With over 420 million code repositories, GitHub takes pride in being the largest and most advanced development platform in the world.

 

As with other platforms that host user-generated content, this massive code library occasionally runs into copyright infringement troubles.

Pirate Devs

In some cases, people use code without obtaining permission from the creators, while others use GitHub to store pirated books or even music. And there are also developers whose projects are seen as pirate tools or apps, which often leads to copyright holder complaints.

 

A few high-profile takedowns have grabbed headlines over the years, including the RIAA’s takedown of YouTube-DL, which was later reversed.

 

Other rightsholders were more successful, with GitHub removing a variety of piracy apps last year, including Vancedflix and CloudStream. Following the demise of the original torrent site, hundreds of RARBG magnet link repos were taken down as well.

 

The RARBG repositories appeared online last May, quickly after the popular torrent site closed its doors. In response, some archivists collected the site’s magnet links and posted them on GitHub. Others copied these repositories to keep the data safe, but most of this effort was nullified by a single takedown request.

20,517 Downed Repos

This week, GitHub updated its latest transparency report with the latest data, revealing the total number of notices received and projects affected. The report shows that the platform processed a little over 2,000 takedown notices in 2023, which affected 20,517 repositories.

 

Of all notices received, just 35 were contested or retracted, and a total of 65 repositories remained online as a result.

 

 

As seen above, most repositories were taken down in March. After looking at the reported notices we couldn’t immediately find one responsible for this large uptick, but with many hundreds of “Eaglercraft” repositories flagged by Minecraft’s parent company Mojang, that certainly left a mark.

 

GitHub says that it will continue to take a developer-first, approach to content moderation, minimizing the disruption of software projects while protecting developer privacy. These transparency reports and the publicly posted takedown notices are a means to that end.

 

The transparency report also shines light on how takedown activity evolves as the platform grows. This historical data shows that, in relative terms, the number of repositories on GitHub grows faster than the takedowns.

 

For example, Github hosted just under 40 million repositories in 2015, of which 8,268 were taken offline. Today, the platform has more than ten times as many repositories, yet takedowns failed to triple in the same period. In fact, the number of takedowns in 2023 is lower than a year earlier.

Surge in Circumvention Notices Explained

Last year, GitHub did report a notable uptick in DMCA circumvention claims. These more than quadrupled compared to the years before and this wasn’t just a fluke, as the most recent transparency report shows.

 

 

At least initially, the reasons for this were unclear, prompting GitHub to launch an investigation. The results of this exploration, released this week, show that the explanation is quite straightforward.

 

In the fall of 2021, GitHub updated its DMCA takedown submission form with questions explicitly related to circumvention. Providing that option triggered many more submitters to tick that box, raising the number of ‘circumvention’ claims.

 

 

These additional circumvention ‘claims’ don’t necessarily mean that more notices were processed for this reason. According to GitHub, many of these notices were processed for other reasons instead, including as regular takedown notices.

 

“[W]hile significantly more notices we process allege circumvention, the rate at which we process takedown notices because of circumvention hasn’t accelerated,” GitHub writes.

 

Processing circumvention notices is quite costly for the company as all requests are reviewed by a team of lawyers and engineers, to ensure that developers’ projects are not taken down without valid reasons.

 

This extra scrutiny was first brought to the fore during the youtube-dl takedown saga, after which GitHub launched a million dollar Developer Defense Fund.

 

GitHub is now actively engaged in policymaking in this area. The company previously urged the US Copyright Office to expand the DMCA anti-circumvention exemptions to benefit developers, while eliminating FUD.

 

All in all, it’s good to see that GitHub remains committed to takedown transparency, and we will keep monitoring these and other trends going forward.

 

Late last month we reported on the latest copyright claim data made available by YouTube. In the first half of 2023, YouTube said it processed 980 million Content ID claims, a 25% increase compared to a year earlier.

 

Given the upward trajectory, soon there will be a billion Content ID copyright claims every six months, which rounds to over two billion claims every year. To put that into perspective, if the world currently has five billion-odd internet users, that’s enough for 20% of the entire internet population to receive two copyright complaints per person, every 12 months.

 

Coincidentally, reports suggest that YouTube has around two billion active users already.

Takedown Notices Must be Reported

The numbers above are enormous but since Content ID-claimed videos stay up, they don’t need to be reported to the European Commission, a requirement for large platforms under the EU’s fledging Digital Services Act.

 

When Google and major online platforms including TikTok, Facebook, Twitter, Instagram, plus others, restrict or take content offline in response to a takedown notice under Article 16, clear information must be sent under Article 17 to affected users.

 

Under Article 24 (5), these so-called ‘statements of reasons’ must also be sent to the European Commission. Required information includes the legal basis for the complaint, the legal basis for taking the content down, and a myriad of additional details including a synopsis of considerations preceding takedowns.

 

To ensure consistency, submitters use an API to file ‘statements of reasons’ (SOR) in the standardized format below.

At the time of writing, just 16 large online platforms are required to supply the EC with this information. When things were just getting warmed up in December 2023, the volume of SOR notices sent by just five submitters had reached 25.8 million per week and when all submitters’ notices were combined, the all-time total topped 710 million.

Things Have Moved On Since Then

It’s almost impossible to reconcile the figures being reported this week with any type of normal thought process. The 710 million figure reported last December was close enough to compare with the population of Europe, 746 million, give or take, or one takedown per person on average.

 

Over the past 24 hours especially but potentially longer, the EC system has been producing errors in response to our queries. A massive surge in reports filed by Google could be at least partly responsible.

Over 14.4 billion SOR being reported to the Commission was unexpected, to say the least. The ‘statement of reasons’ dashboard appears to show Google taking unprecedented – and as far as we can determine – mostly voluntary action, against billions of listings on its Google Shopping platform and various non-compliant content on Google Play.

Google may have submitted as many as 13.5 billion notices to the Commission thus far. From the few dozen we sampled relating to Google Shopping, many if not all cite terms of service violations committed by advertisers. Notices state that the removal was carried out as part of a voluntary initiative using automatic detection methods. We have seen examples where decisions are described as “Fully Automated” and others as “Not Automated.”

 

Four typical examples from the sample are presented below. The ‘ground for decision’ is the same in all notices we were able to review: Content incompatible with terms and conditions. The explanations vary considerably.

 

– There was a problem identified with the criteria used in your ads
– One or more of your products have images with promotional text or obstructions
– Google identified that some of your products contain adult-oriented content
– Some of your products have generic images. Use images that clearly show the product

 

Google statements

 

Whether this has anything (or nothing) to do with the antitrust case hanging over Google in Europe is unknown. After the European Commission (EC) found that Google had used its dominant position in search, to gain an unfair market advantage elsewhere, the EC hit Google with a €2.4 billion fine.

 

Google challenged the EC at the EU Court of Justice but, in late 2021, its case was mostly dismissed and the Court confirmed the €2.4 billion fine. In an opinion released by EU Court of Justice Advocate General Juliane Kokott last month, the EU Court was advised to dismiss Google’s objections and uphold the fine.

 

When attempting to pull more data on Thursday evening, the EC’s system continued to throw error after error as Google continuously filed new reports. Given the number of notices already on file, not to mention the errors when attempting to pull the maximum 1,000-item reports currently allowed, checking anything like a representative sample is impossible. However, every statement we were able to access followed similar formats to those shown above.

Rightsholders Use DSA to Remove Apps from Google Play

The billions of reports filed by Google include over 208,000 that appear in response to a search for Google Play + Apps, with no specified content category or reason.

When filtering for intellectual property-related issues, over 2,800 reports indicate the removal of apps from Google Play, many listing ‘Copyright’ as the ‘legal ground relied on’.

 

The pair of notices shown below are typical of those we were able to review, most if not all of which reference technical issues experienced by Google.

 

Google statements

 

In common with many of the others, the notices state that the apps were removed from Google Play in response to a “Notice submitted in accordance with Article 16 DSA” which in broad terms governs a DMCA-style takedown mechanism but applicable to a broader range of content.

 

The EU system improves on the U.S. variant by requiring reasons to be published, but lags behind in a non-insignificant way by disallowing references to content and identification of the notice-sender, which critically undermines investigations into abuse.

 

The EC’s Statement of Reasons transparency database is available here

 

Early last year, a group of filmmakers obtained a subpoena that required Reddit to reveal the identities of users who commented on piracy-related topics.

 

The movie companies said they were not planning to go after these people in court but wanted to use their comments as evidence in an ongoing piracy lawsuit against Internet provider RCN.

 

Reddit wasn’t willing to go along with the request, at least not in full. The company objected, arguing that handing over the requested information would violate its users’ right to anonymous speech. Reddit later responded similarly to a second and third subpoena request.

 

The movie companies took these cases to a federal court, asking it to compel Reddit to comply. The court refused to do so, thrice.

