
Transmitting Spam,
And Posting Comment Spam,
Defendants.
Memorandum in Support of Project Honey Pot's Motion for Limited Authority to Conduct Discovery Necessary to Identify and Serve Defendant
By this motion, Plaintiff Project Honey Pot, a dba of Unspam Technologies, Inc. respectfully requests an order authorizing it to conduct limited discovery necessary to identify and serve Defendant John Does.
Factual Background
Between January 2005 and April 2007, John Doe spammers transmitted over 6.1 million spam messages to tens of thousands of unique email addresses belonging to PHP members that have donated an MX record to, and are receiving anti-spam protection from, Project Honey Pot. All of these email addresses were illegally harvested by the spammer (or one of his co-conspirators) from a website hosting a PHP honey pot, or were the subject of dictionary spam attacks that indiscriminately targeted random usernames hosted within Internet domain [2] names that have donated an MX record to, and are receiving anti-spam protection from, Project Honey Pot. The spam contained false or misleading transmission information, did not contain a functioning return electronic mail address or other Internet-based mechanism, clearly and conspicuously displayed, that a recipient could use to submit, in a manner specified in the message, a reply electronic mail message or other form of Internet-based communication requesting not to receive future commercial electronic mail messages from that sender at the electronic mail address where the message was received, and failed to provide: (i) clear and conspicuous identification that the message was an advertisement or solicitation; (ii) clear and conspicuous notice that the recipient could decline to receive further commercial electronic mail messages from the sender; and (iii) a valid physical postal address of the sender and thereby violated the Federal CAN-SPAM Act. Furthermore Defendants used a computer or computer network with the intent to falsify or forge electronic mail transmission information or other routing information in any manner in connection with the transmission of bulk electronic mail
through or into the computer network of an electronic mail service provider or its subscribers and transmitted the spam in contravention of the authority granted by or in violation of the policies set by Plaintiff. Defendants had knowledge of the authority or policies of those email service providers, or the authority or policies were available on Project Honey Pot's website thereby violating the Virginia's Anti-Spam Statute.
Project Honey Pot has collected a large volume of publicly available information that is relevant to the identity of the John Does responsible for this conduct. Project Honey Pot's investigation to date has identified a number of third parties that are likely to have non-public information that could be used to identify the responsible person. Many of these third parties have agreed to retain this information and to produce it, but only upon receipt of a subpoena.
[3]Project Honey Pot has good reason to believe that it will be able to identify, name and serve John Doe Defendants if granted the power to conduct formal discovery for 120 days.
Legal Argument
Under Rule 26(d), discovery may not normally begin "before the parties have conferred as required by Rule 26(f)." Because Defendant in this case is unknown to Plaintiff, the conference contemplated by Rule 26(f) cannot occur. This limitation on the initiation of discovery, however, can be waived under Rule 26(d) by Court order.
Courts recognize that, in certain situations, the identity of Defendant may not be known prior to the filing of a complaint. In such circumstances, courts authorize a plaintiff to undertake discovery to identify the unknown defendant. In Gordon v. Leeke. 574 F.2d 1147, 1152 (4th Cir. 1978), the Fourth Circuit explained that, if a plaintiff states a meritorious claim against an unknown defendant, the Court should allow plaintiff to ascertain the identity of the unknown defendant through discovery.
WHEREFORE, for the foregoing reasons and any additional reasons that may be provided at the hearing on this motion, Project Honey Pot respectfully requests permission under Rule 26(d) to conduct such discovery as may be necessary to identify and serve Defendant John Does. An appropriate order is attached for the Court's signature.
Dated: April 26, 2007
Respectfully submitted,
INTERNET LAW GROUP
Jon L. Praed
4121 Wilson Boulevard, Suite 101
Arlington, Virginia 22203
Attorney for Plaintiff
Project Honey Pot
UNITED STATES DISTRICT COURT
FOR THE EASTERN DISTRICT OF VIRGINIA
ALEXANDRIA DIVISION
Project Honey Pot, a dba of Unspam
Technologies, Inc.,
Plaintiff
v
John Does Injuring PHP and its Members
By Harvesting Email Addresses,
Transmitting Spam,
And Posting Comment Spam,
Defendant.
