American court hearing recordings and interviews - Season 2. Episode 4. June 9, 2023. In re FTX Trading Ltd., et al., chapter 11 bankruptcy case number 22-11068, audio of hearing held in the FTX/Alameda et al. bankruptcy proceedings pending in Delaware, USA #crypto
Episode Date: June 10, 2023--...
Transcript
Discussion (0)
Please receive.
Good morning, Your Honor.
Good morning.
And may it please the court.
Adam Landis from Landisrath and Cobb on behalf of FTS Trading Limited and its affiliated
debtors.
Your Honor, we're back on the agenda to finish up what we started yesterday in connection
with numbers 7 and 9.
I can report to you, Your Honor, that the parties last night did have conversations with
respect to the JPL's lift stay or request that the state doesn't apply.
There has been no resolution or narrowing of issues sufficient for you not to rule.
So the parties would request that you go ahead and rule.
We don't know if you'd like to go ahead with item 7 and 9 first, or Your Honor would like to...
Yeah, let's finish up the agenda, and then we'll come back to that.
Okay.
Fantastic.
So then we can resume where we were for the ceiling level.
Okay.
Morning, Your Honor.
Good morning.
Isaac Sasson for the official committee on unsecure creditors on the ceiling motion.
Your Honor, I think where we left yesterday, we were going to call our second witness this morning, Mr. Jeremy Sheridan.
For your commission, we'd like to do that.
Okay.
Sheridan, come forward.
You take the stand and remain standing.
Please raise your right hand.
Please state your first name and spell your last name for the court record, please.
My name is Jeremy Sheridan.
Last name, S-H-E-R-I-D-A-A-N.
Do you affirm that you tell the truth, the whole truth, and none.
but the truth to the best of the knowledge and abilities.
I do.
You may be seated, Your Honor.
You proceed.
Thank you, Your Honor.
As a preview, Mr. Sheridan filed a declaration
in support of the ceiling motion at DACA number 1325.
We'd like to admit that declaration as his direct testimony
and supplemented with a brief direct as well this morning.
My understanding is there are no objections,
though the parties reserved the right to cross Mr. Sheridan.
Is there any objections to the entry of the declaration?
Your Honor, I do not.
to the procedure of introducing the declaration, but there are two portions of it that I do have an objection to based on hearsay.
Okay.
Approach.
Yep.
Let me hear the .
For the record, Juliet Sarkesian on behalf of the U.S. trustee.
So in paragraph 18 of Mr. Sheridan's declaration, he has a discussion of the
what happened in the Celsius case, which then references certain documents that were filed.
We do not object to the Celsius documents that were filed on the docket being admitted,
but I do object to this witness is testifying about the contents because the contents speak for themselves,
and I don't believe this gentleman has any involvement with personal knowledge of the Celsius.
Which joint exhibit is the declaration?
Your Honor, it's not a joint exhibit.
It's exhibit.
Okay, I'm going to need a copy because I don't have a fine.
Paragraph are you on now?
Paragraph 18, Your Honor.
Paragraph 18th, at 1.
Okay, and I'm sorry.
Say your objection?
What's the basis for the objection?
My objection is, well, we do not object to the actual court filings in Celsius on this issue coming in,
I do object to this gentleman's testimony about the content.
which speak to themselves and I also don't believe Mr. Sheridan has any personal knowledge about what happened in
Celsius but if I'm wrong about that I can be corrected.
Your Honor, Mr. Sheridan is testifying as his expert capacity as to the general knowledge of what happened in the Celsius case
be allowed to rely on the fact that it occurred and he's drawn supposition from that fact.
I agree. The next one, Your Honor.
honor relates to paragraph 21 of mr. Sheridan's declaration and this relates to the
first two sentences which again appear to be statements that are based on newspaper
reports now to the extent that it's based on his personal experience and the last
piece of the paragraph talks about his experience and I do not object to that
But the first two sentences appear to be testimony based on what is in articles
Newspaper articles and
We object to that as here's saying
Well again, I think he's relying on that as an expert witness to inform his opinion
So I'll vote a little objection. Thank you
So the declarations
Thank you, Your Honor and just for housekeeping purposes in terms of the exhibits to the declaration
We've spoken with counsel and we've only seeking at this point to admit exhibit a a
which is Mr. Sheridan's CV, exhibit I, which are the Celsius pleadings and exhibit J, the Celsius transcript.
The rest of the exhibits were just referenced to aid the reader in Mr. Sharden's declaration.
Okay.
Thank you, Your Honor.
Katie Townsend on behalf of the media intervenors.
I just wanted to make it express that we, of course, reserve the right to rely on any of the exhibits that are relied on by Mr. Sheridan
or attached to the declaration for impeachment purposes.
Of course.
Your Honor, and with that, may I approach and hand Mr. Sheridan a copy of the declaration?
Yes.
Good morning, Mr. Sheridan.
Good morning, sir.
Mr. Arden, can you please describe briefly your educational background?
My education, I have a bachelor's degree from the University of Arizona in criminal justice,
as well as a master's degree from the University of Arizona in public administration with a criminal justice emphasis.
And do you have any specialty certifications?
Yes, sir, as it relates to this matter.
I am chain analysis reactor certified, which is the analytical tool for blockchain analysis developed by chain analysis.
I have expert certifications from the blockchain council, which are cryptocurrency auditor, cryptocurrency expert, and blockchain expert.
I have a certificate from Carnegie Mellon University for chief information security officer.
I have a certificate from Columbia Business School Executive Education, Blockchain for Business.
I'm a certified information security manager through the Information Systems Audit and Control Association.
I also have two certificates from the Global Information Insurance Corporation in Information Security governance and leadership.
I think you mentioned that these relate to this matter.
So all these certifications specifically relate to what sort of type of...
experience. Digital assets, blockchain, cryptocurrency, information security, and cybersecurity.
Right. And could you just please summarize your employment history since you graduated?
Since I graduated from college, I spent a year as a juvenile corrections officer, four years as a
police officer, 24 years with United States Secret Service, one year as the vice president of
regulatory affairs for a private digital asset infrastructure company and the past
three months with FDI consultant.
And for everyone's benefit, what relation does the Secret Service have to
cyber currency, to cryptocurrency or cyber crime or just criminal investigations generally?
The Secret Service has statutory authorization to conduct investigations into financial
crimes of all types as a result of that legal authority, as well as being one of two
agencies listed in the with specific statutory authority in the computer fraud and
abuse act us in the FBI the Secret Service and the FBI we are legally empowered to
investigate financial crimes ranging from traditional financial crimes to digital
financial crimes and at the Secret Service did you work in that capacity and
investigation of financial crimes yes sir throughout my 24 career
year career in a variety of capacities.
And so do you have experience with investigating cyber-based crimes?
Yes, sir.
How long have you investigated cyber-based crimes?
During my 24 years with the Secret Service, I spent times in an investigative role.
In total, it would be seven years as a non-supervisory agent, and then another seven years
as a supervisory agent.
And as part of your investigation of cyber-based crimes,
do you have any experience investigating crimes
that relate to the blockchain or cryptocurrency generally?
Yes, sir.
And how much experience do you have there?
Blockchain and digital assets would be approximately four years.
Have you ever testified before?
I have testified as an expert witness
in front of the United States Congress
on three separate occasions,
twice in front of the House of Representatives and once in front of the U.S. Senate.
What was the nature of that testimony?
Those were related to blockchain digital asset and cryptocurrency investigations.
Thank you.
Do you possess any security clearances?
I have a top secret SCI security clearance.
And what institution granted you that clearance?
Through the United States government, I believe it's Department of Justice.
Great.
And I think I believe you have mentioned this earlier,
But where are you currently employed?
With FTI Consulting.
And what is your title at FTI?
I'm a managing director.
And how long have you held that title?
For three months.
What are your day-to-day job responsibility of managing director?
So I lead our investigations function within FTI.
And in that capacity, I lead teams of blockchain and digital asset investigators,
forensic analysts, consultants who engage in a variety of investigative capacities, everything
from theft, fraud, scam, market valuation, track and trace, and other functions related
to digital assets.
And in your capacity as advisor and FTI, have you become familiar with the facts of this case?
Yes, sir.
So just moving on more generally, based on your experience investigating crimes and cybercrime,
Do bad hackers typically target holders of cryptocurrency?
Yes, sir.
Why is that?
I think largely it's due to the nature of the asset itself.
Cryptocurrency is extremely valuable.
It is global and near instantaneous in its transfer.
It is pseudo-anonymous, and the transactions are irreversible.
So as a result, it provides opportunities
for criminal actors as both means and method to execute criminal schemes.
And do you have any direct experience with fat actors targeting holders of cryptocurrency?
Yes, sir.
Without going through everything that was setting your declaration,
can you just briefly summarize some of that experience?
Yes, so in both my investigative role with the United States Secret Service,
in my private sector capacity in regulatory affairs,
specifically our customer base, as well as in my current role with FTI in investigative functions,
I have led and been part of investigations that relate to the types of schemes I've outlined in my declaration.
Business email compromises that target cryptocurrency holders by means of email communications purporting to be a legitimate business communication.
pig butchering where specific individuals are targeted based on their name and fooled into investing cryptocurrency in incremental ways in order to increase the amount of funds that will be taken from that individual,
romance scams where individuals are targeted and lured into sending cryptocurrency.
to criminal actors, fishing attempts where fraudulent emails, texts, or other communications
are used to deliver malware or malicious payloads to user networks for the purpose of unauthorized
access and account or cryptocurrency credential harvesting, a variety of different criminal
schemes that I've been involved in.
Just to focus on one, pig butchering, for example, would it be easier or harder to target someone
if you wanted to facilitate pig butchering if they were already a holder of cryptocurrency?
It's much easier if they are already a holder by nature of that scheme.
If you're involved with cryptocurrency as the method of profit,
if someone doesn't have a cryptocurrency account or is unfamiliar with the opportunity,
operations of cryptocurrency transactions, you have to instruct them on that, guide them through setting up the account,
explain the basics of the technology to them and so forth, whereas if that individual is already active in the space,
that barrier is removed, and you can get right to the true elements of the crime, which are getting them to
deposit assets into fraudulent accounts.
Got it.
And are crimes involving blockchain and our cryptocurrency different
than those involving traditional or fiat currency?
Yes, they are different.
And how so?
Well, one, as the reasons I listed in one of your previous questions,
the nature of the technology itself is the primary reason.
But there is also an element
of distance between the criminal actors
and the targets in these cases.
You've finally broken loose from work.
Three friends, one tea time, and then the text.
Honey, there's water in the basement.
Not exactly how you pictured your Saturday.
That's when you call us, Cincinnati Insurance.
We always answer the call,
because real protection means showing up,
even when things are in the rough.
Cincinnati Insurance. Let us make your bad day better. Find an agent at CINFIN.com.
Sophisticated in the technology. Use that to their advantage to prevent detection or identification or judicial consequence, retrieval of funds.
And certain objectors have argued that cryptocurrency users are in fact more sophisticated and so are less likely to fall prey to cyber crimes.
Do you agree with that statement?
I do not agree with that characterization.
I think by very nature of the data shown in the amount, both in valuation and volume of cryptocurrency fraud scams and crimes that continue to occur.
It demonstrates a lack of sophistication on a high volume of users.
I also think that there is a mantra in digital asset investing, cryptocurrency investing,
of not your keys, not your crypto, which is meant to say that if you don't possess your private keys
singularly in some type of cold storage or non-online type of mechanism or storage device,
then you don't truly have access to your crypto.
And what we see most consistently is that the crimes that are occurring are people who surrender their keys to a exchange or other platform or through a lot of the schemes that I've identified.
They surrender their keys by being fooled into doing so or by some type of investment approached by them because they're focused on the return and promises of quick.
profit from their investments, which is not truly what the technology and the assets, how they're
intended to function in terms of a security protocol and a secure mechanism of possessing private
keys.
In your opinion, FTX users specifically, would they be an easier or harder target for cybercriminals?
My assessment is they would be an easier target.
population of users was you specifically marketed to as an easier and less
technical customer which it appears tracked at a very high volume of those
individuals who in fact surrendered their keys as I described earlier to the
exchange and did not truly have this full security control of their accounts I
I think by nature of their focus solely on the return on the investment as opposed to the security of the investment,
these individuals do not demonstrate a high level of technical awareness or security focus related to their assets.
When you say these individuals, are you talking about all the individuals on FTX?
I wouldn't be able to speak to all individuals, but as the majority of the population certainly appears,
to have willfully surrendered their keys and their access to their accounts in the investment.
Switching gears for a second.
In your experience, would simply having an individual's name,
but not their home address or email address,
be enough for a bad actor to identify them and perpetuate a cybercrime?
Yes, sir.
I think that is the entry into that ability.
Why is that?
I don't think in today's day and age,
people exist solely as names. Names are connected to a wealth of information that is available
in publicly available places that is provided voluntarily or just by record-keeping mechanisms of
these individuals. And I also think criminal actors in the cyberspace related to digital
asset crimes are very well versed in non-surface web methodologies that provide a host of information
about individuals.
And what I mean by that is the surface web is 4% of what you and I see in our daily lives
of Google and other publicly available search engines.
The other 96% is deep web or dark web marketplaces that traffic in illicitly.
obtained information about individuals that can be as a fee for service used to link individual
names to actual people provided using information that is already available in these dark
led marketplaces.
Let's say for example you had my name but nothing else.
How would you go about correlating other personally identifiable information?
So I would do it in those two broad lines of effort.
the publicly available public records that are list your name use that to corroborate and
correlate to any online profile or persona that you have created these are the more voluntary ways
that you've done through your social media profile everything from facebook to LinkedIn to
Instagram I would then delve into the dark web options that have these
fee-for-service trafficking in personal information and start to build my portfolio of you
with those methods and start to identify you as an individual beyond just your name.
And would that be difficult to do?
Not in my opinion, sir.
Why not?
Because of the volume of information that is out there in publicly available records,
in the information that is voluntarily provided by most everyday people.
as well as the volume of information that has been released on the dark web through the number of large volume hacks that have occurred.
Everything from the Target to LinkedIn to Yahoo to Marriott, there is a very high volume of personally identifiable information for purchase on the dark web that can be used to connect individuals from their public online digital fingerprint.
Now, to add to that hypothetical, let's say you also knew that I was a cryptosurricular.
Would that make it easier or harder to find out other personally identifiable information about me?
Yeah, any piece of information helps to make that picture clearer, especially financial information, especially cryptocurrency information, because it is publicly available on the blockchain, and you can research transactions using publicly available and free tracking methods.
So if I know that you're involved in cryptocurrency, I can start to do that.
to research you through different exchanges,
different communications you've put out,
different purchases, understand what your spending profiles
are, understand what type of tokens you utilize,
see what you're posting online about your activities
related to cryptocurrency, and then start to actually
search on the blockchain for specific transactions
that match up with timelines, amounts,
transactions that you may be communicating.
Just to add that,
Let's say you knew that not only that I was a cryptocurrency user, but I was an FTX user and the coins I had held in my account as of the petition date. Would that make it easier or harder?
Yeah, any piece of information makes it easier. So knowing what exchanges you're involved in, the types of coins, the dates you're transacting, all of those at a level of specificity that will help to verify, you are in fact the person that I am researching in these other venues.
Are you generally familiar with the Celsius Chapter 11 cases?
Yes, sir.
And based on what you know about the case,
can you describe what happened to the Celsius retail customers
when the individual names were disclosed?
Yes, sir.
Those names were compiled and placed into an interactive,
searchable Excel spreadsheet that was put online
through Celsiusnetworth.com.
once that spreadsheet was put online anyone was able to access it, identify the individuals,
identify the amounts associated with them, and conduct research from that spreadsheet.
And did anything else occur in Celsius with respect to the person that identified information?
I know there were multiple reported incidents of fishing, business email compromised,
other types of criminal schemes that targeted the individuals listed in that spreadsheet or in those
names that were released. Based on your experience, do you believe that similar attempts
would occur here if the individual customer names were publicly disclosed? Yes, sir.
Do you perceive a higher or lower risk of attacks in this case than the Celsius case?
I think there's a much higher risk related to this case because of the prominence of the case,
the notoriety of the case and also where the industry is at this particular time in the overall
market backed by, you know, I think one thing that's very different about the cryptocurrency
environment is the crypto-twitter nature of how information is communicated in real-time
instantaneously and with a focus and intensity that doesn't exist in other markets.
Putting aside the cryptocurrency bankruptcy cases, just generally between a cryptocurrency
bankruptcy case and a regular Chapter 11 case, or even this case in a regular Chapter 11 case,
do you perceive a higher or lower risk to cyber schemes and attacks on personally identifiable
information?
Again, much higher in this case, by nature of the crypto-Twitter universe, as I explained
it.
There is not a bankruptcy Twitter.
bankruptcy Twitter club or population, if you will.
There's not a Best Buy Twitter handle.
There is crypto Twitter, and that feeds information
and really accelerates the way that different approaches
and perspectives are shared.
And I think there's also a much higher visibility
in this case than other bankruptcy proceedings.
Last couple of questions.
In your experience, with disclosure
customer names in these bankruptcy cases subject customers to significant harm?
Yes, sir.
And just last question.
According to some objectors, crypto users are just like anyone else, and to quote,
sometimes scammers target them, and that is just a fact of life.
Do you agree that subjecting yourself to constant scans and potential harm is just something
that everyone needs to live with?
Not at all, sir, and I think that type of casual and dismissive approach
to this being just something that happens is not reflective of the true harm
and causes and particularly in this case for the reasons outlined cryptocurrency itself
the high-profile nature of FTX the crypto Twitter highlighting and exacerbation of
the events here as well as the way the industry does not have similar protections
backstops centralized regulatory structures or a level of protection that traditional
finance or other schemes may have makes this a much more significant risk and harm
to those involved thank you mr. shard your honor no further questions that's
time thank you one else was to ask questions in support good morning your
honor for the record David Wender would ever shed Sutherland on the half of the
ad hoc committee of non-U.S.
commercial. Good morning, Mr. Sheridan. Good morning, sir.
Just hopefully just a few questions. Though good portion of your declaration and
testimony today focused on the potential harmed individuals, that same harm is
also subjected to on corporations and business entities, correct?
Possibly, sir, yes, sir. In fact, in your declaration you talk about that you have
experience on ways that businesses are also impacted by this. Is that correct?
Yes, sir.
Great. And in fact, Exhibit P to your declaration, and if you need to look at it, although I'm just going to look, it's really paragraph 23, talks about the biggest data breaches of the 21st century. Those were all companies, right?
That's correct.
And Exhibit Q, where it talked about the biggest crypto heist, those are also companies, not individuals, right?
