loader gif

How to sue an Unknown Hacker?

GWA, LLC v. Cox Communications

Are you a victim of hacking? Has your computer been locked by a Ransomware or your personal information stolen through a Trojan? Have you banking details been phished by hackers? Often, people who are victim of hacking find no legal recourse to their problems but it is not true. This article will teach you how to sue an unknown hacker. It is due to lack of knowledge that most of the people don’t resort to legal methods. In this article we will detail out the legal course you can adopt against a hacker.

A federal district court in Connecticut while hearing the case of GWA, LLC v. Cox Communications, Inc. and John Doe, 2010 WL 1957864 (D.Conn. May 17, 2010) has cleared the air over the issue. As per the court, the victim can file a federal lawsuit against the hacker under the federal Computer Fraud and Abuse Act (“CFAA”), Title 18, U.S.C § 1030(g). Under this law, the victim needs to file the case against the owner of the hacker’s IP address. Every internet service provider assigns a unique number to every computer or device connected to the internet. This number is known as IP Address or Internet Protocol Address.

The Computer Fraud and Abuse Act is a federal law under which victims of hacking related crimes can get relief by filing cases against the unknown hackers. In the GWA case, a petition by a corporate plaintiff was allowed by the court. The purpose of the petition was to obtain a pre-action discovery to identify the ISP account associated with the IP address from Cox Communications. The court cited Fed.R.Civ.P.27, law that permits discovery before the filing of a federal action for perpetuating testimony to “prevent a failure or delay of justice”.

Rule 27(a)(1) necessitates to file a petition showing below mentioned details so as to obtain a pre-action discovery:

1) Petition. A person who wants to perpetuate testimony about any matter cognizable in a United States court may file a verified petition in the district court for the district where any expected adverse party resides. The petition must ask for an order authorizing the petitioner to depose the named persons in order to perpetuate their testimony. The petition must be titled in the petitioner’s name and must show:

(A) that the petitioner expects to be a party to an action cognizable in a United States court but cannot presently bring it or cause it to be brought;

(B) the subject matter of the expected action and the petitioner’s interest;

(C) the facts that the petitioner wants to establish by the proposed testimony and the reasons to perpetuate it;

(D) the names or a description of the persons whom the petitioner expects to be adverse parties and their addresses, so far as known; and

(E) the name, address, and expected substance of the testimony of each deponent.

In simple words, the GWA case decision and Rule 27 have provided an elaborate road-map which victims of hacking can pursue to initiate legal action against the attackers. Further the key that drives the use of this procedural device to gain sufficient evidence against hackers before filing a lawsuit has been provided in the Physicians Interactive v. Lathian Systems, Inc., 2003 WL 23018270 *10 (E.D. Va. Dec. 5, 2003) case which says that “electronic evidence can easily be erased and manipulated” and thus is more likely to be lost or destroyed intentionally unless urgent action is taken to preserve it.

loader gif