Project Honey Pot Vs John Does

Case 1:07-cv-00419-CMH-TRJ

Document 1

Filed 04/26/2007

Page 1 of 10

FILED UNITED STATES DISTRICT COURT

FOR THE EASTERN DISTRICT OF VIRGINIA, ALEXANDRIA DIVISION

Project Honey Pot, a dba of Unspam

)

Technologies, Inc.

)

)

Plaintiff,

)

v.

) )

John Does Injuring PHP and its Members

)

By Harvesting Email Addresses,

)

Transmitting Spam,

)

And Posting Comment Spam,

)

Defendants.

,nft,

Ml W 2b A » 53

No.

i

£Kt* /U>

)

)

Project Honey Pot's Complaint For Violations Of the Federal CAN-SPAM Act and the Virginia Computer Crimes Act

I.

Spam is a global problem of epidemic proportions, and the trend lines are

headed in the wrong direction. By some estimates, spam now constitutes over 90% of all email traffic. Using vast networks of hijacked computers, counterfeiters, thieves and hi-tech snake-oil salesmen now have instant access to a global marketplace. No longer relegated to dark street corners, basement labs, and the trunks of seedy cars, illegal and dangerous products are now only a mouse click away from every Internet user. Spammers don't even need to have a product to

sell to make money. Identity thieves, extortionists and phishers have opened Internet storefronts,

and unwitting victims fall prey to them every day without ever leaving their living rooms. Children are also victimized by spam, which offers them easy access to illicit drugs, prescription

drugs that need no prescription, gambling websites, pornography, fake IDs, spyware disguised as computer games, and a host of other temptations. Nation-states, too, are falling victim to spam

Case 1:07-cv-00419-CMH-TRJ

Document 1

Filed 04/26/2007

Page 2 of 10

and the international criminal gangs that are increasingly behind it. Government corruption,

failed legal systems and safe haven rules that generate a substantial portion of the nation-state's GDP all contribute to the problem, and are all being exploited by spammers. 2.

A long list of laws prohibits spam. Perhaps the most elegant is the

centuries old common law of trespass to chattels, which one judge in this District suggested fit the spam problem like a hand in glove. Notwithstanding that suggestion, a flurry of state and federal statutes has been passed over the last decade in an attempt to stop spam (or at least slow its growth) without unduly burdening "ham" (non-spammy email). The culmination of this legislative activity was the Federal CAN-SPAM Act of 2003 (15 U.S.C. § 7701 et seq.). 3.

CAN-SPAM, it was hoped, would help stop spam by clarifying the rules

that bulk emailers were supposed to follow. The reality is that legitimate emailers generally complied with CAN-SPAM long before it was enacted, or at least complied to the degree that the

identity of someone who accepted responsibility for the mailing could be found on the face of the message itself. Spam is different. On its face, spam never identifies anyone willing to accept

responsibility for the mailing. The reason is simple - spam violates the most basic standards of

good conduct. Once identified, spammers cannot defend their "business" practices to anyone, let alone to an upstream webhost, email service provider or judicial fact finder. 4.

If there were ever any doubt, today it is clear that the key to stopping spam

is identifying those responsible for it, and getting that information into the hands of those willing and able to do something about it.

5.

Discovering a spammer's identity is not simple, but it is not impossible

either. To hide successfully, spammers have to do more than just avoid putting their name in their messages. Everything they do has to be anonymous; they have to hide while

2 of io

Case 1:07-cv-00419-CMH-TRJ

Document 1

Filed 04/26/2007

Page 3 of 10

simultaneously fooling their victims (and everyone else who is providing them with some service

essential to their criminal enterprise) into thinking they are running a legitimate business. 6.

The first thing a spammer needs is a long list of email addresses to spam.

Spammers get your email address in two primary ways. They steal them (via harvesting) or they

guess them (via dictionary attacks). The most common way spammers steal email addresses is

by harvesting them from websites, using web spiders. This makes life difficult for the rest of us because posting email addresses on a website is a convenient way to facilitate communications between visitors to a website and the owners of the website. Owners of websites who want to display email addresses can obtain some protection from harvesters by installing a Project Honey

Pot on their website, and displaying this Project Honey Pot logo on their website:1

The logo serves as a warning to harvesters that all of the email addresses displayed anywhere on

the website are protected by Project Honey Pot and deters harvesters by putting them at legal risk if they spam any addresses harvested from the website.

7.

Domain name owners who want to protect their email system from spam

can obtain some protection by donating an MX record to Project Honey Pot, and then publicly

disclosing the fact of their donation (but they should not disclose the specific MX record donated, as spammers will simply avoid this MX record and continue to send spam to MX

The website for the logo can be found at http://www.proiecthoneypot.ors/how to avoid spamhots S.php.

3 of 10

Case 1:07-cv-00419-CMH-TRJ

Document 1

Filed 04/26/2007

Page 4 of 10

records not donated to PHP). By publicly disclosing their affiliation with Project Honey Pot,

PHP members warn spammers that their domain names are protected by Project Honey Pot. Project Honev Pot a dba of Unsoam Technologies. Inc.

8.

Project Honey Pot fwww.Droiecthonevnot.or^ is a distributed network of

spam-tracking honey pots. The project allows spammers, phishers, and other e-criminals to be

tracked throughout the entire "spam cycle." On information and belief, Project Honey Pot was

the first distributed e-mail harvesting research effort linking those that gather e-mail addresses by scraping websites with those that send unsolicited and frequently fraudulent messages. Tens of

thousands of users from at least 100 countries actively participate in Project Honey Pot's effort to track criminals who break the law via email. Project Honey Pot was created by Unspam

Technologies, Inc (www.unspam.com) - an anti-spam company with the singular mission of

helping design and enforce effective anti-spam laws. Unspam Technologies, Inc. is a Delaware corporation with its principal place of business at 1901 Prospector Ave., Suite #200, Park City, Utah 84060.

9.

Project Honey Pot receives MX record donations from the owners of

Internet domain names. Through those donations, email messages addressed to any username

hosted at a donated domain name are directed to email servers owned and maintained by Project Honey Pot, and those email messages are then processed by and stored on computer equipment owned and maintained by Project Honey Pot. Project Honey Pot also makes available to Internet website owners email address honey pots that can be installed on their webpages. When a harvester visits those webpages looking for email addresses to steal, the harvester is handed a unique email address hosted within Project Honey Pot's distributed network of donated MX records. The harvester's IP address, the date and time of the visit and other characteristics of the

4 of 10

Case 1:07-cv-00419-CMH-TRJ

Document 1

Filed 04/26/2007

Page 5 of 10

harvester are recorded by Project Honey Pot and maintained for analysis and tracking. When a spam message is received thereafter at the unique email address, Project Honey Pot can tie the spam message (and the spammer) to the harvester that was given that email address.

10.

Project Honey Pot is currently monitoring over 2.1 million honey pot

addresses for annoying spam and dangerous phishing messages. Between January 2005 and April 2007, John Doe spammers transmitted over 6.1 million spam messages to tens of thousands

of unique email addresses belonging to PHP members that have donated an MX record to, and are receiving anti-spam protection from, Project Honey Pot. All of these email addresses were

illegally harvested by the spammer (or one of his co-conspirators) from a website hosting a PHP

honey pot, or were the subject of dictionary spam attacks that indiscriminately targeted random usernames hosted within Internet domain names that have donated an MX record to, and are receiving anti-spam protection from, Project Honey Pot.

11.

To date, Project Honey Pot has identified 2,489,814 unique spam server IP

addresses, 15,570 unique harvester IP addresses, 87,643 unique dictionary attack spam server IP addresses, and since April 2007, has identified 630 comment spam server IP addresses. 12.

Every spam message transmitted to a Project Honey Pot honey pot email

address harms Project Honey Pot. Each spam message is received by a mail server controlled by and paid for by Project Honey Pot, which then must process, store and analyze the message to help protect the website owners who have installed honey pots on their webpages from

harvesters, and to protect the domain name owners who have donated MX records from spam attacks.

13.

By this action, Plaintiff seeks: (i) an injunction to prevent further unlawful

conduct; (ii) compensatory damages; (iii) punitive damages; (iv) attorneys' fees and costs of suit.

5 of 10

Case 1:07-cv-00419-CMH-TRJ

Document 1

Filed 04/26/2007

Page 6 of 10

John Doe Defendants

14.

Defendants' identity is currently unknown to Plaintiff because Defendants

have intentionally acted to hide their identity to evade detection.

JURISDICTION AND VFNT1F

15.