Motion for Limited Authority to Conduct Discovery Necessary to Identify and Serve Defendant and Notice of Hearing
Pursuant to Federal Rule of Civil Procedure 26(d), Plaintiff Project Honey Pot, a dba of Unspam Technologies, Inc., hereby moves the Court for limited authority to conduct discovery necessary to identify and serve Defendant. Project Honey Pot has submitted a short Memorandum in support of its Motion. PLEASE TAKE NOTICE that on May 4,2007 at 10:00 a.m., or as soon thereafter as the matter may be heard, Plaintiff Project Honey Pot, by its Counsel, will present oral argument in support of its motion for limited authority to conduct discovery necessary to identify and serve Defendant.
[2]Dated: April 26, 2007
Respectfully submitted,
INTERNET LAW GROUP
Jon L. Praed
4121 Wilson Boulevard, Suite 101
Arlington, Virginia 22203
Attorney for Plaintiff
Project Honey Pot
UNITED STATES DISTRICT COURT
FOR THE EASTERN DISTRICT OF VIRGINIA
ALEXANDRIA DIVISION
Project Honey Pot, a dba of Unspam
Technologies, Inc.,
Plaintiff,
v.
John Does Injuring PHP and its Members
By Harvesting Email Addresses,
Transmitting Spam,
And Posting Comment Spam,
Defendant.
[PROPOSED] ORDER
This matter having been fully briefed, and the Court being fully apprised of the facts and law in this matter, IT IS HEREBY ORDERED under Rule 26(d) that Plaintiffs Motion for Limited Authority to Conduct Discovery Necessary to Identify and Serve Defendants is HEREBY GRANTED. Project Honey Pot shall have until to conduct discovery necessary to identify and serve Defendant John Does.
United States District Court
Eastern District of Virginia
April ,2007
UNITED STATES DISTRICT COURT
FOR THE EASTERN DISTRICT OF VIRGINIA
ALEXANDRIA DIVISION
Project Honey Pot, a dba of Unspam
Technologies, Inc.,
Plaintiff,
v.
John Does Injuring PHP and its Members
By Harvesting Email Addresses,
Transmitting Spam,
And Posting Comment Spam,
Defendant.
ORDER
This matter having been fully briefed, and the Court being fully apprised of the facts and law in this matter, IT IS HEREBY ORDERED under Rule 26(d) that Plaintiffs Motion for Limited Authority to Conduct Discovery Necessary to Identify and Serve Defendants is HEREBY GRANTED. Project Honey Pot shall have until to conduct discovery necessary to identify and serve Defendant John Does.
United States District Court
Eastern District of Virginia
April ,2007
UNITED STATES DISTRICT COURT
FOR THE EASTERN DISTRICT OF VIRGINIA
ALEXANDRIA DIVISION
Project Honey Pot, a dba of Unspam
Technologies, Inc.,
Plaintiff,
v.
John Does Injuring PHP and its Members
By Harvesting Email Addresses,
Transmitting Spam,
And Posting Comment Spam,
Defendants.
NOTICE OF MOTION AND MOTION TO EXTEND TIME TO CONDUCT DISCOVERY NECESSARY TO IDENTIFY AND SERVE DEFENDANTS, AND TO EXTEND RULE 4(M) DEADLINE TO NAME AND SERVE DEFENDANTS
PLEASE TAKE NOTICE that on September 7, 2007 at 10:00 a.m., or as soon thereafter as the matter may be heard, Plaintiff Project Honey Pot (“PHP”), by its Counsel, will present oral argument in support of its Motion to Extend Time to Conduct Discovery Necessary to Identify and Serve Defendants, and to Extend Rule 4(m) Deadline to Name and Serve Defendants.
Pursuant to Federal Rules of Civil Procedure 4(m) and 26(d), PHP hereby moves the Court to extend the time to conduct discovery necessary to identify and serve, and to extend the deadline to name and serve the John Doe Defendants. PHP has submitted a short Memorandum in support of its Motion.