It’s Not Over Yet

The filmmakers are unhappy with these decisions and don’t intend to give up easily. After U.S. Magistrate Judge Thomas Hixson denied their most recent attempt last month, they moved for a ‘de novo’ review at the California federal court.

 

In their request, the rightsholders cite jurisprudence suggesting that an IP-address is not necessarily ‘unmasking’ personally identifying information. They believe that the Magistrate Judge ignored key arguments and ended up drawing the wrong conclusion.

 

“The Order’s conclusion that an IP address is unmasking information was contrary to law and erroneous,” the movie companies argue.

 

The companies insist that the commenters could prove crucial in their battle against ISP Frontier. A suggestion that there might be other ways to obtain similar evidence is premature, they argue.

 

The movie companies believe that Magistrate Judge Hixson failed to properly weigh the nature of the speech involved. Since the comments allegedly involve ‘illegal’ activity, anonymous speech should not necessarily enjoy protection, they note.

 

“Movants previously pointed out that the comments at issue are boasts of criminal conduct. Accordingly, the speech concerns unlawful activity subject to no First Amendment protection,” the movie companies write.

Reddit’s Objections

In a replay of moves, Reddit objects to the request for a ‘de novo’ review. They argue that, as the court repeatedly found, the filmmakers have other non-intrusive options to gather evidence against Frontier. This includes seeking evidence from the ISP directly.

 

Reddit further notes that the filmmakers’ argument that IP-addresses do not “identify” users is misguided at best.

 

“Reddit does not require its users to give their real name or addresses, and so the only identifying information Reddit may maintain on its users is their IP address, which is precisely why the Movants here seek the users’ IP addresses. If IP addresses were not identifying, Movants would not be seeking them.”

 

At worst, the argument is disingenuous, Reddit notes. The movie companies previously used a Redditor’s IP-address to obtain the name and address of a subscriber, requesting their torrenting history and more.

 

“[A]fter Reddit provided Movants with IP address data for a single Reddit user last year, the Movants immediately identified that IP address by subpoenaing T-Mobile, and they have been harassing that user with motions practice ever since,” Reddit counters.

Illegal Speech?

Finally, Reddit addresses the suggestion that the nature of the speech may be unlawful and that it therefore deserves “the lowest” First Amendment protection, or no protection at all.

 

While the nature of speech indeed plays a role, Reddit stresses that its users are merely third-party witnesses in this case, and that no court used lower protection standards in similar circumstances.

 

The second suggestion, that the comments themselves are unlawful and therefore undeserving of First Amendment protection, wasn’t brought up earlier and should therefore be ignored, Reddit says. If the court decides to review it, however, it should be rejected.

 

“[T]he Court can easily reject it anyway as wholly inconsistent with fundamental First Amendment jurisprudence. Free speech in America is not so flimsy that it evaporates at the faintest whisper of illegality,” Reddit writes.

 

It is now up to the court to decide whether the movie companies get the chance to argue their case anew, or if the current decision stands. Whatever the outcome and given the recent history, further appeals or new cases can’t be ruled out.

 

—

 

A copy of the movie companies’ request for a ‘de novo’ determination is available here (pdf) and Reddit’s objections to it can be found here (pdf)

 

How can we be sure that site-blocking really works? Because if it didn’t work, I was informed recently, rightsholders wouldn’t keep filing new site-blocking requests at a record-breaking pace, and then return for even more soon after.

 

While it’s true that demand for site-blocking measures has never been greater, the sarcastic response above alludes to something that doesn’t really work, or at least doesn’t remain effective for very long. Rising piracy rates, broad content availability, and easily circumvented blocking measures may even support that theory.

 

Nevertheless, movie and TV show companies, broadcasters, and sports leagues insist that blocking remains valuable as part of a diverse anti-piracy toolkit.

 

The anti-piracy arena has certainly come a long way. Among other reported blocking successes, early studies concluded that when pirate site domains are subjected to blocking, fewer visits are made to those specific domains. While a fairly obvious conclusion to arrive at years ago when that type of metric was first rolled out, today it’s pretty much meaningless and the supply of domains is endless.

Germany Prepares to Take on BuffStreams

As a relative newcomer to site-blocking, Germany doesn’t find itself shackled to the past. In the UK, where blocking measures have existed since the start of the last decade, the process is steeped in the traditions of legal scrutiny and judicial oversight. Proponents of site-blocking today prefer something less formal; in Germany, a partnership between copyright holders and ISPs was deemed appropriate.

 

The Clearing Body for Copyright on the Internet (CUII) operates an administrative program; sites suitable for blocking are detailed in reports which are sent for the consideration of an Audit Committee consisting of retired judges familiar with copyright.

 

For a platform to be blocked by Germany’s ISPs, the committee must conclude that the site is structurally infringing, a standard applied in the UK’s first ever site blocking injunction back in 2011.

 

The Audit Committee recently considered a proposal to block BuffStreams, one of the more popular live sports streaming portals boasting millions of visitors each month.

 

BuffStreams Infringed the Exclusive Rights of *****

The Audit Committee’s report notes that the applicant in the blocking matter has legal standing as the “owner of exclusive rights to an ancillary copyright of a broadcasting company.” Since all identifiers have been redacted, including references to the allegedly-infringing TV broadcast, it’s not possible to identify any of the parties involved.

 

What is clear is that considerable effort was expended to make contact with BuffStreams but ultimately, nothing paid off.

Audit Committee comments (translated from German)

 

“Based on the user figures determined by the internet service *****, 15.03 million users visited BuffStreams in the period from August 1, 2023 to October 31, including around 500,000 visitors from Germany,” the report adds.

Blocking Approved – One More Stage

In conclusion, BuffStreams easily met the structurally infringing standard. A 14-day survey period last September found a total of 5,321 links to live broadcasts, reduced to 2,429 when accounting for duplicates. At least 96% of those links were considered unlicensed, leading to the conclusion that BuffStreams is indeed infringing and therefore suitable for blocking (pdf, German).

 

The case will now be referred to the German government’s Federal Network Agency (BNetzA) to confirm that blocking BuffStreams will not violate net neutrality; things haven’t always gone smoothly. Once that hurdle has been passed, ISPs will receive the green light to tamper with their DNS records so that customers in Germany can’t reach the site. At least, those who don’t understand how DNS servers work.

DNS Blocking / Backup Domains

The CUII website references the domain buffstreams.sx but the Audit Committee’s report mentions only the headline brand BuffStreams, with other domains redacted. With at least a couple of dozen domains and other options at its disposal, BuffStreams seems likely to take any blocking attempts in its stride.

 

Being listed in an Indian ISP blocking order (CS(COMM) 470/2022) in July/August 2022 didn’t end in disaster, neither did its addition to Italy’s blocklist last September (326/23/DDA). At least one confirmed domain has been on Indonesia’s blocklist for several years, and we’re informed that Portugal has blocks in place too

 

–

 

Sites listed for blocking in Germany since 2021 include: s.to, canna.to, nsw2u.com, newalbumreleases.net, bs.to, streamkiste.tv, kinox.to, cine.to, serienjunkies.org, taodung.com, israbox, jokerlivestream, serienfans.org, filmfans.org

 

Members of CUII include: 1&1 AG (telecoms), German Book Traders’ Association, Federal Music Industry Association (BVMI), German Football League (DFL), Freenet DLS (telecoms), German Games Industry Association, Motion Picture Association (MPA), Sky Deutschland, STM (publishers), Telefónica Germany, Telekom Germany, German Film Producers Association (VDF), and Vodafone Germany.

 

Under U.S. law, online service providers must respond to takedown notices and implement a meaningful policy to terminate the accounts of repeat infringers.

 

Many of the large social media platforms stick to these rules but, according to a lawsuit filed by several prominent music companies last year, X is not among them.

 

In a lawsuit filed at a federal court in Nashville last summer, Universal Music, Sony Music, EMI, and others accused X Corp of “breeding” mass copyright infringement. The labels argued that X, formerly Twitter, failed to respond adequately to takedown notices and lacked a proper termination policy.

 

“Twitter fuels its business with countless infringing copies of musical compositions, violating Publishers’ and others’ exclusive rights under copyright law,” the complaint alleged.

 

Elon Musk himself had previously added fuel to the smoldering fire, characterizing the Digital Millennium Copyright Act (DMCA) as a “plague on humanity”.

Motion to Dismiss

Musk’s company was swift to respond to the allegations with a request for the Court to dismiss all copyright infringement claims. According to X, the record labels failed to show how the company or its employees actively contributed to any piracy that allegedly took place on the platform.

 

After taking in the arguments from both sides, Nashville District Court Judge Aleta Trauger responded to the request as follows.

 

“It does not appear to be disputed, in this litigation, that X/Twitter users sometimes engage in copyright infringement. What is disputed is the extent to which X Corp. has actively encouraged that conduct, if at all,” Judge Trauger writes.