This action arises out of Defendants' violation of the Federal CAN-SPAM

Act. The Court has subject matter jurisdiction of this action based on 28 U.S.C. § 1331. 16.

Pursuant to 28 U.S.C. § 1391(b), venue is proper in this judicial district.

A substantial part of the events or omissions giving rise to Plaintiffs claims, together with a

substantial part of the property that is the subject of Plaintiff s claims, are situated in this judicial district. For example, 166 PHP members self-report they are located in Virginia. PHP members

have installed honey pots on 175 websites that are located in Virginia, and these Virginia-based honey pots have distributed 36,402 email addresses to identified harvesters world-wide. In addition to PHP's substantial presence in Virginia, the John Does also have substantial connections to Virginia. For example, the John Doe spammers have used 111 harvester IP

addresses in Virginia to harvest 848 PHP member honey pot email addresses. The John Does

have also used 20,778 spam server IPs located in Virginia to transmit 60,143 spam messages to PHP member honey pot email addresses. And on 245 occasions, the John Does have relied entirely on Virginia IP addresses to further their illegal enterprise - by harvesting a PHP member

email address from a Virginia-based IP address and then sending spam to that address from a spam server using a Virginia-based IP address. In addition, the webpages advertised in the spam messages were all visible in Virginia, and (on information and belief) many of the products and

services advertised in the spam messages were shipped or delivered to physical addresses in Virginia.

6 of 10

Case 1:07-cv-00419-CMH-TRJ

17.

Document 1

Filed 04/26/2007

Page 7 of 10

The federal District Court for the Eastern District of Virginia has personal

jurisdiction over Defendants based on the following facts: Defendants initiated emails from the Eastern District of Virginia, gained unauthorized access to computer servers located in the Eastern District, caused tortious injury in the Eastern District, and conducted business in the Eastern District of Virginia. COUNTI

Violation of the Federal CAN-SPAM Act HS TT,S.C. 8 7701 et soq )

18.

Plaintiff repeats and re-alleges the allegations in paragraphs 1 through 17

of this Complaint.

19.

Defendants initiated the transmission, to a protected computer, of a

commercial electronic mail message that contained, or was accompanied by, header information

that was materially false or materially misleading, in violation of 15 USC § 7704(a)(l). 20.

In a pattern or practice, Defendants initiated the transmission to a

protected computer of a commercial electronic mail message that did not contain a functioning return electronic mail address or other Internet-based mechanism, clearly and conspicuously

displayed, that a recipient could use to submit, in a manner specified in the message, a reply

electronic mail message or other form of Internet-based communication requesting not to receive future commercial electronic mail messages from that sender at the electronic mail address where the message was received, in violation of 15 USC § 7704(a)(3).

21.

In a pattern or practice, Defendants initiated the transmission of a

commercial electronic mail message to a protected computer and failed to provide: (i) clear and conspicuous identification that the message was an advertisement or solicitation; (ii) clear and conspicuous notice that the recipient could decline to receive ftirther commercial electronic mail

7 of 10

Case 1:07-cv-00419-CMH-TRJ

Document 1

Filed 04/26/2007

Page 8 of 10

messages from the sender; and (iii) a valid physical postal address of the sender, in violation of 15USC§7704(a)(5).

22.

Plaintiff is an Internet access service adversely affected by the above

violations, and is entitled to an injunction barring further violations, statutory damages of $100 for every attempted transmission of a spam message that contains false or misleading transmission information, statutory damages of $25 for every attempted transmission of a spam message that otherwise fails to comply with the Federal CAN-SPAM Act, treble damages

resulting from Defendants' use of email harvesters and dictionary attacks to facilitate their violations of the CAN-SPAM Act, and attorney fees and costs, as authorized by 15 USC § 7706(g).

COUNT II

Violation of Virginia's Anti-Spam Statute (18 Va. Code S 18.2-152.3:1 et seq.)

23.

Plaintiff repeats and re-alleges the allegations in paragraphs 1 through 22

of this Complaint.

24.

Defendants used a computer or computer network with the intent to falsify

or forge electronic mail transmission information or other routing information in any manner in connection with the transmission of bulk electronic mail through or into the computer network of an electronic mail service provider or its subscribers.

25.

Defendants' transmissions were in contravention of the authority granted

by or in violation of the policies set by Plaintiff. Defendants had knowledge of the authority or policies of those email service providers, or the authority or policies were available on Project Honey Pot's website.

26.

As a result of Defendants' actions, Plaintiff has suffered injury, and is

entitled to an injunction, and to recover actual damages, or in lieu thereof $1 for each and every

8 of 10

Case 1:07-cv-00419-CMH-TRJ

Document 1

Filed 04/26/2007

Page 9 of 10

unsolicited bulk electronic mail message transmitted in violation of the statute, or $25,000 per day any offending message was transmitted, plus attorneys' fees and costs of suit.

PRAYER FOR RELIEF

WHEREFORE, Plaintiff requests entry of judgment in its favor and against Defendants:

1.

Granting preliminary and permanent injunctive relief against Defendants,

and all those in privity or acting in concert with Defendants, enjoining them from directly or indirectly violating the terms of the CAN-SPAM Act or the terms of the Virginia anti-spam statute;

2.

Awarding Plaintiff compensatory and punitive damages in an amount to

be proven at trial;

3.

Awarding Plaintiff attorneys' fees and costs associated with prosecuting

this action; and

9 of 10

Case 1:07-cv-00419-CMH-TRJ

4.

Document 1

Filed 04/26/2007

Page 10 of 10

Granting Plaintiff such other or additional relief as this Court deems just

and proper under the circumstances.

Dated: April 2&, 2007

Respectfully submitted,

INTERNET LAW GROUP Jon L. Praed (VSB #40678)

4121 Wilson Boulevard, Suite 101 Arlington, Virginia 22203 (703)243-8100

Attorneys for PlaintiffProject Honey Pot, a dba ofUnspam Technologies, Inc.

10 of 10

Case 1:07-cv-00419-CMH-TRJ «&JS44

Document 1-2

Filed 04/26/2007

Page 1 of 1

CIVIL COVER SHEET

(Rev.

B

The JS-44 civil cover sheet and the information contained herein neither replace nor supplanent the filineand service of pie

IL

or other papers as require? I: [ by law except as provided hy local rules of court, Thfe form, approvedby the Judicial Conference of the United States in sipjo£l>er l"974 £ rauFr^7o7tnc I >

use of the Clerk ofCourt for the purpose of initiating the civildocket sheet. (SEE INSTRUCTIONS ON THE REVERSE Sl7 TIE FQRM.;>«A oryw

I. (a)

PLAINTIFFS

r}2 6 2007

DEFENDANTS

John Does

Project Honey Pot, a dba of Unspam Technologies, Inc.,

(b) Couuy of Residence of First Listed Plaintiff

Park City, Utah

County of Residence of First Lislai Defendant

(EXCEPT IN U.S. PLAINTIFF CASES)

Unknown

(IN U.S. PLAINTIFF CASES ONLY) NOTE: IN LAND CONDEMNATION CASES. USE THE LOCATION OF THE LAND INVOLVED.

(c) Attorneys (Firm Name, Address, and Telephone Number)

Altomeys (If Known)

Intomel Law Group Jon L Praoe! (VSB * 40678) 4121 Wilson Blvd., Suits 101 Arlington. VA 22203

(703)243-8102; (703) 243-8162 (rax)

II. BASIS OF JURISDICTION

III. CITIZENSHIP OF PRINCIPAL PARTlES
Dl

D 2

U.S. Government Plaintiff

DC 3

U.S. Government

D 4

and One Box f« Dc fcr.dam)

PTF

DEF

D 1

Dl

Federal Question (U.S. Government Not a Party)

Citizen of This State

Diversity

Citizen of Another Stale D2

Defendant

PTF

DEF

D 4

D4

Incorporated and Principal Place D 5

D5

Incorpooted or Principal Place of Business li This State

(Indicate Citizenship of Parties

D2

of Business h Another Slate

in Item ID)

Citizen or Subject ufa

D 3

D3

Foreign Nation

D

Foreign Country

IV. NAT URE O F SUIT

TORTS

D D

110 Insurance 120 M.i tin:

D

310 Airplane

□

130 Miller Act

□

315 Airplane Product

LJ

140 Negotiable Instrument

O

150 Rccovzry of Ovcrpaymcnl

PERSONAL INJURY

O

320 Assault, Libel &

D

330 Federal Employs'

Student Loan*

Q

340 Marine

(Excl. Veterans)

D

343 Marine Product

Q □ D

210 Land Condemnation

220 Foreclosure 230 Rent lease & Ejectment

Q Q Q

240 Torn to Land 245 Tort P roduct Liability 290 All Olhc r Real Prop crly

Original

Proceeding

3«K Atbeettu Personal

D

350 Motor Vehicle

Q

355 Motor Vehicle

O

360 Other Personal Injury

LJ

O D

660 Occupational 690 Other

PRISONER PETITIONS

441 Voting

LJ

444 Welfare

440 Other Civil Rights

D 540 Mandamus & Other O

550 Civil Rights

D

5<J Prison Condition

D

M« Trail cmarlt

710 Fair Labor Snndards

D

720 Labor/M gmt. Relations Q O 730 Labor/M gmt.Reporting

Q

& Disclosure Act

O

740 Railway Labor Act

D

790 Other Labor lilijatbn

D

7O| Empl.Rcl. Inc.