The crypto heist one, I don't have off memory, can you refer to it?
It's Exhibit Q, and it's not, just looking at it quickly, and I can even highlight it as well.
it's 17 biggest crypto heist of all time and it's exhibit Q your declaration and it lists
Mount Gox or geox I never pronounced that correctly that's a that's an entity right and if I went
through all them I don't see an individual's name there huh tap 18 sorry okay I thought
that is tab by letters the only distinction I would make sure is that I think while the data
breaches are companies the crypto heists are of wallets within those companies that are
associated with individuals and that may be just parts of words but they were held in
centralized locations of exchanges so yeah but those affected entities but then
also in turn potentially their customers they're individuals and other entities
support right yes because when hackers attack a business entity they go off to the business
information at times correct yes sir and then also for example customer lists of
their own people employees and alike so individual information is also at times
attacked by hackers when they go after corporate entities yes sir and then you
talked about here where it's the involvement of individuals and their names were
such that people could identify them and be able to target them more specifically
Now, if a customer had the list both their name, their address, and their holdings, that would make an easier target, right?
Significantly, yes.
Okay. Thank you for that.
Now, and you talked about business email compromise earlier, part of your declaration.
So in a business email compromise, are they more effective if someone first obtained access to a corporate network?
Does that question make sense?
It makes sense.
I would say I wouldn't classify the business email compromise as more effective.
I would classify account spoofing as more effective.
It's a different scheme.
But the point of your question is the business nature.
If you obtain access to, as I've seen in cases I've investigated,
the domain name server of the business, you can then spoof that.
You've finally broken loose from work.
Three friends, one tea time, and then the text.
Honey, there's water in the basement.
Not exactly how you pictured your Saturday.
That's when you call us, Cincinnati Insurance.
We always answer the call, because real protection means showing up,
even when things are in the rough.
Cincinnati Insurance, let us make your bad day better.
Find an agent at CINFIN.com.
that but then it is easier and in that situation to once you spoof to use your
term hopefully correctly then you can get access to individual information and
their assets in furtherance of their their hacking their schemes is that correct
that happens at times yes sir thank you nothing further anyone else in support
okay cross this is water not coffee I don't want you to be worried on like
spilling things coffee and water both spill but that's all right
It does less harm, I suppose.
For the record again, Julie, it's Rekish on behalf of U.S. Trustee.
Your Honor, before I commenced my cross, I think, and maybe I missed this,
but it's my understanding that Mr. Sheridan is being offered as an expert witness.
I'm just not sure that that was distinct expressly stated, and I just want the record to be clear on that if that is the case.
It doesn't need to be stated, but yes, he is.
Okay, well, normal procedure would be if you got an expert, qualify them.
I say that they're an expert witness, and then you get elicit the testimony from it.
You didn't follow that, but that's fine.
I don't have any issues.
I think his qualifications are absolutely clear that he's an expert in this field,
so I have no problem with recognizing him as an expert in the field.
Yes, Your Honor.
I'm not objecting to him being an expert.
I just wanted the record to be clear that that was how he was being qualified.
Okay, sir, I have, let me start, I have a few questions.
First of all, good morning.
Good morning, ma'am.
I have a few questions.
I'm going to start with your declaration.
And really, this is for, I'm asking questions, so I can better understand, have better clarity.
I'm the first thing, and I'm not sure how significant this is, but you talk about in paragraph four,
you say it the last sentence, is I possess a top secret slash sensitive,
compartmented information security clearance.
And my question is, is that you're no longer working for the government, correct?
I'm sorry, ma'am.
You're no longer an employee of the government, is that correct?
That's correct.
So do you still have the top secret slash sensitive compartmented security clearance?
Yes, ma'am.
And how long will that last work?
Another three and a half years.
is that you go through five-year periodic updates.
Which I am familiar with.
I think I'm a government employee.
Yes, ma'am.
Mine was shortly before I retired,
and so just based on the timeline.
Thank you.
With respect to, if you could maybe turn to paragraph 10 of your declaration, please?
Yes, ma'am.
Okay, so the first sentence says,
the odds of success for identity and asset theft crimes are increased even further
if they're committed against vulnerable persons,
such as the debtors' customers in these Chapter 11 cases.
Do you see that?
Yes, ma'am.
So my question is, how about individuals who are not customers of the debtors
but are other types of creditors in these cases?
Would knowing that such an individual was a creditor of FTX,
not a customer, but some other kind of creditor,
would that make it more likely that they could be a victim of identity theft
than any other person?
If I knew someone was a creditor in some other proceeding,
I would need to know the full circumstances.
The line of thought behind that statement in paragraph 10
is based on my knowledge of FTCS, the amounts involved,
the steep, contradictory way in which that exchange,
went from the most prominently secure and qualified custodian to one that was accused of committing acts of fraud with customer funds.
I think when an individual invests in something that they are very confident in, that turns out to be the exact opposite of that set of circumstances, and there is high valuation involved, that creates a,
opportunity and a vulnerability that could be exploited so I would need to know the
full circumstances of the other situation you're asking me about what you just
testified to would apply just to cost actual customers of FTX correct the way I
have it described yes turn to paragraph 15 of your declaration please which
deals with the term cake butchering yes ma'am so and this question may relate to
some other provisions in your declaration as well.
But do you have an understanding, I assume you know what a cold wallet is, correct?
Yes, ma'am.
Okay, could you explain what that is?
There's a wallet that is not connected to online functionality.
So as I referenced earlier, you can store your wallet information, your private key, public key, seed phrase, and wallet addresses in a
medium usually USB type device that is not connected to online internet.
Do you have an understanding of whether in these cases the debtor's current management
has transferred all customer accounts into cold wallets? I may not be saying it exactly correctly,
but do you have an understanding about that?
I do not know what storage methods are being used by FTX.
Is that what you're asking me?
Yes.
I do not know how they are storing customer funds.
If customer funds are being, in any situation, are being stored in a cold wallet,
does that make it more difficult for a bad actor to access that account, even if they have the person's name?
to access the funds in the wallet.
Yeah, there are funds in the account.
Yes, ma'am.
Cold wallet storage is a much more secure way to store digital assets.
So if a bad actor, even if they knew a name of a customer,
they would not be able to break into a cold wallet to steal money out of the customer account.
Is that correct?
I wouldn't characterize it that way because many of the cryptocurrency fraud,
involve manipulation of individuals and once you know that individual and can engage
with them you can manipulate them into accessing their cold wallet putting it in a
warm or hot state online and then harvest their credentials conduct these
types of schemes by having them bring their cold wallet into a hot or warm
state. Are you talk when you're talking about the individuals that the the wrongdoer is contacting,
do you mean somebody who's an actual customer, that they're getting that customer, they're
manipulating the customer to get access to the cold wallet? Yes, in a general sense. If the customer
doesn't have access and can't get their cold wallet, that manipulation would not work, correct?
Yes, if the customer can't get their funds,
you can't manipulate them into using their funds or submitting their funds for criminal purposes.
That's correct.
Thank you.
Now, you had, I'm jumping now for a minute to your live testimony today.
You testified, I think you testified that FTX customers prior to the bankruptcy had turned over keys to their account to wrongdoers.
Did I understand that correctly?
No, ma'am.
Okay.
All right, so you don't have any knowledge as to prior to the bankruptcy whether any FTX customers were the victim of some, you know, wrongdoing where they were manipulated into turning over their keys or any other way to access their accounts?
I do not have information about specific FTX customers.
If you could please turn to paragraph 20 of your declaration, please, which concerns S-I-M swapping.
Yes, ma'am.
And then go down to, I won't focus you on any particular sentence, but this, the S-I-M-swapping has to do with cell phones, correct?
Yes, ma'am.
Sim-swapping.
Okay.
Okay.
Does this method work if the individual has an account, again, does not have access to it because it's in a cold wallet?
So I think the distinction I would make is that the specific funds in that cold wallet,
the answer would be the same as your previous question.
They would not be able to the target does not have access to those funds because they're in a cold wallet that the target cannot obtain.
However, there are other criminal schemes that could be executed beyond those specific funds.
that individual had assets in other wallets, other hot wallets, or other locations.
Paragraph 22, if you could please turn to paragraph 22 of your declaration.
Yes, ma'am.
So the first sentence says,
beyond the potential for physical harm, emotional distress, cyber threats,
kidnapping, stalking, and bullying that could occur,
malfactors could likely determine the physical address of the debtor's customer
as a result of disclosure of individual customer names.
Do you see that?
Yes, ma'am.
My question is, with respect to the physical address,
is it any easier to find a person's physical address
knowing that they happen to be a customer of FTX
as opposed to getting the physical address of any other person?
I think that whatever the source of information is,
whether it's a customer of FX or others,
the description related to this is the harm that would come because they're a customer of FDX.
And this, as I, for ease of communicating the idea, this crypto-twitter idea about very public, vocal,
elevated and heightened type of instant communication surrounding cryptocurrency holders,
cryptocurrency events, especially events of this nature and magnitude.
So just to be clear, the fact that somebody was a customer of FTX, coupled with just their name,
does not make it easier for a wrongdoer to find their physical address,
as opposed to any other individual who's not a customer of FDX.
I think if you have the fact that they're a member of FDX,
that's a piece of information.
If I simply have your name and no other information
versus having your name and you're a customer of FDX,
coupled with the amount of your account transaction volume
with the type of token that you're engaging with in FTX,
or utilizing as a customer, those pieces of every piece of information is an asset in my investigation
to identify.
So customer of FDX, yes, that's a piece of information that I now can use to research
chat forums, transactions on the blockchain, other types of investigative material related
specifically to cryptocurrency that may be a value to help me identify, as opposed to just name
and no cryptocurrency engagement whatsoever.
Right.
I understand what you're saying, but I don't think you're actually, I don't know that you've
actually answered my question.
My question is very simple.
Okay.
For somebody who's a wrongdoer, is it easier to find an individual's physical address
knowing that they're an FTX customer than some other individual who's not an FTCS customer?
Yes, ma'am.
It is easier to find their physical address, just knowing that you're an FTX customer?
Yes, ma'am.
Explain to me how that is.
Not other information, but just their address, your physical address.
And I'll try and explain it a different way.
I apologize if I, in my previous answer, I didn't.
Knowing you're an FTA.
So I would not stop there with the name Jeremy Sheridan in FTC's customer.
If my investigation stopped there, I would submit that.
your question is yes, that wouldn't help me at all.
But knowing that you're an FDX customer,
I know you're going to be involved in cryptocurrency.
I know you're going to have...
You've finally broken loose from work.
Three friends, one tea time, and then the text.
Honey, there's water in the basement.
Not exactly how you pictured your Saturday.
That's when you call us, Cincinnati Insurance.
We always answer the call,
because real protection means showing up.
even when things are in the rough.
Cincinnati Insurance.
Let us make your bad day better.
Find an agent at CINFIN.com.
I'm supposed to just the name Jeremy Sheridan.
It gives me a piece of as an investigator,
taking those pieces of information
and other pieces of information to build.
It's anonymous in doing these crypto transactions.
Isn't that correct?
I think anonymity and cryptocurrency is a misconception.
It is pseudo-university.
anonymous, but it is also publicly available accessed digital cryptographic transactions that occur
in public open space that anyone can access at any time.
So it is in many ways contrary to an enemy.
I understand.
I want to go to your the live testimony this morning in response.
to counsel for the ad hoc committee.
And he asked you some questions about harm to corporations
who are customers.
But he also asked you, if I understand correctly,
he was tying together a situation in which
a corporation is the FTX customer,
not the employees of the corporation,
but the corporation is an FTX customer,
and that that can resolve.
in some harm to the employees of that company even if they are not themselves
FTFX customers.
Is that correct?
I answered those questions based on customers of that company, not employees of that
company.
Is that your question?
Oh, customers of, customers of a company that's customers of FTX?
If a company is a customer of FTX.
Then who is it that's going to be harmed other than the customer of FTX?
Downstream customers of that company.
Okay.
And how is that?
A company does not exist in a vacuum, in my opinion.
It is comprised of customers who engage in the business operations of that company.
So if a company is involved in FTX and through investment, I would have to know the circle
of their business operations, dealings, and connections, but if I could identify individuals
who were customers of that company, I could then, in similar ways to the individual customer
names, start to build a profile of those customers and execute similar criminal schemes
of the customers of that parent company.
So let's say you have two companies.
One is company A.
They're a customer of FTCS.
You have company B who's not a company.
customer of FTCS. Both A and B have their own customers.
Yes.
Knowing that company A is a customer of FTX, does that make it any easier to figure out who
companies A's customers are as opposed to company B's customers?
My answer would be similar to your previous question about individuals.
It's another piece of investigative information that possesses publicly available
blockchain information about financial transactions that I could potentially use to
identify individuals who are engaging in those business activities.
If a company is engaging in transactions, not currently,
but prior to bankruptcy, was engaging in transactions on the FPX format,
the cryptocurrency, how is that providing any information about their customers?
I would have to know the circumstances of it in a vacuum if it's just the company name.
it would take additional investigative steps.
But similar ways, as I've described before,
if it's a company that is investing in crypto assets
that are being placed on FTX,
and then I can investigate that company
and identify through open source information
or dark web information, vulnerabilities in the company,
individuals posting about the company,
individuals communicating about their crypto transactions
with the company,
there are possibilities and ways to identify individuals who are engaged in those activities.
It's another layer of distance from an individual speaking without true specifics about all of the details.
It's hard to be more concrete, but it is possible to build that type of identification.
Isn't it also true, it's possible to go, again, take a company that's not an FTCS customer
and go to their website, find out things about them,
do all of the things you're talking about on the dark web,
and find out information about their customers as well, right?
Objection, Your Honor.
He's answered this question two or three times now.
No, ruled. You can answer anything.
That is possible, yes.
I believe those are all of my questions at this witness,
I'm going.
Thank you.
Good morning, Mr. Sheridan.
My name is Katie Townsend.
I'm one of the attorneys representing the news media interveners.
the New York Times, Wall Street Journal, the Financial Times, and Bloomberg in this matter.
Good morning, ma'am.
I'm going to do something similar to what Ms. Sarkesian did, which is,
and I'm going to start with your declaration and then move to some questions from your live testimony today.
You testified that you're the managing director, a managing director, excuse me, at FTI Consulting.
Is that the financial advisor for the official committee of unscured creditors in this matter?
FTAI consulting as a whole.
Yes.
Yes.
To simplify things, by the way, if I use the phrase official committee,
you'll know I'm talking about the official committee of unsecured creditors, correct?
Yes, ma'am.
And if I use the word or the term individuals,
you'll know I'm referring to natural persons and not entities, right?
Yes, ma'am.
Do you know the identities of any individuals who are members of the official committee?
No, ma'am.
Do you know the identities of any individuals who are among debtors top 50 creditors?
No, ma'am.
Do you know the identities of any individuals who are customers of the debtors
whose names have been redacted from the filings in this case?
No, ma'am.
You testified that by combining the name, oh, well, let me do it this way.
Do you have a paragraph 9 of your declaration in front of you?
Yes, ma'am.
You testified in this paragraph, you state that by combining the name of an individual with other publicly available sources,
a malefactor will be able to harvest a full biography of a person, what you refer to as a dossier.
That's true of anyone, isn't it, not just the creditor customers of debtors in this case?
Is it true that a criminal actor can create a dossier of any individual they're trying to target?
Yes.
I wouldn't say it's true of anyone.
I think you need corroborating information, which in today's day and age is generally easy to find.
I mean, is there someone who's completely removed themselves from the ability to do that?
It's possible.
Is that because how much...
How much information is available about a person from publicly available sources varies by person?
Yes, some people are easier to build that than others, yes.
You don't know what, if any, steps, any of the customers of the debtors whose names have been redacted from the filings in this case have taken to limit what information is available about them from publicly available sources, do you?
I do not.
Would you say that a data breach involving an individual's data could increase the likelihood
that someone will be targeted by an online scam regardless of whether that individual
holds cryptocurrency?
That's accurate.
And information obtained through data breaches involving, I think you gave the examples of Yahoo,
LinkedIn, Facebook, Marriott, there are you.
They're not going to include the data of anyone who didn't use those services, correct?
I don't know that for sure what type of data was released in each of those instances.
In other words, if the Facebook data breach involved an individual user plus their contact list,
then that would be individuals who are greater than the specific individual whose data was breached.
Does that make sense?
That does make sense.
So if I understand it correctly, to the, it depends on the nature of the information that
was involved in the breach.
Yes, ma'am.
Okay.
But let me say it this late.
Hypothetically, if it did not involve a data breach of, let's say Facebook, did not involve
the contact information, an individual's contact information, an individual Facebook user's contact
information.
that data breach have captured information of individuals who are not users of Facebook?
Again, it depends on the nature of the breach. If the breach involves into administrative
or accounts on that individual's profile, then anything that individual has accessed to include
other individuals. You know, if this individual that was targeted serves in a data process
capacity or somehow stores information of other individuals or financial information of other
individuals within their network or on their system and that data breach compromised that.
In other words, it's not just a data breach about your name or your personally identifiable
information, but it's a data breach of your system and your administrator access to your
entire files, then the data breach could be much larger.
You don't know what steps, if any of the customers of debtors whose names have been redacted
in this case have taken to protect information that may have been compromised in a data breach,
do you?
I do not know that information.
There are ways for individuals who learn that their information may have been compromised
in a data breach to seek to protect that information, aren't there?
Yes, the number one rule in protecting yourself online.
is not to put your name or other identifiable information out there.
So, yes.
Can you take a look at paragraph 10 of your declaration?
Yes, ma'am.
You testify that the odds of success for identity and asset death crimes are increased.
If they are committed against vulnerable persons, such as the debtors' customers in these Chapter 11 cases,
whose circumstances provide greater opportunity to or reduced defense against the malefactor.
Can you tell me what the basis is for your assertion that any of the debtors' customers are vulnerable persons?
Similar to my answer before, it is a assessment based on the very quick change that FTX's prominence and reported,
offerings to customers demonstrated in this case.
In other words, FTX was seen as the pillar and strength and shining star of the cryptocurrency industry.
And I think it generated a lot of trust, safety, and security in its customer base that was quickly changed based on the nature of this, of everything.
occurred and so I think when someone encounters that type of violation for lack of
a better word they are in what I would consider a vulnerable state especially in
financial circumstances so is it fair to say that it is the fact that they're
involved in this bankruptcy proceeding that in your view makes however many
of the debtors approximately 9 million customers who are individuals more
vulnerable to potential scans can you repeat the question sure trying to do
this as best I can in your view is it just the fact that these individuals are
involved in this bankruptcy proceeding that makes them in your view more vulnerable
I think the totality of circumstances and considerations in this case make them more vulnerable.