 

The labels alleged three different claims in their complaint: direct copyright infringement, vicarious copyright infringement, and contributory copyright infringement. X asked for all to be dismissed and the Court partially agreed.

Direct Infringement: Dismissed

The record labels’ direct infringement claim largely relies on the Copyright Act’s “Transmit Clause”, suggesting that X is liable because it directly engages in the public performance of pirated music.

 

This allegation relies heavily on the Aereo case, where the operators of the ‘time-shifting’ service were found to be direct infringers for transmitting over-the-air TV signals to their subscribers.

 

In the present case, X also transmits copyright-infringing material. However, following a lengthy semantic consideration, Judge Trauger concludes that various nuanced meanings can be applied to the term ‘transmission’.

 

For example, if person Y sends a pirated file to person Z, they are transmitting that file. At the same time, their ISPs are also transmitting the file, as are the backbone Internet services, and cable owners. Not all of these parties are necessarily ‘direct’ infringers.

 

Judge Trauger says that Aereo’s exclusive purpose was to transmit copyrighted signals but the same can’t be said for X, which has a multitude of other purposes. As such, the Court doesn’t believe that the “transmit clause” applies here.

 

“As the Supreme Court explained in Aereo, the Transmit Clause was adopted with the specific purpose of ensuring that both the ‘broadcaster’ and the ‘viewer’ of an audiovisual work could, where appropriate, be held liable for direct infringement of the type involved in the transmission of broadcast television through cable systems.

 

“That purpose is consistent with the conclusion that ‘transmission’ refers to the actions of the sender and/or ultimate recipient of a copyright-protected work—not those of the operators of the channels through which that transmission was accomplished,” Judge Trauger adds.

 

The Court stresses that claims against third parties are possible under theories of secondary liability, but not under direct infringement. Therefore, the first claim is dismissed.

Vicarious Infringement: Dismissed

An example of a secondary liability claim is vicarious copyright infringement. In the complaint, the music companies alleged that X is vicariously liable because it profited from its users’ pirating activities while failing to put an end to them.

 

Judge Trauger doesn’t rule out that X turned a blind eye to piracy, which may or may not have acted as a draw to other pirates. However, to establish vicarious infringement the accused party needs to have some type of formal control over the infringer. That doesn’t apply here, she concludes.

 

“X Corp. undoubtedly had some power over X/Twitter’s users—the way that a company that provides a valued service always has power over the customers who rely on it — but that does not turn customers into even loose equivalents of agents or subordinates,” Judge Trauger writes.

 

As such, the vicarious copyright infringement claim is also dismissed. However, similar ‘piracy-supporting’ allegations can still be brought up as part of the contributory infringement claim.

Contributory Infringement: Mixed

In analyzing the contributory infringement claim, the Nashville court must consider whether X “induces, causes, or materially contributes to the infringing conduct” of its users.

 

The music companies believe so, as X made it very easy to upload infringing material and monetized pirated content on its platform. However, Judge Trauger notes that these allegations apply to everything on the platform, not just pirated material.

 

“Any feature that makes a service easier for all of its users will, by definition, also make the service easier for bad actors. The plaintiffs have not identified any basis for concluding that X Corp. was obligated to make its service worse for everyone, just to punish the people who misuse it,” Judge Trauger notes.

 

The Court therefore rejects the notion that X is contributorily liable in the general sense. However, there are specific allegations that survive the motion to dismiss.

 

“Particularly striking is the allegation that X Corp. enforces its copyright policies less stringently against individuals willing to pay for its ‘verified’ service,” the Judge writes.

 

“Similarly, if X Corp. engaged in egregious delays in responding to valid takedown notices, or outright ignored some notices that were both facially and actually valid, that could support liability.”

 

Finally, Judge Trauger will also leave the ‘repeat infringer’ allegations intact. If the music companies can effectively prove that X willingly turned a blind eye to pirating users, that could make the company liable.

 

“Again, there is no basis in the law for concluding that the operator of a social media platform will face liability simply because it was less draconian in its enforcement than copyright holders would prefer.

 

“If, however, there was a class of X/Twitter users who were brazenly using the platform as an infringement tool, and X Corp. made the decision to unreasonably withhold enforcement of its own policies against those users, with the foreseeable consequence of ongoing infringement, then X Corp. could plausibly be held contributorily liable.”

 

The Court’s decision is a mixed bag. While X managed to get most claims dismissed, the music companies can still pursue their claim for contributory copyright infringement. While that is yet to be proven in court, millions of dollars in damages are still on the line.

 

—

 

A copy of Judge Trauger’s memorandum, detailing the decision in response to the motion to dismiss, is available here (pdf)

 

 

News that the Provincial Court of Pontevedra has handed down substantial fines to individuals behind a very large pirate IPTV operation was first reported by ElMundo on Tuesday.

 

Seven employees and managers of Spanish company Engel Systems SL received fines ranging from 540 euros to 7,290 euros for their part in the sale of pirate decoders, plus IPTV boxes and services, through their company over eight years ago.

 

Engel Systems as a company was hit hardest; a 673,000 euro fine according to the El Mundo report, plus a total ban on future decoder sales. The company’s directors were disqualified for seven years, but after certain compensation was paid and the lengthy prosecution delay was factored in, none of those convicted received a prison sentence.

 

Considering the background, that’s fairly historic in its own right.

‘International Organized Crime’

Between 2010 and 2016, Engel Systems sold a range of devices that provided illegal access to pirated TV content. The business initially sold TV decoders reliant on card-sharing systems delivered over the internet, before progressing to pirate IPTV services offering access to around 1,600 channels. Engel Systems worked with international partners, including in Germany and Lithuania, where at least some of its servers were hosted.

 

A statement by Europol back in 2016 suggested that the illicit operation appeared on the radar of law enforcement when a “legitimate Spanish provider of TV decoders filed a complaint against another company for counterfeiting and selling their decoders.”

 

More recent information indicates that anti-piracy group EGEDA, Mediapro and Movistar Plus+ “inherited” the case via owner Telefónica’s acquisition of satellite broadcaster (and complainant) Digital+. The companies have since collected around 300,000 euros in compensation from Engel. Another 300,700+ euros should be paid off over the next two years, all thanks to a massive law enforcement operation in May 2016.

Spanish & German Police Assisted by Europol/Eurojust

Operation FAKE began as a joint investigation by Spain’s National Police and tax authorities, with support from German police, Europol and Eurojust, and culminated on the morning of May 18, 2016.

 

Europol deployed mobile investigation units to the offices of Engel Systems in Barcelona, allowing experts to analyze intelligence in real-time and extract data from mobile phones and storage devices on-site.

 

Simultaneous raids in seven Spanish cities targeted 38 homes. A total of 30 suspects were arrested in Spain and the authorities reported the seizure of 48,800 decoders imported from China. They were said to contain custom firmware created by the team in Spain. Also included in the haul, 183,200 euros in cash, financial documents, and IT equipment, plus other items of interest.

A Private Plane, 10 Genuine Luxury Vehicles, 1 Counterfeit

The nature of the 10 seized luxury vehicles and the private plane wasn’t detailed at the time while the counterfeit luxury vehicle could’ve been almost anything.

 

However, during the 2018 International Content Protection Summit in Poland, Chief Inspector Mónica Dopico Martínez, Head of the Intellectual Property Section at Spain’s National Police, revealed the brand of the car, along with other minor details…

 

 

An image released by Europol shows hardware seized from the bitcoin mining operation trailing into the distance. It’s an extremely impressive image but viewed through the prism of today’s power prices, mostly terrifying.

 

 

Available on Windows, Linux, and since 2023, Android, Yuzu claims to be the most popular open-source Switch emulator in the world.

 

That’s probably why Nintendo targeted Yuzu in a major copyright complaint filed last Monday in the United States. According to the Japanese gaming giant, Nintendo games are designed for Nintendo hardware and being the most popular Switch emulator in the world isn’t an accolade, it’s a statement of global piracy and always has been.

 

In many respects the 41-page complaint is meticulous as it details Nintendo’s long-held position on emulation. Cracking Nintendo’s console security violates the company’s rights under the DMCA’s anti-circumvention provisions. Bypassing or otherwise evading Nintendo security, deployed to protect its videogame content from piracy, fares no better.

Everything is Illegal, Period

From this base position, Nintendo believes everything built upon those initial violations simply amounts to further breaches of its intellectual property rights. The complaint alleges that the U.S. company behind Yuzu, Tropic Haze LLC, set out to facilitate Switch videogame piracy from the start.

 

Lead developer Bunnei and other coders hired by the company built and maintained Yuzu; they also encouraged Yuzu users to obtain their own encryption keys, fully aware they could only be obtained from Switch consoles, in violation of the DMCA.

 

The keys themselves are useful only when paired with Nintendo games. Indeed, the games cannot be played without them, while the games themselves can only be obtained after first violating the DMCA and then by copying, contrary to the Copyright Act, Nintendo explained.