Habeis Corpus:

530 General 535 Death Penally

830 Patent

O

510 M otiomi to Va catc

Q Q

820 Copyrights

□

Q a

410 Anlilnst 430 Banks and Banking 450 Commcrec/ICC Rales/etc. 460 Deportation

470 Racketeer Influenced ard Corrupt Or|ianizilio.is

Exchange

K6I H [A (13 95m K62 Black Lung (923)

K63 DlW C/DIW W (405 (g)) 864 S3ID Tile XVI 865 RSI (405(g)(

□ 875 Custoeicr C hallcugc 12 USC 3410

□ D D Q

891 892 893 K94

Agricultural Acl> Economic SubHizaibn Act Environmental Mailers Energy Albcation Act

□ 895 Freedom of Information Act

FEDERAL TAX SUITS

O 900 Appeal of Foe Determination Under Equal Access to

D 870 Taxes (US. Plaintiff or Dcfcndanl)

Justice

D 950 Constitutionality of

D 871 IRS—Third Party

Security Act

a D LJ D D

D KI0 Selects Service O X50 Sccurilcs/Commoditbs.'

SOCIAL SECURITY

Act

Product Liability

Sentence

O

LABOR

□ 385 Properly Da mags

442 Employment 443 Housing/

Safely/Health

370 Other Fraud 371 Truth in Lending 380 Other Pcnonal

CIVIL RIGHTS

Accommod ations

Q

650 Airlhc Regs.

Liability

Properly Damage

Product Liability

PROPERTY RIGHTS

640 R.R. A Truck

Injury Product

423 Withdrawal 28 USC 157

630 liquor Lawk

PERSONAL PROPERTY

D O a

□

of Property 21 USC

OTHERSTATUTES D 400 Stale Reap portianmcnl

26 USC 7609

State Stnlutc.1

IX 890 Other Statutory Actions

(PLACE AN "X" IN ONE BOX ONLY)

V. ORIGIN

IS 1

□

625 Drug Related S ciztire

Product Liability

Liability

REALPROPERTY D D

365 Personal Injury —

Liability

160 Stockholders'Suits 190 Other Contract 195 Contract ? roduci Liabihty

LJ

LJ

BANKRUPTCY O 422 Appeal 28 USC 15S

620 Other Food &Drug

Mcd. Malpractice

Slander

15} Recovery of Overpayment

610 Agriculture

O 362 Personal Injury—

O 151 Medicare Act D 152 Recovery of Defaulcd

& Enforcement of Judgmcn

FORFEITURE/PENALTY

PERSONAL INJURY

Liability

of Veteran* t Benefits

O

Removed from Slate Court

VI. CAUSE OF ACTION

(C

D3

Remanded from

Appellate Court

Q

4 Reinstated nr I Reopened

Transferred from another district (specify)

Multidistrici Litigation

'

c U.S. Civil Sntutc under which you arc (i:«g and write bs'cf stakmcnl of cause.

Appeal to District Judge from

Magistrate Judgment

Do not cite jurisd ictional statutes unless d ivcrsity.)

Federal CAN-SPAM Act VII. REQUESTED IN COMPLAINT: VIII. RELATED CASE(S)

IF ANY

D 6

(Place an "X" in One Box Only)

CONTRACT

O

6

U CHECK IF THIS IS A CLASS ACTION UNDER F.R.CP. 23

DEMaFJDT

CllliCK Ylib ally it demanded in complanl:

JURY DEMAND:

(Sec instructions):

judge

DOCKET NUMBER

o? APPLYING IFP

MAO. JUDGE

U Vcs

u No

'■

Case 1:07-cv-00419-CMH-TRJ

Document 1-3

Filed 04/26/2007

qpfcernet Law

Page 1 of 1

RECEIVED

Group

4121 Wilson Boui evard Suite 101 • Arlington, Virginia 22203 • www.i-lawgroup.com • tel.703.243.8100 • fax.703.243.8162

CLERK US 01STKIC1 COURT

ALEXANDRIA. VIRGINIA

April 26,2007 Via Hand Delivery

Clerk of the Court - Civil Division, EDVA 401 Courthouse Square Alexandria, VA 22314-5704

Re:

Project Honev Pot v. John Does Injuring PHP and its Members Bv Harvesting Email Addresses. Transmitting Spam. And Posting Comment Spam (1:07CV419)

Dear Clerk:

Please find enclosed a check of $350 for the filing fee for the Complaint in the above case. The Complaint was filed mistakenly without the filing fee this morning. If you have any questions or concerns, please contact me at 703-243-8102. Thank you for your assistance.

Very truly yours,

'Jon L. Praed Internet Law Group

Enclosures

Case 1:07-cv-00419-CMH-TRJ

Document 2

Filed 04/26/2007

Page 1 of 2

UNITED STATES DISTRICT COURT

FOR THE EASTERN DISTRICT OF VIRGINIA r IL L D ALEXANDRIA DIVISION

Project Honey Pot, a dba of Unspam

Technologies, Inc.,

Plaintiff

)

2001 APR 2b A 0 53

(

CLERK US DiSTIUCI COURT

)

\ )

v-

)

John Does Injuring PHP and its Members

CIVIL ACTION NUMBER

)

By Harvesting Email Addresses,

)

Transmitting Spam,

)

And Posting Comment Spam,

)

Defendant.

ALEXANDRIA. VIRGINIA

U O"7 CV 4-W

)

Motion for Limited Authority to Conduct Discovery Necessary to Identify and Serve Defendant and Notice of Hearing

Pursuant to Federal Rule of Civil Procedure 26(d), Plaintiff Project Honey Pot, a

dba of Unspam Technologies, Inc., hereby moves the Court for limited authority to conduct discovery necessary to identify and serve Defendant. Project Honey Pot has submitted a short Memorandum in support of its Motion. PLEASE TAKE NOTICE that on May 4,2007 at 10:00 a.m., or as soon thereafter as the matter may be heard, Plaintiff Project Honey Pot, by its

Counsel, will present oral argument in support of its motion for limited authority to conduct discovery necessary to identify and serve Defendant.

Case 1:07-cv-00419-CMH-TRJ

Dated: April^_, 2007

Document 2

Filed 04/26/2007

Page 2 of 2

Respectfully submitted,

INTERNET LAW GROUP Jon L. Praed (VSB #40678)

4121 Wilson Boulevard, Suite 101 Arlington, Virginia 22203 (703)243-8100 Attorney for Plaintiff Project Honey Pot

Case 1:07-cv-00419-CMH-TRJ

Document 2-2

Filed 04/26/2007

Page 1 of 1

UNITED STATES DISTRICT COURT FOR THE EASTERN DISTRICT OF VIRGINIA ALEXANDRIA DIVISION

Project Honey Pot, a dba of Unspam

)

Technologies, Inc.,

)

Plaintiff,

)

v>

)

CIVIL ACTION NUMBER

)

| : 0^ CV H^

)

John Does Injuring PHP and its Members

By Harvesting Email Addresses, Transmitting Spam, And Posting Comment Spam, Defendant.

) ) ) )

[PROPOSEDl ORDER

This matter having been fully briefed, and the Court being fully apprised

of the facts and law in this matter, IT IS HEREBY ORDERED under Rule 26(d) that

Plaintiffs Motion for Limited Authority to Conduct Discovery Necessary to Identify and Serve Defendants is HEREBY GRANTED. Project Honey Pot shall have until to conduct discovery necessary to identify and serve Defendant John Does.

United States District Court Eastern District of Virginia

April

,2007

Case 1:07-cv-00419-CMH-TRJ

Document 3

Filed 04/26/2007

UNITED STATES DISTRICT COURT

Page 1 of 4

FILED

FOR THE EASTERN DISTRICT OF VIRGINIA ALEXANDRIA DIVISION

) Project Honey Pot, a dba of Unspam

)

Technologies, Inc.

