In Summer 2018, the Lord Chancellor announced that a new flagship court would be opening in London and be specifically designed to tackle fraud, cybercrime and economic crime. Plans for its opening are underway and it is hoped that the court will be in full service by 2025. Judging by current trends, the new court will be very busy from day one.
Reliable estimates of the prevalence of fraud, especially cyber-fraud, are difficult to assess. What is clear, however, is that such activity is increasing. Earlier this year, for example, Santander announced that it closes 24,000 UK bank accounts per year on suspicion of fraud, of which about 11,000 are suspected of being operated as ‘money mule’ accounts – ie. operated by fraudsters (who may or may not be the account holder) to conduct illegal activities such as money laundering.
The problem is not just with Santander. Nationwide closes about 12,000 bank accounts per year for similar reasons, of which about 6,000 are suspected ‘money mule’ accounts. Facebook has also recently taken steps to remove adverts from its platform where fraudsters were offering its users £1,200 in exchange for those users allowing their accounts to be operated as ‘money mule’ accounts.
In such times, lawyers and judges must recognise the need for the law to respond appropriately. There is no need to reinvent the wheel; well-established processes and remedies can be adapted and applied to the new challenges. In this update, we provide a brief overview of some of the ways in which this has been achieved in recent months.
Development of the ‘persons unknown’ jurisdiction
In CMOC v Persons Unknown  EWHC 2230 (Comm), the High Court confirmed that it has jurisdiction to make worldwide freezing orders against persons unknown. In the case of a cyber-fraud, this enables a victim to freeze the accounts to which sums were sent in the course of the fraud even if the victim does not (yet) know the identity of the account holder.
There is similarly a growing body of cases where American Cynamid injunctions are granted against persons unknown who have been involved in gaining unauthorised access to claimant parties’ IT systems. Threats are often made to disclose commercially sensitive data unless a ransom payment is made. See PML v Person(s) Unknown  EWHC 838 (QB) and Clarkson Plc v Person or Persons Unknown  EWHC 417 (QB). In such cases, the respondents are routinely ordered to not disclose the data, and may additionally or alternatively be asked to destroy any copies of the data that they have made (cf. Bloomsbury Publishing v News Group Newspapers  1 WLR 1633).
‘Spartacus’ (or self-identification) orders may also be made in such instances. A ‘Spartacus’ order requires the unnamed respondent is ordered to identify him or herself to the Court. Although such ‘Spartacus’ orders may not be complied with, the threat of contempt proceedings should the respondents later be unveiled may act as a spur to prompt compliance of some individuals.
However, helpful as the ‘persons unknown’ jurisdiction is, it should not be seen as a magic panacea for any difficulty in identifying the parties to a fraud. In Cameron v Liverpool Victoria Insurance  UKSC 6, the Supreme Court explained that there are two kinds of unnameable defendants: defendants who were identifiable but whose names were unknown; and defendants who were anonymous and could not be identified. Claims can only be made against ‘persons unknown’ in the first category, not the second. The first category covers the defendants/respondents in PML, Clarkson & CMOC, where it was plain that there was a conspirator or body of conspirators operating from certain email addresses or bank accounts, but the actual identities were unknown. The second category would include (in the case of Cameron) the unknown hit-and-run driver, but also other defendants who are not only anonymous but are also unidentifiable. It seems that the distinction may be between ‘persons unknown’ who can or cannot be served, whether that be directly or by alternate means.