A Quick Note Regarding Prenda Law's Subpoena To WordPress

I've now added a Prenda Law tag to collect my posts about them.

Earlier I mentioned that Prenda Law and its principals had reacted to ongoing criticism by filing three lawsuits. Attorney John Steele — one of the attorneys affiliated with Prenda Law — has now dismissed his suit. The other two remain — including a lawsuit by Prenda Law in Illinois.

Alan Cooper and his lawyer Paul Godfread (who, you may recall, filed documents asserting that Prenda Law stole Mr. Cooper's identity) have removed the case to federal court in the Southern District of Illinois. Removal is a process that allows defendants to move a case filed in state court to the local federal court if certain jurisdictional prerequisites are met. The federal court in Illinois has ordered them to establish certain grounds for removal.

Meanwhile, however, many people are talking about a remarkable subpoena that Prenda Law served before Cooper and Godfread removed the case. That subpoena is directed at WordPress and purports to demand the IP address of everyone who visited the blogs www.dietrolldie.com or www.fightcopyrighttrolls.com between January 1, 2011 and the present. Those blogs, of course, are two of the Prenda critic sites that Prenda Law is suing.

There are a number of problems with this subpoena.

First, once Cooper and Godfread filed their notice of removal, the state court lost all jurisdiction over the matter (at least unless or until the case is sent back) and all proceedings in state court halted by operation of law — including the obligation to respond to outstanding discovery. Prenda Law would need to re-issue the subpoena in the federal proceeding.

Second, though I am looking into it, it's not clear to me whether Prenda Law followed the requisite procedure under the Uniform Interstate Discovery Act required for them to serve a subpoena on a California company in an Illinois case. We'll see.

Third, the subpoena is ridiculously overbroad. It asks for the IP addresses of everyone who visited the sites, not just people who made specified comments — let alone comments that could plausibly be deemed defamatory. Moreover, it demands IP addresses for a period in 2011 before Prenda Law existed, and therefore before it plausibly could have been defamed or wronged.

Fourth, under emerging doctrines governing attempts to discover the identity of anonymous commenters, it is doubtful that Prenda Law can justify its broad subpoena. Prenda's lawsuit, as I earlier pointed out, is a mish-mash of complaints about statements of fact (which could conceivably be defamatory) and statements of opinion (which cannot). Under these circumstances a court should quash the overbroad subpoena under the increasingly prevalent rule that a plaintiff must make some sort of preliminary showing to discover information about the identities of anonymous speakers.

I'm informed that WordPress has the subpoena, and has notified the blogs that they have seven days to respond. It's not clear to me that anyone is obligated to respond at all, including WordPress — the subpoena was voided by operation of law upon removal. But WordPress, and attorneys representing the blogs, may proceed cautiously and file something to challenge it. It is my hope that WordPress, for the sake of free expression and their own reputation, takes a strong stand in its own name against the subpoena — the whole internet is watching.

Last 5 posts by Ken White


  1. AnonLitSupport says

    I commented on this issue on the Die Troll Die blog yesterday, as it was somewhat concerning to me. I also emailed WordPress regarding it. They have stated that as the subpoena is being challenged, they have no intention of answering it until such time as any legal challenges have run their course. That provides at minimum a stay to everyone, and considering the likelihood of the subpoena being thrown out, even more.

  2. says

    3. Moreover, our blogs did not exist at that time either. Mine was started in May 2011, DTD sometimes in Summer/Fall. The only event that happened on 1/1/2011 was John Steele's wedding, but I'm sure it's a coincidence.

    4. We both received emails from WordPress.com and replied. Today their replies arrived:


    Thank you, we've received your response and will take no further action on this subpoena until the judicial process is completed.

    Thank you,


  3. Nicholas Weaver says

    I'd add

    Fifth: The subpoena CAN NOT help Prenda in the defamation case, because the information requested CAN NOT identify the posters of possibly defamatory material. Yet such a list, combined with Prenda's existing lists of allegedly infringing IP addresses, could be used to selectively target those who visit the sites in any possible upcoming suits Prenda may file on copyright issues.

  4. That Anonymous Coward says

    A concern in my head is that they are hoping to connect anonymous question askers (or people who were made anonymous after revealing to much detail in a post) with their list.
    This would allow them to send yet another generation of "settlement" letters with the additional pressure of 'but you went looking for information, you must have been guilty' twist.
    It will not be the first time this tactic as been employed.
    …'this other person who did the same thing you did got hit for $150K!'…
    No mention of it having been a default.
    No mention of serious questions about the defendant actually having been served.
    Just enough facts to make the recipient think they are screwed and well a couple thousand is better then $150K and their name associated with 'stealing' porn.