) )

Plaintiff,

^ r

. ^^ CQURT

ALEXANDRIA. VIRGINIA

)

v.

)

John Does Injuring PHP and its Members

No.

\\Oiosf

) )

By Harvesting Email Addresses,

)

Transmitting Spam,

)

And Posting Comment Spam,

)

Defendants.

2001 APR 2b « A 10: 53

) )

Memorandum in Support of Project Honey Pot's Motion for Limited Authority to Conduct Discovery Necessary to Identify and Serve Defendant

By this motion, Plaintiff Project Honey Pot, a dba of Unspam Technologies, Inc.

respectfully requests an order authorizing it to conduct limited discovery necessary to identify and serve Defendant John Does. Factual Background

Between January 2005 and April 2007, John Doe spammers transmitted over 6.1

million spam messages to tens of thousands of unique email addresses belonging to PHP members that have donated an MX record to, and are receiving anti-spam protection from, Project Honey Pot. All of these email addresses were illegally harvested by the spammer (or one

of his co-conspirators) from a website hosting a PHP honey pot, or were the subject of dictionary spam attacks that indiscriminately targeted random usernames hosted within Internet domain

Case 1:07-cv-00419-CMH-TRJ

Document 3

Filed 04/26/2007

Page 2 of 4

names that have donated an MX record to, and are receiving anti-spam protection from, Project Honey Pot. The spam contained false or misleading transmission information, did not contain a functioning return electronic mail address or other Internet-based mechanism, clearly and conspicuously displayed, that a recipient could use to submit, in a manner specified in the message, a reply electronic mail message or other form of Internet-based communication

requesting not to receive future commercial electronic mail messages from that sender at the electronic mail address where the message was received, and failed to provide: (i) clear and conspicuous identification that the message was an advertisement or solicitation; (ii) clear and

conspicuous notice that the recipient could decline to receive further commercial electronic mail

messages from the sender; and (iii) a valid physical postal address of the sender and thereby violated the Federal CAN-SPAM Act. Furthermore Defendants used a computer or computer network with the intent to falsify or forge electronic mail transmission information or other

routing information in any manner in connection with the transmission of bulk electronic mail through or into the computer network of an electronic mail service provider or its subscribers and

transmitted the spam in contravention of the authority granted by or in violation of the policies set by Plaintiff. Defendants had knowledge of the authority or policies of those email service providers, or the authority or policies were available on Project Honey Pot's website thereby violating the Virginia's Anti-Spam Statute.

Project Honey Pot has collected a large volume of publicly available information that is relevant to the identity of the John Does responsible for this conduct. Project Honey Pot's investigation to date has identified a number of third parties that are likely to have non-public

information that could be used to identify the responsible person. Many of these third parties have agreed to retain this information and to produce it, but only upon receipt of a subpoena.

Case 1:07-cv-00419-CMH-TRJ

Document 3

Filed 04/26/2007

Page 3 of 4

Project Honey Pot has good reason to believe that it will be able to identify, name and serve John Doe Defendants if granted the power to conduct formal discovery for 120 days. Legal Argument

Under Rule 26(d), discovery may not normally begin "before the parties have

conferred as required by Rule 26(f)." Because Defendant in this case is unknown to Plaintiff, the conference contemplated by Rule 26(f) cannot occur. This limitation on the initiation of discovery, however, can be waived under Rule 26(d) by Court order.

Courts recognize that, in certain situations, the identity of Defendant may not be known prior to the filing of a complaint. In such circumstances, courts authorize a plaintiff to undertake discovery to identify the unknown defendant. In Gordon v. Leeke. 574 F.2d 1147,

1152 (4th Cir. 1978), the Fourth Circuit explained that, if a plaintiff states a meritorious claim against an unknown defendant, the Court should allow plaintiff to ascertain the identity of the unknown defendant through discovery.

Case 1:07-cv-00419-CMH-TRJ

Document 3

Filed 04/26/2007

Page 4 of 4

WHEREFORE, for the foregoing reasons and any additional reasons that may be provided at the hearing on this motion, Project Honey Pot respectfully requests permission under

Rule 26(d) to conduct such discovery as may be necessary to identify and serve Defendant John Does. An appropriate order is attached for the Court's signature.

Dated: April 2b, 2007

Respectfully submitted,

INTERNET LAW GROUP Jon L. Praed (VSB #40678)

4121 Wilson Boulevard, Suite 101

Arlington, Virginia 22203 (703)243-8100

Attorney for Plaintiff Project Honey Pot

Case 1:07-cv-00419-CMH-TRJ

Document 4

Filed 04/26/2007

Page 1 of 2

UNITED STATES DISTRICT COURT

FOR THE EASTERN DISTRICT OF VIRGINIA r IL L D ALEXANDRIA DIVISION

Project Honey Pot, a dba of Unspam

Technologies, Inc.,

Plaintiff

)

2001 APR 2b A 0 53

(

CLERK US DiSTIUCI COURT

)

\ )

v-

)

John Does Injuring PHP and its Members

CIVIL ACTION NUMBER

)

By Harvesting Email Addresses,

)

Transmitting Spam,

)

And Posting Comment Spam,

)

Defendant.

ALEXANDRIA. VIRGINIA

U O"7 CV 4-W

)

Motion for Limited Authority to Conduct Discovery Necessary to Identify and Serve Defendant and Notice of Hearing

Pursuant to Federal Rule of Civil Procedure 26(d), Plaintiff Project Honey Pot, a

dba of Unspam Technologies, Inc., hereby moves the Court for limited authority to conduct discovery necessary to identify and serve Defendant. Project Honey Pot has submitted a short Memorandum in support of its Motion. PLEASE TAKE NOTICE that on May 4,2007 at 10:00 a.m., or as soon thereafter as the matter may be heard, Plaintiff Project Honey Pot, by its

Counsel, will present oral argument in support of its motion for limited authority to conduct discovery necessary to identify and serve Defendant.

Case 1:07-cv-00419-CMH-TRJ

Dated: April^_, 2007

Document 4

Filed 04/26/2007

Page 2 of 2

Respectfully submitted,

INTERNET LAW GROUP Jon L. Praed (VSB #40678)

4121 Wilson Boulevard, Suite 101 Arlington, Virginia 22203 (703)243-8100 Attorney for Plaintiff Project Honey Pot

Case 1:07-cv-00419-CMH-TRJ

Document 5

Filed 05/02/2007

Page 1 of 1

UNITED STATES DISTRICT COURT FOR THE EASTERN DISTRICT OF VIRGINIA ALEXANDRIA DIVISION

Project Honey Pot, a dba of Unspam

)

Technologies, Inc.,

)

Plaintiff,

)

v>

)

CIVIL ACTION NUMBER

)

| : 0^ CV H^

)

John Does Injuring PHP and its Members

By Harvesting Email Addresses, Transmitting Spam, And Posting Comment Spam, Defendant.

) ) ) )

[PROPOSEDl ORDER

This matter having been fully briefed, and the Court being fully apprised

of the facts and law in this matter, IT IS HEREBY ORDERED under Rule 26(d) that

Plaintiffs Motion for Limited Authority to Conduct Discovery Necessary to Identify and Serve Defendants is HEREBY GRANTED. Project Honey Pot shall have until August 24, 2007

to conduct discovery necessary to identify and serve Defendant John

Does.

/s/ Liam O’Grady United States Magistrate Judge United States District Court Eastern District of Virginia

May April

2 ,2007

Case 1:07-cv-00419-CMH-TRJ

Document 6

Filed 08/30/2007

Page 1 of 2

UNITED STATES DISTRICT COURT FOR THE EASTERN DISTRICT OF VIRGINIA ALEXANDRIA DIVISION

__________________________________________ ) Project Honey Pot, a dba of Unspam ) Technologies, Inc., ) ) Plaintiff, ) ) v. ) ) ) John Does Injuring PHP and its Members ) By Harvesting Email Addresses, ) Transmitting Spam, ) And Posting Comment Spam, ) ) Defendants. ) __________________________________________)

No. 1:07CV419

NOTICE OF MOTION AND MOTION TO EXTEND TIME TO CONDUCT DISCOVERY NECESSARY TO IDENTIFY AND SERVE DEFENDANTS, AND TO EXTEND RULE 4(M) DEADLINE TO NAME AND SERVE DEFENDANTS

PLEASE TAKE NOTICE that on September 7, 2007 at 10:00 a.m., or as soon thereafter as the matter may be heard, Plaintiff Project Honey Pot (“PHP”), by its Counsel, will present oral argument in support of its Motion to Extend Time to Conduct Discovery Necessary to Identify and Serve Defendants, and to Extend Rule 4(m) Deadline to Name and Serve Defendants. Pursuant to Federal Rules of Civil Procedure 4(m) and 26(d), PHP hereby moves the Court to extend the time to conduct discovery necessary to identify and serve, and to extend the deadline to name and serve the John Doe Defendants. PHP has submitted a short Memorandum in support of its Motion.

