In March, CoinDesk reported on a legal spat between a team of MIT students led by Jeremy Rubin, and the State of New Jersey.
Rubin's team had developed a software system called Tidbit that could allow websites to use visitors' computers to mine bitcoin. In return, the visitors would not see advertising.
However, last December, the State of New Jersey issued a subpoena asking the team for details of its project, including the source code, addresses of bitcoin wallets associated with it, installation logs, and others.
Now, a New Jersey judge is to decide whether the team of academics must hand over details of their bitcoin project to government officials in that state. The legal dispute could be a landmark case for technology researchers everywhere.
The idea behind the project, developed at the Node Knockout hackathon, was to help website owners to monetise their content. Tidbit has since been taken down.
The Electronic Frontier Foundation, a nonprofit civil liberties group specialising in cyber issues, took on Rubin's case, challenging New Jersey's right to subpoena the code.
As part of that challenge, a court hearing took place on Monday (selected legal filings from the case can be viewed at the EFG website).
Rubin was not required to appear in court in person. Instead, the judge took the issue under submission, saying he will issue a written opinion within the next 30 days. The legal dispute could be a landmark case for technology researchers everywhere.
One of the most significant aspects of the subpoena – and the key fact that the EFF is building its case on – is that New Jersey went after a group of students in another state, which the defending attorneys say oversteps legal boundaries.
The EFF initially said that "Tidbit's code is not functional and unable to mine for bitcoins at all".
Furthermore, on its Node Knockout page, the Tidbit team said that 98% of the infrastructure was complete, but that they hadn't connected the service to the P2Pool service that would be necessary to complete the bitcoin mining. "So we currently do not receive any bitcoins," it said at the time.
So why did New Jersey issue the subpoena, or even care at all about this technology?
TidBit in use?
The State of New Jersey argues that Tidbit code has indeed been used – and on sites based in New Jersey.
In a filing on 6th March, New Jersey Attorney General investigator Brian Morgenstern said that "the Tidbit Code was present on at least three (3) websites that were registered and located in New Jersey".
"We've gotten word from some of our Tidbit users that the NJ Attorney General has served them subpoenas requesting information regarding Tidbit. If you get served one, don't worry. Get in touch with your legal counsel."
The EFF seems to have recognised this in later documents. A response, issued on 20th March, acknowledged New Jersey's claims, focusing on the fact that Rubin and his team made no specific attempts to create commercial relationships with people in New Jersey.
"The mere fact Tidbit's code appeared on New Jersey websites is not enough to permit New Jersey to regulate Tidbit – an out of state actor – under the Dormant Commerce Clause," it said. "The State is absolutely capable of regulating and investigating the specific New Jersey websites running Tidbit code. But its powers cannot extend to Tidbit or Mr Rubin."
A source close to the Attorney General's office said that New Jersey isn't yet accusing Rubin of any wrongdoing. The office will occasionally serve a subpoena if it's reviewing matters that come up that may be of concern, but this doesn't involve any public action unless the office ends up filing a formal public complaint.
The source said:
"It was Jeremy Rubin or Tidbit that chose to publicise this when they received a subpoena from the state. It's been out there publicly due to the EFF, but normally we wouldn't be publicising this at all."
Nevertheless, the language used in the State's court filings suggests that an investigation into Tidbit under the State's Consumer Fraud Act is at least a possibility.
EFF attorneys have called this out in legal filings, claiming among other things that the likelihood of an investigation would cause financial harm to Rubin, because he's at risk of civil liability from the State of New Jersey. New Jersey has disagreed.
One crucial question for lawmakers in New Jersey is whether the code was used to mine for bitcoins on visitors' machines without their consent, CoinDesk has learned from sources close to the Attorney General's office, which refused to comment on the record this week.
Hanni Fakhoury, staff attorney at the EFF, refused to comment on the case, other than to talk about the chilling effect of the subpoena on innovation. He made specific reference to a letter, sent to the state on 19th March by MIT.
"The letter submitted by MIT faculty, students and administrators indicates that there's a chilling effect, in the sense that innovators face legal uncertainty about whether their projects will get them in far flung states they have no connection too [sic]," he said.
The letter said that the subpoena "threatens the ability to innovate on our campus and on campuses around the world, including at New Jersey's world class universities".
New Jersey's subpoena will be of interest to legal and entrepreneurial watchers alike, for several reasons. It will have tangible implications for innovation in cryptocurrency activities such as bitcoin mining. But the Tidbit tool also theoretically addresses a long-standing problem for content websites: how to monetise content in an age where competition drives down revenues.
"Tidbit takes on a major problem facing online publishers – the challenge of developing a revenue stream – and offers a new solution", said the MIT letter.
There have been other uses of bitcoin to disrupt traditional payment models for online media, though. The Chicago Sun-Times has successfully tested bitcoin-based paywalls as a means of charging micropayments for its content.
It is also unclear just how practical a tool like Tidbit would be. It isn't the first such project to hit the Internet. BitcoinPlus was offering embeddable browser-based bitcoin mining long before Rubin and his colleagues won their innovation award at Node Knockout.
With bitcoin hash rates so high, and CPU/GPU users all but vanquished from that activity, is there any real utility in these systems? Perhaps, if many hundreds of thousands of machines could be co-opted, although mining for a scrypt-based currency might be more worthwhile.
The judge's decision should be announced by the end of November.