    The system has been gamed multiple times, this subpoena didn't surprise me. What is making me happy is no one is taking it laying down, and more people can see the behavior that those of us in the anti-copyright troll trenches have seen and spoken out about before.

  5. Nicholas Weaver says

    @TAC: Agreed.

    Especially since they explicitly did not ask for information to identify posters, only visitors, so the IP logs of "visitor X at time Y" can't clearly disambiguate a post at time Y, since there can be multiple visitors at a given time that a post was made.

  6. Anonymous says

    What no one is asking here is what action had WordPress taken to date on the subpoena? Look at their response:

    " . . . will take no further action on this subpoena"

    They had it ten days before SJD and DTD saw it. In that time, did they send them any information, compile any information, etc.? Why have they not said our lawyers are fighting the subpoena? Their response is cryptic and gives me cause for concern.

  7. Anon says

    WordPress is huge, they probably get bullshit like this all the time and ignore it until a judge tells them otherwise.

  8. Dies Irae says

    If they did not follow the proper procedures for obtaining subpoena power over an out-of-state party, there could be interesting disciplinary ramifications, because unlike most things that are filed in court or sent to someone, an attorney-issued subpoena is the attorney purporting to act on behalf of the court and using the court's authority. Where, as may be the case here, that authority does not in fact extend that far, making such an assertion would at the least be an untruthful statement of law to a third party made in violation of the legal rights of that third party (for purposes of ABA Model Rules of Professional Conduct 4.1 and 4.4), to say nothing of any non-professional penalties for misuse of state authority.

  9. says

    @ Anonymous

    I think "further" refers to the fact that, upon receiving the subpoena, WordPress contacted the blogs in question–that is it "took action."

    Now that both blogs have responded, WordPress is stepping out of the matter.

    Obviously, I may be wrong, and it perhaps behooves both blogs to clarify with WordPress *shrug*

  10. Nicholas Weaver says

    Matthew: I disagree. They wouldn't be so urgent about it if it was just for damages.

  11. Nicholas Weaver says

    @Azteclady: No worries from WordPress. This is the response I got:


    Thanks for your note. The blog owner has already informed us that the subpoena will be challenged. Per our policies, we will not turn over any information (including on commentors) until that challenge has been decided by the courts.

    Thank you,

  12. Shkspr says

    I have an inkling that they don't really have any reason to USE the information, but that by making it publicly known that they're looking for anyone who has viewed the blogs in question, they're hoping that the threat of being dragged into the middle of the lawsuit will discourage anyone who hasn't read the blogs yet from doing so. If so, it's an interesting (reprehensible) approach to chilling freedom of speech.

  13. Jess says

    It seems to me the main purpose of the subpoena is an attempt to scare people away from visiting and commenting on the SJD and DTD blogs.

  14. says

    To put some of your concerns to the rest, I'm informed that today Automattic's legal department sent Mr. Duffy an official reply, refusing to comply with subpoena.

  15. Kevin says

    I'm having a hard time figuring out Prenda's motivation here, i.e. what they actually plan to do with this list of IPs if they got it. As has been pointed out by Nicholas Weaver, this information wouldn't even be sufficient to identify defamatory commenters, even if anything said was legitimately defamatory.

    My initial assumption was that they wanted these IPs to check them against their torrent "forensics", in order to selectively target their critics for future trolling… the idea being to chill criticism by putting the word out there "if you criticize us on the internet, we'll make sure you're a defendant in our next case." But that doesn't really make any sense… they can only go after people who've violated one of the small number of copyrights they actually hold, and the likelihood that any particular commenter on either of these blogs happens to have downloaded one of the small number of porn flicks these guys hold copyright to is just astronomically small.

    So I'm stumped. Even if I put myself in Prenda's shoes, and tried to make myself as evil as possible, I just can't think of any way in which this list of IPs would even be useful to me.

  16. Mysterious Anonymous says

    I think Shkspr and Jess' guesses are closest to the truth.

    It seems like all of this happened at once, but people need to keep the timing in mind. These defamation suits were filed a week or two before Brett L. Gibbs' sanctions hearing spiraled out of control and resulted in the unmasking of many of Prenda's layers of deception and then the summoning of all of Prenda's "senior management" to Judge Wright's courtroom.