Case 1:07-cv-00419-CMH-TRJ

Dated: August 30, 2007

Document 6

Filed 08/30/2007

Page 2 of 2

Respectfully submitted, /s/ Jon L. Praed VSB #40678 Attorney for Plaintiff Project Honey Pot Internet Law Group 4121 Wilson Boulevard, Suite 101 Arlington, Virginia 22203 Phone: (703) 243-8100 Fax: (703) 243-8162 [email protected]

Case 1:07-cv-00419-CMH-TRJ

Document 7

Filed 08/30/2007

Page 1 of 2

UNITED STATES DISTRICT COURT FOR THE EASTERN DISTRICT OF VIRGINIA ALEXANDRIA DIVISION

__________________________________________ ) Project Honey Pot, a dba of Unspam ) Technologies, Inc., ) ) Plaintiff, ) ) v. ) ) ) John Does Injuring PHP and its Members ) By Harvesting Email Addresses, ) Transmitting Spam, ) And Posting Comment Spam, ) ) Defendants. ) __________________________________________)

No. 1:07CV419

NOTICE OF MOTION AND MOTION TO EXTEND TIME TO CONDUCT DISCOVERY NECESSARY TO IDENTIFY AND SERVE DEFENDANTS, AND TO EXTEND RULE 4(M) DEADLINE TO NAME AND SERVE DEFENDANTS

PLEASE TAKE NOTICE that on September 7, 2007 at 10:00 a.m., or as soon thereafter as the matter may be heard, Plaintiff Project Honey Pot (“PHP”), by its Counsel, will present oral argument in support of its Motion to Extend Time to Conduct Discovery Necessary to Identify and Serve Defendants, and to Extend Rule 4(m) Deadline to Name and Serve Defendants. Pursuant to Federal Rules of Civil Procedure 4(m) and 26(d), PHP hereby moves the Court to extend the time to conduct discovery necessary to identify and serve, and to extend the deadline to name and serve the John Doe Defendants. PHP has submitted a short Memorandum in support of its Motion.

Case 1:07-cv-00419-CMH-TRJ

Dated: August 30, 2007

Document 7

Filed 08/30/2007

Page 2 of 2

Respectfully submitted, /s/ Jon L. Praed VSB #40678 Attorney for Plaintiff Project Honey Pot Internet Law Group 4121 Wilson Boulevard, Suite 101 Arlington, Virginia 22203 Phone: (703) 243-8100 Fax: (703) 243-8162 [email protected]

Case 1:07-cv-00419-CMH-TRJ

Document 8

Filed 08/30/2007

Page 1 of 7

UNITED STATES DISTRICT COURT FOR THE EASTERN DISTRICT OF VIRGINIA ALEXANDRIA DIVISION

__________________________________________ ) Project Honey Pot, a dba of Unspam ) Technologies, Inc., ) ) Plaintiff, ) ) v. ) ) John Does Injuring PHP and its Members ) By Harvesting Email Addresses, ) Transmitting Spam, ) And Posting Comment Spam, ) ) Defendants. ) __________________________________________)

No. 1:07CV419

MEMORANDUM IN SUPPORT OF PLAINTIFF’S MOTION TO EXTEND TIME TO CONDUCT DISCOVERY NECESSARY TO IDENTIFY AND SERVE DEFENDANTS, AND TO EXTEND RULE 4(M) DEADLINE TO NAME AND SERVE DEFENDANTS

By this motion, Plaintiff Project Honey Pot (“PHP”) respectfully requests an order extending time to conduct limited discovery necessary to identify and serve the John Doe defendants, and to extend the deadline under Rule 4(m) to name and serve the John Doe defendants. FACTUAL BACKGROUND

As noted in the Complaint, spam is a global problem of epidemic proportions. When this lawsuit was filed in late April 2007, PHP had received over 6 million spam messages during its 28 months of operations (an average of 217 thousand messages per month). In the four months since the lawsuit was filed, PHP as received an average of nearly 1 million new spam messages each month. While much of that growth is due to a substantial increase in the number

Case 1:07-cv-00419-CMH-TRJ

Document 8

Filed 08/30/2007

Page 2 of 7

of email addresses managed by PHP (and therefore available to receive spam), the fact remains that spammers are continuing to operate at an alarming pace and show no signs of abating in the near future. They will most certainly not stop unless lawsuits of this sort are afforded the time needed to complete the hard work necessary to obtain the real identity of those responsible. The spam messages PHP has received all have one thing in common – they advertise a host of purported products and services being sold at thousands of different websites located on computers all over the world. Of the 10 million messages PHP has received to date, however, perhaps the most pernicious have been those advertising illegal online pharmacies. The John Does responsible for these pharmacy spam messages are little more than high-tech drug traffickers. They sell counterfeit or fake prescription drugs to unwitting consumers without the benefit of a reputable doctor’s prescription. They sell their drugs at prices typically well below those charged by brick and mortar drugstores that are managed by licensed pharmacists (who are closely regulated by state and federal authorities and who dispense authentic drugs tested and approved by the FDA). The harm caused by these drug-trafficking spammers is real. A number of public reports in recent days have focused on the growing problem of pharmacy spam, the injuries traced to it, and the difficulties encountered by those who try to identify the killers behind the business.1 Because of the dangerous nature of spam advertising illegal online pharmacies, PHP has focused its discovery to date on the John Does responsible for this type of spam. To 1

Pharmacists Warn of Buying Drugs Online After Death Reported, CBCNews.com, March 21, 2007 (available at < http://www.cbc.ca/canada/british-columbia/story/2007/03/21/drugs-online-warning.html>); Spam Hunter, Forbes.com, July 23, 2007 (available at < http://www.forbes.com/business/free_forbes/2007/0723/054.html>) (profiling the unsuccessful attempts by the head of technology at a major spam-filtering company to track pharmacy spam to its source); and Damn Spam: The Losing War on Junk Email, The New Yorker, August 6, 2007 (available at < http://www.newyorker.com/reporting/2007/08/06/070806fa_fact_specter>) (noting negative trends in the long fight against spam).

2

Case 1:07-cv-00419-CMH-TRJ

Document 8

Filed 08/30/2007

Page 3 of 7

date, we have issued nearly three dozen subpoenas to third parties that provided services of one form or another to the John Does. Our discovery has revealed many significant facts. We have identified over 10,000 different domain names appearing in spam that lead to online pharmacies operating under questionable circumstances. We have mapped those 10,000+ domain names to fewer than 200 specific Internet “fingerprints.”2 Most importantly, nearly 90% of the domain names can be mapped to less than two dozen fingerprints, and approximately half of these fingerprints are connected to only one “hand”3 that represents over 50% of the entire online pharmacy spam problem today. While the John Does behind nearly every one of these fingerprints are going to extreme lengths to hide their identity, nearly all of them remain vulnerable to identification through the use of civil discovery. All of the major fingerprints are using Visa credit card merchant accounts to process consumer purchases on their websites. In addition, nearly all of the fingerprints have other substantial connections to the United States, including the use of IP addresses, domain name registrars, telephone numbers, and email addresses that are serviced by United States-based entities. While we have learned much about the individuals responsible for the advertising of illegal online pharmacies, our discovery has also encountered a number of roadblocks. Some were predictable, such as the use of stolen credit cards and Web Money4 to buy some services that are essential to the operation of their illegal online pharmacies. Other roadblocks were not anticipated. For example, several merchants that sold essential services to the John Does have 2

A “fingerprint” consists of any set of data that is likely to uniquely define an online pharmacy operation, and that serves to distinguish it from other online pharmacy operations. The data we consider includes the domain name hosting the site, the look and feel of the site, the technical data underlying the site, and any data points about the site that we may acquire through subpoena or other investigative means. 3 A “hand” is a collection of fingerprints that are unique from each other, but have connections between them. 4 Web Money is a form of online currency that is operated by a company headquartered in Moscow (http://www.wmtransfer.com/).

