The Electronic Frontier Foundation has announced that it will defend Jeremy Rubin, an MIT student who received an out of state subpoena following his prize award-winning Bitcoin code Tidbit, in a court appearance on the 22nd of September 2014.
However, as the 19-year-old students were celebrating their award for the most innovative project, Brian Morgenstern, an Investigator with the Cyber Fraud Unit of the New Jersey Division of Consumer Affairs was opening an investigation on possible breaches of Consumer Fraud Act and unauthorized computer access legislation which seems to have led to a subpoena and interrogatories served on Mr. Rubin on the 9th of December 2013.
The subpoena and interrogatories ask 51 questions or requests for documents, including, according to EFF, self-incriminating questions such as:
“all instances where Tidbit, its employees and/or websites utilizing the Bitcoin code accessed consumer computers without express written authoization (sic) or accessed consumer computers beyond what was authorized.”
According to Mr. Rubin’s attorney,
“This language is almost identical to the language found in New Jersey’s computer crime law’ N.J.S.A. 2C:20-25(a), which makes it a crime for a person to “knowingly or purposely access computerized data without authorization or in excess of authorization.”
The Electronic Frontier Foundation became involved in this case in or around January 2014 by writing a letter to Glenn Graham, Deputy Attorney General for New Jersey, asking for the subpoena to be withdrawn as:
“Tidbit’s code has never been functional and is incapable of mining for bitcoins”
“Tidbit and its developers have no connection to New Jersey at all… the Dormant Commerce Clause prohibits New Jersey from using state law to regulate interstate commercial activity.”
The Attorney General for New Jersey however refused, stating that they had the right to compel Mr. Rubin to comply with the subpoena regardless of whether Tidbit was located in New Jersey or otherwise. EFF then filed for injunctive relief from the Superior Court of New Jersey, challenging the State Department’s jurisdiction and the nature of the questions.
While legal arguments were being put forward, the President of MIT together with numerous MIT Professors, Research Scientists and hundreds of students wrote a letter to Mr. John Hoffman, Acting Attorney General for the State of New Jersey, to try and resolve the matter amicably as the subpoena would have an “undue chilling effect on innovation and technological creativity that is vital to both learning and economic growth.” Mr. Hoffman however not only refused but proceeded to ask for court enforcement of the subpoena, raising the specter of contempt of court.
Only a Proof of Concept or Active Code?
Most of the court arguments seem to be technical and very much mired in legalese, but there may be an underlying factual question which, for the public court, may determine whether this investigation had any basis whatever. Tidbit ascertains that:
“Tidbit isn’t fully ready for production use… the whole infrastructure is only a proof of concept. We have left out the final interaction with P2Pool while we put together a Terms and Conditions, so we currently do not receive any Bitcoins.”
However, Mr. Morgenstern states that:
“On November 20, 2013, and following a random website search, I confirmed that the Tidbit Code was present on at least three (3) websites that were registered and located in New Jersey. During the course of the Investigation, I confirmed that the Tidbit Code was active on all New Jersey Coded Websites by accessing the source code for each website.”
The State Department attorneys state repeatedly in numerous court documents that the code was “present and active.” A phrase which, on the face of it, suggests that the code was actually mining bitcoins. This is sternly opposed by Tidbit, which was announced the winner of the Hackathon on the 18th of November, a mere two days prior to Mr. Morganstern accessing the websites. Mr. Rubin’s attorney states in court documents that Mr. Rubin was aware of possible legal complications that a working product may have, and MIT re-iterates in their letters that Tidbit was only a proof of concept.
Furthermore, Mr. Morganstern does not provide any evidence that the code was actually mining bitcoins. The only evidence provided in all of the witness statements of the code being “active” is its presence on the source code of the website, which, of course, does not mean that the code is actually functioning.
No Reason for an Investigation of the MIT Students– Editorial Comments
The repeated use of the wording “present and active” therefore may be misleading. If that is the case, as seems likely considering the lack of any evidence that the code caused any website to mine bitcoins, and considering that Tidbit and MIT maintain that the code was not a working product, but only a proof of concept, then the state department had no basis for issuing the extensive subpoena containing 51 questions or requests.
Whether intentionally or recklessly, considering that the code was not operational, the subpoena acts as a prejudgment of the actions of the MIT students who could fully comply with all legal requirements by simply asking website visitors for consent. Moreover, the actions of the state department seem to completely ignore the context or nature of Tidbit as well as the fact that it was created in mere two days in a learning environment overseen by professors and judged by successful internet business leaders. Nor can any self-awareness be ascertained from the words or acts of the State Department which refused and continues to refuse to withdraw the subpoena, opting instead to defend it and do so vigorously, despite being warned of the chilling effect that their premature and reckless actions are likely to have and “indeed are now having” – according to the MIT President.
The Superior Court of New Jersey might be confined to the legalese arguments, but the judge may also consider the wider public policy implications of the actions of the State Department and of enforcing this subpoena. Moreover, the public court, especially the innovators, internet business leaders and technology professional who have enriched America and the world beyond imagination for the past two decades, may see the State Department as being on trial and the court itself for its ability to hold to account an out of control State Department which recklessly proceeds to terrify a teenage student into shutting down a perfectly legal concept and, if correctly implemented, a perfectly legal and innovative program which may benefit society by providing websites, including non-profits such as Wikipedia, with another source of revenue.
The case is Rubin v. New Jersey (Tidbit)
Images from Shutterstock.