Meticulous Technical Lawsuit, Surprisingly Thin On Basics

As previously reported, Nintendo’s complaint states that every infringing act, carried out by any ‘agent’ of Tropic Haze LLC, rendered the company liable for their conduct. Most notably, that includes the conduct of Yuzu lead developer Bunnei, without whom there would be no Yuzu.

 

Indeed, the complaint clearly states the importance of Bunnei, before zooming out to reveal a Switch piracy feeding frenzy on a global scale. All of this was made possible, Nintendo said, due to Yuzu’s built-in ability to pair extracted keys with pirated games. The rest of the critical development work, all of it led by Bunnei, was reportedly carried out to their specification.

 

Use of the possessive pronoun ‘their’ is hardly unusual but, when a lawsuit of this gravity paints a picture of a global piracy facilitator and then refers to them exclusively by their online handle, that’s somewhat unusual.

 

If Nintendo had drawn a blank on a real identity, that might offer an explanation. But with no Doe defendants even alluded to and not a single human mentioned by real name in the entire complaint, that raises the most important questions of them all: Who signs the check for damages when Nintendo wins, do they actually have the money, and why aren’t they here now?

 

Having noticed this anomaly in the complaint, we expected to have a little time to put the pieces together. Yet it appears that time has all but run out. After months or possibly years preparing for the big emulator showdown, Nintendo filed suit on February 26 and seven days later (which includes a weekend) a joint proposal was filed before the court on Monday, just a signature away from conclusion.

Joint Motion For Entry of Final Judgment and Default

Rather than put up a fight, Tropic Haze LLC’s pledge to Nintendo is to lose the case, so that Nintendo gets the big win it had hoped for, minus the inconvenience of litigation.

 

To ensure Nintendo isn’t troubled on the financial front, Tropic Haze LLC has consented to final judgment in favor of Nintendo and monetary relief to the tune of $2.4 million.

“Defendant and its members irrevocably and fully waive notice and service of the Final Judgment and Permanent Injunction, once issued by this Court, and understand and agree that violation of the Final Judgment and Permanent Injunction will expose the Defendant and its members to all penalties provided by law, including for contempt of Court,” the motion continues.

 

“Defendant and its members irrevocably and fully waive any and all right to appeal the Final Judgment and Permanent Injunction, to have it vacated or set aside, or otherwise to attack in any way, directly or collaterally, its validity or enforceability.”

“Findings of Fact”

The judgment and injunction proposed by Nintendo and Tropic Haze begin with a statement indicating that the Court will make certain ‘findings of fact’ in respect of the dispute and the details supporting its conclusion. In the event Nintendo finds another Yuzu in need of suppression, these established ‘facts’ would hold significant value.

 

They are summarized here but the heart of the ‘facts’ remain.

 

– The Nintendo Switch and Nintendo Switch video games contain technological measures that effectively control access to copyrighted works and protect rights of copyright owners, including Nintendo. Nintendo owns valid copyrights in works protected by the Technological Measures, including its video games and the Nintendo Switch operating system.

 

– Yuzu, a video game emulator, circumvents the Technological Measures and allows for the play of encrypted Nintendo Switch games on devices other than a Nintendo Switch. For example, Yuzu executes code that decrypts Nintendo Switch video games (including component files) immediately before and during runtime using unauthorized copies of Nintendo Switch cryptographic keys.

 

– Yuzu is primarily designed to circumvent and play Nintendo Switch games. In the ordinary course of its operation with those games, Yuzu requires the Nintendo Switch’s proprietary cryptographic keys to gain access to and play Nintendo Switch games.

 

– Developing or distributing software, including Yuzu, that in its ordinary course functions only when cryptographic keys are integrated without authorization, violates the Digital Millennium Copyright Act’s prohibition on trafficking in devices that circumvent effective technological measures, because the software is primarily designed for the purpose of circumventing technological measures. Id. § 1201(a)(2)(A).

Permanent Injunction

The permanent injunction to which Tropic Haze has consented leaves zero room for maneuver. It restrains the company and all acting in concert or under its control from advertising, selling, distributing, cloning or even testing Yuzu, or any of its source or features. The same applies to any other software or device that circumvents Nintendo’s technical protection measures, including through the use of Nintendo’s cryptographic keys to decrypt files.

 

If passed as written, the injunction would restrain direct or indirect infringement of Nintendo’s intellectual property rights, including by enabling, facilitating or encouraging others to do so. Attempting to circumvent the measures laid out in the injunction through assignments or transfers, or the formation of new entities, is also ruled out.

 

The scope of the following section remains to be seen, but even if taken at face value, the aim is clear. Any emulator substantially similar to Yuzu should be considered immediately more vulnerable than previously understood.

And once there’s no familiar place left for the community around Yuzu to gather, the purging of the tools can begin, wherever that’s possible.

The proposed final judgment and permanent injunction have not yet been signed off by the judge but since the parties are in agreement on the details, that’s probably just a question of time. Meanwhile, a statement has appeared on yuzu-emu.org.

The documents referenced above are available here and here (pdf)

 

 

Last week, we reported that an Indian dynamic+ court order had taken down movie-web’s demo site, along with several other pirate sites.

 

The injunction, issued by the New Delhi High Court, requires local ISPs to block access to the domains. In addition, domain name registrars are also urged to take action.

 

The reach of this Indian order expands far outside the nation’s borders. Several international domain registrars, including the American company Namecheap, complied with its instructions. Failing to do so, could harm the ability of these companies to operate in India.

 

At the time of our initial coverage, .to domains were a clear outlier. While several of these were registered through Namecheap, they remained online. A possible reason for this is that the .to registry doesn’t support the standard clientHold status code that’s used to suspend domain names.

Namecheap

For a moment, it seemed that anonymous .to domain names, registered through Namecheap, were a perfect match for pirate sites. However, recent developments show that this is not the case.

 

Over the past few hours, all Namecheap-registered .to domains listed in the Indian court order have also been taken out. This includes several of the world’s largest pirate sites such as Zorox.to, Upmovies.to, and Flixwave.to. Smaller sites, including Sflixz.to and Streamm4u.to suffered the same fate.

 

Instead of using the clientHold status code, Namecheap has updated the nameservers of these domains, changing them to blockedforabuse.pleasecontactsupport.com and dummysecondary.pleasecontactsupport.com. These nameservers are linked to other Namecheap abuse actions.

 

Hollywood Connection

TorrentFreak previously reached out to Namecheap requesting a comment on the domain suspensions, but the company hasn’t replied. It seems likely, however, that its actions are a direct response to the Indian court order. All suspended domains are listed in the court order and no other popular .to pirate sites are affected.

 

Interestingly, the High Court action was instigated by American companies including Netflix, Disney, and Warner Bros. Through the Indian legal system, this eventually came back to the U.S., as Namecheap’s recent actions indicate.

 

Given the recent success, we expect that the movie industry companies will try a similar approach again going forward. This makes it harder for pirate site operators to keep their domains secure.

Why Namecheap?

Finally, one might wonder why pirate sites would register their domains through an American company to begin with. However, according to a source, the reason for this is fairly straightforward.

 

Namecheap accepts cryptocurrency payments, which offer more anonymity than credit cards and other traditional payment methods. However, Namecheap’s recent actions show that the domains, including .to ones, are not immune to legal action.

 

The problem from an enforcement aspect is that the .to registry doesn’t show through which company the domain was registered; but there are ways to find that out, at least for Namecheap.

 

The suspended sites may eventually make a comeback through new domain names. Upmovies, for one, already appears to have switched to a .net domain. However, Hollywood’s route through the Indian High Court might nonetheless prove to be an effective anti-piracy tool going forward.

 

—

 

A copy of the High Court injunction is available here (pdf).

 

Upmovies, relocated
 

Library Genesis (LibGen) is one of the oldest shadow libraries on the Internet, offering free access to millions of books and academic papers people otherwise have to pay for.

 

The site’s origins reportedly trace back to the Soviet Union’s underground publishing culture ‘samizdat,’ which was used to bypass state censorship in the last century.

 

LibGen launched around 2008 as a digital version of the same concept. In addition to bypassing censorship, it’s widely used to circumvent the paywalls of major international publishing companies, serving as a popular ‘pirate’ site for books and academic works.

 

In recent years, rightsholders have made several attempts to shut the site down. Through court orders, LibGen is now blocked in several countries but taking the operation permanently offline has proven quite the challenge, not least since the identities of its operators are unknown.

 

In 2017, Elsevier won a court case against LibGen and Sci-Hub in a New York federal court, which awarded the publisher $15 million in damages. However, both shadow libraries remained online and continue to operate to this day.

Publishers vs. LibGen

Hoping for a better outcome, textbook publishers Cengage, Bedford, Macmillan Learning, McGraw Hill, and Pearson Education filed a similar copyright infringement lawsuit against LibGen last year. According to the plaintiffs, LibGen is responsible for “staggering” levels of copyright infringement.