3

Case 1:07-cv-00419-CMH-TRJ

Document 8

Filed 08/30/2007

Page 4 of 7

refused to produce the John Does’ payment information without a protective order in place. We hope to complete negotiations over such an order in the near future. Other third parties have failed to respond to our subpoenas, including a major credit card issuer that has failed to produce valuable merchant account information closely tied to the John Does. While we believe the bank will respond in time, a motion to compel may unfortunately prove necessary. For all these reasons, PHP respectfully requests it be granted through November 26, 2007 to complete John Doe discovery and to name and serve defendants. LEGAL ARGUMENT Courts recognize that, in certain situations, the identity of a defendant may not be known prior to the filing of a complaint. In such circumstances, courts authorize a plaintiff to undertake discovery to identify the unknown defendant. In Gordon v. Leeke, 574 F.2d 1147, 1152 (4th Cir. 1978), the Fourth Circuit explained that, if a plaintiff states a meritorious claim against an unknown defendant, the Court should allow the plaintiff a “reasonable opportunity” to ascertain the identity of the unknown defendant through discovery. Paulinus Chidi Njoku v. Unknown Special Unit Staff, No. 99-7644, 2000 U.S. App. LEXIS 15695, at *2-3 (4th Cir. July 7, 2000) (remanding the case with instructions to afford plaintiff a “reasonable opportunity to properly identify” the John Does). This power is codified in Rule 26(d), which permits the Court to authorize discovery prior to the planning conference contemplated under Rule 26(f). In addition to authorizing discovery necessary to identify and serve the John Doe defendants, PHP is also seeking an extension of its deadline to name and serve defendants under Rule 4(m). Federal Rule of Civil Procedure 4(m) provides that a plaintiff who shows good cause for failure to effectuate service within 120 days of filing the complaint is entitled to an appropriate extension of time to serve. Courts have held that good cause exists – and that a

4

Case 1:07-cv-00419-CMH-TRJ

Document 8

Filed 08/30/2007

Page 5 of 7

plaintiff is entitled to additional time to effect service – when defendants take affirmative actions to avoid service of process. For example, in Ruiz-Varela v. Velez, the District Court dismissed the plaintiff's Complaint pursuant to Rule 4(m) for failure to serve Defendant Figueroa. 814 F.2d 821 (1st Cir. 1987). Recognizing that Figueroa was attempting to evade personal service by concealing his whereabouts, the First Circuit vacated the dismissal. Because Figueroa's attempts to conceal his location were designed to frustrate the plaintiff's ability to effectuate service, the Court of Appeals explained that dismissal for failure to serve was inappropriate: “Evasion of service by a putative defendant constitutes good cause for failure to serve under Rule 4[m].” Id. at 824. As noted above, the defendants in this case have gone to extreme measures to evade identification and service. Their attempts at evasion are an adequate basis for extending PHP’s deadline to name and serve. This Court should also grant PHP an extension of time to identify and serve the John Does due to its diligence in prosecuting this matter. Courts have consistently held that “a showing of diligence and a reasonable effort to effect service” constitute good cause under Federal Rule of Civil Procedure 4(m). In re Hall, 222 B.R. 275, 279 (Bankr. E.D. Va. 1998) (citing T & S Rentals v. United States, 164 F.R.D. 422, 426 (N.D. W.Va. 1996) and United States v. Britt, 170 F.R.D. 8, 10 (D. Md. 1996). In determining the type of diligence or extent of effort required to warrant an extension of the 120-day deadline, courts have examined the legislative history of amendments to Rule 4, noting that: “Inadvertent or heedless non-service is what amended Rule 4[m] is aimed at. Congress intended that a plaintiff who had made reasonable efforts to effect service would be permitted additional time, if needed, under Rule 6(b).” Arroyo v. Wheat, 102 F.R.D. 516, 518 (D. Nev. 1984) (citing to cases in which “there was no dilatory or willful delay” and in which “plaintiff’s abortive efforts [were] bona fide,” as

5

Case 1:07-cv-00419-CMH-TRJ

Document 8

Filed 08/30/2007

Page 6 of 7

illustrative of situations in which “good cause” was determined to exist); see also Quann v. Whitegate-Edgewater, 112 F.R.D. 649, 659 (D. Md. 1986) (citing Arroyo v. Wheat). PHP has subpoenaed nearly three dozen third parties in possession of information likely to lead to the identity of the John Doe defendants. This information has provided valuable leads into the identity of the defendants. PHP plans to continue its John Doe discovery, and also plans to communicate with other victims of these John Does in an effort to ensure its discovery does not inadvertently compromise other pending civil and criminal investigations. All of these reasons constitute good cause for an extension of the deadline to name and serve the John Doe Defendants. WHEREFORE, for the foregoing reasons and any additional reasons that may be adduced on this matter, PHP respectfully asks the Court to grant this Request and enter an Order substantially in the form of the attached proposed Order.

Dated: August 30, 2007

Respectfully submitted,

/s/ Jon L. Praed VSB #40678 Attorney for Plaintiff Project Honey Pot Internet Law Group 4121 Wilson Boulevard, Suite 101 Arlington, Virginia 22203 Phone: (703) 243-8100 Fax: (703) 243-8162 [email protected]

6

Case 1:07-cv-00419-CMH-TRJ

Document 8

Filed 08/30/2007

Page 7 of 7

UNITED STATES DISTRICT COURT FOR THE EASTERN DISTRICT OF VIRGINIA ALEXANDRIA DIVISION

__________________________________________ ) ) ) ) Plaintiff, ) ) v. ) ) ) John Does Injuring PHP and its Members ) By Harvesting Email Addresses, ) Transmitting Spam, ) And Posting Comment Spam, ) ) Defendants. ) __________________________________________) Project Honey Pot, a dba of Unspam Technologies, Inc.,

No. 1:07CV419

[PROPOSED] ORDER GRANTING PROJECT HONEY POT’S MOTION TO EXTEND TIME TO CONDUCT DISCOVERY AND TO EXTEND DEADLINE TO NAME AND SERVE DEFENDANTS This matter having been fully briefed, and the Court being fully apprised of the facts and law in this matter, it is HEREBY ORDERED that Project Honey Pot’s Motion to Extend Time to Conduct Discovery Necessary to Identify and Serve Defendants, and to Extend Rule 4(m) Deadline to Name and Serve Defendants is HEREBY GRANTED. Project Honey Pot shall have until November 26, 2007 to conduct discovery necessary to identify and serve Defendants John Does.

Date: __________________, 2007

____________________________________ United States District Court Eastern District of Virginia

Case 1:07-cv-00419-CMH-TRJ

Document 9

Filed 09/07/2007

Page 1 of 1

IN THE UNITED STATES DISTRICT COURT FOR THE EASTERN DISTRICT OF VIRGINIA Alexandria Division PROJECT HONEY POT d/b/a UNSPAM TECHNOLOGIES, INC., Plaintiff, v. JOHN DOES, Defendants.

) ) ) ) ) ) ) ) ) ) )

CIVIL NO. 1:07cv419

ORDER For the reasons stated from the bench, and in accord with specific rulings made at that time, it is ORDERED that plaintiff’s motion to extend time (no. 6) is GRANTED, and discovery needed to identify the defendants may be conducted through November 26, 2007. ENTERED this 7th day of September, 2007 .

/s/ Thomas Rawles Jones, Jr. United States Magistrate Judge Alexandria, Virginia

Case 1:07-cv-00419-CMH-TRJ

Document 10

Filed 11/26/2007

Page 1 of 2

UNITED STATES DISTRICT COURT FOR THE EASTERN DISTRICT OF VIRGINIA ALEXANDRIA DIVISION

__________________________________________ ) Project Honey Pot, a dba of Unspam ) Technologies, Inc., ) Plaintiff, ) v. ) ) John Does, ) Defendants. ) __________________________________________)

No. 1:07CV419

NOTICE OF MOTION AND MOTION TO EXTEND TIME TO CONDUCT DISCOVERY NECESSARY TO IDENTIFY AND SERVE DEFENDANTS, AND TO EXTEND RULE 4(M) DEADLINE TO NAME AND SERVE DEFENDANTS

PLEASE TAKE NOTICE that on December 7, 2007 at 10:00 a.m., or as soon thereafter as the matter may be heard, Plaintiff Project Honey Pot (“PHP”), by its counsel, will present oral argument in support of its Motion to Extend Time to Conduct Discovery Necessary to Identify and Serve Defendants, and to Extend Rule 4(m) Deadline to Name and Serve Defendants. Pursuant to Federal Rules of Civil Procedure 4(m) and 26(d), PHP hereby moves the Court to extend the time to conduct discovery necessary to identify and serve, and to extend the deadline to name and serve the John Doe Defendants. PHP has submitted a short Memorandum in support of its Motion. Dated: November 26, 2007