This is one element of it.
Can you explain that a little bit?
When you say the totality of the circumstances, you're referring to the fact that they're FDX customers only, or is there something more?
I'm just trying to get to the basis for your understanding as to why these customers are more vulnerable.
Yes, if I understand your question correctly, why do I consider these customers more vulnerable?
Is that?
Right.
Again, because they were in a business and financial situation that was considered to be very secure, very safe,
something that would result in a profitable and income earning opportunity
that very quickly, very publicly, very steeply, those circumstances changed to be the exact inverse
of that.
And when you, in my opinion, deal with that type of...
cognitive dissonance between what you expect and what reality presents.
It creates a situation in which you may be more willing to seek ways to correct that.
And that is an opportunity for criminal actors to take advantage of that perspective, that position,
or that mental state, and may make those individuals more vulnerable to the types of
cyber crimes I've described.
In your view, does do all, start that,
in your view are all of the something close to 9 million
customers of FTX equally vulnerable because of their
involvement with FTX?
I think they're all equally vulnerable, not necessarily
because of this mental state if you're focused on paragraph 10.
I think they're all equally vulnerable because of the increased
risks in the situation, the circumstances I've described, the nature of cryptocurrency, the public
profile of this case, the inflammatory nature of crypto Twitter, the lack of institutional and
traditional financial backstops and provisions and protections that are in place.
I think they're equally vulnerable for all of the circumstances, not just what's described
in paragraph 10.
Well, is paragraph 10 intended to be referring to the customer's mental state?
Because the last sentence of that says some of the debtors' individual customers may be vulnerable due to the monetary losses they have experienced.
The vulnerability in this specific paragraph, paragraph 10, is a perspective and I wouldn't disagree with the characterization of mental state, but what I mean in that last sentence is that mental state and that
perspective of victimization and intent to correct that victimization or recoup from those losses
if your losses are higher or the valuations you have placed at FTX that are now
not available to you I would I am presenting that that creates a potentially higher level
of vulnerability because of the valuations involved
You testified earlier that you don't know the identities of any of the debtor's customers whose names have been redacted from the filings in this case.
So is it fair to say that you don't know the financial circumstances of any of those individuals?
That is correct.
In preparing your testimony today, did you, or your declaration, did you attempt to determine whether or not being involved in a bankruptcy proceeding outside of the cryptocurrency context makes an individual more vulnerable to attempted identity and asset that?
I think those circumstances in my opinion are different than this situation because of the cryptocurrency element.
So I did not.
You did not.
Is it fair to say that in your opinion the most relevant types of online financial fraud scams here are business email compromise, romance scams, pig butchering, fishing attacks, and account spoofing?
I don't think you listed sim swaps, which I would add to that list.
Okay.
That's certainly not an all-inclusive list.
I think those are the ones with which I have the most personal experience of conducting
investigations related to cryptocurrency schemes, which is why I listed.
Okay.
Can you look at paragraph 13 of your declaration?
This refers to business email compromise scams?
Yes, ma'am.
Is that sometimes also referred to as an email account compromise?
I would not refer to it as that.
You've never heard that?
I've heard of email account compromise,
but I don't equate it to business email compromise.
What's the difference?
An email account compromise could just be unauthorized access
to your individual email for a variety of reasons,
maybe not necessarily financially motivated.
It could be just to find information about you,
a stalking case or some other way to obtain information on you.
Business email compromise is specifically intended to misrepresent a business transaction
or operation in email format and target an individual for the purpose of illicit financial gain.
I see.
Can a business email compromise scheme target anyone with an email address?
Can it target anyone with an email address?
Yes.
Yes.
Business email compromise scams are not unique to the cryptocurrency context, correct?
That is correct.
In preparing your declaration or your testimony today, did you review any data or research
comparing how often known cryptocurrency holders are targeted with business email compromise scams
versus how often individuals who are not known cryptocurrency holders are targeted with that kind of scam?
I did not make that distinction, though.
And similar question, slightly different.
In preparing your declaration or your testimony in this matter,
did you review any data or research comparing how often known cryptocurrency holders are victims of business email-compromised scam
versus non-cryptocurrency holders.
Again, I didn't make comparison between cryptocurrency holder and non-cryptocurrency holder.
My assessments are based on the cryptocurrency holder information being more substantive and fruitful
for identifying individuals for criminal schemes.
So you're not aware of any data that shows that crypto-suitful.
currency holders or are more likely to be victims of business email compromised scams than non-cryptocurrency
holders are you I believe the chain analysis report does make
crypto-specific statistical determinations but I don't have those memorized or or part of my
information yeah
Why don't I show you what I think is what you're referring to?
A 2023 crypto crime report dated February 23rd is attached as Exhibit E to your declaration?
Yes, that's what I'm referring to.
Do you have a copy of that or do you need a copy?
Yes, ma'am.
You do have a copy?
Yes, ma'am.
Your Honor, do you need a copy of?
copy of?
I have it.
So you indicated that this
report
well, let me ask you this first.
What's chain analysis?
It's chain alices.
Excuse me, chain alices.
What is chain alices?
They are
a investigative
company that
provides data
on all types of
crypto operations, everything
from transactions to criminal
activity and in between they also are a third-party supplier of a blockchain analytics tool called
Reactor that I referred to in my credentials and Reactor is a searchable engine that allows you to
identify cryptocurrency transactions and use that for attribution of individual users.
Did you have the involvement in preparation of, in the preparation of this, of this
report? No, ma'am. Is this report one of the documents that you relied on to prepare your testimony in this
matter? I read this report as part of my job for all functions that I do related to crypto
investigations, not specifically for my testimony. You indicated that this report has data that
shows how often cryptocurrency holders or known cryptocurrency holders are targeted with
business email compromise schemes versus non-cryptocurrency holders.
I realize it's a big report, but can you point this to me?
I want to make a clarification on that.
This report documents and reports on
cryptocurrency crimes of which business email compromises are one of them if I remember the category.
From there, it would be possible to make the distinction you're asking me about
business email compromise crimes that involve cryptocurrency, which I would get from this report
to DOJ's FBI's Bureau of Statistics about business email compromise in general.
I wasn't saying that I could go to this report and make that decision.
I could use this report for data in order to then make that distinction.
Okay, I misunderstood.
So sitting here today, you can't speak to the difference between how much more frequently
a known cryptocurrency holder is a victim of business email compromise scam than a non-known
cryptocurrency holder.
I could not give you that data.
Can you turn to exhibit D?
Exhibit D of the declaration that you proffered,
let me know if you, I think you have a copy
of everything or you don't have a copy.
Yeah, I just need to know the tab, please.
Tab five.
Yes, ma'am.
Can you tell me what this is?
This is a business email compromise report
as published by, I think this was an FBI advisory.
And you, is this one of the documents that you relied on in preparing your declaration?
Yes.
If you look at paragraph 13 of your declaration, there's a site to that, and I believe a quote from this document in the last sentence of paragraph 13.
Do you see that?
Yes, ma'am.
Your declaration, the last sentence reads, knowledge of the target's personal details.
is integral to the execution of this scheme referring to the business, you know, a compromise scheme,
such that the Federal Bureau of Investigations first recommended safeguard against them is to be careful
with what information you share online. Dot, dot, dot. Do you see that? Yes, ma'am.
If you look at the document that you cited to Exhibit D.
Yes, ma'am. The last part of that, that,
FBI proviso says it's the first I think bullet point under how to protect yourself
do you see that yes ma'am and it indicates by openly sharing or it states be
careful with what information you share online on social media by openly sharing
things like pet names schools you attended links to family members and your
birthday you can give a scammer all the information they need to guess your
password or answer your security or answer your security question.
When you stated in your declaration that knowledge of the target's personal details is integral
to the execution of a business email compromise scheme, are those the kind of personal details,
pet names, schools attended, birthdays that you were referring to?
Those could certainly be helpful in a business email compromised.
Business email compromised details, however, are more than.
related to business activities of the individual, whether they're involved in purchasing a home or
buying a business or selling a business or conducting any type of online business operations.
So different information than what's in the FBI proviso in your view or more financial information?
Yeah, I mean, any information when you're conducting a criminal scheme,
team is of value. So in my experience, have I seen business email compromise that reference what the FBI is listing here about personal, what I would consider personal versus business details? I have not seen that. However, the personal details that are listed here would be used to create what I call the dossier of the individual. And from that, I could learn their business operations, learn what they're engaged in, and then specifically.
specifically tailor the business email compromise to more effectively target them.
So what is related, it's just not something that would directly be in the business email compromise,
or business email of the business email compromise scheme.
Would you say that not or being careful about sharing that kind of information online is an online safety tip that's generally applicable to everyone?
Yes.
Let's talk about fishing. Is it fair to
say that phishing is a way to carry out a business email compromise or email account
compromise scam?
Yes, the distinctions and titles and definitions sometimes are overlapping.
And fishing involves a bad actor posing as a known or trusted entity through an email,
text message or instant message, right?
That's correct.
A phishing scheme can target anyone who uses email text messages or instant messages.
Correct?
Yes, it can.
It's not unique to the cryptocurrency context, is it?
It is not unique to cryptocurrency.
And in your professional experience, have you seen successful fishing attacks in the
cryptocurrency context and outside the cryptocurrency context, haven't you?
Yes, ma'am.
In preparing your declaration and your testimony in this matter today, did you review any data
or research comparing how often known cryptocurrency holders are fishing targets versus how often
non-known cryptocurrency holders are fishing targets?
No, ma'am.
And similar question.
In preparing your testimony in this matter or your declaration, did you review any data or research
comparing how often known cryptocurrency holders are victims of fishing attacks versus how often
often individuals who are not known cryptocurrency holders are victims of fishing attacks?
I did not review data. I relied on my personal experience. And in your personal experience,
are known cryptocurrency holders more often victims of fishing attacks than non-known cryptocurrency
holders? Yes, ma'am. It's a more effective way to generate criminal proceeds because of the
circumstances of and nature of the asset as I described earlier it's instantaneous
near instantaneous it's global it's valuable it's pseudo-anonymous it's
irreversible and so it is both the method and the means in which the majority of
criminal schemes in an online sense are conducted in our in the bulk of our
investigations so just so I understand
understand your answer. It's your testimony that in your experience, you're more likely to be a victim of a fishing attack if you are a known holder of cryptocurrency than if you are not a known holder of cryptocurrency?
Again, we don't make those distinctions. What I'm saying is it's more the schemes are carried out using cryptocurrency in an overwhelming number of cases because that's how the criminals are paid and that's how the proceeds are transferred.
whether or not the criminal knows the individual is a known holder or not we don't
make that distinction similar to the answers I've provided before okay I just wanted
to clarify that can you look at exhibit C to your declaration and let me know
if you need a copy or if anyone else has a copy is it's a news article from oh
tab four tab four I'm sorry
Yes, ma'am.
This is a news article from December 2020 entitled Crypto Users Claim Gemini Email League occurred much earlier than first reported.
Is this a article that you relied on in preparing your declaration today, or your testimony today?
Excuse me.
I don't recall relying on this heavily.
I think this was included just as a means of example and reference.
The article reported that after the cryptocurrency exchange, Gemini suffered a data breach.
Users of that exchange reported receiving phishing emails.
Is that right?
Is that your understanding?
That's correct.
Okay.
And that data breach included the customer's email addresses and partial phone numbers, not just their names.
Is that correct?
Or is that your understanding?
Yes, that's correct.
Do you have any information about those fishing attempts?
related to that Gemini league other than one is in exhibit seat?
No, ma'am.
You don't know, for example, whether any of those fishing attempts were successful?
Correct.
Can we look at paragraph 17 of your declaration?
And this pertains to account spoofing?
Yes, ma'am.
Is account spoofing another way to carry out a business email compromise
or email account compromise scam?
Again, the distinctions blur because there is email involved in an account spoofing scheme.
So by technical definition, you could call it a business email compromise.
But the precipitating criminal action of the account spoof is not generally conducted through business email compromise, although it can be.
So is it fair to say that account spoofing entails a bad actor disguising an email address,
display name, phone number, text message, or website URL to convince the target that the source
of a message is legitimate?
That's accurate.
Account spoofing can target anyone who uses a computer or a cell phone, right?
Yes, ma'am.
Yes, ma'am.
And it's not unique to the cryptocurrency context, is it?
No, ma'am.
In preparing your testimony, did you review any data or research that compared how often
known cryptocurrency holders are targets of account spoofing scams versus non-known cryptocurrency
holders?
Similar answers to before I did not make those distinctions.
Okay.
And I'm sorry for the repetition.
No.
And in preparing your testimony, did you review any data or research compare?
comparing how often known cryptocurrency holders are victims of accounts moving as opposed to non-cryptocurrency holders?
No, again, in my experience, the majority of victims and targets that we dealt with were cryptocurrency holders by nature of how these crimes are executed.
I understand.
Similar answer to the previous types of scams.
Yes, ma'am.
Can you look at paragraph 18 to your declaration?
Yes, ma'am.
This relates to NRA's Celsius Network LLC.
Does FTI consulting have any involvement in the Celsius bankruptcy?
Not in my practice.
I don't know about FTI as a whole.
Okay.
So let me ask you this then.
Do you personally have any involvement in the Celsius bankruptcy?
No, ma'am.
Your declaration states that many Celsius customers,
became the target of phishing attacks by scammers posing as bankruptcy lawyers using emails
and phone calls.
What's the basis for that statement?
I'm sorry, can you repeat the question?
Sure.
In paragraph 18 of your declaration, you state that many Celsius customers became the target
of fishing attacks by scammers, posing as bankruptcy lawyers using emails and phone calls.
What is the basis for that statement?
in your declaration.
The referenced attachments to the declaration, both media reports as well as the legal
documents that were produced following these fishing and other criminal attempts.
Is that statement based on anything else?
The statement based on anything else.
I'm not trying to trick you.
I'm just asking if your knowledge of what's in the...
paragraph 18 is based solely on those exhibits that you cited in your declaration.
Yes, that's correct.
Do you know how many Celsius customers were the target of those fishing attempts?
I don't know specifically.
Do you know how many of the Celsius customers who were the target of those fishing attempts were foreign individuals?
I don't know that.
And do you know how many of those fishing attempts targeting Celsius customers were successful?
No, ma'am.
The exhibits that attached to your declaration will strike that.
Do you know how debtors' attorneys in the Celsius case became aware of these fishing attempts?
No.
The notices that are attached to your declaration that have been entered into evidence indicate that there were steps taken both by the court,
and by the parties in the Celsius bankruptcy to notify anyone involved of those fishing attempts.
Is that your understanding?
That is my understanding.
Do you think that's a prudent step to take?
I do, but even as referenced in those attempts,
there is acknowledgement and admission that they will not reach all customers.
So I think that's a limited approach at best.
But it is an approach that you would
that you would agree the court should have taken in that case
or that the debtors' counsel should have taken in that case?
Yes, ma'am.
And why is that?
You have to try and address the problem.
And one way to address the problem is to put people on notice
that it's possible that they may be the target of fishing attempts?
That is one way to address the problem, yes.
Can you look at paragraph 14 of your declaration?
And I apologize for jumping around a little bit.
Romance scams are another common type of online financial fraud, correct?
Yes, ma'am.
And that's when a bad actor pretends to build a romantic relationship with a victim online
in order to convince them or guilt them into sending money, right?
Yes, ma'am.
Romance scams can target anyone, correct?
Yes, ma'am.
And they're not unique to the cryptocurrency.
context are they? No, ma'am. In preparing your testimony in this case, did you review any data
or research comparing how often known cryptocurrency holders are targets of romance scams versus
how often individuals who are not known cryptocurrency holders or targets of romance scans?
Similar answers to before them, no. And in preparing your testimony, did you review any data
or research comparing how often known cryptocurrency holders are victims of romance scans,
versus how often those individuals who are not known cryptocurrency holders are victims of romance scams.
Similar to before no, it's just personal experience that the majority of these scams involve cryptocurrency.
Can you look at page or paragraph, excuse me, 15, the next paragraph, like, butchering is another type or common type of online financial fraud in your view?
Yes, ma'am.
And these are, is it fair to say that a page?
is one that targets a bad actor who forms an online relationship with their target,
convinces them to invest in cryptocurrency, and then steals the invested funds.
Yes, ma'am.
Is it, though it involves the use of cryptocurrency to perpetrate the fraud, pig butchering targets
individuals who are not known cryptocurrency holders via text message and social media, right?
I don't have personal experience with that.
Every big butchering case that I have seen involves cryptocurrency holders by nature of the
scheme itself to continue to invest not only in the opportunity because it takes advantage
of cryptocurrency holders.
It explains different facets of the industry and leverages this idea of quick returns, high
volume returns.
And it's faceturned.
is facilitated by all of the characteristics of cryptocurrency that I've listed several times
in order to be able to be successful.
So in every example of pig butchering that you have personal experience with, the victim
prior to being contacted by the bad actor already had an existing wallet cryptocurrency assets.
Is that accurate?
The ones that I've investigated.
It is, if I understand your question, it is possible for that person not to have cryptocurrency
and for the bad actor to convince them to set up a cryptocurrency wallet to further facilitate
the crime.
But that, again, by nature, involves cryptocurrency.
In those cases that you have dealt with in your personal experience, did the target know
that the individual strike that?
I said it backwards.
In those cases that you have dealt with in your personal experience involving pig
butchering, did the bad actor know in advance that the target already had cryptocurrency assets?
I can't testify to that because that is not a focus of our information gathering or interview of suspects.
That's not something we focus on related to the investigation.
So you don't know because that isn't something that you would have been.
asked during the investigation.
That's correct.
Is that right?
Okay, so just to make sure I have this right, you don't know if any of those individuals
in those public pig-buttering scams that you dealt with personally were targeted
because they were known cryptocurrency holders.
We made that conclusion based on who they targeted, but I did not ask the criminal
actor specifically that question.
I see.
How many such cases have you dealt with in your career?
Personally or in a leadership position.
Personally.
So the group of pig butchering cases that we're talking about?
There have been three cases that I would classify as specific pig butchering.
What's the most common form of cryptocurrency scam?
Theft of crypto assets.
Is our investment scams the most common form of cryptocurrency scam?
That's a very broad definition.
Again, I don't make distinctions on most common scam.
Can you be more specific on what you mean by an investment scam?
Maybe I can answer the question.
Sure.
Why don't you take a look at Exhibit E if you have that handy again?
That's the 2023 Crypto Crime Report that was attached to.
your decoration.
Yeah.
Tab six, thank you.
Oh, that way you don't have to do it in here.
Can you look at page 91?
Yes.
Yes.
I believe I have the right.
Oh, I apologize, 92.
I have a one.
It's at the 92 at the bottom.