 

 

Months have passed since the complaint was filed but LibGen’s anonymous operators did not respond. This prompted the textbook publishers to move ahead and request a default judgment in their favor.

 

According to the rightsholders, LibGen distributes at least 20,000 of their copyrighted works without permission. The site is designed to be user-friendly while remaining resilient to enforcement measures.

 

For example, LibGen can easily switch domain names, and relies on censorship-resistant decentralized technologies such as the InterPlanetary File System (IPFS), the publishers write.

 

By making textbooks available to students for free, rightsholders are losing revenue, which leads to lower payments for authors and devalues the market as a whole, the publishers complain.

$30 Million in Damages

With a default judgment, the textbook publishers hope to obtain an injunction that will limit LibGen’s ability to operate. The plaintiffs also request compensation for the damage suffered thus far.

 

The rightsholders propose maximum statutory damages of $150,000 for 200 copyrighted works, arriving at a total damages claim of $30 million. Since this amount represents just a small subset of all infringements, the request is reasonable, the publishers note.

 

“This damages award is a fraction of what it could be if this case were litigated and the full scope of Defendants’ infringement revealed,” the publishers note.

 

 

In addition to financial compensation, the damages award should also be sufficient to act as a deterrent to others. LibGen has a dedicated following and an eventual order should provide a clear signal to those people too.

 

“Defendants are among the worst offenders in a growing online piracy crisis affecting publishers. Thus, a significant damage award is needed to deter Defendants and others who are engaged in the commission and facilitation of digital piracy,” the publishers write.

Compel IPFS Gateways

Even if the court grants the damages award, collecting money from LibGen’s unidentified operators will be a challenge. For this reason, the publishers are also asking the court to issue an injunction that will compel others to stop providing services to LibGen.

 

The plaintiffs describe this aspect as “critical” and specifically mention IPFS in the context. IPFS files can be accessed through various means, including dedicated gateways, which are offered by external companies such as Protocol Labs, Pinata Technologies, and Cloudflare.

 

The first two gateway providers have disabled URLs in response to takedown requests, but Cloudflare allegedly failed to take action.

 

“Cloudflare did not disable the gateway URLs in Plaintiffs’ notice, prompting Plaintiffs to send additional notices in September 2023 and January 2024, on which Cloudflare still has not acted, resulting in Libgen users’ continued ability to access the infringing URLs,” the publishers write.

Broad ‘Non-party’ Injunction

If the court issues a broad injunction that applies to non-party services such as Cloudflare, the plaintiffs believe that will limit the illicit distribution of its copyrighted works.

 

The request isn’t limited to IPFS gateways, of course. The proposed injunction also mentions hosting services, search engines, proxy services, CDNs, donation platforms, browser extensions, social media, payment providers, and advertising services, among others.

 

None of these services should be allowed to “enable, facilitate, permit, assist, solicit, encourage, induce, participate with, or act in concert with” the infringement of the publishers’ copyrighted works.

 

 

Finally, the proposed injunction would also require domain registries and domain registrars to suspend and hand over all infringing domains to the textbook publishers. This applies to all existing domains, but also new ones that may pop up later.

LibGen Troubles?

Needless to say, LibGen’s ability to operate will be seriously hampered if the court agrees to issue the proposed order and injunction. It directly puts domain names at risk, especially those that are connected to U.S.-based registrars or registries.

 

While LibGen remains online today, the site appears to have some internal struggles. The person in charge of the site’s coding has reportedly been missing in action for a while, which resulted in broken functionality.

 

For example, there are various upload-related troubles, and searching the database regularly results in errors too. In addition, new torrents were not added regularly for a while.

 

Whether LibGen can solve all these issues is unclear, but the recent legal trouble will only make the site’s future more uncertain.

 

—

 

A copy of the publishers’ proposed order and injunction is available here (pdf) and the associated memorandum can be found here (pdf)

 

The data for our weekly download chart is estimated by TorrentFreak, and is for informational and educational reference only.

 

Downloading content without permission is copyright infringement. These torrent download statistics are only meant to provide further insight into piracy trends. All data are gathered from public resources.

 

This week we have four newcomers on the list. “Poor Things” is the most downloaded title.

The most torrented movies for the week ending on March 4 are:

Movie Rank	Rank last week	Movie name	IMDb Rating / Trailer
Most downloaded movies via torrent sites
1	(…)	Poor Things	8.2 / trailer
2	(…)	Code 8: Part II	5.8 / trailer
3	(…)	Spaceman	5.8 / trailer
4	(2)	The Beekeeper	6.5 / trailer
5	(5)	Wonka	7.3 / trailer
6	(6)	Oppenheimer	8.5 / trailer
7	(…)	Dune: Part Two	9.0 / trailer
8	(1)	Mean Girls	6.0 / trailer
9	(7)	Aquaman and the Lost Kingdom	6.7 / trailer
10	(9)	The Marvels	5.7 / trailer

 

 

Note: We also publish an updating archive of all the list of weekly most torrented movies lists.

 

Anime piracy site B9Good first appeared way back in 2008, initially operating under B9DM branding. Defying the usual odds, 15 years later the site was still alive and kicking.

 

Last March, Japan-based anti-piracy group CODA reported an estimate of B9Good’s traffic for the two years running up to February 2023. Based in China, the site had been accessed more than 300 million times and, crucially, around 95% of those visits came from Japan, mostly seeking access to Japanese content.

The China Complication

Rightsholders based outside China have long complained that tackling infringers inside the country can be extremely difficult. Key obstacles include safe harbors for intermediaries viewed as overprotective, and the so-called server principle, which turns on where infringing content is hosted.

 

This means that when infringing apps, websites and set-top boxes linked directly to China utilize pirated content hosted overseas, foreign rightsholders have limited opportunities to enforce their rights against their operators inside the country.

 

That raises the question of how Japan-based anti-piracy group CODA, representing several major Japanese anime rightsholders, were able to convince Chinese authorities to shut down B9Good, arrest its operators, and then prosecute them for criminal offenses.

With Planning and Patience, China Became Less Complex

After revealing a few details in 2023 when B9Good was targeted and later shut down, this morning CODA put more meat on the bones. The details arrived as part of an announcement celebrating three first-of-their-kind convictions which, seemingly for legal reasons, CODA has been sitting on for a few weeks.

 

CODA says that its work against B9Good dates back to 2016 when it filed an administrative complaint in China. In response, however, a site operator referred to as ‘Man A’ implemented geo-blocking measures at B9Good, then operating as B9DM, to give the impression the site had shut down, while continuing to infringe everywhere else.

 

With the launch of CODA’s International Enforcement Project (CBEP) in 2021, the anti-piracy group set out to personally identify the operators of pirate sites. After being identified in China, B9Good’s operators would soon discover that the country’s borders offered less protection than before.

CODA Levels Up in China

In January 2022, CODA’s Beijing office was recognized as an NGO with legitimate standing to protect the rights of its members, which include anime rightsholders Aniplex, TV Tokyo, Toei Animation, Toho, Japan Broadcasting Corporation (NHK), and Bandai Namco Film Works.

 

CODA filed a criminal complaint with the Public Security Bureau, and starting February 14, 2023, Chinese law enforcement began rounding up the B9Good team. In Jiangsu Province, a 33-year-old unemployed man was held on suspicion of operating B9Good. He was reportedly released a month later after confessing to his involvement. That led to the authorities seizing his home.

 

In the meantime, a 30-year-old woman living in Chengdu, a 38-year-old man from Shanghai, and a 34-year-old woman from Fuzhou City, were questioned at their homes. It was alleged that the women were paid by the site’s main operator to upload pirated content, while the man uploaded content to file-hosting sites to generate revenue from advertising. In total, 45,880 anime titles were made available via B9Good without permission from rightsholders.

Taizhou People’s Court Hands Down Sentences

On December 26, 2023, the People’s Court of Taizhou Pharmaceutical High-Tech Industrial Development Zone handed down three sentences. The main offender, Man A, was sentenced to three years in prison, suspended for three years and six months. In addition to the seizure of his home, he was fined 1.8 million yuan (38 million yen, US$253,000), an amount equivalent to the ad revenue he earned through B9Good. The conviction is now final after the appeal period ended.

 

Female B, who was paid by Man A to upload pirated anime to the site, was sentenced to one year in prison, suspended for one year and six months, for copyright infringement offenses. Female D, who also received payment for uploading pirated anime, was sentenced to eight months in prison and one year’s probation.

 

According to CODA, Man C, who allegedly generated revenue from pirated anime uploaded to file-hosting sites, was not sentenced. CODA doesn’t go into detail other than reporting that he was “subject to exemption measures stipulated by China’s criminal law.”

Sentences May Disappoint, But Value Lies in Convictions

For deterrent purposes, it’s likely that CODA would’ve preferred immediate custodial sentences, but this wasn’t simply a routine case that failed to live up to expectations. Under normal circumstances, a case like this wouldn’t have even gotten off the ground, let alone end in convictions.