Respectfully submitted, /s/ Jon L. Praed VSB #40678 Attorney for Plaintiff Project Honey Pot Internet Law Group 4121 Wilson Boulevard, Suite 101 Arlington, Virginia 22203 Phone: (703) 243-8100 Fax: (703) 243-8162 [email protected]

Case 1:07-cv-00419-CMH-TRJ

Document 10

Filed 11/26/2007

Page 2 of 2

UNITED STATES DISTRICT COURT FOR THE EASTERN DISTRICT OF VIRGINIA ALEXANDRIA DIVISION

__________________________________________ ) ) ) ) ) v. ) ) John Does, ) Defendants. ) __________________________________________) Project Honey Pot, a dba of Unspam Technologies, Inc., Plaintiff,

No. 1:07CV419

[PROPOSED] ORDER GRANTING PROJECT HONEY POT’S MOTION TO EXTEND TIME TO CONDUCT DISCOVERY AND TO EXTEND DEADLINE TO NAME AND SERVE DEFENDANTS This matter having been fully briefed, and the Court being fully apprised of the facts and law in this matter, it is HEREBY ORDERED that Project Honey Pot’s Motion to Extend Time to Conduct Discovery Necessary to Identify and Serve Defendants, and to Extend Rule 4(m) Deadline to Name and Serve Defendants is HEREBY GRANTED. Project Honey Pot shall have until January 28, 2008 to conduct discovery necessary to identify and serve Defendants John Does.

Date: __________________, 2007

____________________________________ United States District Court Eastern District of Virginia

Case 1:07-cv-00419-CMH-TRJ

Document 11

Filed 11/27/2007

Page 1 of 2

UNITED STATES DISTRICT COURT FOR THE EASTERN DISTRICT OF VIRGINIA ALEXANDRIA DIVISION

__________________________________________ ) Project Honey Pot, a dba of Unspam ) Technologies, Inc., ) Plaintiff, ) v. ) ) John Does, ) Defendants. ) __________________________________________)

No. 1:07CV419

NOTICE OF MOTION AND MOTION TO EXTEND TIME TO CONDUCT DISCOVERY NECESSARY TO IDENTIFY AND SERVE DEFENDANTS, AND TO EXTEND RULE 4(M) DEADLINE TO NAME AND SERVE DEFENDANTS

PLEASE TAKE NOTICE that on December 7, 2007 at 10:00 a.m., or as soon thereafter as the matter may be heard, Plaintiff Project Honey Pot (“PHP”), by its counsel, will present oral argument in support of its Motion to Extend Time to Conduct Discovery Necessary to Identify and Serve Defendants, and to Extend Rule 4(m) Deadline to Name and Serve Defendants. Pursuant to Federal Rules of Civil Procedure 4(m) and 26(d), PHP hereby moves the Court to extend the time to conduct discovery necessary to identify and serve, and to extend the deadline to name and serve the John Doe Defendants. PHP has submitted a short Memorandum in support of its Motion. Dated: November 26, 2007

Respectfully submitted, /s/ Jon L. Praed VSB #40678 Attorney for Plaintiff Project Honey Pot Internet Law Group 4121 Wilson Boulevard, Suite 101 Arlington, Virginia 22203 Phone: (703) 243-8100 Fax: (703) 243-8162 [email protected]

Case 1:07-cv-00419-CMH-TRJ

Document 11

Filed 11/27/2007

Page 2 of 2

UNITED STATES DISTRICT COURT FOR THE EASTERN DISTRICT OF VIRGINIA ALEXANDRIA DIVISION

__________________________________________ ) ) ) ) ) v. ) ) John Does, ) Defendants. ) __________________________________________) Project Honey Pot, a dba of Unspam Technologies, Inc., Plaintiff,

No. 1:07CV419

[PROPOSED] ORDER GRANTING PROJECT HONEY POT’S MOTION TO EXTEND TIME TO CONDUCT DISCOVERY AND TO EXTEND DEADLINE TO NAME AND SERVE DEFENDANTS This matter having been fully briefed, and the Court being fully apprised of the facts and law in this matter, it is HEREBY ORDERED that Project Honey Pot’s Motion to Extend Time to Conduct Discovery Necessary to Identify and Serve Defendants, and to Extend Rule 4(m) Deadline to Name and Serve Defendants is HEREBY GRANTED. Project Honey Pot shall have until January 28, 2008 to conduct discovery necessary to identify and serve Defendants John Does.

Date: __________________, 2007

____________________________________ United States District Court Eastern District of Virginia

Case 1:07-cv-00419-CMH-TRJ

Document 12

Filed 11/27/2007

Page 1 of 5

UNITED STATES DISTRICT COURT FOR THE EASTERN DISTRICT OF VIRGINIA ALEXANDRIA DIVISION

__________________________________________ ) Project Honey Pot, a dba of Unspam ) Technologies, Inc., ) Plaintiff, ) ) v. ) ) John Does, ) Defendants. ) __________________________________________)

No. 1:07CV419

MEMORANDUM IN SUPPORT OF PLAINTIFF’S MOTION TO EXTEND TIME TO CONDUCT DISCOVERY NECESSARY TO IDENTIFY AND SERVE DEFENDANTS, AND TO EXTEND RULE 4(M) DEADLINE TO NAME AND SERVE DEFENDANTS

By this motion, Plaintiff Project Honey Pot (“PHP”) respectfully requests an order extending time to conduct limited discovery necessary to identify and serve the John Doe defendants, and to extend the deadline under Rule 4(m) to name and serve the John Doe defendants. FACTUAL BACKGROUND

As noted in the Complaint, spam is a global problem of epidemic proportions, and the volumes continue to rise at an alarming rate. When this lawsuit was filed in late April 2007, PHP had received “only” 6 million spam messages over the first 28 months of operations (an average of 217 thousand spam messages per month). In the four months immediately following the filing of this lawsuit, PHP received an average of nearly 1 million new spam messages each month. PHP is now receiving well over 1 million spam messages every four days. Much of that spam advertises illegal online pharmacies that are the focus of this lawsuit. Our analysis of this

Case 1:07-cv-00419-CMH-TRJ

Document 12

Filed 11/27/2007

Page 2 of 5

spam continues to indicate the vast majority of the problem can be traced to fewer than two dozen professional cyber-gangs.1 Our discovery is also generally consistent with the limited facts that have been publicly disclosed by others who are researching this illegal conduct.2 Despite their best efforts to hide, PHP believes every one of the professional gangs remains vulnerable to discovery and exposure through civil legal process. A number of domestic corporations are unwittingly providing “essential services” to the criminal gangs. To name just a few enabling services, every one of the gangs being tracked in this lawsuit has access to the following essential services: •

credit card merchant accounts they are using to charge consumer credit cards,

•

toll free telephone numbers they advertise as customer service centers, and

•

Internet-based accounts (domain names, webhosting services, email accounts, etc.) that produce innumerable data points that are controlled by domestic-based corporate entities. In recent weeks, PHP has successfully pursued several of these domestic

discovery fronts against a number of the largest cyber-gangs. For example, PHP only recently obtained payment information from an email service provider that was providing email service to one of the John Does. This John Doe was using the provider to distribute confirmation emails to buyers. The payment information provided indicates the John Doe paid for this email account using two debit cards issued by domestic financial institutions. PHP has initiated informal 1

In its previous motion to extend discovery, PHP briefly outlined the technical details that defined its view of the scope of the pharmacy spam problem and its counsel’s success in connecting nearly 90% of the problem to less than two dozen criminal cyber-gang “fingerprints.” See Memorandum in Support of Motion to Extend John Doe Discovery, filed August 30, 2007. 2 Internet Fraud Epidemic Costing Billions of Dollars, The Mercury News, November 9, 2007(available at http://www.siliconvalley.com/ghostsinthebrowser/ci_7408419?nclick_check=1); The Hunt for Russia’s Web Criminals, The Guardian, November 7, 2007 (available at http://www.guardian.co.uk/technology/2007/nov/15/news.crime?gusrc=rss&feed=technology); Shadowy Russian Firm Seen as Conduit for Cybercrime, Washingtonpost.com, October 13, 2007 (available at http://www.washingtonpost.com/wp-dyn/content/article/2007/10/12/AR2007101202461.html); and A Walk on the Dark Side, The Economist, August 30, 2007 (available at http://economist.com/displaystory.cfm?story_id=9723768).

