VPN LLC has filed its response to Dikian's motion to proceed pseudonymously.
There's a lot to unpack, but if you want the TLDR on the overall motion - I would put my two quatloos on VPN winning this motion for a number of reasons. Surprisingly, I don't think VPN touched on one of the best reasons, and I'm not going to go into it, because I think Brett had fair notice of what that reason is. But, I think Brett's going to score another motion anyway.
VPN's reply brief is here, if you want to read it for yourself and make your own conclusions (which you should):
https://storage.courtlistener.com/recap/gov.uscourts.cacd.855964/gov.uscourts.cacd.855964.55.0.pdf
So, I don't think the subject of whether Dikian should proceed pseudonymously is all that interesting.
What
does strike me as interesting is the back-and-forth over the expert reports, and the emerging new theory of liability.
First, the expert reports. I posted some extracts above which state that based on the IP access logs provided by Yahoo! among other things, it appears that there was someone using a Wifi hotspot in Portugal to access the account while Mr. Dikian can show he was in Florida.
Some background... As a lawyer, or even as a party, you can't just say, "We got these IP access logs from Yahoo and they show that someone used a VPN and a WiFi hotspot in Portugal." You need to have someone with relevant qualifications look at it and say, "Yes, I know internet stuff and, duh, I can look up an IP address and show it is a WiFi hotspot provider in Portugal." Now, are there ways to merely "appear" as if you are using a hotspot in Portugal? Yeah, but really why bother. The provider in question is the biggest ISP in Portugal, so there's no reason to fake that, since it's not going to be practically traceable anyway.
In fact, if you say "Portugal" and "domains, I did the obvious thing. I looked up header information on an email I received from Domain Sherpa and Media Options principal Andrew Rosener and, sure enough, he's a home subscriber of the same ISP. So, perhaps he was out at the café, taking in a soulful Fado performance, and scheming to get even for his #8 broker ranking at VPN.com:
I added the gold star so that, if Drew is slumming in this thread, the 8th place won't get him down. As Drew says:
But of course, I'm just kidding. Drew and Mike are good friends and Mike has appeared on Domain Sherpa many times.
Getting back to the point, to introduce and interpret a piece of technical evidence, you need an expert to vouch for it. Most experts aren't dumb, and they understand that their opinion is worth something, so it is of course not a volunteer effort.
The court is not dumb either, so it doesn't really make anyone look good to throw in gratuitous lines like:
The implication of calling them "hired" experts with "paid-for" reports is, of course, to suggest that the experts just say whatever the folks paying for them want them to say. First, I've known Rod Rasmussen for quite a long time, as have many in the ICANN community. His opinion, as opposed to his time and attention, is not for sale. Second, at some point VPN is going to want to introduce an expert opinion of their own, so I look forward to whatever volunteers they might find to work for free.
But we can all see the access logs produced by Yahoo! and it's no great mystery that they show access through a VPN and through IP addresses associated with a WiFi hotspot provider in Portugal, and coinciding with some of the correspondence we've seen in the case thus far.
I mean, if we want to rely on the opinion of "volunteer experts", there are certainly no shortage of persons who have expected that the access logs produced by Yahoo! show pretty much what this case looked like to a lot of experts from the get-go.
But, let's look at some volunteer expert opinions, such as the points made above in this thread by Chris Hydrick about email-only contacts and what we might expect to see in the Yahoo email access log:
This is similar to what happened in
the Booth purchase of CQD.com when the CQD.com domain owner had her Yahoo email compromised. Going further than automated alerts the hacker added 20+ filters to send certain emails directly to trash. Similar to this VPN scenario, the real CQD.com owner also used a Yahoo email address.
Here's a detailed post regarding the 2018 CQD.com theft, and how the CQD.com's domain owners Yahoo email was manipulated.
In fact, I believe Mr. Hydrick has put together a plausible identification of Mr. "Dikian" based solely on public records.
Or by George Kirikos, concerning apparent warning signs:
I don't know what VPN[.]com is thinking, but this complaint doesn't put themselves in a good light.
Beyond the obvious lack of due diligence (e.g. they don’t mention ever authenticating the parties by phone – everything appears to be via emails),
...and there has been a wealth of other opinions posted - for free - by various experts on other domain blogs and news sites - all of whom believed it to be most likely - just based on the stated facts - that an email address compromise seemed the most likely scenario.
So, I wouldn't go to hard on the "hired experts" and their "paid for" reports, since anyone else can look at those access logs in the motions and find out, to no one's great surprise, that it suggests a pattern of unauthorized access, impersonation, and covering their tracks to avoid alerting Dikian -
which is what quite a few unhired experts in unpaid-for blog postings miraculously expected to see.
The "hired experts" and "paid for" rhetoric is an unnecessary swipe at Mr. Rasmussen and Mr. Seiden. I get the point about whether the expert reports have been fully vetted for some of the subject matter discussed therein, but the purpose for which they are being used here is more geared to simply point out that Dikian reasonably believes he has been the victim of having his email hacked.
But the substantive issues can be hashed out at a later time. The judge is not being asked to decide the case on these filings.
Speaking of the "substantive issues", we can see the inklings of a new theory of liability clearing its throat. As noted above, there is the issue of whether being careless with your email account settings is a reasonably foreseeable cause of someone else ending up being swindled:
So, yes, it is clear that even if Dikian's email were compromised by a third party and used for the scam, VPN LLC intends to proceed on a negligence theory.
The second point I highlighted is one for which I haven't worked out the timeline. Dikian at some point became aware of funny business going on with his account and locked it down with 2FA. But VPN LLC seems to be suggesting that Dikian must have been specifically aware of the scam in progress involving VPN LLC and had a duty to warn VPN LLC. Although, I seem to recall that under Dikian's version of events, he warned VPN LLC when, through an inadvertent cc: to the Yahoo email address, he became specifically aware of what was going on.
I know it is hazardous to go from memory, so maybe some kind soul will put together the agreed timeline events and any disputed timeline events leading up to this email:
In case there is a document which I haven't linked, or you want to catch up, the docket collected by RECAP is here:
https://www.courtlistener.com/docket/63559525/vpncom-llc-v-george-dikian/