 

“In this judgment, the punishment was reduced to a suspended sentence and the conviction was decided based on the fact that Man A was a first-time offender and that he voluntarily confessed, acknowledged the crime, and showed a willingness to accept punishment,” CODA explains.

 

“However, this is the first time that criminal penalties have been imposed on the operators and uploaders of overseas pirated sites due to an approach from Japan. CODA hopes that the recent crackdown and judgment against such malicious sites will have a significant impact on deterring the operation of similar pirated sites.

 

“In response to online infringements, which are causing damage worldwide, CODA will continue to proactively develop countermeasures beyond national borders, even if their operations are based overseas, and will continue to eliminate unauthorized use of Japanese content,” CODA concludes.

 

There’s rarely a shortage of conflict and controversy in the perpetual online piracy wars.

 

For some, the David versus Goliath imagery, of ordinary people fighting faceless corporations, will never get old. For others, the right of creators to receive fair compensation for their work is non-negotiable; it puts food on the table, literally.

 

Yet spend enough time digesting every possible detail presented by those shouting most loudly about piracy, and it becomes increasingly clear that piracy is already too big to fail.

 

Anti-piracy is now a multi-billion dollar industry in its own right, that means companies investing real money, long-term, into a fight where the ultimate reward for achieving the impossible is self-destruction via redundancy. Very obviously that isn’t going to happen because according to regular reminders, pirates never stop innovating and there’s nothing anyone can do about that in the absence of draconian tool (x)

AGCOM – Hold My Beer

If piracy is too big to fail, then the same also holds true for events playing out in Italy. After expending huge resources to obtain legislation to a precise specification, rightsholders have the legal basis to give pirates everything they’ve got, with little to fear, even when things go terribly wrong.

 

With full support from AGCOM, the whole of Italy has endured non-stop lectures on piracy, the capability of the Piracy Shield blocking platform, and how nothing will ever go wrong because this mission is too big to fail. When things did go wrong two weeks ago, AGCOM claimed that journalists made the whole thing up and when an even bigger blunder took out countless innocent sites last weekend, proponents of Piracy Shield disappeared and said nothing.

 

In parallel, information on which domains and IP address have been blocked, aren’t being published according to the rules. This means that when innocent sites are rendered inaccessible, those affected are denied any right to know what went wrong or who can be held responsible. That seems incompatible with even a basic level of responsibility towards innocent third parties.

Piracy Shield Blocking Data – Feb 2024 – Weeks 1-3

Since information apparently likes to be free and access to justice is a basic human right, here’s the first three weeks of IP addresses blocked by the Piracy Shield system. The list handed to TF over a week ago appears to cover the first two-and-a-half, possibly close to three weeks of February. It contains 1267 IP addresses but less than 10 domains names have been revealed to the public in official records.

 

Long lists of IP addresses tend to become a bit meaningless, so we’ve added relevant data (everything beyond the bare IP addresses) to help the numbers make sense. We used IPInfo to obtain approximate server locations and various other tools to compile the rest of the data.

 

IP addresses mapped to IPinfo location data

 

From a total of 1267 IP addresses, 558 geo-locate to the Netherlands, 433 to Romania, and the rest as follows: Austria (69), Germany (57), Italy (33), France (28), Ukraine (28), Nigeria (13), Ireland (8), Switzerland (6), Greece (6). All other countries were were linked to five IP addresses or less.

 

While the usual caveats apply in respect of geo-location data not necessarily being accurate, it seems reasonable to conclude that European server locations caused many issues in the first two or three weeks of February.

 

Focus on Europe

 

However, dots on a map don’t always tell the full story. Server operator data (presuming that can be relied on) may offer a few more clues towards a more distant problem than ‘Frankfurt’ may first suggest. Indeed, GZ Remittance (China) Industry Ltd (specifically, Hong Kong) turns up no less than 350 times in the list (29% of all blocks) but appears to have almost 4,100 German IP addresses in total, so quite a few to go yet.

 

 

At this point it’s worth highlighting the name Superhub Ltd which appears alongside IP addresses operated by GZ Remittance. According to its YouTube channel, “Superhub Limited is the winner of Microsoft Partner of the Year, Cloud Solution Providers of Microsoft cloud technology.”

 

If that’s an accurate report, that makes three CDN companies already blocked this month; Zenlayer, Cloudflare, and now Superhub. The Piracy Shield handbook insists that IP addresses shared with innocent non-infringers must not be blocked. Indeed, Italian law says they cannot be blocked.

 

If other websites were sharing those IP addresses when they were blocked, that could represent 350 breaches of blocking rules in less than three weeks. More research will need to be done but not even the experts predicted overblocking on that scale.

 

For those interested in the data, a .csv file is available here. If anyone can make the data look really nice, please send us a copy here.

 

At the start of the last decade, The Pirate Bay teamed up with Sweden’s Lund University to conduct the largest online piracy survey in history.

 

The research elicited responses from 75,000 ‘pirates’ from all parts of the world. Despite this geographical diversity, a rather traditional gender pattern appeared. Of all respondents, only 5% were female.

 

These findings were rather extreme but they fit the old stereotypical image of ‘the online pirate’ as a young, somewhat nerdy male. While that might have been relatively accurate 25 years ago, piracy audiences are much more diverse today.

 

Recent studies have shown more diverse age distribution and increasingly gender is seen as a less relevant variable too. One of the largest longitudinal studies on piracy conducted by the European Union, doesn’t even mention gender as a factor anymore.

Research: Who Pirates and Why?

This doesn’t mean that there are no differences, of course, but these rarely add any explanatory value or new insights. That said, new findings published by researchers from Northumbria University Newcastle, which include gender, are worth highlighting.

 

The survey data, looking at piracy trends in Thailand and Indonesia, was released by Marketing professor Dr. Xuemei Bian and Ms. Humaira Farid. The results were presented to WIPO’s Advisory Committee on Enforcement recently and the associated presentation was published online.

 

Through an online survey and in-person interviews, the research aims to map consumer attitudes and behaviors in Indonesia and Thailand, particularly in connection with online copyright infringement.

 

One of the overall conclusions is that piracy remains a common activity in both Asian countries. Pirates are present in all age groups but and music, movies en TV-shows tend to be in highest demand and younger people. Those under 40, are more likely to pirate than their older counterparts.

 

These findings are not out of the ordinary and the same trends are visible in other countries too. Interestingly, however, some notable differences between the two countries appear when gender is added to the mix.

More Women than Men Pirate in Indonesia

The tables below show that women are more likely to pirate than men in Indonesia. This is true for all content categories, except for software, where men are slightly in the lead. In Thailand, however, men are more likely to pirate across all categories.

 

Pirating Genders
 

The researchers do not attempt to explain these differences. However, they show once again that ‘dated’ gender stereotypes don’t always match with reality. And when they have little explanatory value, one can question whether gender is even relevant in a piracy context.

 

Looking at other differences between Thai and Indonesian consumers there are some other notable findings. For example, in Indonesia, 64% of the respondents say they’re aware of the availability of pirated movies and TV-shows on YouTube, compared to ‘just’ 32% in Thailand.

 

Indonesian consumers are also more familiar with music piracy sites and pirate much more frequently than Thai consumers, as the table below shows.

 

Discouraging Factors

Price vs. Convenience

Finally, the researchers also looked at various attitudes toward piracy. This shows that Thai pirates would be most likely to stop if legal services were more convenient, while Indonesian pirates see cheaper legal services as the largest discouraging factor.

 

All in all, the researchers conclude that these attitudes and the regional differences are important to take into account for policymakers.

 

“[P]olicies and anti-piracy strategies aimed at eliminating consumer piracy should take into account product category and consumer characteristics, as well as national level differences,” the researchers conclude.

 

Indonesian Anti-Camming PSA

 

Anime is growing globally as an entertainment category and this popularity surge isn’t limited to legal platforms.

 

Today, several of the world’s largest pirate sites are exclusively dedicated to anime. This includes Aniwatch.to, the streaming portal that operated as Zoro.to earlier last year.

 

The streaming portal, which is arguably the largest pirate site in the world, is a prime target for anti-piracy groups. The Alliance for Creativity and Entertainment (ACE), for example, is actively trying to shut the platform down, which they believe is operated from Vietnam.

 

Last year, ACE had its sights set on shutting down the rogue operation. And indeed, it managed to take over the domain name Zoro.to, but not before the site had rebranded to Aniwatch.to. Under that new brand, business continued as usual.

 

ACE and others kept up the pressure and in recent months branded Aniwatch one of the most notorious pirate sites. However, taking it offline is easier said than done.

Zoro -> Aniwatch -> HiAnime

A few hours ago, Aniwatch users were in for a surprise as the anime streaming portal rebranded again. Instead of Aniwatch, the site formerly known as Zoro will now continue under the name HiAnime.