2

Case 1:07-cv-00419-CMH-TRJ

Document 12

Filed 11/27/2007

Page 3 of 5

contacts with these banks, but has not had the opportunity to issue subpoenas. An extension of the discovery window is needed to permit PHP to subpoena these banks. While we have learned much about the individuals responsible for the advertising of illegal online pharmacies, our discovery continues to encounter roadblocks and the new spam we are analyzing constantly produces leads that point in helpful, new directions. Additional time is needed to overcome these roadblocks and to pursue these new discovery paths. For all these reasons, PHP respectfully requests it be granted a two month extension – to January 28, 2008 – to continue John Doe discovery and to name and serve defendants. LEGAL ARGUMENT Courts recognize that, in certain situations, the identity of a defendant may not be known prior to the filing of a complaint. In such circumstances, courts authorize a plaintiff to undertake discovery to identify the unknown defendant. In Gordon v. Leeke, 574 F.2d 1147, 1152 (4th Cir. 1978), the Fourth Circuit explained that, if a plaintiff states a meritorious claim against an unknown defendant, the Court should allow the plaintiff a “reasonable opportunity” to ascertain the identity of the unknown defendant through discovery. Paulinus Chidi Njoku v. Unknown Special Unit Staff, No. 99-7644, 2000 U.S. App. LEXIS 15695, at *2-3 (4th Cir. July 7, 2000) (remanding the case with instructions to afford plaintiff a “reasonable opportunity to properly identify” the John Does). This power is codified in Rule 26(d), which permits the Court to authorize discovery prior to the planning conference contemplated under Rule 26(f). In addition to authorizing discovery necessary to identify and serve the John Doe defendants, PHP is also seeking an extension of its deadline to name and serve defendants under Rule 4(m). Federal Rule of Civil Procedure 4(m) provides that a plaintiff who shows good cause

3

Case 1:07-cv-00419-CMH-TRJ

Document 12

Filed 11/27/2007

Page 4 of 5

for failure to effectuate service within 120 days of filing the complaint is entitled to an appropriate extension of time to serve. Courts have held that good cause exists – and that a plaintiff is entitled to additional time to effect service – when defendants take affirmative actions to avoid service of process. For example, in Ruiz-Varela v. Velez, the District Court dismissed the plaintiff's Complaint pursuant to Rule 4(m) for failure to serve Defendant Figueroa. 814 F.2d 821 (1st Cir. 1987). Recognizing that Figueroa was attempting to evade personal service by concealing his whereabouts, the First Circuit vacated the dismissal. Because Figueroa's attempts to conceal his location were designed to frustrate the plaintiff's ability to effectuate service, the Court of Appeals explained that dismissal for failure to serve was inappropriate: “Evasion of service by a putative defendant constitutes good cause for failure to serve under Rule 4[m].” Id. at 824. As noted above, the defendants in this case have gone to extreme measures to evade identification and service. Their attempts at evasion are an adequate basis for extending PHP’s deadline to name and serve. This Court should also grant PHP an extension of time to identify and serve the John Does due to its diligence in prosecuting this matter. Courts have consistently held that “a showing of diligence and a reasonable effort to effect service” constitute good cause under Federal Rule of Civil Procedure 4(m). In re Hall, 222 B.R. 275, 279 (Bankr. E.D. Va. 1998) (citing T & S Rentals v. United States, 164 F.R.D. 422, 426 (N.D. W.Va. 1996) and United States v. Britt, 170 F.R.D. 8, 10 (D. Md. 1996). In determining the type of diligence or extent of effort required to warrant an extension of the 120-day deadline, courts have examined the legislative history of amendments to Rule 4, noting that: “Inadvertent or heedless non-service is what amended Rule 4[m] is aimed at. Congress intended that a plaintiff who had made reasonable efforts to effect service would be permitted additional time, if needed, under Rule

4

Case 1:07-cv-00419-CMH-TRJ

Document 12

Filed 11/27/2007

Page 5 of 5

6(b).” Arroyo v. Wheat, 102 F.R.D. 516, 518 (D. Nev. 1984) (citing to cases in which “there was no dilatory or willful delay” and in which “plaintiff’s abortive efforts [were] bona fide,” as illustrative of situations in which “good cause” was determined to exist); see also Quann v. Whitegate-Edgewater, 112 F.R.D. 649, 659 (D. Md. 1986) (citing Arroyo v. Wheat). PHP has subpoenaed dozens of third parties in possession of information likely to lead to the identity of the John Doe defendants. This information has provided valuable leads into the identity of the defendants. PHP plans to continue its John Doe discovery, and also plans to continue to communicate with other victims of these John Does in an effort to ensure its discovery does not inadvertently compromise other pending civil and criminal investigations. All of these reasons constitute good cause for an extension of the deadline to name and serve the John Doe Defendants. WHEREFORE, for the foregoing reasons and any additional reasons that may be adduced on this matter, PHP respectfully asks the Court to grant this Request and enter an Order substantially in the form of the attached proposed Order.

Dated: November 26, 2007

Respectfully submitted, /s/ Jon L. Praed VSB #40678 Attorney for Plaintiff Project Honey Pot Internet Law Group 4121 Wilson Boulevard, Suite 101 Arlington, Virginia 22203 Phone: (703) 243-8100 Fax: (703) 243-8162 [email protected]

5

Case 1:07-cv-00419-CMH-TRJ

Document 13

Filed 12/03/2007

Page 1 of 1

UNITED STATES DISTRICT COURT

FOR THE EASTERN DISTRICT OF VIRGINIA ALEXANDRIA DIVISION

Project Honey Pot, a dba of Unspam Technologies, Inc., Plaintiff, No. l:07CV419

v.

John Does,

Defendants.

J Order Granting Project Honey Pot's Motion to Extend Time to Conduct Discovery and to Extend Deadline to Name and Serve Defendants

This matter having been fully briefed, and the Court being fully apprised of the facts and

law in this matter, it is HEREBY ORDERED that Project Honey Pot's Motion to Extend Time to Conduct Discovery Necessary to Identify and Serve Defendants, and to Extend Rule 4(m)

Deadline to Name and Serve Defendants is HEREBY GRANTED. Project Honey Pot shall have until January 28, 2008 to conduct discovery necessary to identify and serve Defendants John Does.

/s/Thomas Rawles Jones, Jr. Date:

2007

United States District Court Eastern District of Virginia

Case 1:07-cv-00419-CMH-TRJ

Document 14

Filed 07/17/2008

Page 1 of 1

IN THE UNITED STATES DISTRICT COURT FOR THE EASTERN DISTRICT OP VIRGINIA Alexandria Division

PROJECT HONEY POT d/b/a/

UNSPAM TECHNOLOGIES,

INC.,

Plaintiff,

,3

i 72008

CLhK

)

i

)

Lli

)

) JOHN DOES,

(I

Civil Action No. l:07cv419

)

Defendant.

)

ORDER

It appearing to the Court that this case was filed on

April 26, 2007 and the Plaintiff was given until January 28, 2008 to conduct discovery necessary to identify and serve the Defendants,

it is hereby

ORDERED that the Plaintiff's within twenty (20) days from

the date of this order, show cause as to why this case should not be dismissed pursuant to F.R.civ.P. 4(m).

1st

Claude M. Hilton United States District Judge Alexandria, July

;y ,

Virginia

2008

Case 1:07-cv-00419-CMH-TRJ

Document 15

Filed 08/06/2008

Page 1 of 1

UNITED STATES DISTRICT COURT FOR THE EASTERN DISTRICT OF VIRGINIA ALEXANDRIA DIVISION

__________________________________________ ) Project Honey Pot, a dba of Unspam ) Technologies, Inc., ) ) Plaintiff, ) ) v. ) ) John Does Injuring PHP and its Members ) By Harvesting Email Addresses, ) Transmitting Spam, ) And Posting Comment Spam, ) ) Defendant. ) __________________________________________)

CIV. ACTION No. 1:07 CV 419 (CMH/LO)

PROJECT HONEY POT’S DISMISSAL OF COMPLAINT WITHOUT PREJUDICE

Whereas, Project Honey Pot (“PHP”) has elected to dismiss this civil action without prejudice, as a matter of right under F.R.C.P. Rule 41(a)(1)(i); no Defendant has been named or served; and no Answer has been filed. Therefore, PHP hereby voluntarily dismisses its Complaint without prejudice.

Dated: August 6, 2008

Respectfully submitted, /s/ Jon L. Praed VSB #40678 Attorney for Plaintiff Project Honey Pot Internet Law Group 4121 Wilson Boulevard, Suite 101 Arlington, Virginia 22203 Phone: (703) 243-8100 Fax: (703) 243-8162 [email protected]