Case of the Day: Microsoft v. John Doe


The case of the day is Microsoft Corp. v. John Doe (E.D.N.Y. 2012). Microsoft asserted claims against dozens of unknown defendants, the alleged creators, controllers, and users of the “Zeus Botnets” malware, a malicious computer program that is used to commit various cyber-crimes. Microsoft did not know the identities of the defendants, but its investigation had shown that they were “most likely [to] reside in the Russian Federation, Ukraine and/or Romania.” Microsoft had served process on the defendants via email and publication on the internet. When they did not answer, it sought entry of default.

The court agreed and directed the clerk to enter the defendants’ default. It noted that the Hague Service Convention did not apply, because the defendants’ addresses (and indeed, their names) were unknown, and it noted that the service satisfied the Due Process Clause because it was reasonably calculated in the circumstances to give notice to the defendants in time to allow them to defend.

My only concern about the decision is that it is not really clear to me that Microsoft obtained the judge’s permission to make service by email and publication before making the service, as I think FRCP 4(f)(3) requires. The rule permits service by such other means “as the court orders.” I don’t see an indication in the decision itself or in the docket of a motion for leave to make service by alternate means.


Leave a Reply

Your email address will not be published. Required fields are marked *

Thank you for commenting! By submitting a comment, you agree that we can retain your name, your email address, your IP address, and the text of your comment, in order to publish your name and comment on Letters Blogatory, to allow our antispam software to operate, and to ensure compliance with our rules against impersonating other commenters.