 

Users who try to access the old Aniwatch.to domain name are redirected to the new domain name automatically.

 

 

With the previous rebrand, the operators said that the site was being acquired by a new team. There are no such mentions today. Neither is there an explanation for the move but users are assured that their information remains intact.

 

“All data and information shall be transferred and shall remain the same as before. User accounts and watchlist records shall thus remain unchanged,” a message in the site’s Discord reads.

 

Why Now?

Without an official explanation, we can only speculate as to why the operators have decided to adopt another new brand. It’s unlikely that this is a facade to confuse anti-piracy groups, as they’re not easily fooled anymore.

 

What would make more sense is that the new brand and domain are an attempt to evade blocking efforts, at least temporarily. This includes advertising blacklists and site-blocking efforts, including one issued in India recently.

 

As reported last week, the High Court in New Delhi, India, issued a dynamic+ blocking injunction that requires local ISPs to block several pirate domains, including Aniwatch.to. Since nearly a quarter of all the site’s visits come from India, this order may have quite an impact on the site.

 

Whether a ‘rebrand’ will be sufficient to evade this order is unclear though, as these dynamic orders can be updated with new domains, precisely to deal with these types of situations.

H*anime Confusion

Whatever the reason, the site’s users are not as shocked by the new name as they were last time. Changes generally elicit some backlash and that’s also the case here. However, most of the critique we’ve seen stems from the similarity to another anime-themed site.

 

Several users note that Hianime is only a typo away from Hanime, which is an adult-themed site focusing on Hentai content. In fact, the logo reads “Hanime” as the first “i” is replaced by an exclamation mark.

 

“Cool rebrand and all but…. You decided to pick Hanime I thought I was on a very different website for a minute..,” one user writes.

 

 

The good news is that both sites use different TLDs which makes it less likely that people will end up at the wrong site. And even if any more serious brand clashes emerge, the site can always pick another name and try again. They know how it works by now.

 

To protect copyright holders, YouTube regularly removes, disables, or demonetizes videos that contain allegedly infringing content.

 

For years, little was known about the scope of these copyright claims, but that changed two years ago when the streaming platform published its first-ever transparency report.

 

These reports, which were initially published as pdf files, showed that roughly 99% of all copyright claims on YouTube are handled through the Content ID system. Since many claims are automated, participation is restricted to a few thousand vetted rightsholders to limit abuse.

YouTube’s Revamped Transparency Report

The Content ID system remains dominant and the number of reported claims continues to rise. YouTube recently released the most recent data on a new dedicated website, which confirms many of the earlier trends.

 

The latest data show that YouTube is edging closer to a billion copyright claims received every six months, with 980 million Content ID claims in the first half of 2023. These claims were sent by less than 9,000 rightsholder representatives and are good for more than 99% of all copyright actions on the video platform.

 

Content ID Transparency
 

The vast majority of claims were automated with just 0.4% submitted manually. This means that millions of daily copyright actions are handled without human review.

More Claims, More Money

These are large numbers, but they’re also presented without context. Only if we start to compare them with previous years does a clear pattern become visible. The 980 million number represents a 25% increase compared to the same period a year earlier, during which 757 million Content ID claims were processed.

 

One might conclude that rightsholders are frustrated by the increasing level of infringement reported on YouTube. Some probably are, but the Content ID system comes with financial opportunities too.

 

Rather than simply making unauthorized videos unavailable, rightsholders can choose to monetize them instead. With 90% of all Content ID claims now monetized, it’s far and away the most popular option among rightsholders.

 

As it turns out, YouTube has found a rather effective way of monetizing copyright infringement. As of December 2022, the video platform had paid out over $9 billion to rightsholders after running ads alongside videos monetized by Content ID.

 

Top-Heavy

The numbers reported above only apply to the Content ID system. While that’s responsible for nearly all copyright actions on YouTube, those who are not part of the system must use other options.

 

For example, non-qualifying rightsholders can use the publicly available webform, as 198,512 people did in the first half of last year. Together, these people flagged about five million problematic copyright issues.

 

The Copyright Match tool, which is accessible to nearly three million YouTube channels, added another 2.7 million copyright actions. The breakdown of all YouTube copyright actions shows that Content ID claims are by far the most used.

 

 

The above shows that a small number of rightsholder representatives are responsible for most YouTube copyright actions. In total, more than 310,000 rightsholders reported issues, but just 4,828 were part of the Content ID system.

 

These 4,828 Content ID members triggered more than 99% of all activity, averaging more than 200,000 copyright actions per rightsholder. The remaining rightsholders reported an average of 37 copyright issues in the same period.

 

YouTube’s transparency report lags behind a little, but it will be interesting to see if the number of claims in the second half of 2023 surpassed a billion. That data will likely follow later this year.

 

There was a time when visiting a pirate site was much like visiting any other. Keen to attract eyeballs wherever they might be, many of the world’s biggest brands exchanged cold hard cash for an appearance on prominent pirate portals.

 

Over time and as the thorny issue of funding illicit platforms gained traction, companies including Ford, Toyota, Nissan, Mazda and Volvo came under increasing pressure. The same held true for other household names, such as tech giant Samsung, along with Nokia, Canon, Carlsberg, even Coca Cola.

 

These companies weren’t deliberately placing ads on pirate sites, but their ads kept turning up on them nonetheless.

Goodbye Quality Brands

As brand protection became increasingly important during the previous decade, companies such as White Bullet provided intelligence on which sites to avoid, with similar lists deployed to facilitate the work of the UK’s Infringing Website List, among others. In the United States, the formation of the Trustworthy Accountability Group (TAG) in 2015 saw advertisers and advertising agencies come together to clean up the system and prevent ad revenue from reaching pirate sites.

 

TAG enjoys considerable support; Amazon, Disney, Google, Meta, NBC, Sky, and Spotify, among others, sit on TAG’s Leadership Council. Most were around in 2019 when TAG launched Project Brand Integrity, an initiative to prevent valuable brands’ advertising ending up next to potato-quality copies of Hollywood movies and other unauthorized content.

Half a Decade Later, TAG Upgrades

While TAG says that v1.0 has performed well, on Wednesday it announced Project Brand Integrity 2.0. More easily scalable than its predecessor, PBI 2.0 still aims to defund pirate sites and protect advertisers from undesirable associations. If all goes to plan, it will be quicker to react and more responsive to domain hopping too.

 

“Project Brand Integrity 1.0 was incredibly effective but hard to scale, as it involved a time-consuming manual process of notifying advertisers when their ads were found on pirate sites,” says Mike Zaneis, CEO of TAG.

 

“Although most advertisers took action when alerted to such misplacements, the money often had already changed hands, and the criminals quickly moved their efforts to new domains.”

Excluded From Ads, Pirates Welcomed to Exclusion List

Also receiving an upgrade is TAG’s database of pirate sites, which is shared within the industry to help advertisers avoid undesirable platforms. This ‘exclusion list’ is maintained and developed through intelligence sharing at TAG’s AdSec Threat Exchange, where members collaborate with participating companies, utilize open source resources, and share information on pirate domains.

 

The resulting list aims to limit pirate sites’ access to advertisers, thereby reducing their ability to generate revenue from advertising.

“Through PBI 2.0, TAG will leverage new partnerships with the industry’s major ad tech intermediaries to cut off funding from pirate websites through a comprehensive pre-bid exclusion list, thus preventing pirate sites from monetizing stolen intellectual property (IP),” TAG says.

 

“By incorporating real-time intelligence on new pirate domains from TAG’s Ad Sec Threat Exchange and TAG member companies, PBI 2.0 will protect brands while preventing ad dollars from reaching those illegitimate sites.”

Malvertising Everywhere

In an interview with EMA last December, Michael Lydon, TAG’s Vice President of Threat Intelligence, spoke of the constant battle against malvertising, a portmanteau of ‘malware’ and ‘advertising.’ Scam ads, auto-redirections, cloaking, and drive-by downloads all received a mention. Not exclusively in connection with pirate sites, though, the problem is much broader than that.

 

Given the nature of this pervasive adversary, TAG’s v2.0 exclusion list will also combine data originally collected by anti-malware vendors, with the intelligence providing an enhanced view of pirate sites that combine free downloads with malicious or deceptive ads. Once that information is placed in the hands of advertisers, it’s hoped that having two reasons not to fund pirate sites will be better than having just one.

Proactively Eliminating Malvertising

What kind of effect the project will have at the consumer end is unclear. One of the great ironies of the pirate site/malware debate is that by driving trusted advertisers away, anti-piracy groups not only removed revenue but also opened up the market for less inhibited advertising agencies to do more business with pirate sites.

 

Lower ad rates made available to pirate sites with fewer opportunities elsewhere, can lead to an elevated chance of risky ads, on web-based portals in particular. Since TAG’s system will only make things worse and the rest of the internet isn’t getting any better, some sites may need to be tackled more directly.