-2-
Dated: August 30, 2007
Respectfully submitted,
/s/
Jon L. Praed
VSB #40678
Attorney for Plaintiff Project Honey Pot
Internet Law Group
4121 Wilson Boulevard, Suite 101
Arlington, Virginia 22203
Phone: (703) 243-8100
Fax: (703) 243-8162
Interesting tidbit:
"We have mapped those 10,000+ domain names to fewer than 200 specific Internet “fingerprints.” Most importantly, nearly 90% of the domain names can be mapped to less than two dozen fingerprints, and approximately half of these fingerprints are connected to only one “hand” that represents over 50% of the entire online pharmacy spam problem today."
============================
UNITED STATES DISTRICT COURT
FOR THE EASTERN DISTRICT OF VIRGINIA
ALEXANDRIA DIVISION
Project Honey Pot, a dba of Unspam
Technologies, Inc.,
Plaintiff,
v.
John Does Injuring PHP and its Members
By Harvesting Email Addresses,
Transmitting Spam,
And Posting Comment Spam,
Defendants.
MEMORANDUM IN SUPPORT OF PLAINTIFF’S MOTION TO EXTEND TIME TO CONDUCT DISCOVERY NECESSARY TO IDENTIFY AND SERVE DEFENDANTS, AND TO EXTEND RULE 4(M) DEADLINE TO NAME AND SERVE DEFENDANTS
By this motion, Plaintiff Project Honey Pot (“PHP”) respectfully requests an order extending time to conduct limited discovery necessary to identify and serve the John Doe defendants, and to extend the deadline under Rule 4(m) to name and serve the John Doe defendants.
FACTUAL BACKGROUND
As noted in the Complaint, spam is a global problem of epidemic proportions. When this lawsuit was filed in late April 2007, PHP had received over 6 million spam messages during its 28 months of operations (an average of 217 thousand messages per month). In the four months since the lawsuit was filed, PHP as received an average of nearly 1 million new spam messages each month. While much of that growth is due to a substantial increase in the number
-2-
of email addresses managed by PHP (and therefore available to receive spam), the fact remains that spammers are continuing to operate at an alarming pace and show no signs of abating in the near future. They will most certainly not stop unless lawsuits of this sort are afforded the time needed to complete the hard work necessary to obtain the real identity of those responsible. The spam messages PHP has received all have one thing in common – they advertise a host of purported products and services being sold at thousands of different websites located on computers all over the world. Of the 10 million messages PHP has received to date, however, perhaps the most pernicious have been those advertising illegal online pharmacies. The John Does responsible for these pharmacy spam messages are little more than high-tech drug traffickers. They sell counterfeit or fake prescription drugs to unwitting consumers without the benefit of a reputable doctor’s prescription. They sell their drugs at prices typically well below those charged by brick and mortar drugstores that are managed by licensed pharmacists (who are closely regulated by state and federal authorities and who dispense authentic drugs tested and approved by the FDA).
The harm caused by these drug-trafficking spammers is real. A number of public reports in recent days have focused on the growing problem of pharmacy spam, the injuries traced to it, and the difficulties encountered by those who try to identify the killers behind the business.1
[1 Pharmacists Warn of Buying Drugs Online After Death Reported, CBCNews.com, March 21, 2007 (available at <http://www.cbc.ca/canada/british-columbia/story/2007/03/21/drugs-online-warning.html>); Spam Hunter, Forbes.com, July 23, 2007 (available at <http://www.forbes.com/business/free_forbes/2007/0723/054.html>) (profiling the unsuccessful attempts by the head of technology at a major spam-filtering company to track pharmacy spam to its source); and Damn Spam: The Losing War on Junk Email, The New Yorker, August 6, 2007 (available at <http://www.newyorker.com/reporting/2007/08/06/070806fa_fact_specter>) (noting negative trends in the long fight against spam).]
Because of the dangerous nature of spam advertising illegal online pharmacies, PHP has focused its discovery to date on the John Does responsible for this type of spam. To
-3-
date, we have issued nearly three dozen subpoenas to third parties that provided services of one form or another to the John Does. Our discovery has revealed many significant facts. We have identified over 10,000 different domain names appearing in spam that lead to online pharmacies operating under questionable circumstances. We have mapped those 10,000+ domain names to fewer than 200 specific Internet “fingerprints.”2 Most importantly, nearly 90% of the domain names can be mapped to less than two dozen fingerprints, and approximately half of these fingerprints are connected to only one “hand”3 that represents over 50% of the entire online pharmacy spam problem today.