Yes, no.
Does this want to make sure I'm not
pointing in the wrong direction?
Are referring to 92 of the report?
or the page number at the top that is the issue your honor thank you I can you
can you take a look at page it's 47 at the bottom 91 at the top yes ma'am I apologize
I think I just have the wrong page for you and I don't want to tell you the wrong
thing one second I do recall call the statistics in this report that
that reports investment scams as,
is that what you're referring to?
That is what I'm referring to.
And let me ask you this first.
You read this report,
using the definition of investment scam
that's utilized in this report,
is it your understanding that investment scams
are the largest, or by far at least the most,
by the largest by revenue of any type of cryptocurrency scam?
let me know if I watched that.
I believe, again, this is going from memory, not reading off the report, but memory
serves that they did report investment scams as the highest volume and romance scams being
the most damaging per individual victim.
I believe that was, those two qualifications were in that same reference within the report.
Okay.
How would you, what your understanding?
understanding in terms of how it's utilized in this report of what an investment scam is?
It's a very wide spectrum from individual token offerings being
minted and presented as an investment opportunity that
those behind that scheme then quickly exit the opportunity with investor funds.
It's called a rugpole.
all the way down to the other end of the spectrum to conducting some of the schemes we've identified and discussed today,
where I manipulate you into a cryptocurrency investment that is either fraudulent or intended to abscond with your funds
that you are purportedly investing in a cryptocurrency.
This report addresses pig butchering separately. It doesn't treat it like an investment scam, right?
I would not want to testify to the contents of the report with that level of specificity.
It's a lengthy report that I review, but I don't make those types of very specific analyses from the report.
Can you look at page 87 of the report?
Before we move on, Ms. Townsend, let's take a short recess.
Recess until 11.30.
During the break, you're not allowed to talk about your testimony.
Yes, sir.
I just don't need this anymore.
I have a clean copy.
Oh, no, I'm good.
Thank you.
Oh, no, you know, what it was behind this.
Townsend, you may proceed.
Thank you, Your Honor.
And I don't have much more left.
I think that's probably good news for everyone.
Can you take a look at Exhibit E, which is tab 6, I believe,
which is the report that we were talking about earlier?
I used the break time to find the section that I was looking at,
and unsurprisingly, it's entitled Stams.
So if you turn to page 86 at the bottom.
Yes, ma'am.
You see the graph in the middle of the page there?
Yes, ma'am.
And that is the amount of yearly,
that reflects the amount of yearly crypto scam revenue,
a decrease from 2021 to 2022,
from 10.9 billion to 5.9 billion.
Do you see that?
Yes, ma'am.
Do you think that's an accurate assessment?
Of the decrease?
Yes, yes, ma'am.
Okay.
Can you look at the next page, page 87?
Yes, ma'am.
And there's a graph in the middle of that page that lists the top 10 crypto scams by revenue in 2020.
Do you see that?
Yes, ma'am.
The top being the hyperverse.net, do you see that?
Yes, ma'am.
What kind of scam is that?
I did not investigate, or...
or research the individual scams, so I could not testify to that.
Do you have any reason to doubt the representation in the paragraph below that graph
that states all 10 of 2022's top scams were investment scams, which has a category-dominated
overall scam revenue last year?
I do not have a reason to doubt that.
If you look at the next page, page 88, I just wanted to flag this for you.
it indicates the guide to the scam categories we track.
Does this reflect a distinction between romance scams
and investment scams, for example?
This analysis does, yes.
And does it treat pig-buttering scams
as a form of romance scam?
Yes, it does.
You testified earlier today that, in your view,
and I'm going to paraphrase because I'm just going on my notes,
so if I get something wrong, feel free to correct me.
But I understood your testimony to be that the vast majority of FTCS consumers
didn't demonstrate a high level of sophistication because they fell for,
I think the term you used, was investment approach.
Can you explain what you meant by that?
What I was trying to explain with that,
my response, as I remember, was to a question about digital asset and crypto technical sophistication.
Does that reflect what you're getting at?
I understood you to be testifying that you thought FTX consumers, debtors, customers in particular, were, I think the term you used was less,
technical and the rationale I think that you gave for that was that they fell for
an investment they gave up their keys in connection with an investment approach
and I was hoping you could explain what what you meant by that so what I mean by
that I don't know if I don't think you use that sorry when asked the question
about technical sophistication of a crypto user
Generally, users who participate in an exchange are not by nature and by default the most technically sophisticated,
because an exchange is designed to be an easier and less manual way to participate in cryptocurrency offerings and operations.
The technical aspect of how an exchange works requires that you are surrendering your private keys to the eventual wallet that your investment goes into.
Because the exchange holds omnibus accounts and uses the entirety of funds for different business processes.
And by nature of that, they need the keys to that wallet that receives your funds.
as a general rule, the more technically sophisticated and security conscience crypto user
will have a cold storage or maintain possession of their keys at all times.
And I think the second part of that is my assessment of that is based on, was based on,
is based on FTX, their marketing approach that specifically
highlighted an ease of use and not requiring a high level of technical acumen with digital assets or
crypto cards.
Okay.
Thank you for that clarification.
Is that to say that in your view, someone who uses an exchange is, strike that?
Let me ask it this way.
In your experience, is it common for an individual?
who is a novice in investing in cryptocurrency to hold, say, more than $10 million in an exchange?
Can you repeat it one more time?
Sure.
In your experience, is it common for an individual who is a novice when it comes to cryptocurrency investing
to hold, say, $10 million or more in an exchange?
I wouldn't call that common based on the amount of crypto involved.
I mean, that's a very high volume.
So our investigations don't involve individuals with one holding of that amount in an exchange.
Just to make sure that I'm focused on the piece of piece of my question.
Would you expect for a person to have that an individual, to have that volume of investment in exchange
if they had no experience in cryptocurrency?
I wouldn't expect it, but I wouldn't be surprised.
it. They're individuals, high net worth individuals, they got into cryptocurrency offerings at a very
quick pace and were caught up in the promise of cryptocurrency in many circumstances. So it's
not a common practice, but it would not be unheard of.
And in your experience, have you ever known an individual?
cryptocurrency investor was a novice new to cryptocurrency with 10 million dollars or more in a
in a single exchange have I had personal experience with those circumstances right I have
not you testified earlier about I believe you called it I may mischaracterize it the mental
state of individuals who um of of
strike that let me restart be a little clearer you testified earlier about your views as to
general mental state of individuals who who may be customers of debtors whose names are
redacted in this case do you think it's fair to say that individuals who's who have money
potentially tied up in this bankruptcy would be more cautious of investment in other types
of scams moving forward I think that's a possibility in your experience has
being the victim of some form of cyber crime let's say made people more wary more
aware more cautious of potential future scams yes
No further questions, Your Honor.
Thank you.
Amitya McGrath.
Short, redirect.
Mr. Sheridan, do you recall the line of questioning
from earlier by Ms. Argeeseon Council to the U.S. trustee regarding moving assets to cold wallets?
Yes, sir.
If FTX moved customer funds to cold wallets, does that mean that those customers don't necessarily
have other cryptocurrency in hot wallets elsewhere?
It does not.
And so customers being, so a customer can be targeted with respect to their crypto or fiat currency,
completely unrelated to the fact that FTX moved their assets to a cold wallet in these bankruptcy cases?
Yes, sir.
Not only could their other assets be targeted,
but their profile could be used to facilitate further criminal schemes.
In other words, if an individual is identified in a known cryptocurrency,
investor it is possible to identify and use their identity to perpetrate other schemes
leveraging that information and if I were to stipulate to you here today that the
FTX editors have moved during the process of moving all their cryptocurrency to
cold while in these bankruptcy cases does that change your conclusions at all
has that forth in your declaration no sir
nothing further than your honor thank you thank you you may step down to
share thank you thank you sir I think that
Who is the evidence, Your Honor?
Hmm?
We can move to argument.
I will address first.
Will we move to argument?
Your Honor, I just want to have a clarification.
There was an affidavit that was attached to the motion of the ad hoc committee of an individual
whose name was redacted.
They have not introduced that person as a witness, so I just want to clarify that that
declaration will not be part of the evidence of this hearing.
It is not.
not your honor thank you your honor similar clarification with respect to the
declaration of both games just to get this on the record your honor David
Wender and ever sheds we're not seeking to introduce those with the evidence
submitted by the committee and certain limitations of bringing an individual
here without the protections of hiding their identity we did not move forward with
those and relying on the evidence submitted in court today thank you that's not
that decorators is not known inside thank you good good morning your honor Brian
Bluffsine Sullivan and
on behalf of the debtors.
Your Honor, by the joint motion that was filed by the debtors in the committee,
the movements jointly seek to extend the period by which customer names should be redacted
from public filings in these cases, unless voluntarily disclosed by those customers.
Your Honor, we submit and Your Honor's heard evidence of two independent bases to do so.
Section 1070, Your Honor, will recall
that under Section 107B, an order was entered in January that permitted the redaction of addresses and email addresses of the debtors, creditors, and equity holders,
or natural persons on a permanent basis, but limited the redaction of all customer names and names, and names, addresses, and emails of institutional customers for an initial period pursuant to Section 107.
and be one of the bankruptcy code subject to extension.
The basic premise of the court's January order was that the debtors, was that the debtor's
customer lists, including names and contact information for both individuals and institutional
customers are an asset of the debtors' estates and a potential source of value for creditors.
Mr. Kovsky, the debtors investment banker, testified again yesterday before your honor that
value remains today. In fact, Mr. Kosky testified that the debtors are actively
running a process seeking to determine how to maximize value from the core exchanges of
FtX.com and FtXUS to a variety of structures that could include their sale as assets or reorganization.
The testimony yesterday for Mr. Kovsky was clear that as the debtors investment banker,
the customer lists containing 9 million names is a significant portion of that value. In any
scenario, including even the possibility of selling the customer lists with or without other
assets. Mr. Kowski explained that the customer lists are attractive assets for competitors
and operators of other exchanges, and also explain what third parties would, in his view,
pay the debtor's value for them. Mr. Kovsky further described the analysis that he and his
team did and testified that, in his view, immediate disclosure of any names from the customer's
list, individual or institutional, would harm the debtor's efforts to maximize the value
of their assets.
The conclusion of Mr. Kovsky is that a critical component of the strategy to monetize
the debtor's assets is the continued confidentiality of the debtor's customer lists.
This testimony was unrefuted by the objectives and amplified further the testimony that this
court credited in January in issuing the prior order off the testimony.
authorizing redactions of customer names.
Your Honor agreed in granting the original motion that a customer list is something that is
available to be protected by Section 107 as a trade secret and that the debtor's customer
list in this case met the standard.
Nothing has changed about the nature of confidentiality of the debtor's customer list since
that January hearing and we submit they remain protected by Section 107B.
The debtors are in a position to realize value from these customer lists and exchange assets
in significant part because the customer names have been kept confidential to date.
And the debtors should be permitted more time to complete that process.
As Mr. Kopsky further testified yesterday, it is not yet clear at this point whether the disposition
of the customer list will take place before or in connection with the plan process.
Nonetheless, guided by the Court's prior ruling, the movements have only requested at this
juncture to formally extend the protection of redacting all customer names under Section 107B
for an additional three months from entry of an order, although it is possible, particularly
based on Mr. Kowski's testimony, that the further extension may prove ultimately necessary.
The movements have been continuing to seek to strike the correct balance to ensure the protection
of their assets and customer information.
And continued redaction of names is, in our view, appropriate to maintain that value.
This is consistent with the court's prior ruling in January
and prior rulings of this court, including in the credit case.
Neither the U.S. trustee nor the media objectives
have offered anything new in opposition to the relief request under Section 107B.
They offer no evidence, and their briefing merely recycles
arguments that this court rejected in January and has been disproven by Mr. Kosti's testimony.
The objectors here have no economic stake in the outcome of these Chapter 11 cases,
and there is not a single creditor or a customer who has opposed the relief requested in the motion,
despite it being the customers who face the risks, both financial and personal,
from the forced involuntary disclosure of their names.
The objectors continue to cite the general principles of the right to public access,
of records and bankruptcy disclosure requirements that have not provided evidence of any specific
form being suffered that requires a disclosure of names and institutional addresses immediately,
nor do they recognize, seemingly, the Court's role in being able to modify those requirements
for cause shown as the Court did with the prior order in January.
As the Court in all parties in interest have been able to observe, the debtors have been
able to efficiently, effectively, and completely administer these cases while redacting customer
names and preserving the integrity of the customers.
Notices have been sent, pleadings have been served, claims bar-date procedures established,
all with the parameters of the relief obtained in the January order and requested today
to the extent.
Your Honor, we also submit there is no basis as suggested in the objections for the court
to carve out selective portions of the debtor's customers from the redaction order as suggesting.
The somewhat arbitrary request by the media objectors to reveal the debtor's top 50 credit
lists or top 50 institutional customers would actually require disclosure of some of the most
valuable names on the list because those are the customers with the largest account balances
as of the petition date as Mr. Kovsky discussed yesterday.
We submit that we've inflicted disproportionate amount of harm on the asset value of the debtor's customer lists,
and the media objectors cite no support for imposing any such conditions.
Similarly, the United States trustee requests certain exceptions for insiders of the debtors
and when customers would be identified in filings in other capacities.
The U.S. trustee lifewise offers no justification for these car amounts, pursuant to Section 107B.
The U.S. trustee ignores that the debtors file under seal unredacted versions of all filings,
and the U.S. trustee has that information to seek court approval, as permitted by the order,
of any individual names that thinks need to be disclosed.
Indeed, the debtors themselves.
We have already addressed any legitimate concern on this issue by generally disclosing the names
of former directors and officers who might have been customers but have been publicly identified,
such as Mr. Benton-Fried and his inner circle.
Second, the U.S. trustee offers no legal basis for drawing a further distinction
and compromising a portion of the customer's list
to be determined protected information under Section 107 .
The debtors in consultation with the committee have determined
that continued redaction of customer names for all purposes
best protects the customers from being identified and poached,
and there is no justification presented to put it to put the customer.
presented to put those names into the record of the Chapter 11 cases in any capacity.
We submit, Your Honor, that under Section 107B, the objections to the continued redaction of the customer names
pursuant to that statute should be overruled. I'm not going to address the substance of Section 107C.
I'll leave that for the Committee's Council to address.
But I will just note, Your Honor, from the debtor's perspective, that we agree this relief
is appropriate under the circumstance.
Mr. Sheridan's testimony confirms
that the disclosure of individual names
will expose those customers to a very real risk of harm.
It's precisely the type of harm
that Section 107C is designed to protect against.
I think Mr. Sheridan this morning
further amplified the uniqueness of the situation
presented by these cases,
which we have discussed before your honor previously.
If granted, Section 107C
would permanently seal the individual customer names
separate and apart from the relief sought under Section 1070.
Finally, Your Honor, we do address in our briefing,
debtor's position that the court can and should continue to permit
the redaction of names and addresses of individual creditors,
creditors who are non-customers, but who might be protected by the GDPR
and to be extended to Japan based on a review of the plain statutory language,
has set forth.
If the other relief is granted, as requested in this motion by the movements,
this is mere incremental relief impacting individual non-customer creditors
in the protected jurisdictions for most likely employees.
There is no need, in our view, to deviate from a long-standing practice in this district
to permit redactions to comply with the GDPR to ensure that the debtor avoids the risk
of substantial fines or the more or more in local jurisdictions.
The concern, Your Honor, here is not one of making a finding of whether local data privacy laws
or U.S. bankruptcy law on the facts of this case, again, assuming,
just making the assumption for purpose of argument, the other relief is granted,
we're talking about a very narrow set of additional relief.
And the concern, of course, is that irrespective,
of any findings of this court that authorities in those local jurisdictions would seek to take action
against the debtor in these cases.
As a result, Your Honor, we would ask, based on the language set forth in the papers, that
that small incremental relief be granted as part of the package requested today.
With that, Your Honor, subject to any questions, I will turn off the committee to address
one of the second C.
Thank you.
No questions.
barely the morning your honor
good morning campus quality from Paul Hastings for the
creditors committee
your honor this court previously recognized
that the prior hearing on these issues
that section 107c contemplates sealing individual
customer names among other types of personal identifying
information and the court referenced as does the statute
section 1028 of the criminal code which specifies that type
of personal identifying information including names so there's no question that
107c provides the court with the authority to grant the relief requested in the
joint motion now to be clear and I say this in hearing some of Ms.
Orcasian's questions the requested relief in our proposed order under 107c
is to seal individual customer names it is not to seal creditor names
And in fact, credit our identities who are not customers have already been disclosed by the debtors and the schedules.
Your Honor, the evidence before the court today is persuasive and completely uncontroverted
that there is a significant risk to debtor's customers if their names are disclosed.
The debtors customers, in this case.
This is a crypto bankruptcy case.
Mr. Sheridan testified about harms to crypto bankruptcy.
customers in this case, not about other cases, not about non-crypto cases, nothing to do with what
we are discussing today. The objecting parties, Your Honor, quite cavalierly dismiss the risk
of harm faced by the debtors' individual customers, saying it's not undue risk, it's just
risk that everyone faces. In their objection, the media parties,
particular appeal to quote common sense as the basis for many of their
positions but common sense whatever their view is of that is not evidence and
neither the object the media objectors nor the United States trustee have
presented any evidence to your honor to contradict mr. Sheridan's opinions and the
proof in the record your honor just just one example of that is the the
experience in the Celsius bankruptcy cases
We heard questions today and it was argument raised in their objections that, well, there's no proof that anyone fell for those scams.
Well, no proof that people did not either.
And the mere fact that they occurred, I mean, just dismissing that risk, I find troubling and insensitive.
Once the genie is out of the bottle, Your Honor, you can't put it back in.
and the risk will remain should names be disclosed as occurred in the Celsius case to those customers forever.
That's a very significant risk.
That is undue harm on the record before the court.
Mr. Sheridan's testimony demonstrates that the risk to FTX cryptocurrency exchange customers,
in particular, is significant, given the nature of these cases, and given the nature of these cases,
and given the nature of cryptocurrency.
Here, disclosing the names of the debtor's customers
would enable malefactors to match the name
with the value of that customer's assets on the exchange.
That information has already been disclosed on the schedules anonymously.
And so those who want to take the time,
and as in Celsius, we know people will do this,
can match the names with the value on the exchange.
very much akin to if a person's identity was disclosed with their bank account holders.
And as Mr. Sheridan explains, that would cause significant harm to those customers.
It would enable a malefactor to have that additional information,
to use the dark web and other sources to identify and target those individuals.
