Image of outside building. Side view.

Five ways the civil courts are fighting back against cybercrime

06 November 2018. Published by Jonathan Cary, Partner

The proliferation of fraud and blackmail offences carried out online has left victims, and the courts, playing catch-up. In a number of recent cases, however, the civil courts have shown that they are adapting to keep pace with the cyber-criminals.

Here are five ways that the courts are addressing the imbalance that exists between victims and criminals who seek to hide behind a veil of anonymity in this digital age. 

Worldwide freezing orders (WFOs) against 'persons unknown'

In a recent cyber-fraud case, the Commercial Court awarded a WFO against 'persons unknown' (ie, the unidentified perpetrators of fraud) for the first time.(1) Injunctive relief against persons unknown is well established in libel cases, but until now there has been no precedent for financial fraud cases. The court extended the existing law in light of the fact that freezing injunctions are often a springboard for other forms of relief which would not get off the ground without bank accounts holding stolen assets being frozen. Once a WFO is made, vital information can then be obtained from banks as to the identity of the account holders by means of Norwich Pharmacal or Bankers Trust orders.

Digital methods of service

The courts have acknowledged the difficulties faced by victims of cybercrime in serving anonymous defendants by conventional means. In recent cases, the courts have approved a number of novel forms of alternative service, including by text, Facebook Messenger and WhatsApp.

Service by data room access
In cyber-fraud cases, it is common for stolen funds to be transferred rapidly to multiple bank accounts in jurisdictions across the globe. Claimants looking to trace and freeze those assets and obtain identifying information about the account holders will most likely need to serve large quantities of information in support of various interlocutory applications on numerous parties in different jurisdictions. To assist claimants with this onerous task, the courts have approved service by way of access to a data room, (2) enabling the claimant to upload documents in one place and to monitor which defendants have accessed those documents.

Service by text
The question of what materials should be served on an unknown person has also been addressed by the courts, particularly in circumstances where an anonymous hacker may use information contained in supporting evidence for nefarious purposes. For without-notice injunctions, the general rule is that the application notice, any evidence in support and any order made should be served on the respondent as soon as practicable. In LJY v Person(s) Unknown (3) the court deviated from the general rule and permitted the applicant to serve the respondent by text (the respondent having supplied the number for an 'untraceable phone' in their blackmail letter). The texts contained enough information to enable the respondent to know the key features of the order and, if they identified themselves, to receive all of the documentation required.

Self-identification orders

In two recent cases,(4) the court made so-called 'self-identification orders' for the unknown respondent to provide a name and an address for service. One might think that no self-respecting cybercriminal would give up their identity on receipt of such an order. Nevertheless, in PML v Person(s) Unknown (5) Nicklin J stated that "few defendants can remain confident that they will ultimately manage to evade identification. If they fail, punishment for contempt of court would then loom large".

Derogations from open justice: hearings on paper and in private

The general rule is that hearings are carried out in public and judgments and orders are also made public, but the courts have shown willingness to depart from those rules when faced with anonymous defendants. In a recent case,(6) the court heard an application on paper where the defendant had failed to engage with the proceedings up to that point. Warby J found that a hearing would merely have added to the expense of the claim without serving any useful purpose. Any measures to reduce expense are good news for claimants, especially as costs are likely to be difficult to recover against anonymous cybercriminals.

In PML, where an anonymous hacker was blackmailing the claimant company, the court agreed to hear the claimant's application for an interim non-disclosure order in private so as not to tip off the hacker who had threatened to publish stolen information about the company if it took legal action.

Construction of new cybercrime court approved

Finally, in July 2018 the government underlined its determination to lead the way in tackling cybercrime by announcing the construction of a specialist cybercrime court on the site of Fleetbank House in London. Funding has been provided by HMCTS and the City of London Corporation and the 18 courtroom legal centre is expected to be completed in 2025.



(1) CMOC Sales & Marketing Limited v Persons Unknown [2018] EWHC 2230 (Comm).
(2) CMOC.
(3) [2017] EWHC 3230 (QB).
(4) PML v Person(s) Unknown [2018] EWHC 838 (QB) and NPV v QEL and ZED [2018] EWHC 703 (QB).
(5) [2018] EWHC 838 (QB).
(6) Clarkson Plc v Person or Persons Unknown [2018] EWHC 417 (QB).