[2 A “fingerprint” consists of any set of data that is likely to uniquely define an online pharmacy operation, and that serves to distinguish it from other online pharmacy operations. The data we consider includes the domain name hosting the site, the look and feel of the site, the technical data underlying the site, and any data points about the site that we may acquire through subpoena or other investigative means.
3 A “hand” is a collection of fingerprints that are unique from each other, but have connections between them.]
While the John Does behind nearly every one of these fingerprints are going to extreme lengths to hide their identity, nearly all of them remain vulnerable to identification through the use of civil discovery. All of the major fingerprints are using Visa credit card merchant accounts to process consumer purchases on their websites. In addition, nearly all of the fingerprints have other substantial connections to the United States, including the use of IP addresses, domain name registrars, telephone numbers, and email addresses that are serviced by United States-based entities.
While we have learned much about the individuals responsible for the advertising of illegal online pharmacies, our discovery has also encountered a number of roadblocks. Some were predictable, such as the use of stolen credit cards and Web Money4 to buy some services that are essential to the operation of their illegal online pharmacies. Other roadblocks were not anticipated. For example, several merchants that sold essential services to the John Does have
-4-
refused to produce the John Does’ payment information without a protective order in place. We
hope to complete negotiations over such an order in the near future. Other third parties have
failed to respond to our subpoenas, including a major credit card issuer that has failed to produce
valuable merchant account information closely tied to the John Does. While we believe the bank
will respond in time, a motion to compel may unfortunately prove necessary.
For all these reasons, PHP respectfully requests it be granted through November
26, 2007 to complete John Doe discovery and to name and serve defendants.
[4 Web Money is a form of online currency that is operated by a company headquartered in Moscow
(http://www.wmtransfer.com/).]
LEGAL ARGUMENT
Courts recognize that, in certain situations, the identity of a defendant may not be known prior to the filing of a complaint. In such circumstances, courts authorize a plaintiff to undertake discovery to identify the unknown defendant. In Gordon v. Leeke, 574 F.2d 1147, 1152 (4th Cir. 1978), the Fourth Circuit explained that, if a plaintiff states a meritorious claim against an unknown defendant, the Court should allow the plaintiff a “reasonable opportunity” to ascertain the identity of the unknown defendant through discovery. Paulinus Chidi Njoku v. Unknown Special Unit Staff, No. 99-7644, 2000 U.S. App. LEXIS 15695, at *2-3 (4th Cir. July 7, 2000) (remanding the case with instructions to afford plaintiff a “reasonable opportunity to properly identify” the John Does). This power is codified in Rule 26(d), which permits the Court to authorize discovery prior to the planning conference contemplated under Rule 26(f).
In addition to authorizing discovery necessary to identify and serve the John Doe defendants, PHP is also seeking an extension of its deadline to name and serve defendants under Rule 4(m). Federal Rule of Civil Procedure 4(m) provides that a plaintiff who shows good cause for failure to effectuate service within 120 days of filing the complaint is entitled to an appropriate extension of time to serve. Courts have held that good cause exists – and that a
-5-
plaintiff is entitled to additional time to effect service – when defendants take affirmative actions to avoid service of process. For example, in Ruiz-Varela v. Velez, the District Court dismissed the plaintiff's Complaint pursuant to Rule 4(m) for failure to serve Defendant Figueroa. 814 F.2d 821 (1st Cir. 1987). Recognizing that Figueroa was attempting to evade personal service by concealing his whereabouts, the First Circuit vacated the dismissal. Because Figueroa's attempts to conceal his location were designed to frustrate the plaintiff's ability to effectuate service, the Court of Appeals explained that dismissal for failure to serve was inappropriate: “Evasion of service by a putative defendant constitutes good cause for failure to serve under Rule 4[m].” Id. at 824. As noted above, the defendants in this case have gone to extreme measures to evade identification and service. Their attempts at evasion are an adequate basis for extending PHP’s deadline to name and serve.