Further, Your Honor, it is a logical and completely
unsupported again no evidence presented for the media objectors to argue that
crypto customers are particularly savvy and would not likely fall for any of
these scams well as mr. Sheridan testified if that were the case the data
wouldn't be what it is we wouldn't have the volume of losses in the crypto space
as a result of such schemes further as mr. Sheridan noted and we all know publicly
that FTX marketed to the mass market advertisements during the Super Bowl a couple of years ago and the like,
which as we cite in our reply papers, with particular focus on how easy it is
and how you don't need to know anything to invest in cryptocurrency.
There are approximately 9 million customer accounts.
Certainly those are not all savvy investors who would not be subject to the types of.
scams that Mr. Sheridan testified about. Finally, your honor our burden on this motion is
not as the objectors contend to show that there must be certainty of undue risk.
That's not the law and in fact no support is offered in the objecting excuse me the
objectors submissions in that regard. To the contrary in the access to 2019 state
case the Delaware District Court on an appeal held quote section 107c
references risk an assessment of risk is forward-looking while a specific
potential harm must be identified the standard does not require evidence of
injury having occurred in the past or under similar circumstances close
quote that's 585 Bankruptcy Report or 733 at 7.51
The debtors and committee on our joint motion have more than met our burden of proof,
showing the specific potential harms that the debtors' individual customers face from disclosure of their names.
Avoiding that harm, Your Honor, keeping that genie in the bottle far outweighs the policy of open disclosure in these cases, in these circumstances.
And Your Honor, I'd be remiss without noting that you know,
that on Wednesday of this week. Judge Shannon held in the Bitrix crypto bankruptcy case,
that the sealing of creditors' names, individual creditors' names, was appropriate under both
107B and 107C, and finding as to 107C that the crypto industry's primary purpose of allowing
immediate, instantaneous, and effectively untraceable transfers of value differentiates it from other
industries and gives rise to more material risk of loss and injury to creditors.
The same rationale applies here, Your Honor.
And we respectfully request that the joint motion be granted you.
Thank you.
Thank you.
Good afternoon, Your Honor.
David Wender, on behalf of the Ad Hoc Committee of Non-U.S. customers.
And, Your Honor, I'll be brief.
As required by the bankruptcy rules, the ad hoc committee was required.
Its lawyers were required to file a statement.
But name, address, and holdings, any of individual members.
I had a lot of committee filed this motion to seal and exact that information.
To ask, anticipating hopefully the debtors would file their motions, which the joint motion
was forthcoming.
We joined in that because we seek the same relief.
And then here in Mr. Gluckstein's argument and some of the closing is already is it to
ensure that a situation we not voluntarily filed the 2019 required by the code that our requirements
to file 2019, we actually supplemented earlier this week with new members, are similarly protected
such that our members and even other customers who join other committees or might be obligated under the code to submit information are not forced to disclose information that's worth valuable to the debtors.
They could generate value for recoveries later and it would disclose personally identifiable information of themselves and in fact is her testimony potentially their customers.
So I think that under both 107B and 107C, the filings of the ad hoc committee, for example, disclosing under 2019 and similar required filings, not voluntary disclosures of who.
are should be similarly protected thank you your honor thank you
thank you I can say good afternoon your honor again for the record Juliet
Saracian on behalf of the US trustee the debtors seek authority to redact from
all papers filed or to be filed with this court following information three
categories number one the names addresses and email addresses of all customers
whether they be natural persons or legal entities number two the names addresses an
email addresses of all creditors, be they customers or not, or equity holders that are natural
persons if they are citizens of the United Kingdom, the European Union, or Japan, and are covered
by the EU or UK general data protection regulation, GDPR, or certain Japanese laws.
And the third category are the addresses and the email addresses of customers and other creditors
or equity holders who are individuals, regardless of their citizenship.
Your Honor, that last piece of it, your honor, did grant that in the order of January 20th
on a permanent basis.
The other two categories were just for 90 days, and we are now back with a motion that the
debtors then, excuse me, the movements, the debtors and the committee filed in April to
extend, well, the motion is to extend the categories for another 90 days, but there's a little
bit of a conflict because part of what they propose in the order is on the one hand it says
90 days but for customers who are natural persons there's another paragraph paragraph three
that is a permanent redaction of their names so paragraph two says it's for 90 days paragraph
three says it's permanent if you're a customer who's a natural person my understanding what was explained
to me is well paragraph two relates to 707b and
paragraph three relates to 107c.
The order just needs to be, regardless,
if Your Honor is going to grant,
it has to be clear whether it's permanent
or for another 90 days.
That's certainly what we would ask that it be clear.
The documents that would be subject to these redactions
include documents that are the core of a bankruptcy proceeding,
that any debtor who is seeking bankruptcy protection
must file, including the creditor matrix,
statement of assets and liabilities,
statement of financial affairs, claims register, proof of claims, disclosures of professionals,
such as the professionals' connections with parties and interests who may be customers,
and then of course the Bankruptcy Rule 2019 statements, as well as affidavits of service
and many other documents.
It is black letter law that bankruptcy proceedings must be transparent, and that transparency
requires that pleadings that are filed are filed on the public docket and viewable by
creditors, other parties in interest, and the public in general, unless certain enumerated
exceptions apply.
And again, this is especially true for information that's on, say, the schedules and assets,
on liabilities as well as the statement of financial affairs.
And very important in that statement of financial affairs is the transfers with the
than the one year that the debtors made to the insiders.
And I'll go into a little bit more detail about that later.
But right now, except for Mr. Bankin-Fried's name
and a few, you know, three or four of what the debtor believes
this is closest associates, the rest of the names of insiders
who are customers, be they individuals,
or be they institutions, have been redacted.
So the grounds that the debtors assert, excuse me,
the movements assert,
for their position. There's three. To the extent that persons or entities are customers,
they view their names being released as the equivalent of a customer list that has value
either to sell or as part of a reorganization. And then separately, under 107C, as to those
customers or creditors who were natural persons, I just want to get clarification here. I'm sorry.
The counsel for the committee say that you are not seeking to redact the names of predators
who are natural persons if they're not customers, right, if they're not customers.
Under one of seven.
Okay, you are not seeking that.
And that is based on, that is based on the idea of the identity fact, based on the name coupled
with the fact that they are a customer of FTX or were a customer.
And then third part of it is those customers or other creditors who are natural persons and
are citizens of either the EU, the UK, or Japan, and are covered by a foreign privacy law
that the movements believe prevents their – or the movements argue prevent the disclosure
of even their names, although they have provided no expert testimony whatsoever to interpret
these foreign laws.
So, going through each part separately, the value of the customer list.
On direct, Mr. Kovsky testified that the customer list has value both in a 363 sales scenario or reorganization.
And cross-examination conducted by counsel for the media objectors, he testified that while he did not know if the debtor's customers used platforms of competitors,
that to the extent they do that would degrade the value of those customer names.
Mr. Kovsky also acknowledged that the customers have not been able to use the debtor's platform since November,
since this case filed, and testified that the longer that the platform is dormant,
the more the value of the customer degrades due to the fact that they may be using competing platforms.
Now, while Mr. Kosky may not be aware of how many of FTC's customers use competitors' platforms,
the declaration of Mr. Sheridan, which has been admitted into evidence and submitted by the debtors in the committee,
to support their motion states in paragraph 25, quote,
it is my understanding that a vast number of the debtor's customers use other online platforms or exchanges to hold digital assets,
e.g. Coinbase, MetaMask, et cetera, close quote.
Now, with respect to a reorganization situation,
Mr. Kovsky testified that he believed that the customer list
would have value in that situation.
My cross-examination, I'm sorry, excuse me,
on cross-examination by the media parties,
he testified that he had not conducted any survey or analysis
is to determine whether the customers would want to stay with the debtors
and use their platform if and when the platform ever becomes available again.
Now, in my cross-examination, I asked Mr. Kovsky why he believed that FTX customers
who have had their accounts frozen for now six months and potentially more than a year
by the time we get to the plan stage, plan solicitation stage, with no access to their cash,
not just their crypto, but no access to their cash or their crypto,
would continue to be customers of the debtor in a reorganization.
And Mr. Kofsky's testimony in response was that, well, one of the reasons is
that the customers would be getting shares of the reorganized debtor,
although he admitted that that was not a certainty.
He also testified it's possible that the customers would be getting stock
in lieu of being paid in full for what was in their account at the time
that was frozen.
There is no way to know at this point.
It would be sheer speculation that these customers,
having their assets frozen for so long,
would want to continue to be customers of a reorganized debtor
based on the fact that they might be getting stock,
potentially in lieu of getting their cash in their crypto,
or some portion of the cash in the crypto that was in their account.
Now, with respect to 107,
Mr. Sheridan testified that if the FTX customer accounts are in cold wallets, which we know from Mr.
Ray testifying multiple times in this court that all or almost all at this point, I think
it's all of the customer accounts are in cold wallets, and the customers have no way to access
those accounts.
Mr. Sharon and testified in that situation, they could not – customers could not be subject
to having the cash or the crypto in their FTX accounts stolen
or if not transferred over to them in any fashion
because the customers, they can't be subject
to a scheme to transfer crypto or cash
from an account that they have no access to.
Now I do understand, again, that he had testified
or in his declaration said that the vast majority
of these individuals also have accounts on other platforms.
And I understand that it's possible
that they could be subject to some type of a scam to access their funds on those other
platforms, although again, having been, as Mr. Sheridan testified on across, having been subject
to essentially a scheme or something very bad happening at the FTX case, that they might
be more cautious going forward with other schemes that could be pushed on them with respect
to cryptocurrency.
Well, just because they're in the cold wallet now doesn't mean a scammer could easily contact them as was done in Celsius or
identifying themselves as counsel to the debtor saying
We need your we need your keys
We need to know we know we need to get access to your wallet so that we can make sure when the time comes
We can release it to and they give it to them and now the scammer comes back to the bankruptcy court and says
You know those assets are mine. I got the keys they gave them to me I'm no one against that
money when time comes to distribute again.
Well, Your Honor, I guess maybe I misunderstood.
I understood that from what the witness said that in platforms like FTX,
that the individual doesn't actually have access to their keys, that it's kept by FTX?
I'm maybe I've misunderstood that.
I don't think he said that they don't, he said that might be, they might have given them to them.
It doesn't mean they don't have access to it themselves as well.
They might have given them over to the debtors to say,
here is the access to our keys, but I still have the key, too.
I'm not going to give it.
You can see how much I know about cryptocurrency, although I have to say at this point
I'm actually very glad that I know very little, frankly.
Well, I'm sorry, I wish I knew more without having invested.
Let me put it that way.
I'm happy that I knew so little that I was too scared to invest.
So, Your Honor, I think the Sosia situation is obviously very unfortunate,
and of course everybody wants to avoid that type of the situation,
But I think, you know, we have very, very sophisticated counsel in this case representing both
the debtors and the committee, and I feel very confident that they could come up with
a way to, you know, prior to, if your honor was to deny the motion, prior to unredacting
any information that, you know, the debtor could communicate with their customers in numerous
ways to make sure that they were aware that these types of things are possible and to be on high
alert and to you know sort of have a protocol that you know nobody anybody that
asks for your information it's not legitimate other than this method and the
method is there's going to be a bar date set with this court and you're going to
get you know in the mail a bar date notice proof of claim form and you know I'm
sure there are other things that can be done to again I'm you know there are a lot
of certificate attorneys here I'm sure there's a lot of things that could be done
to put out, you know, it could be news releases even, to warn people so that everybody is on high alert.
Does that mean that there's not going to be one person that, you know, that might happen to know.
Of course, Your Honor, we don't know that.
But I think...
Well, there could be many.
And there could be, even if you're on high alert, I'm aware of very sophisticated law firms who've been scammed.
It happens.
It doesn't matter how sophisticated you are, how much you're on alert.
It can still happen.
And we all get things every day.
We all get emails every day that if we clicked on them and clicked on the link,
bad things would happen.
I mean, unfortunately in this society, everybody needs to be on high alert all the time.
And, I mean, Your Honor, I take your point, of course.
But I think that things can be done to have that extra level of protection.
You know, I think in Celsius, I'm assuming there was nothing sent out.
before this happened. I know something with after it happened, they sent out notices.
But with hindsight now, we know that this is a possibility we could take steps
beforehand to protect, which wasn't done in Celsius, you know, because probably nobody
thought this was a possibility. And I understand some of those scams were quite
sophisticated. Again, it was a very, very unfortunate situation.
I also want to mention, in this connection, the action, the actual
committee's objection makes an argument that it was imperative 27 of their reply, I'm sorry,
the reply, not the motion, that if you know that a corporation is a customer, so they're
trying to argue why the corporate customers should get protection.
In fact, under 107C, I believe is what they were trying to argue.
Now, of course, 1.7 does not apply to corporations.
It says right there individuals.
But they said in their reply that, well, if you knew who the corporation was,
you could somehow get access to their, be able to scam their employees.
Now, Mr. Sheridan, I think, made it clear.
In his testimony, no, I wasn't talking, no, you can't get to the employees.
You could get to the customers of the customer.
So in other words, FTCX's customer, if you knew who they were,
you could maybe get to the customers of the customer,
who might be other corporations,
on what the business is.
I don't think there was any clear testimony, honestly,
I just didn't understand it as to why.
It would be any easier to find out the customers of a corporation,
it's a customer of FTX,
versus any other corporation, frankly.
I did not think there was clear testimony on that.
But again, no matter what,
1.7C does not apply to anyone who's not an individual.
I understand the argument about the customer list
being a valuable asset, and we've separately addressed that,
but 107C simply does not apply to corporations.
I'd like to talk about foreign law.
The mootans say they are not asserting
that foreign law should control over US law,
but what they're asking the court to do is effectively that.
They're asking the court to redact information,
much of which is required by the debtors
to be filed publicly in bankruptcy cases.
Again, schedules and statements of financial affairs
credit or matrix where the professionals are required
to disclose as part of their retention applications,
arguing that it should not be disclosed
for those citizens who are,
so those individuals who are citizens of these foreign countries
because there's a foreign law,
and that under that foreign law,
that the debtors could potentially be fined.
The effect of that,
is you are giving precedence to the foreign law over US law and the debtors have
not come forth with the movements excuse me have not come forth with one
example of any situation in which a debtor in the US bankruptcy proceeding was
penalized or fined by some foreign authority because they released the names of
creditors who were individual citizens of these countries and I don't
they haven't given any example of any other party in any U.S. legal proceeding that was
penalized for doing the same.
And they do have the burden of proof here, and they have failed to provide any expert testimony
on foreign law, which they could have done, to support their contention that both the GDPR
and the Japanese law prevent the disclosure of even the names of these individuals without,
you know, without addresses or email addresses.
They've also failed to provide expert testimony
to support their contention that the exceptions,
and there are exceptions both to the GDPR and the Japanese law
that allow for disclosure in connection with groupal proceedings,
they have not put forth any expert testimony
to support their argument that those exceptions do not apply here.
They also do not explain how the debtors are going to identify
which of their customers or other people,
other creditors who are citizens of the EU, the UK, or Japan, are actually citizens of those countries.
In many cases, I mean, the debtor said at the beginning of this case that a lot of cases,
they don't even have street addresses for people.
They only have email addresses.
But even for those that they do have a street address, that tells you residency,
and frankly, it doesn't even necessarily tell you that.
It's just an address that somebody has where maybe they get mail.
that even if it's the residence, it doesn't tell you what country there is a citizen of.
And I recall that there was some discussion of this in the hearing in January, and I thought
that one of the reasons for this other hearing was to give the debtor time to try to figure
that out, which of their customers are actually citizens.
But we have had no testimony whatsoever on that issue or any explanation of how the debtors
are going to determine that question.
Who's a citizen?
Because if they're not a citizen, I can be living in Japan.
I don't think I'm covered by Japanese privacy laws.
I mean, maybe I'm wrong.
Again, we don't have any expert here to explain it, but I don't think the contention is,
and I think that the laws actually state only apply to citizens.
Now, going to the GDPR, again, even though the debtors have the burden of proofer, the
movements have the burden of proof, the motion fails to identify, and the movements have
not provided any evidence that they have pursued any threshold assessment of the risk of
penalization under the GDPR. There is, for example, no proof that was introduced that the debtors
sought consent of any of their EU or UK creditors or customers, because that's an exception.
If you get their consent, you can disclose the name. So there's been no evidence that they
tried that route. In addition,
And that's under GDPR Article 49.1A.
The motion also fails to demonstrate that the debtors have made any inquiry with the applicable EU GDPR supervisory authority
for the UK commissioner about the lawfulness of transferring the names of the EU or UK creditors to the U.S.
By filing that information in the bankruptcy cases pursuant to the requirements of the bankruptcy code and the bankruptcy rules,
They could seek a permit from the supervisory authority or the UK Commissioner.
They have not indicated, they have not produced any evidence to show that they have done so.
And particularly in light of the tenants of the legal claim exception,
the exception to allow information to be produced in legal proceedings,
and the discretion that's expressly given by the GDPR to the debtor's supervisory authority
or the UK commissioner, and the strength of the American laws that mitigate in favor of full disclosure
in these bankruptcy cases, these types of diligence by the debtors are crucial at this stage
of the implementation of the GDPR and critical to the debtors' faithful fulfillment of their fiduciary
duties in this case. All they do is say, here's the law, there's a possibility we could be penalized. We haven't taken
any steps. We, there are steps that are set forth in a GDPR. We have not taken steps to
find out if we actually would be penalized by doing this. Get an, or does that, you know, that
this falls under the exception. We go to our supervisory authority under the GDPR and get
that information, go through that process. They have not gone through that process. All they've
said is there's a possibility we could be penalized without again ever giving any example
of this ever, ever, any penalization ever happening to any,
U.S. debtor for disclosing names of citizens of the U.K. or the EU, let alone Japan.
Now one of the cases that's cited by, I believe, the Aethock Committee in support of their
argument in this regard is Forever 21.
Forever 21 was my, I was the trial attorney assigned to that case for the U.S. trustee.
They quote – they have language that they say as a quote from the transcript.
that quotes a redaction of names and addresses.
That quote is not on that page.
It is not in the transcript.
I did a word search.
And repeatedly throughout,
it was Judge Gross's case.
You can see throughout Judge Grosses talks about the addresses.
The addresses.
That's what the debtors were represented by Kirkland and Ellis.
The debtors moved.
Their motion was not to redact the names.
It was only to redact addresses of citizens of the E.E.
and also addresses of their employees.
They're putting that aside for the foreign law.
It was just addresses.
They did not request the names be redacted.
You read the transcript that is clear.
There is no order that was entered that allows for redaction of names,
of citizens of EU.
And one can look at the entire docket.
There is no evidence that Forever 21 was ever penalized
under the GDPR for releasing names.
They're writing the creditor matrix, they're in the schedules.
