MIT Students Are Battling With New Jersey Officials to Save Their Startup Company

Out-of-state investigators are looking into whether or not they violated the New Jersey Consumer Fraud Act.

Photo by Margaret Burdge

Photo by Margaret Burdge

Like many startups in the Boston area, the MIT students behind Tidbit, which could one day allow developers to mine for Bitcoins on a client’s computer, in place of advertising space, are facing some initial hurdles.

But the ones blocking Tidbit from launching a beta version of their product are a little bit different from the average legal troubles most entrepreneurs might encounter.

On December 4, 2013, the team of students behind Tidbit were served a subpoena by the New Jersey Attorney General’s office, in connection with a special investigation led by the Garden State’s Division of Consumer Affairs and Office of Consumer Protection. The court order demanded that Tidbit founder Jeremy Rubin and his co-creators turn over sensitive information including source codes, hosting websites, and all of the Bitcoin wallet addresses associated with Tidbit.

The only problem, however, is that Tidbit, run by students, is still what’s known as a “proof of concept,” so much of the information and coding that was requested by New Jersey authorities isn’t even active.

“Typically, legal issues are an unavoidable growing pain for startups. For Tidbit, they’ve arrived quite a bit earlier,” Rubin and members of Tidbit said in a recent letter sent to users, letting them know how the subpoena may impact them. “Our development progress has been halted. From what we understand, we can’t release anything or even incorporate until the subpoena has been settled. Obviously, this is a significant setback. We’re intensely frustrated and are working to resolve the situation as soon as possible.”

Rubin could not directly comment on the case, but referred Boston to his lawyer.

Tidbit first gained recognition during an MIT hackathon in November 2013, called Node Knockout, after they took home top honors for their concept. But even then the team announced that it was nothing more than a preliminary code, as they still needed to work out legal details like drafting a terms of service, and making sure clients could opt-in to the service to allow Bitcoin mining. “Tidbit isn’t fully ready for production use, but 98 percent of the infrastructure is in place,” the group said when they initially created the code.

To help fend off the out-of-state authorities, who were concerned Tidbit may have breached the security of people’s computers through unauthorized access, Rubin and his team enlisted the help of the Electronic Frontier Foundation, or EFF, and their lawyers. The EFF is a donor-funded non-profit that defends free speech, privacy, innovation, and consumer rights in the digital world, according to their website.

In January, the EFF responded to the New Jersey AG’s request for documents and sensitive user information, trying to dismiss the subpoena, even though the request was not a criminal charge, but rather a preliminary investigation into Tidbits activities under the New Jersey Consumer Fraud Act.

Tidbit’s representatives claimed the requests were unlawful because Rubin lives in the Boston area. “Tidbit and its developers have no connection to New Jersey at all. All of Tidbit’s developers, including Mr. Rubin, are MIT students who reside in Massachusetts. Tidbit’s servers are not physically located in New Jersey,” said Hanni Fakhoury, a staff attorney for EFF. “Since the code was never functional, it cannot and has not been used to mine for Bitcoins.”

Fakhoury said Tidbit developers have never received any Bitcoins as a result of the Tidbit code they created during the hackathon. He argued that there was serious doubt that New Jersey officials had the ability to use state law to regulate interstate online commercial activity, since Tidbit’s founders live in elsewhere.

Authorities in New Jersey didn’t care, however, and the demand for documentation pressed on. In a response to EFF’s lawyers, the AG’s office ordered Tidbit to deliver the materials requested in the subpoena by January 13.

When the state still insisted Tidbit comply with the subpoena, EFF’s lawyers moved to quash it in New Jersey state court, and filed a complaint against the office investigating the startup company’s actions.

“[New Jersey] recently used consumer protection laws to secure a $1 million settlement from a gambling website that turned its users’ computers into a botnet to mine for Bitcoins without the users’ knowledge,” wrote Fakhoury. “It appears the state suspects Tidbit of something similar here, despite the fact Tidbit’s code was only a proof of concept that could not mine for Bitcoins, and despite the fact Tidbit was clearly not planning to develop code that mined without a user’s knowledge and consent.”

Fakhoury said he agrees that New Jersey has a right to investigate fraudulent consumer practices within the state, but to extend that investigation out of state, and put pressure on students that don’t even live there, is burdensome.

“The issue is the state thinks [Tidbit’s] being used for some malicious purpose, and we disagree,” he said. “He’s a student, and [Tidbit] got this subpoena around finals. It’s a lot of stress on a young person especially when they’re going to school and everything.”

Fakhoury said no court date has been set in regards to the complaint to quash the subpoena, but he expects it will happen sometime in March. Rubin and his team will not have to appear at the hearing. In the meantime, as they wait to find out next steps, Fakhoury said Tidbit has put everything on hold.

“I think because of the subpoena, and everything outstanding, the better approach is to freeze it as it exists,” he said. “I think we will know more about what’s going to happen at the hearing, but things could go many different ways.”

Until then, Tidbit’s founders are on damage control. “We’re truly sorry if this inconveniences any of you,” they told people that accessed their code. “We don’t know why the [New Jersey] Attorney General is targeting Tidbit so aggressively, but it hurts all of us. As always, we’re working hard to make progress. With luck, we’ll clear up the legal situation and get back to coding.”

To read all of the court filings attached to the court proceedings and correspondence between the AG’s office and EFF, go here.