Chasing the Cyber-Thief and Option to Subpoena Internet Service Provider

George Benaur, Benaur Law LLC

By George Benaur

As widely reported across the country, cyber-breaches are rampant and impact everyone: governments, companies and individuals. In most attacks, the perpetrator is not known. The cyber-thief can be half way around the world operating under an alias and using sophisticated technology to hide his or her whereabouts or identity. In these types of cases, there are some cyber-investigation specialists that can try to find the perpetrator, but even the most sophisticated computer and internet experts may not be able to find the cyber thief without obtaining critical information from the internet service provider (such as IP addresses, email account access history, etc.). The information is generally needed right away and moves (and disappears) very fast, but the service provider may not be willing to provide it without a valid subpoena, so hence the dilemma.

So what type of relief can you get in court if you are in this situation? How can you obtain the information efficiently and proceed with the investigation and still have time to catch the cyber thief on a laptop half way around the world? One solution that could be pursued (and there is some precedent for success where such an application was approved by the court) is to bring an action against a John Doe defendant and file an immediate emergency application seeking the court’s leave to subpoena the internet service provider in order to obtain the information regarding IP addresses, names, etc. The court may require a good amount of support for such relief but it can be done, especially in cases where you can make a strong showing that a real theft was perpetrated. Whether the internet service provider will actually comply with the subpoena is another matter.

The problem is that it is not clear whether this application would work in all jurisdictions. In New Jersey, for example, courts have established a tough standard for pursuing such applications in online defamation cases, but these cases are different from cyber-attack situations. Under the current set of rules and case law, there does not appear to be a uniform standard across the different state and federal court jurisdictions for obtaining emergency relief to issue a subpoena in John Doe cyber-theft cases. There is no clear-cut, uniform standard or procedure for people to follow to try to obtain relief in court in order to discover the identity of cyber thieves. What may work in some courts may not work in other jurisdictions – the law is not settled on how the courts will treat applications to subpoena the service provider in emergency cyber-theft cases, where a fast response is imperative. As the law develops to deal with the looming threat of cyber-attacks, it is very likely that new standards will develop and some courts may even look to developing specific procedures for pursuing these types of cases.

Let's Work Together


43 West 43rd Street
Suite 225
New York, NY 10036-7424

Phone Number:


Your Details

Let us know how to get back to you.

How can we help?

Feel free to ask a question or simply leave a comment.

English English Russian Russian

Pin It on Pinterest

Share This