This Court should also grant PHP an extension of time to identify and serve the John Does due to its diligence in prosecuting this matter. Courts have consistently held that “a showing of diligence and a reasonable effort to effect service” constitute good cause under Federal Rule of Civil Procedure 4(m). In re Hall, 222 B.R. 275, 279 (Bankr. E.D. Va. 1998) (citing T & S Rentals v. United States, 164 F.R.D. 422, 426 (N.D. W.Va. 1996) and United States v. Britt, 170 F.R.D. 8, 10 (D. Md. 1996). In determining the type of diligence or extent of effort required to warrant an extension of the 120-day deadline, courts have examined the legislative history of amendments to Rule 4, noting that: “Inadvertent or heedless non-service is what amended Rule 4[m] is aimed at. Congress intended that a plaintiff who had made reasonable efforts to effect service would be permitted additional time, if needed, under Rule 6(b).” Arroyo v. Wheat, 102 F.R.D. 516, 518 (D. Nev. 1984) (citing to cases in which “there was no dilatory or willful delay” and in which “plaintiff’s abortive efforts [were] bona fide,” as
-6-
illustrative of situations in which “good cause” was determined to exist); see also Quann v. Whitegate-Edgewater, 112 F.R.D. 649, 659 (D. Md. 1986) (citing Arroyo v. Wheat).
PHP has subpoenaed nearly three dozen third parties in possession of information likely to lead to the identity of the John Doe defendants. This information has provided valuable leads into the identity of the defendants. PHP plans to continue its John Doe discovery, and also plans to communicate with other victims of these John Does in an effort to ensure its discovery does not inadvertently compromise other pending civil and criminal investigations. All of these reasons constitute good cause for an extension of the deadline to name and serve the John Doe Defendants.
WHEREFORE, for the foregoing reasons and any additional reasons that may be adduced on this matter, PHP respectfully asks the Court to grant this Request and enter an Order substantially in the form of the attached proposed Order.
Dated: August 30, 2007
Respectfully submitted,
/s/
Jon L. Praed
VSB #40678
Attorney for Plaintiff Project Honey Pot
Internet Law Group
4121 Wilson Boulevard, Suite 101
Arlington, Virginia 22203
Phone: (703) 243-8100
Fax: (703) 243-8162
UNITED STATES DISTRICT COURT
FOR THE EASTERN DISTRICT OF VIRGINIA
ALEXANDRIA DIVISION
Project Honey Pot, a dba of Unspam
Technologies, Inc.,
Plaintiff,
v.
John Does Injuring PHP and its Members
By Harvesting Email Addresses,
Transmitting Spam,
And Posting Comment Spam,
Defendants.
ORDER
For the reasons stated from the bench, and in accord with specific rulings made at that time, it is
ORDERED that plaintiff’s motion to extend time (no. 6) is GRANTED, and discovery needed to identify the defendants may be conducted through November 26, 2007.
ENTERED this 7th day of September, 2007.
/s/
Thomas Rawles Jones, Jr.
United States Magistrate Judge
UNITED STATES DISTRICT COURT
FOR THE EASTERN DISTRICT OF VIRGINIA
ALEXANDRIA DIVISION
Project Honey Pot, a dba of Unspam
Technologies, Inc.,
Plaintiff,
v.
John Does,
Defendants.
NOTICE OF MOTION AND MOTION TO EXTEND TIME TO CONDUCT DISCOVERY NECESSARY TO IDENTIFY AND SERVE DEFENDANTS, AND TO EXTEND RULE 4(M) DEADLINE TO NAME AND SERVE DEFENDANTS
PLEASE TAKE NOTICE that on December 7, 2007 at 10:00 a.m., or as soon thereafter as the matter may be heard, Plaintiff Project Honey Pot (“PHP”), by its counsel, will present oral argument in support of its Motion to Extend Time to Conduct Discovery Necessary to Identify and Serve Defendants, and to Extend Rule 4(m) Deadline to Name and Serve Defendants.
Pursuant to Federal Rules of Civil Procedure 4(m) and 26(d), PHP hereby moves the Court to extend the time to conduct discovery necessary to identify and serve, and to extend the deadline to name and serve the John Doe Defendants. PHP has submitted a short Memorandum in support of its Motion.
Dated: November 26, 2007
Respectfully submitted,
/s/
Jon L. Praed
VSB #40678
Attorney for Plaintiff Project Honey Pot