They're there.
The addresses were redacted, but the names were not.
Now, moving on to Japanese law,
in the initial motion that was filed by the debtors
in November or December of last year,
there was no mention of Japanese law.
They discussed, they had a paragraph maybe on the GDPR
that said very little, but there was no mention of Japanese law at all.
And the reply on that motion, which was probably filed in early January, there was one paragraph that referenced Japanese law.
There was, with some paraphrases, with some portion of it, there was no translation attached, there was no even a website given to where to find this Japanese law.
Nothing.
At the January 20th order that your honor entered, there's no reference to Japanese law at all.
It's referenced to citizens of the UK, the EU that are covered by the GDPR.
And I don't believe your honor made any ruling with respect to Japanese law.
So in April, the debtor's motion then referenced again one paragraph about Japanese law
with no reference to where one could find an English translation of this law, which is
of course relatively, it's not a one paragraph law.
So the question becomes, so what happened between your honor's January 20th?
order. And now, have they released the names of these Japanese citizens? Because if they've
already released them, not for those who are customers. I understand anybody who's a customer,
they have redacted that because they're a customer. But any creditor who's a Japanese citizen
who's not a customer, if they've released that information, the cat's out of the back, if they haven't,
then they've redacted it without court authority. I don't know what the answer is to that. However,
Again, when they put it in the motion, they did not tell us where one could find an
English translation.
So in the reply, the movement said that the U.S. trustee did not engage regarding the Japanese
law.
I can tell you why we didn't engage.
All I had was their paraphrase of tiny portions of it.
It wasn't until the reply that they filed a Monday, that they finally gave us a website
where we could get the law.
And it's quite, again, it's quite a long.
you know it's not one paragraph.
I'm not an expert in Japanese law, of course.
I wish there was one here, who is not.
But I look at the statute and I see an exception in 27,
subsection 1 that says for cases based,
there's an exception to the requirement of non-disclosure
for cases based on laws and regulations, quote, unquote.
The move-ins say in their reply,
well that only applies to Japanese laws and regulations.
Japanese laws and regulations, not foreign, but it doesn't say that.
So again, we're in a situation where this court is asked to interpret
Japanese, foreign law with no expert to explain it.
The plain language, I think, says this can be disclosed in a,
if it's required to be disclosed under laws and regulations,
and it is required to be disclosed under U.S. law.
And then the move in state that the reason the court should consider Japanese laws
because if they do not comply, there could be economic consequences.
To that they cite to the Japanese Financial Instruments Exchange Act of Japan.
I don't have a translation.
I do not have a website where to get a translation.
I have no idea what that law is about.
They are the movements.
It is their responsibility to provide the court
and other parties in interest with where to find certified,
you know, correct translations of these foreign laws.
If the debtors are going to take a position that this court should consider foreign laws,
I think they have to do everything possible to make that information available,
not just the information and the interpretation of the laws.
Because as we know, Your Honor interprets the bankruptcy code every day.
It's not necessarily you just look at a page and see what it says.
So we need an accurate translation, and we need to have somebody explaining.
the impact of that law and how it's interpreted and how it's applied.
And we don't have any of that.
Now as Your Honor knows, in our objection,
we said in the alternative if Your Honor is going to be granting the relief requested,
we were hoping to have some carve-outs.
The first carve-out has to do with information regarding insiders.
The debtor should not be permitted to redact the names of insiders,
individuals or corporations on their schedules and sofas and with respect to
non corporations or other legal entities they should not be able to redact
addresses if that's required by the bankruptcy code and the bankruptcy rules and
the official forms and and it doesn't matter I mean whether there are
customers or not customers whatever it is it shouldn't make any difference
I mean this is a case that's about
Wormful transfers that took place prior to the petition date to insiders.
So the statement of financial affairs, one of the critical pieces of it is a disclosure of
all transfers made to insiders within the one year prior to bankruptcy.
And some of the names are not redacted and other the names are.
And when I asked why, the answer is, well, that we redacted if they were a customer or
The insider was a customer we redacted their name.
So let's look at that from the legal arguments that they made.
Is that protected under 107B?
I mean, there has to be a balance, of course, here.
And I think the balance on the information regarding insiders,
I think the balance is very strongly in favor,
even if Your Honor feels that in general,
they've met the requirements of 107B or 107C in general,
that these can be an exception.
What is the value of saying, oh, well, include in our customer list are insiders?
Of course, you know, that's not a big surprise.
I don't think that that's telling anybody something they don't already know that the insiders
of the company may very likely be customers.
I don't think the value, the incremental value of that information is worth anything, frankly.
Now for those insiders who are individuals under 107C, I mean, again,
The only thing you know is that their name, which as an employer, you know, if they're an insider,
I mean, they're either a director, an officer, or they have some other, you know, significant
connection to the debtors, that information is probably already publicly available somewhere.
But even if it isn't, all you're saying is the person's name and they're a customer of the debtors,
which again is hardly surprising.
I mean, it's not, you're not telling anybody something that's not easy to guess that,
insiders of the debtor are like the customers.
So it's not really giving any more information than what's already out there.
And when you have to weigh that with the importance of knowing who, again, publicly knowing
who, which insiders received one year transfers from these debtors, any of those other concerns have to be overridden by that.
Now, the debtors say, let's get to me taking a three-four-four-four-old.
for you one examination, which I haven't been able to do yet.
Okay?
Because how do I ask questions,
so I can't say the person's name.
Your Honor, you have to understand that,
and I don't know if Your Honor is aware,
the schedules and statements found this case is
are thousands and thousands and thousands of pages.
So you have two sets.
You have the set that was filed from the public record
and has CCF numbers, that information redacted,
and then you have this other thousands
and thousands of pages of information.
You have to try to match it up and then let's say I match it up, okay, this unredacted version has the person's name and this redacted version doesn't have the person's name.
Now, how am I going to conduct my questioning at 341 in a way, it's public, right?
Creditors can be on them and they're allowed to, they have the right.
341 is a meeting of creditors.
This is a public examination.
So if the names are redacted, I cannot say the names.
The record, the record of this very important examination is going to be frankly unintelligible
because I know who they're talking about.
I don't even know how I could possibly do this.
And again, this information is so critical in this case where there were these massive,
there's been allegations of massive transfers to insiders prior to the petition date.
This information just has, it cannot be redacted.
The tiny, whatever tiny value it is to know that an insider of the debtor was a customer
or the tiny incremental information about this director or officer of the debtors was a customer.
Yeah, again, that's not telling anybody anything they don't already know.
And even with respect to other information, not just the one-year transfers, if, for example, you know, there's transfers, there's gifts.
There's a lot of allegations about some of these gifts that were given, okay, charitable gifts.
Well, who received the charitable gifts?
Well, some of the names are redacted.
Why are the names redacted?
They're customers.
Well, but you can't tell they're a customer by looking at the statement of financial affairs and says, who did you give gifts to?
I can't tell who's a customer.
I mean, that doesn't tell you they're a customer just because they got a charitable donation.
So, you know, they've created a problem of their, they've made their own problem effectively.
Nobody would have known.
How could you know?
Just because somebody gets a charitable donation doesn't mean they're a customer, presumably
one thing.
So, and there's other examples, Your Honor, there was a motion file that I hope I have this correct.
I don't know that it matters that much.
It was a motion, I believe, to reject
executory contracts.
And, of course, they have to list the names
of who the contractual counter parties are.
Some of the names are redacted.
Some of them weren't, some of them were.
When I asked, why some of the names redacted?
The answer was other customers.
I mean, nobody would know they were customers.
I mean, there's no way to know that they were customers.
Until you redacted the names,
there was no way to know that they were a customer.
This is not, I mean, it's different than I,
With respect to the creditor matrix, I mean there's an argument there, you're not a creditor
matrix that doesn't say you're a customer, but the debtor's argument was that the vast
majority of our creditors, the vast, the vast, vast majority of the customers.
You know, you have it, that certainly wasn't true with this motion, maybe half the names
or less, I don't remember were redacted.
Contract counter parties, some of them are customers, some of them are.
There's no way to know if you don't redact the names.
So we also think in that situation they should not be promoted.
committed to redact names.
Now, there's also other situations involving the names of insiders, maybe apart from
the schedules and statements, where if the debtor, if the, U.S.
would ask again if your honor is going to grant the motion generally, is that any time the
debtor wants to redact names of insiders in anything, anything they file, they need to make
a separate motion.
It should not be a given that the names of insiders.
insiders can be redacted. There may be other very important findings in this case where
there are a reference to insiders. In the plan and disclosure statement, are they going to
be redacting the names of insiders because they're customers? Again, unless it's Sam Bankman
Freed and for other people. I mean, so it should not be a given. If it's an insider, they should
be required to take that extra step, make a motion, and then we have an opportunity, and others
have an opportunity to respond.
Your Honor, in the Third Circuit Incendent Corporation, which is 260 F3, 183, 2001, said, quote,
the burden is on the party who seeks to overcome the presumption of access to show that
the interests in secrecy outweighs the presumption, and I think that that is especially
important when we're talking about insiders.
And the purpose, when we're talking about schedules and state and as a financial affairs, the purpose
of requiring the debtors to disclose all their assets, liabilities, and business dealing
is to ensure that the creditors have reliable and accurate information that they can rely on
to determine the status of the debtor's financial affairs and to trace the debtor's financial
history.
It's very important in this case.
That's in Ray Hayes, 549 BR 67, Bankruptcy District South Carolina, 2016.
The bankruptcy schedules and statement of affairs are designed to elicit certain information
necessary for the proper administration and adjudication of these cases.
The balance of the rights and creditors of other parties for information on insiders
against the chance under 107C that disclosure of just the names would create a, quote,
undue risk of identity theft or other unlawful injury, close quote, which is from the statute.
When you consider that with respect to an officer director and insider who may already have
public information linking them to the debtors almost certainly.
Again, that balance really shifts in favor of disclosure.
And as to insiders who are not natural persons, the balance of whatever value they have as a customer
versus the presumption of public access of information about corporate insiders, okay, that should be released,
that has to be released as well.
I mean, to say we're going to redact the name of a corporate insider because they're a customer,
That balance, again, is way in phase, very strongly in favor of disclosure.
Just, I'm almost done, Your Honor.
With respect to the ad hoc committee, if the court does grant their motion,
we would ask the right to reserve the right to later seek their names,
just their names, not what their exact holdings are or anything like that,
but just their names to be unredaided.
be unredacted if they become involved in planning negotiations or otherwise take a larger role
in this case.
The ad hoc committee says that they, quote, act in a representative capacity for the interests
of all non-U.S. customers, not for their own individual benefit.
Close quote.
That's paragraph 18.
I think of their reply.
That's a reason to disclose the names.
I mean, I think non-U.S. customers have the right to know who is claiming to rent.
represent them. I mean, right now, as far as I know, they have not had a large well in the
case, but if they step up and their role becomes greater, just like your Honor said, the
names of the committee members have, the members of the official committee of unsaturred creditors,
those names have to be released. And if you're a corporate committee member, your address
has to be released as well. Your Honor had already ruled that previously. Similarly, if the
ad hoc committee takes a larger role, we would like, again, the opportunity to only
ruling out of the opportunity to be able to argue later that that information the
members names should be released for the same reason that the committee's
information was released and actually in that regard is one thing the proposed
order the proposed order that your honor entered on January 20th had a provision
stating that the names of the committee members had to be could not be redacted
they had to be released on the top 50 list or whatever the number was in the top credit
list.
That was actually, that is not in this order, this proposed order, so we would certainly ask
that that be, we would want that to be clear that those names, just like Your Honor previously
ruled, that that would continue to be the case.
And just in conclusion, Your Honor, one thing that the debtors argue is that, again,
the movement's argue is, well, they're only asking for another 90 days, although again,
for some of it, they're asking permanently for the customers who were individual.
they want that permanently but they say oh but otherwise it's just for 90 days but
it's already been six months so another 90 days now at nine months and debtors
counsel indicated they might ask for a further extension so we're we're it's
been a long time for this information to remain redacted so you know again
your honor we believe that the movements have not met their burden of proof but
especially again with respect to information relating to insiders
or customers or non-insiders in the context that one could not tell they were a customer from the context of the disclosure.
We think those exceptions can be made, and we think there's a reasonable, an important basis to make those exceptions
if Your Honor is inclined to otherwise grant the motion.
Unless Your Honor has any other questions, my argument is concluded.
Thank you.
Thank you.
I don't know about anybody else, but I need a lunch break.
So we're going to, let's recess until, we'll say 1.30.
We'll come back at 1.30.
Okay.
Thank you.
Thank you, Ron.
Good afternoon, Your Honor.
Katie Townsend on behalf of the media interveners, the New York Times, the Wall Street Journal,
Bloomberg LP, and the Financial Times.
I think it's important to address at the outset the applicable burdens, as well as to address
I think why the media interveners are here in the first place.
Though I think it should go without saying, I'll say it anyway.
The shared interest of the media interveners here is straightforward.
There are news organizations, and they want to report on what is undeniably a newsworthy bankruptcy
stemming from the massive collapse of a prominent cryptocurrency platform.
That collapse sent shockwaves not just for the cryptocurrency industry, but the entire financial industry.
And at this point, we don't even know where those shockwaves, both individually and its
institutionally have hit the hardest or what institutions may have the largest or no exposure as a result.
That is a compelling and legitimate interest that the press and the public have in the names of the creditors, also customers in these Chapter 11 proceedings.
And it's a particularly salient point when we're talking about the top 50 unsecured creditors.
That distinction is not, I think it's as has been suggested, an arbitrary one.
The top 50 creditors are those institutions and individuals who have the most exposure have been most affected in this bankruptcy proceeding.
So I think so the...
Let me ask you a question.
What are your clients going to do with you?
If I say the names have to be released, what are you going to do with that information?
No, I can't speak exactly to what my clients would do with it.
I assume that the reporters would review that information and they would use it to report on exactly what I did.
But if all I give are the names, what are they going to do?
what are they going to do? They're going to go, first thing they're going to do is go try to identify who the people are, right?
Because they're not going to report that somebody named Mr. X, who lives in Shanghai,
had a lot of money invested in FTX tokens unless they verify that information.
And the only way they can do that is to try to figure out who he is. Who's Mr. X?
Well, if we're talking, Your Honor, about, let's say, the top 50 creditors, let's say we're talking a lot about, we're talking about some institutions.
institutional investors.
So in cases like that, I think my clients probably would ask for comment or attempt to
evaluate what the impact, potential exposure of that institution, which again could have broader
financial impacts.
There are also individuals who, frankly, my clients would think would be important to report
on it.
Jamie Diamond, for example, someone whose views on what investments are good investments to make,
has a lot of exposure from his.
his, let's say, and again, I don't know this is just a hypothetical,
has some, is one of the top 50 creditors of FDX?
Would that be newsworthy?
Would that be important for the public at large?
And people who may consider J.B. Diamond's investment moves
to be one they would want to follow.
Is that relevant?
I think so.
So would my clients report on it?
I wouldn't be here if my clients didn't think it was important
to understanding the entirety of not just what's happening
in this bankruptcy proceeding.
but the impact of FTX's collapse to understand who was potentially hurt the most,
I think we do think that's important, and that's why I'm here.
So I think the attempts to paint the news media's motives to inform the reader,
its readers and the public at large about what's happening here is somehow illegitimate as wrong.
It is wrong, and I think it should be treated as such.
That said, the media interveners' motives are really relevant.
And it isn't the media intervener's obligation or any of the objector's obligation to demonstrate
specific harm from a failure to disclose that information.
It's not our evidentiary burden, as has been suggested, to demonstrate that we have some other interest beyond an informational interest in that information.
The starting point is, as Your Honor knows,
the presumption of public access under the First Amendment
and Section 107 of the Bankruptcy Code.
Transparency is the rule.
It's the default in all bankruptcy cases,
including bankruptcy cases in the cryptocurrency context.
So the debtors, the official committee,
the Ad Hoc Committee, they bear the burden
to demonstrate with evidence,
not speculation or conjecture,
that all of the information they want to redact
falls within the scope of either Section 107
107B or 107C.
I want to start with section 107B, which as your honor knows
permits the protection of an entity with respect to a trade secret
or confidential research, development, or commercial information.
This is a statutory, a narrow statutory exception.
It's been interpreted to apply to information that's critical to the operations of an entity.
And in order for the exception to disclosure to apply in 107B,
the disclosure of the information at issue must reasonably be expected to cause the entity commercial injury.
We understand why the court at the second day hearing would want to take an incremental step
to seal the names of FTX's customers and creditors, all of them for 90 days,
a time period that we understand was calculated to maintain the status quo,
while debtors
rather explored potential
valuations of their assets.
But it's now been more than a month
since the expiration of that original 90-day
redaction period, and the debtors haven't given this court
an additional basis to conclude
that the names of approximately 9 million customers
fall within the definition of commercial information
and warrant continued redaction.
The parties are continuing to rely on the testimony
solely on the testimony of Mr. Kowski,
which he supplemented yesterday,
with respectfully little more than he gave this court back in January.
In fact, I think the debtors and the official committee
seem to concede that there isn't much more to say at this point.
According to their own joint motion,
they have yet to determine how they're going to utilize
what they call their customer lists.
They assert that the names of FTCS customers
are a potential source of value,
but being just a possible source of value isn't enough,
And even assuming that it was, the record doesn't establish
that disclosure of the names of FTX's customers
or any subset thereof would destroy that potential value.
So Mr. Kopsky maintains that the debtor's customer base,
or maybe even just the customer list itself,
could have potential value in a restructuring or sale,
but he has yet to provide any testimony
as to what he thinks that value actually is,
that specific value,
And he hasn't given us any real-world examples of what value, if any, has been ascribed to a list of names of customers standing alone or otherwise in other cryptocurrency transactions, for example.
Moreover, the primary concern that Mr. Kovsky has identified, the poaching or potential poaching of FTC's customers by competitors, we think is particularly misplaced in this context.
talking about some list of exclusive customers, as the Council for the U.S. trustee pointed
out. The official committee's own witness, Mr. Sheridan testified that a vast number of the
debtor's customers use other online platforms or exchanges to hold digital assets. In fact,
he testified that it's common for cryptocurrency holders to use multiple wallets or online platforms
store their cryptocurrency assets.
So simply put, whether or not one or more of the nine million or so customers with
FTC's accounts moves to a competitor or is poached by a competitor, assuming they were not
already using a competitor platform, which they very well may be, that may have nothing to
do at all with whether or not that customer also will continue to use a competitor platform.
FTX's platform after some restructuring in the event it continues to exist.
That determination is likely to have a lot more to do with how that customer feels about FTCS
rather than how it feels about some competitor because it's not an exclusive relationship.