    When these suits were filed, it looked like maybe Brett would get in some trouble, but Prenda attorneys have been dressed down by judges numerous times with no real consequences. So they were probably not particularly worried about the LA hearing at the time they filed the defamation suits, but they were no doubt increasingly furious about the tireless investigative work performed by the online community. For the last two years, FCT and DTD have done a great job of raising public awareness and keeping the trolls honest. When Steele | Hansmeier, now Prenda, first started filing copyright infringement suits, they didn't even bother to file copyright registration applications, even though registration is necessary to claim the statutory damages they ask for and in some jurisdictions registration is supposed to be required to litigate a copyright lawsuit at all. They only grudgingly began having clients register their works after the "oversight" was publicized on the blogs, and since then have only grudgingly done the bare minimum necessary to operate anywhere near on the up and up.

    When they filed the defamation suits, it was likely a last-ditch attempt to prevent precisely what has happened. They wanted to scare their targets into avoiding discussing these cases publicly, and to create a meme that says "Visit FCT or DTD and you may wind up named in a defamation lawsuit. Post on FCT or DTD and you will wind up in a defamation lawsuit." They only tools these guys know are massively over-broad subpoenas and intimidation, so it is no great surprise that those tools were deployed here.

    Unfortunately for Prenda, almost immediately after they implemented their brilliant plan to sue the Internet, Judge Wright increased his DEFCON level to 1, drawing massive attention to Prenda from a much broader audience, so that when the news of this latest shenanigan broke it just looked pathetic and sad. Couldn't have been better really.

  17. Lucy says

    They are getting sloppy, or have just always operated this way. It looks like arrogance to me. The possibility of frauding with a stolen identity from someone Steele knows, that's balls. Suing the victim back for suing them over it, well that's just, wow. These guys posture like the rest of the world was just hatched.

    I'm curious how many cases this group has actually won going to trial. It seems the majority of money generated is from shakedowns/settlements, and not actually following through with integrity to the law.

    How are they making a living if they don't actually get paid for anything? Following the money is usually a good policy for getting answers.

    I've wondered if Alan Cooper can afford to travel on short notice but haven't found any place indicating donations would be appropriate.

  18. Mywits says

    Good points, Ken. Aside from the fact that it's now a nullity, a subpoena duces tecum can only compel the production documents — not ask questions or compel the creation of new evidence. It's not an interrogatory. These folks are mightily confused. This entire tale all reminds me of a pulp classic from my youth – "The Gang That Couldn't Shoot Straight." I do hope someone is working this into a screen play.

  19. Mywits says

    To Anon's comment, any entity that get's these all the time knows they can't afford to ignore them. A federal agency did that in the Fannie Mae Securities Litigation a couple of years ago and were forced to eat $10 million in production costs – 9% of their annual budget. As a non-party. Nice litigation system we have here.

    No, WordPress likely has a law firm or in-house schlub who spends an unreasonable amount of time dealing with nonsense like this and gets very good at batting them away properly – using the law.

  20. Kat says

    They would also be likely to put a legal hold on any records that might become pertinent just to be on the safe side. If they ARE compelled by a court to produce the information, then 'sorry, we deleted those in the normal course of business after the subpoena' will be viewed as destruction of evidence and would hurt the defense's case. Putting a legal hold on the records doesn't mean they're planning on releasing them or anything, but it is an action that they would be likely to take.

  21. Kat says

    That is to say, this applies in the case of a subpoena that hasn't been immediately nullified, lol. That being said, it would still be prudent of them to go ahead and make sure the data is protected just in case.

  22. James Pollock says

    "Especially since they explicitly did not ask for information to identify posters, only visitors, so the IP logs of "visitor X at time Y" can't clearly disambiguate a post at time Y, since there can be multiple visitors at a given time that a post was made."

    Well, if you start with the log, and filter the GET requests out, so you're just left with POST requests, that would narrow it down quite a bit, I should think. Then, for repeat posters, the correlation of multiple postings should allow the investigator to winnow the possible contributors down to one IP address. Of course, you're still left with the problem Judge Wright identified… a customer premises IP address doesn't uniquely identify anyone nowadays. And home routers don't generally keep logs, so the trail ends there.
    But theoretically, you could get reasonably close to street addresses for most postings, IF you had both the server logs AND were able to get subscriber information from the ISPs.

  23. Mysterious Anonymous says

    @James Pollock

    Note that they don't even ask for information that sophisticated or useful, only the IP addresses that "accessed the blogs" and the date and time of access, in an Excel spreadsheet.