Nor does the evidence, I think, support a conclusion that it's reasonably to be expected
that a competitor could or would effectively use this list of names to attempt to attempt
to poach customers.
So Mr. Kovsky testified yesterday that he directed his team to locate through Google,
Facebook, or Twitter some mechanism, including through those platforms themselves, like a Twitter
direct message, some way to contact the top 200 customers of FTX, and they were able to do
so for fewer than half of them.
And he testified he thought it was highly likely that they identified the right person for
only 34% of them.
He didn't testify as to whether there was any effort to actually validate the results of those,
that experiment by determining whether or not they had in fact located accurate current contact
information for those individuals that they had searched for.
But even his sort of best estimate of whether or not they had done a good job was only 34%.
That experiment, one that is based on a not representative,
And I think a conceitably not very scientific methodology fails to establish that FTCS's customers
could be expected to or could or would effectively operationalize the names of customers,
to debtors disadvantage.
Moreover, I think even if we assume that Mr. Kovsky's testimony, which is all this court has in front of it,
was sufficient to establish that the names of all of FTS's roughly nine years.
million creditors who are also customers fall within the scope of section 107b.
There's been no showing differentiating between different subsets. I think there was the
suggestion that Mr. Kovsky testified that the top 200 creditors were that those
names would be the most valuable but Mr. Kovsky didn't draw distinctions between
specific values for specific subsets of customers. So there's no showing that a small
subset of that 9 million say the top 50 creditors would constitute confidential
commercial information that it disclosed would damage in a serious way whatever
potential value that that set of names might have I think debtors at this
point have had and the moving parties at this point have had an ample
opportunity to attempt to meet their burden to demonstrate these names are in effect
a primary or critical asset to their business.
There are extraordinary circumstances
and compelling need that warrant, frankly,
the extraordinary level of secrecy
that they're asking this court to impose,
and they have not met that burden in our view.
And the 107B, we would respectfully urge the court
not to extend the redaction deadline on that basis.
With respect to 107,
This is the provision as your honor knows that permits the court to protect an individual
with respect to the following types of information.
To the extent the court finds that disclosure of such information would create undue risk of identity theft
or other unlawful injury to the individual or the individual's property.
As an initial matter, Section 107c applies only to the names of creditors, customers who are individuals,
not entities. It's right there expressly in the statutory language. I don't believe that either
the debtors or the official committee, from what we can tell, unlike the ad hoc committee,
suggest otherwise and take the position that it should apply to the names of entities. But for what
it's worth, the ad hoc committee offers no case law to support this sort of expansive view of
Section 107C as applicable to entities, the names of entities. So I think any argument here, Your Honor,
regarding the application of Section 107C
should be understood to be relevant only to those creditors, customers
who are individuals who are natural persons.
As to those customers who are natural persons,
I do take issue with the suggestion,
I think that's been made a number of times today
that media interveners are being dismissive of potential risks of harm
to individuals who may be targeted
or maybe the victims of cybercrime.
The media and our winners aren't being dismissive.
I think we're being, frankly, realistic.
Certainly, as we don't dispute Mr. Sheridan's testimony
that criminal actors like cryptocurrency,
it's a means and a method for them to effectuate crime.
At the same time, as he testified,
His testimony suggests there's really no limiting principle
to the notion of who can be targeted
and who can be a victim of these crimes.
He provided no evidence to demonstrate
that current cryptocurrency or known cryptocurrency users
are more frequently the victims of the various online scans
that he testified about, or even that they're more frequently
the targets of those kinds of scams.
And as he testified, unfortunately, online
attacks and cyber threats stopping and bullying are endemic in today's virtual world.
And it's not just in the cryptocurrency context, but bankruptcy proceedings in general have
information about creditors who may have a significant amount of money tied up in a bankruptcy
who may be vulnerable for that reason.
To the extent we take this argument to its logical conclusion, we're effectively flipping
the presumption of access in bankruptcy proceedings.
proceedings on its head.
So I do think that there are ways, and again, we're not dismissive of these risks.
I think the position that we're taking is that any restrictions on the public's rights
of access here need to be narrowly tailored and that there are alternatives to redacting
the names of all of the customers or a subset of those customers, and those alternatives can
include things like the types of notices, advanced notices, that were sent to
customers involved in the Celsius case after the fact. We now have the benefit of the
unfortunate incident that occurred in the Celsius case. We can preemptively or the court
counsel, sophisticated counsel representing all the various parties in this case can
preemptively inform interested parties. This is a potential risk that they should be wary,
mindful of these kinds of scam. So there's a benefit to what happened in the Celsius case
that can be translated here to help potentially
just alert people to the potential risks
that may be out there.
There's also just the fact that even if these individual customers
were not savvy or aware of the potential risks
or of investment scans, they are now.
And as Mr. Sheridan testified in his executive
experience, individuals tend to become more wary of scams when they have already fallen victim to one.
And I want to emphasize to Your Honor, I think the evidence, it's difficult because we don't know.
We certainly don't know, but there's also been no testimony on to the, about the types of individuals and, you know,
parties can speculate as to whether or not they're sophisticated or not sophisticated.
at different sort of levels of investment in the FTS platform.
I think, as Mr. Sheridan testified on Cross,
I think when we're talking about the top 50 individuals
with multi-millions of dollars invested in cryptocurrency,
I don't think there's, we have any basis,
certainly there's been no evidence to suggest
that they're novice investors in the cryptocurrency context,
that they don't have the means or where we're,
or sophistication to attempt to protect themselves from what, again, are unfortunately ubiquitous,
I think, attempts at cyber crime.
And particularly, I did want to emphasize to a point that I think Mr. Sheridan made in his
direct about the cryptocurrency industry generally.
Being a higher risk investment when it comes to making an individual sort of more susceptible
to, or a more, let me put it this way, a more desirable target potentially for criminals.
You know, he indicated that the cryptocurrency industry doesn't provide the sort of traditional level
of protection that other financial industries have.
I just want to note that, you know, we've talked about that the customers as sort of one big
group, but certainly customers who, and particularly customers who are sophisticated,
investors in cryptocurrency are well aware of those risks.
They're aware that they're investing in an industry that doesn't have those same protections,
an industry where cybercriminals may be more interested in cryptocurrency assets than other types of assets.
And so again, this isn't to sort of diminish or minimize any risk or any harm that evicts
of cybercrime suffers when they have cryptocurrency
or other assets sold by, I think, or stolen,
but I think to the extent we're talking about
very sophisticated investors,
when they invest in a risky type of cryptocurrency investment,
or they make a risky investment,
they understand all the risks that are,
we have to assume they understand the risks
that are attached to that investment.
I won't spend much time on foreign law
because I think Council for the U.S. Trust
covered that quite well, but I think just to reiterate and thoroughly, just to reiterate
immediate interviewer's position that I don't think we need to even be talking
about the GDPR or the content of any foreign law because public access to judicial
records filed in this bankruptcy proceeding is governed by the bankruptcy code, the
bankruptcy rules, the First Amendment and related US law that mandates access or
presumes access. I think the debtors and
and the official committee's reliance on Section 105
to argue that the court should take some additional precautions
with respect to what they argue might be
the potential application of foreign law.
Is a concession, frankly, that neither Section 107
be nor Section 107c apply here.
And I would emphasize that Your Honor noted
in the January 11th, second day hearing,
that the court would need evidence, expert testimony,
something to address the foreign law issues in this case.
The debtors, the ad hoc committee, the official committee have all had the opportunity
to present that evidence and haven't done so.
So we would state or restate as we have in our briefing that we don't think
foreign law is any basis or any influence on what the court's obligations are with respect
to access to the records that are filed in this proceeding.
And finally, Your Honor, I just want to put this in a little bit of context, because I think one of the things that is most striking and frankly most problematic about the arguments that are being made for redaction in this case is the lack of any limiting principle.
I think the debtors, the official committee, and the ad hoc committee argue at times expressly for a rule that would apply in all cryptocurrency bankruptcy, not just this one.
We've heard repeatedly, this is a cryptocurrency case.
Much of Mr. Sheridan's evidence turns on, again,
the appealability of cryptocurrency to would-be criminals and bad actors.
I don't think the notion of a per se rule that permits redaction of all creditors
who are also customers in the context,
who are individuals, to be clear, under one,
107C, but all creditors or customers under the 107B context, a per se rule that would permit
redaction of all of the names of those creditors, customers in every bankruptcy case involving
cryptocurrency, I think is deeply troubling.
And I don't think that there's been any evidence to suggest that FTX, these Chapter
11 proceedings are different in some sense or some way than other bankruptcy proceedings with
respect to the arguments that are being made by the 30s.
And if you have no further questions, for me, Your Honor, I will include my argument.
Okay, thank you.
Mr. Gluckstein, what exactly, I just want to make sure I understand what the debtors
want to have sealed at this point.
Are we sealing all customers?
Are we sealing customers and creditors?
Are we sealing, what are we sealing?
What are we seeing here?
What is, at issue,
today specifically is the following. Number one, the ceiling of all customer names pursuant to section
107B. We've requested that for an additional period of 90 days. That includes all names for all
purposes. Individuals, institutional. Number two, an alternative.
argument made under Section 107C, that argument is requesting that the court grant the authority
to redoubt on a permanent basis, all individual customer names. If that relief is granted,
that is obviously supersedes the 90-day period with respect to the individual portion under
107B. But they're completely separate legal standards, of course, wrong. But it is a
It does not moot it because we need the request with respect to the institutional customers
to preserve the entirety of the customer list for all the reasons Mr. Tocke testified.
Those are the primary relief that has been requested.
If that relief is granted today, while there was a lot of focus on an objection from
Ms. Farquazian, the incremental relief, if we think about the entirety of the picture,
of what's contained in the motion.
The incremental relief under what being termed
the foreign law questions would only be
non-customers, individual non-customers,
the names of those individual non-customers,
names and addresses of those individual non-customers
who would be protected by the GDPR,
the Japanese privacy law.
And as I represented the court in my argument earlier,
If we put all those pieces together, we believe that there's a very limited set of employees in those jurisdictions who are not otherwise customers on each joint.
That's what we're talking about. Your Honor's Order in January already authorized the redaction of individual addresses of customers on a permanent basis.
The U.S. trustee did not object to that.
So the question before the court is dealing with the names of customers, which is a contentious issue, as Your Honor has heard over the course the last two days, and the names and addresses of institutional customers that are on our customer.
And we have obviously taken the customer list question and the monetization of that incrementally as Your Honor guided us in giving us the initial three-months.
period and we have asked for the extension for all the reasons Mr. Kofsky testified
about yesterday. The 107c issue of course redaction of customer names again addresses
already of individual individual customers names under 107c again the address is already
permanently redacted that is a permanent request and that is new evidence entirely
new evidence that we had not before the coordinate evidentiary way that was supported by
Mr. Sharon's testimony and his declaration.
Okay.
Just a few points on the specific arguments made if I could, Your Honor, and I think it's helpful
and I appreciate the court's question on focusing what we're actually talking about here from
a relief perspective.
The other thing I think is important for us to step back and focus on is what are we asking.
We are not asking for some per se rule that applies to all types of cases.
We're not asking for some per se rule that applies to all cryptocurrency cases.
Your Honor has been presented with evidence with respect to the facts of these cases.
Your Honor is also well aware from overseeing these cases since November
of the complexities that these cases present, the sheer size of these cases,
and the issues, many of which are novel, presented by these Chapter 11 cases.
With respect to 107B, Your Honor, there's no carve-out in Section 107B
for media outlets who might want to report on high-profile people
that might be on our top 50 or top 200 or top 9 million creditor list
if the information is protected by the statute as commercial information.
Mr. Kovsky did testify yesterday,
despite representations made today,
that the top 200 creditor list,
top 200 creditors on our creditors,
testified very clearly in the course of doing his analysis,
represents over $2 billion in claims.
It's a very significant value represented by that top 200 creditors,
that some subset of which the media objectors are asking to be disclosed.
Mr. Kovsky also testified very clearly
in response to questioning on cross-examination,
that his opinion, as the debtor's investment banker,
is that there is value to the customer names
irrespective of whether the customer
has an account on another exchange or not.
And more importantly, or as importantly, I should say,
whether the debtors are going to try to reorganize
or restart the dot-com exchange
or sell the customer list as either on its own or part of a set of assets is still to be determined as Mr. Cox's desk.
And the premise of his testimony, based on the process that's being conducted by the debtors,
is that competitors, third parties, have value, see value in that customer list.
So they're going to put whatever value they put on that list,
and they're going to do whatever valuation they're going to do is to whether those customers,
whatever analysis they might be able to do about whether and risk adjust for those customers
being other exchanges or whatever they might do.
But at the end of the day, Mr. Kovsky's clear testimonies that his view as the debtor's
investment banker is that there is value available to these estates by preserving the confidentiality
of customer list.
And that's the argument that we've asserted under section of 107.
There was suggestion about, well, we can solve lots of
of problems if we just give notices or give more notices.
I guess that starts to get into the 107C issue some.
I'm sure Mr. Piscolley will have something to say on that.
But as the court observed during the course of the hearing today,
there are certainly limitations to noticing.
I don't think anybody would suggest that you're sending out a notice
to people who are going to solve these problems from that perspective.
With respect to the foreign law issues raised, again, this is ancillary to the belief as we've presented it, yes, we have now brought foreign law experts to interpret those statutes.
I think the term which is used in argument by the immediate objectors' counsel, that that relief, that incremental relief is somewhat precautionary.
That is how we presented it.
We don't, until very recently, that would not have been controversial in this district.
Mr. Orcasian talks about how we haven't presented a case where there has been a bankruptcy,
a debtor that has been sanctioned under these circumstances.
Until very recently, the U.S. Trustee's Office didn't object to this relief.
And in the fact, we cite in our reply papers a string site of cases, including cases by Your Honor,
where this relief with names and addresses was routinely granted.
And we understand, and we understand that there are issues presented
and issues that courts have begun to grapple with with respect to whether some of these foreign statutes
would take precedence over the U.S. bankruptcy law issues.
I don't think, though, Your Honor, under the circumstances that precludes this court in the context,
again, everything that we're doing here, if your honor agrees with the movements that we are going to be redacting and is appropriate on the facts of this case to redact the customer lists, to redact the customer names, we submit that the risk that is presented by the plain language of the statute that we don't need an expert to testify about is enough to grant that incremental relief.
But it is certainly very much ancillary to the relief we're asking for it.
And finally, Your Honor, just in response, because there were suggestions made or intimations made by Mr. Cazian, the debtors have complied with the court's January order to the letter of that order.
So we have not made redactions into Japan or any other law that's not covered by that order.
And so I just want to be clear about that.
We have obviously that order, it was an evidentiary hearing to get that order put into place.
There was negotiations over the language in that order, including the U.S. trustees' office and the court entered that order.
In January, in that order remains in place.
That was a final order on our first day motion, and the motion we're asking for today is obviously incremental to that.
Just Ms. Sarkesian's argument that the debtors have redacted the names from other pleadings of customers.
We have redacted names of customers from, I don't, I think, I don't know.
She raised the contract rejection motion.
So, the names were redacted and that was because the debtor said that they were customers.
We have redacted customer names.
I don't know that that was in the motion itself.
I think this mainly occurs in things like affidavits of service and the way.
But we have redacted customer names.
wherever they have appeared. We have done that after consultation with the
Creditors Committee. We do you know it has been our position that customer names
should be redacted that that has been done that has been authorized and so we
have in order to ensure that customer names are not in the public domain on the
of this case in an involuntary way, we have redacted those names wherever they appear.
Well, here's, I have a problem with that one.
A problem with the issue, if in fact there was a motion to reject contracts that included
the names of the part, the counterparties to those contracts, and some of the names of those
counterparties were redacted because they're also a customer of the debtor.
debtor. That's problematic because no one would know that they were a customer of the debtor
unless you redacted it. They wouldn't know because they're already redacted from the customer
list. So you can't redact a name from a motion when they're a counterparty to a contract.
I'm just you're an example. I think one of the other bunch you used was charitable donations,
parties who receive charitable donations. You can't just redact their names because they also
happen to be a customer. Because again, no other ones.
would know that they were accustomed so I I don't I don't recall the contract
rejection motion this is referring to and I don't recall offhand whether that was
in the is the scenario that your honor is positing this issue arises mostly in
the context as I say of things like affidavits of service where we're serving
people who are in capacities that where they also might be customers things like
that but you're I understand your honors your honor's point and we obviously
will take we obviously will proceed forward with any guardrails that your honor
imposes on us thank you thank you afternoon your honor Kempasquale for the
committee just very quickly I think I've addressed in my prior comments and in the
committee's pleadings most of the points that were raised in opposition to the
motion but just two things if I may first with respect to the notices that might
go out as miss Townsend said quote after the fact
We shouldn't have to deal with after the fact attempts to correct information when it is disclosed.
That's the genie example I mentioned earlier.
Once the names are out, no matter how much warning we give people, the harm can be done,
as Mr. Sheridan testified.
Council also argued that customers accepted the risk attached to an investment in cryptocurrency.
as an investment in cryptocurrency.
They did not accept the risk of an involuntary disclosure
of their names in a bankruptcy case
that they didn't expect to happen
and certainly didn't accept the risk
that such a disclosure would expose them to,
again, as Mr. Sheridan testified.
That's all I have.
Thank you.
Okay.
It'll resolve the issue.
I saw your honor for the record David Wender on behalf of the ad hoc committee and just to explain the discussion before
There was a little bit of back and forth with miss Rakey myself as to where the language came from in our pleading
We reference the transcript that actually was incorrect in the order where we got that quoted language from
From miss Rheese and rightly pointed out basically it wasn't in the actual transcript
There's history I was not involved in that case but we got the language from the order I don't think that's essential for today
But I would do want to clarify that it was coming from different places and neither one of us were attempted
to mislead the court. Now, Your Honor, you asked Mr. Galacteine what he wanted, and since we also
had our separate motion, I wanted to answer that question on behalf of the Adhock Committee.
But our motion was fired. First of all, we joined the relief requested by an joint motion
because we think it's appropriate to protect customers. With respect to the Adho committee's
motion, it was to protect the disclosures in the 2019 statement to redact customer names and addresses.
Ad hoc committee members are non-U.S. customers, and that information is also to be protected.
why we seek it both under 107B and 107C
and relying on the evidentiary record
is a little different because in 2019,
and if you looked at the actual redacted 2019,
that's on file here, it lists redacted form name,
redacted form address, but it also disclosed
their economic interest which is required under 2019,
including in certain instances where they had records
of actual traceable cryptocurrency.
And so, and the, and the,
The reason why I wanted to focus on that and talk about 107C, again under 107B, the debtors
in the joint motion say they want to protect those customers because they might be able to obtain
value from it.