    Not even copies of the server logs themselves…

    I'm not sure what your level of technical expertise is, but you were naturally able to think of how to make use of actual HTTP log data, as would anyone else who had some basic ideas of how the Internet works.

    Now, remind yourself that these guys have been litigating cases based on their supposedly infallible forensic network monitoring software, and they don't even know enough to ask for something useful. Honestly I'm kind of afraid we're giving them ideas, but then they don't seem to be very good at learning from their mistakes.

    This really just reeks of general intimidation, or possibly they want to match IPs that visited those blogs to their list of John Doe IPs to single some people out for extra harassment.

  24. That Anonymous Coward says

    @Lucy – Depends on how you define win.
    If you remove the defaults, and the parties who took dives to allow them to get discovery on alleged co-conspirators that number drops…

    @Dies Irae – That stunt's already been pulled. Evan Stone stood before a Judge arguing why he should be allowed to send out subpoenas, when he had already violated the courts instructions to not send them and had been collecting names to engage in "settlement" negotiations.

    This was a stunt, and I would hope that finally they will end up paying a price for what they have been doing.

  25. AlphaCentauri says

    The list of IPs isn't even useful for comparing to their torrent logs unless they happen to match the dates/times. People with dynamic IP addresses may have a different IP address every time they visit. I just check my own user data on a site where I am a mod, and I've logged in from 465 different IP addresses in six years.

  26. James Pollock says

    It's fairly common for broadband ISPs to offer fairly consistent IP addressing, because the router on the customer premises is always on. They won't guarantee you a fixed IP unless you pay them extra, but it stays pretty consistent. YMMV.

  27. Andy says

    @ James, I can only speak for the ISP I work for, so this may not be completely apposite. If the connection drops for a short period of time, then it is likely that you will retain the same IP address, assuming no-one on the same home gateway requests an IP address during the time you were down, otherwise you could get any IP address that has been assigned to that HG. We have multiple ranges starting 31, 81, 86, 217 and 213, so in the space of 20 minutes, you could shoot through quite a wide range, especially if you were trying to obfuscate.

  28. AlphaCentauri says

    I'll admit I'm not typical, since I've used my dynamic IP as a poor-man's proxy service. (I investigate spamvertised websites, and my main target would block me after 10 visits to their websites.) I've learned that if I disconnect for at least 2 minutes from Verizon, I get a new IP address. But I suspect that the downloaders that they are most interested in identifying have learned that trick, too..

  29. Anon_Lurker says

    The lawsuit may have spurred more traffic to the sites, a reverse "Streisand Effect" of visitors in a show of support.

  30. Orville says

    WordPress has decided to fight

    Highlights from the Ars Technica article I linked to:

    In addition to the numerous legal deficiencies that render the subpoena invalid, it is also objectionable on numerous fronts.

    First, it seeks information protected by the First Amendment, including rights under the First Amendment to anonymous speech.
    Second, it violates the right to privacy under the California Constitution and common law, in that it seeks information relating to the websites that consumers visited.
    Third, it is facially (and outrageously) overly broad, in that it is not limited to information related to any alleged defamatory posts, but instead seeks the identity of any person who ever read the blogs in question.
    Finally, it seeks information that is not likely to lead to discoverable information, for the reasons enumerated above.

  31. says

    @Orville: the true and correct text of the email is in my today's post (the original forwarded to me and the author kindly allowed me to publish it).

    @Anon_lurker: kind of. I have 5K page hits a day on average lately.

    3/4 – 15.3K
    3/5 – 9.5K
    3/6 – 7.8K
    3/7 – 7.8K
    3/8 – 9.8K

    While I'm happy about the increased traffic as an awareness proxy, I do not monetize it.

  32. James Pollock says

    "If the connection drops for a short period of time, then it is likely that you will retain the same IP address [but otherwise not]"
    Andy, I made a couple of assumptions, some stated, some not. I'll spell them out.
    First, I assumed that the ISP uses DHCP to assign dynamic addresses to the customer-premises router. Second, the ISP keeps the DHCP server running. Third, the customer isn't in the habit of turning off their router when not in use, AND the router doesn't lock up and require restarting. Fourth, the customer premises includes a router, and isn't a direct connection to a single computer (and even then, the computer may be functioning as a router, with downstream connections.) Fifth, the ISP doesn't periodically force an IP address change, to make sure people who need a fixed address are paying for one.
    Also unspoken in my original comment is the assumption that the customer router even has a public IP. Some ISPs NAT the customer point-to-point networks and implement massive scale web proxy to improve performance.