So the 107C in people is focused on and it well, it only protects individuals and that's
what it references.
But if you actually look at the language of 107C is protecting an individual if the disclosure
would create undue risk to individual or the individual's property.
And this, the property we're talking about is, it's, again, investments of these entities,
and some of them, although there's no evidence, but I'll just state, or single person LLCs,
but their property would be put at risk.
And if you look at the individual, and if you look, again, at 107C, it references 102D7 of Title 18,
oh, sorry, 102D of Title 18.
Subsection 7 of that says, any name, talking about the information protected,
any name or number that may be used alone or in conjunction with other information,
to identify a specific individual.
And by having this information,
we heard the testimony about the ability
to trace on the blockchain in the dark web,
who owns and who's involved.
We think 107 would apply,
whether it's to everybody,
maybe that's since the joint motion is insignificarily,
but we think relative at least to the 2019 statement
that that would apply to protect,
so we don't have to come back in 90 days to re-seek.
Now, again, we've said this not feeling this without prejudice,
the United States Trustee, to come and seek,
seek disclosure that that reservation is always there for but so what work with the
ad hoc committee is seeking for is a it's an order clarifying that other that we
that when we file our 29th statements the long that are have already been filed we may
redact the names and addresses of our individual of our customers that are both
individuals and non-individual members of the ad hoc committee what is the ad hoc
committee intended to do we are hopeful to be engaged in the processor we've attempted at
one point early in the case we talked about an official committee that didn't go anywhere.
We're trying hopefully, and it's early stages, to hopefully, although not in a representative
capacity because we're not, but ensure that, and although there is an unsecured committee,
we think that there are certain aspects of the unscured credit committee cannot fully represent
non-U.S. customers.
So we are hopeful that we will be involved in the process, to what extent we'll see,
to hope that there's a plan that we can, as a voice in someone who can speak to non-U.S.
U.S. customers can say we think is in the best interest of all non-U.S. customers as well and support that.
All right. Thank you. Thank you, Your Honor. All right. Well, here's what I'm going to do.
With regard to the redaction of customer names under 107b, I think the evidence presented was uncontroverted that customer identification has value, has value to the data.
debtors of states. And under 107 , the customer names constitute a trade secret, as I said
back in January. And as a result, those names can be, continue to be redacted for an additional
90 days. The debtors continue to seek how they're going to come out of these bankruptcies.
They're going to sell the assets, including the customer list, or are they going to reorganize,
in which case they're going to want the customers. The fact that the customers might not be exclusive
customers and I don't some of them might be some of them I've got nine million customers
and that's a lot of people I have no way to parse that I don't think anybody has a way
to parse that out so the the best way to deal with the issue is to say that all of
the customer names can continue to be redacted the 107c issue mr. Sheridan
introduced very compelling testimony again uncontroverted testimony
about how customers can be identified just by a name.
It's something that happens all the time in our society today,
given the access to not just the types of information we all have access to,
Google, Twitter, etc., but the dark web,
where there's all kinds of information about individuals
that can be found with just a name.
And he testified, again, very compellingly, that if they have the name and the fact that they are an FTX customer, they can be targeted.
And that is what we need to protect here.
It's the customers that are the most important issue here.
I want to make sure that they are protected and they don't fall victim to any types of scams that might be happening out there.
So I'm going to grant the motion as well to redact customer names.
under 107C for individuals on a permanent basis.
Obviously does not cover.
On the foreign law issue,
I simply have no evidence to support it.
I know that as Mr. Gluckstein pointed out,
I've entered orders in the past,
but it's always been without,
when there was no objection, but there's an objection now.
And it's the right of the US trustee,
right that objection.
So I needed to have something to show
that there would be harm
to these individuals who might be located in the UK,
the European Union, or Japan,
that would result in some harm to them.
And I have nothing.
The statute itself, at least the GDPR,
is not exactly clear to me.
I mean, it says they have to be protected,
but I really, as I said in January,
I would have liked to have had someone come and testify
and tell me that if you order the release of these names,
The debtors are subject to some kind of sanctions.
I find it hard to believe that a court in the UK or the European Union or Japan would say,
I'm going to sanction the debtors for releasing names when they were ordered to do so by a court in the United States.
That just doesn't seem to be a potential possibility.
So I'm going to deny the motion to that extent.
On the 2019 issue for the ad hoc community, this is a horse of a different color.
a horse of a different color.
You have an ad hoc committee who wants to participate actively in the case.
As with the, as I said with the members of the Unsecured Creditors Committee, if you want
to be a member of the Unsecured Creditors Committee, you have to identify yourself because
people have a right to know who they're litigating against.
They can't do that if they don't know who they are.
So I don't think that they are protected under 107C or B.
And those names have to be disclosed if they're going to participate.
Now I understand that you may have had some of your clients sign up for this in the expectation that I would keep that information sealed.
So I'm going to give you the opportunity to go back to your clients and say,
the judge said we can't seal these names in information, so we're going to have to disclose it.
Do you still want to be a member of the committee so that they can have the chance to withdraw if they want to?
So that motion is denied.
Any questions about that one?
Yes, Your Honor, I do have a few questions.
Thank you, Your Honor, again for the record, Juliet Sartesian,
on the AF the U.S. Trustee.
How about redaction of the names of insiders who happen to be customers?
Is your ruling, does your ruling allow them to continue to redact the name of
Insiders on Statement of Financial Affairs and other?
No.
Or now, yes.
They're subject to the 90-day rule.
Even if you cannot determine from the document that they are in the court,
that they are in fact customers?
Well, the debtor can only redact me that they are a customer,
so we're going to have to, the debtors are redacting names of insiders
who are not customers, that would be a problem.
But I didn't hear that they were doing that.
No, I'm sorry, I misspoke.
What I mean is that if you looked at the document
and from the context of it, okay, here transfers to insiders,
from the context, there's no particular reason to believe
that anybody is a customer or not a customer.
Well, that kind of goes back to what I was talking to Mr.
Gluckstein about with regard to the charitable donations and the motion for
assumption or rejection of contract. You can't redact the name in some other motion where they
are a party to that motion simply because they're also a customer because as I said, nobody
would know they're a customer. I agree with you on that.
Right. So you're honest, in the statement of financial affairs when you look at the transfers
to insiders, there's nothing to indicate.
there's no way to know if any of those insiders are customers.
So given that fact, is Your Honor ruling that if you cannot tell,
looking at the statement of financial affairs,
that these insiders happen to be customers,
that they would have to disclose those names?
Yes, they do.
Thank you, Your Honor.
And this final question, Your Honor,
on the redaction of customers who are individuals, their names,
Is that on a permanent, Your Honor, is that on a permanent basis?
Under 107C, yes.
Okay.
Thank you, Your Honor.
Okay.
Your Honor, I apologize, David Winder on the HALHA committee.
In following an unredacted 2019, is it just the names that have to be unredacted or the addresses as well?
Because under 2019, we have to disclose it, it provides with a name, the address, and it's disclosed of economic interest.
I think everything has to be disclosed under 2019.
Thank you for that clarification.
Any other questions?
All right, that brings us to, I guess everybody's been waiting for it.
I'm going to rule on the application or the motion by the JPLs to lift the automatic stay.
I was thinking about this, flying in bed at 3 o'clock this morning, trying to figure out what I'm going to do with this mess.
And I was thinking, what is the most important thing here?
What do I have to consider?
What is the most important thing to consider?
Excuse me, I have a little trouble with my voice.
little trouble in my voice. The most important issue in this case is what's in the best
interest of the customers and the creditors because that's what this case is all about, getting
value back to the customers and the creditors. And that should inform all of my decisions,
and particularly this decision, about how to, whether or not to lift the automatic
step. So what are the issues involved here? And it's a
of issues here. We have who are the customers and whose customers are they? Are they
customers of FTX trading or other US debtor entities or are the customers of FTX digital
media? The Bahamian entity. Are the assets at issue held by the US debtors or the Bahamian
debtors? Are they held in trust for the benefit of creditors or do they belong to the
estates, the various estates? If the assets are FTX,
digitals and I make that conclusion at some point during the course of this case are
they subject to clawback as fraudulent conveyances those are issues that also
have to be decided where are the assets located are they located in the US which
gives me interim jurisdiction over them are they located in the Bahamas which gives
the Bohemian Court in realm of jurisdiction as I said yesterday I am not going to
defer to and I would not defer to any other court the question of what kind of
constitutes assets of the debtors in the cases before me.
And contrary to Mr. Shore's colorful argument,
it's not based on the fact that the Bahamas don't have nuclear weapons.
I would do that even if it was France, as I think you referred to.
So the question then is, so, you know, where can that really be granted?
granted. This is the only court that can grant complete relief regarding the assets that are
under the jurisdiction of this court that relate to, that are being held by the debtors in
these cases, and that are subject to the question of how to allocate them. Do they allocate,
do they all belong to the U.S. debtors? Does some of them belong to the Bahamian debtor? At this
point, I don't know. That's an open question. Of course, this issue about interim jurisdiction
begs the question that the assets that are held in the Bahamas, the Bahamian Court has
controlled. They have interim jurisdiction. So how, and that court could make its own
decisions about how those assets are to be distributed. And they could complete, and the Bahamian
court could say, we don't care.
the US court decides. In fact, I think that's what JPL's argued to me on the first
day of this case. Judge, we don't care, the court in Bahamas isn't going to care what you do.
They're not going to enforce any of your orders. That might have been an overstatement, but
that's what was said. So what, it puts me in an awkward position, obviously. I certainly
would have no basis to order the Bahamian court to do or not do anything. I have no control
or that court and what they decide to do.
But because the JPLs are proposing to make a filing with the court in the Bahamas, which, contrary
to their arguments, goes well beyond merely asking for the Bahamian court to establish protocols.
My reading of the application is they're asking the court to make decisions about whose
assets are they?
Are they assets of the U.S. debtors?
Are they assets of the Bahamian debtors?
not just the assets are located in the Bahamas, but all of the assets, including those located here in the United States.
So, so, so, sorry, I lost my train of thought there.
So what the JPLs are doing is they're asking the court in the Bahamas for substantive relief
that would absolutely have an effect on the debtors in this case.
So they need to have relief in the automatic state because the assets that are here,
that are under the control of this court and the debtors here are subject to the jurisdiction of this court.
So have the JPLs met their burden of establishing the need for relief from the automatic study?
From the evidence that was introduced at the hearing, the debtors established that there are several forms upon.
As to that, the U.S. debtors.
In incremental costs associated with litigating the same issues in two different courts.
It's not insubstantial.
The confusion to creditors who are trying to figure out,
am I a creditor in the Bahamas or am I a creditor in the United States?
And those creditors, again, I go back, the first issue is,
the first concern is how do we protect the creditors and the customers?
Those creditors, some of them might want to participate as the ad hoc committee here,
wants to participate in the case here.
Are they going to have to retain counsel down there and participate in the case?
and participate in both proceedings and increasing the cost of them.
And by the way, the incremental costs for the debtors to appear
and the creditors committee to appear in the Bahamas
comes out of the pocket of the creditors.
And everything goes back to the creditors,
interest of the creditors.
And finally, the delay in the case,
it's going to take time for both courts to litigate the issues.
And I know there was some discussion about having combined hearing
with the Bahamas and this court.
at the same time. I'm not going to opine on that one way or the other at this point,
but I will point out that the costs of doing that are not insubstantial either. As I mentioned
yesterday, I was involved in the Nortel case, and I know it costs tens of millions of dollars
just to set up the infrastructure to be able to have a joint hearing with the Canadian court.
So we're talking about a lot of increased costs that comes out of the pocket of the customers
and the creditors. The only harm articulated by the JPLs that I could discern from the testimony
is that they can't carry out their fiduciary duties because they can't go to the Bahamian
court and ask for them to decide these issues. But as the debtors pointed out yesterday in their
argument, that's not the issue here. The harm to the JPLs is not the issue. It's the harm to the
customers and the creditors.
Now, and finally, just to close out on the standard for prevailing on a motion to lift stay is prevailing on the merits of the underlying claim.
And that, I don't have no idea at this time.
I have no idea.
It's no definition.
It's got to be decided.
And there has to be a trial if it can't be resolved.
We have an adversary proceeding pending here.
and I know the JPLs have filed a motion to dismiss that based at least partially on the idea that it was in violation of the agreement between a parties on how to handle issues between the two courts.
But I would ask the JPLs to reconsider that because we can't, we've got to get this case moving.
And if we're going to be arguing over issues like that, it's not helpful.
Because at the end of the day, even if it did violate the agreement between the parties,
I'm probably going to allow it to go forward, unless there's some other basis for dismissal.
I admit I haven't spent a lot of time looking at the motion to dismiss.
But if it's only based on the idea that the debtors here violated the agreement between the parties,
I might say, yeah, I'll slap you on the wrist for violating the agreement,
but I'm not going to dismiss and have to start all over again.
Let's get the case moving.
Let's get those cases moving forward.
So on the, again, prevailing on the underlying issues, I don't know.
Now, JPLs are certainly free to go to the Bahama court and tell them what happened here today.
Advise them of my ruling, and I don't know what the Bahamian court will do in response to that, but again, I have no control over the Bahamian court.
But that might be enough to satisfy their fiduciary.
their fiduciary allegations. At least they'll go back and say, we tried, this is how it came
out, we lost, and we need to move forward. Now, I do believe, as I mentioned, you know, the
in rem issue is between assets here and assets and bonds. Obviously, the Bahamian court's free
to ignore any ruling I make, whether or not the assets belong to the U.S. debtors or the Bahamian debt.
and they can go forward and have their own here and make a ruling on how that's going to play out for the assets that they hold.
So the case is begging for some kind of a protocol between the parties to resolve that issue alone.
I mean, we're going to end up, there's a possibility you can end up with inconsistent rulings in both courts.
And that might happen whether we have a protocol or not.
But at least I'm going to order the JPLs and the debtors to make.
mediate the issue, retain a good mediator, someone with experience in the area, to come up with
a way to see if there's any kind of protocols that can be put in place to address these issues.
In the meantime, we're going to go forward with the adversary proceeding that I have before me.
I want to do it in as expeditious a manner as possible because we're wasting the customers.
customers assets are wasting away every day we spend in bankruptcy so let's
try to find a way to cooperate and find a way to resolve these issues so for
now I'm going to deny the motion to lift the state the party should be confer
and issue a form of order under certification of counsel are there any questions
Your Honor, the committee would just ask to be a party for that mediation.
Absolutely, yes, absolutely.
Thank you.
Anything else?
Thank you very much, Your Honor.
That is clear to the debtors.
The only other thing, just to note before we close,
there was on the agenda today, which I think closed well from Your Honor's comments,
initial scheduling conference in the adversary proceeding between the debtors and FTCS digital markets.
We have been talking with counsel for FTCS Digital.
I believe we have agreed on a form of a schedule
to move that litigation forward,
understanding may have a pending motion to dismiss,
and, of course, your honor's comments this afternoon.
So I think for purposes of the conference,
I think the update to the court is that we intend to submit
that scheduling order for your honors consideration.
That scheduling order is designed from the debtor
perspective to ensure that we get to a trial on any issues that might need to be
tried related to those issues consistent with our confirmation schedule that Mr.
Diderick laid out yesterday and I think we have a schedule to do that I don't know if my
comments make any difference in what that schedule is going to look like but you
can resubmit it under COC thank you your honor okay your honor's
presentation with committee as well with the ad hoc committee now at least
attempting to could we at least attempt to participate in that mediation as well
at least as an observation party at the minimum?
I think as an observation party, that's a good idea,
because obviously, as I said,
you know, creditors might want to participate
and it's going to depend on what happens
in each of the two courts.
Thank you, Your Honor.
Your Honor, you have to say,
any of the defendant, all in the time?
Yes, you can participate.
Thank you, sir.
Okay.
Let me throw this out, too.
Is there any,
are we at a stage now
where a mediation of
the ultimate issues is possible.
Or do the parties need to engage in some discovery first?
Your Honor, I think we should,
I should probably confer with counsel with the JPLs.
The debtors have been talking, starting the conversation
with the JPLs.
We're obviously very interested, as Ms. Indyric outlined yesterday,
in moving the plan process forward
and having an ultimate resolution that would result these issues
in that context.
We've started that discussion, early stages.
We would love to fold the JPLs into that plan process to the extent we need to resolve the litigation issues raising the adversary proceeding.
As I say, I think we are certainly hopeful to move that forward expeditiously, but we probably should confer on the scope of mediation.
That might make some sense.
I would appreciate the parties doing that because I think, in my view, I mean, you can put forward a proposed plan,
but nothing's going to happen until we know the resolution of who wants which assets.
You can't confirm the plan until we know whose assets they are.
So it seems like the front-running issue here is the litigation.
Am I wrong?
Well, I mean, conceptually, yes, Your Honor,
but there are certainly scenarios where if we were,
and this is just a hypothetical, obviously, at this point,
there's certainly scenarios where if the debtors and digital markets,
as you said at the outset,
because this all relates to getting assets to customers
could reach an understanding of how to make that happen,
some of those questions might become less important
if it was on a consensual basis.
So there would certainly be ways
to distribute assets at both the states,
potentially, through a plan process in a consensual manner.
But it's too early to put specifics around that,
but I think the premise of your honor
from the debtor's perspective is absent in agreement
with the JPLs.
on how to administer all of the collective assets,
then we would need to obviously decide those issues.
But if we had an agreement on that question, we might not need it.
Right. That's my, that's what I'm trying to get at.
Get an agreement on the issue.
Your Honor, Jason Zakey of Ovoidon case for the JPLs.
I actually agree with Mr. Glexing, not on too much, but on a few things.
One of which is, I think Your Honor's suggestion concerning the scope of mediation
is constructive. Obviously, we have to consult with our clients in order to
give you an official answer, but I think that's something we should consult about.
And absolutely agree with Your Honor's comment that, you know, absent consensual resolution,
resolution of these issues, regardless of what court it's going to be resolved in,
which is a separate question, but resolution of who owns what assets is going to be
an issue that has to be resolved before, you know, any plan process can be concluded.
So I would, we'll work with the debtors on the order.
Hopefully we won't need your help on that one.
on a form of order, and also consult about the scope of the mediation and report back to the court on whether we can have an
scope on that.
Okay, excellent.
Thank you.
Thank you very much.
Anything else for today?
Your order on the – your honor, it's been a long day.
On the two ceiling motions, should counsel submit a proposed order under COC?
Yes, please.
Thank you.
Or two proposed orders, I guess.
Yeah.
Okay.
Anything else?
Thank you all very much.
We're adjourned.
Thank you, Your Honor.