 

The good news is that plenty of solutions for disappearing bad ads, malvertising, endless trackers, and other stuff some sites just can’t get enough of, are readily available for free. Since they don’t discriminate, they’re just as happy removing all hot girls in your area to the 80 advertising partners imposed on visitors by too many mainstream sites.

For those really averse to abusive advertising, moving away from ISP-provided DNS to Quad9’s threat-blocking alternative is a good start.

 

For the more adventurous, a self-hosted DNS server like Pi-Hole, loaded with various hand-picked blocking lists, is something that few people think they need. At least until they see how even seemingly regular ads, not to mention things like smart TVs, can really abuse their trust.

Finally, uBlock Origin on top is an essential for every browser, and if all goes to plan, malvertising will be a thing of the past. Then, working from a nice clean sheet, unblocking the sites worthy of support seems the way to go, while enjoying the internet all over again.

 

It’s not uncommon for people to wander into some corner of the overall emulation scene with a specific question: Are emulators legal?

 

While not necessarily true, the most common answer is: yes, emulators are completely legal but distributing the games (ROMs) is most definitely not, so don’t request them here.

 

In response to questions from those interested in the DIY approach, gamers are often advised to rip only the games they actually own, or only download games they intend to rip, for which they already own the original.

 

The endless caveats that tend to go unmentioned are even more important. Nintendo knows them all but rarely strays from its fundamental position that, as far as its games and consoles are concerned, the process is illegal.

Nintendo Targets Company Behind Switch Emulator, Yuzu

Targeting developers who reverse-engineer and decompile code, to support an open source project, for which no money needs to be paid, is one way to view the lawsuit Nintendo filed this week. At the heart of the complaint is Switch emulator software Yuzu and Tropic Haze LLC, the United States company allegedly behind the project.

Available on Windows, Linux, and Android, Yuzu claims to be the most popular open-source Switch emulator in the world. The software is completely free and readily available (caveats apply), but the games it plays are not part of the offer (see above).

 

Instead, users of Yuzu need to obtain Nintendo games from elsewhere, in most cases those pre-ripped by others and placed online for download.

 

In all cases, whether on physical cartridges or supplied as digital downloads, Switch games contain security measures designed to prevent copying or being run on unauthorized devices. Technological protection measures (TPM) are also present in the Switch console, which has layers of encryption to restrict access to vital cryptographic files known as ‘prod.keys’.

Circumvention and Decryption

Just as Yuzu distances itself from pirated copies of Nintendo’s games, Yuzu users must also independently obtain prod.keys, sourced from hacked Switch consoles and made available online.

 

After these keys are fed into Yuzu, Nintendo claims that the emulator uses them to unlawfully circumvent its technological measures, decrypting Switch game files before and during runtime. This allows copies of Switch games to be played on Windows, Linux, and Android, contrary to Nintendo’s terms and conditions and in violation of the anti-circumvention provisions of the DMCA.

“Only because Yuzu decrypts a Nintendo Switch game file dynamically during operation can the game be played in Yuzu. In other words, without Yuzu’s decryption of Nintendo’s encryption, unauthorized copies of games could not be played on PCs or Android devices,” the complaint reads.

 

“With Yuzu in hand, nothing stops a user from obtaining and playing unlawful copies of virtually any game made for the Nintendo Switch, all without paying a dime to Nintendo or to any of the hundreds of other game developers and publishers making and selling games for the Nintendo Switch. In effect, Yuzu turns general computing devices into tools for massive intellectual property infringement of Nintendo and others’ copyrighted works.”

Tropic Haze LLC and Yuzu Lead Dev, Bunnei

Tropic Haze LLC is described as a Rhode Island company that develops and distributes Yuzu. Nintendo says the company uses a network of paid coders/developers who maintain the software and issue updates to improve the software’s ability to replicate the gameplay experience offered by Nintendo’s official products.

 

These individuals are described as agents of Tropic Haze LLC and Nintendo holds the company liable for their conduct. That includes Bunnei, the alleged lead developer of Yuzu, whose conduct receives significant attention in the complaint.

Nintendo’s Laundry List of Allegations

Nintendo’s first mention of Bunnei includes a claim that the developer “publicly acknowledged most users pirate prod.keys and games online” while the Yuzu website offers instructions to users on how to “unlawfully hack their own Nintendo Switch and how to make unauthorized copies of Nintendo games and unlawfully obtain prod.keys.”

 

While advice doesn’t amount to circumvention, Nintendo says it can show that Bunnei and other developers used Yuzu to decrypt and play Nintendo games. That required them to obtain prod.keys from a hacked console (circumvention violation under the DMCA), and make at least one unauthorized copy of a game (copyright infringement).

 

Nintendo says that agents including Bunnei are “fully aware” of the use of Yuzu by others “in performing circumvention, and in facilitating piracy at a colossal scale.” Moreover, in addition to providing Yuzu and instructions to complete various tasks, the importance of decryption keys is acknowledged on the Yuzu website, along with links to various pieces of software designed to extract those keys.

 

Nintendo claims that decisions regarding new Yuzu features, which platforms to launch on, and which games to provide compatibility with, are made by Bunnei. Nintendo also provides a quote; when acknowledging that the Yuzu Quickstart guide can be confusing, Bunnei allegedly said, “users probably just pirate a yuzu folder with everything.”

 

The Quickstart guide itself also contains the following: “[t]o start playing commercial games, yuzu needs a couple of system files from a HACKABLE Nintendo Switch console in order to play them properly.”

Zelda: TotK Leak Provided Patreon Earnings Boost

The Legend of Zelda: Tears of the Kingdom was released by Nintendo on March 12, 2023, but was available to pirate online on May 1, 2023. Nintendo says 100% of the copies available were necessarily pirated copies and every user who obtained a copy did so without paying for the game.

 

Over one million copies of the game were downloaded and Nintendo claims that over 20% of download links referenced playing the game on an emulator, Yuzu included. Meanwhile, Yuzu’s Patreon – where early builds of Yuzu are made available to members – had a sudden increase in membership.

Nintendo claims this was a direct result of the leaked Zelda: TotK being played on Yuzu and Bunnei understood that, not least since Yuzu has a telemetry feature that relays the titles of games being played.

 

“Indeed, Bunnei implemented a ban on discussing Zelda: TotK emulation in Yuzu’s Discord server because so many Yuzu users were trying to seek support emulating it,” Nintendo claims.

 

Nintendo notes that 7,000 patrons now generate around $30,000 per month for those who develop Yuzu, with early versions accessible via Patreon generating an additional $50,000.

Nintendo’s Claims

Nintendo’s claims are comprehensive. Trafficking in circumvention technology in violation of 17 U.S.C. § 1201(a)(2)) is supported by allegations that the defendant and its agents are aware that Yuzu is designed, implemented and used to circumvent encryption, while they market Yuzu for the purpose of circumventing TPMs.

 

A claim of trafficking in circumvention technology in violation of 17 U.S.C. § 1201(b)(1)), notes that Yuzu has “only limited commercially significant purpose or use” other than to circumvent protection measures.

 

Circumvention of technological measures in violation of 17 U.S.C. § 1201(a)(1)) relates to Bunnei and other developers circumventing Nintendo’s protection measures themselves, while additional claims under the Copyright Act relate to Bunnei and the other developers dumping Nintendo games, copying them into Yuzu, and sending them to each other.

 

A final count alleging contributory and inducement of infringement relate to secondary liability for Yuzu users’ alleged infringements. Overall, the complaint amounts to a comprehensive sweep against almost everything that the modern emulation scene relies on, without directly tearing out the beating heart of emulation itself. If successful, the truck loads of banana peels left behind could prove difficult for other projects to avoid, however.

 

Nintendo seeks significant damages and an injunction to restrain Tropic Haze LLC from infringing its rights moving forward. That raises a slightly puzzling matter evident throughout the entire complaint.

Nobody Positively Identified in the Complaint

Despite Bunnei’s alleged importance, the only defendant listed in the complaint is Tropic Haze LLC and Nintendo provides almost no information about the company, including details of ownership or control, despite claiming that its sole business is to “develop and distribute unlawful circumvention software.”

 

It necessarily follows that ‘Bunnei’ is not listed as a defendant, Doe or otherwise. In fact, the language used by Nintendo throughout the complaint suggests that it either has no idea of Bunnei’s true identity or may have gone to considerable lengths to give that impression.

 

What lies behind this, if anything, is unclear, but there’s a strong possibility that sooner or later, pressure to settle will likely enter the equation. Right now, there are no real names in the complaint, but that could be changed in an instant, at least if any are currently known.

 

Nintendo’s complaint can be found here (pdf)

 

Over the years, plenty of TV show episodes have leaked online in advance of their official release.

 

Game of Thrones had several prominent episodes come out early, sometimes several at once, and successor ‘House of the Dragon’ saw the season finale debut early.

 

In most cases, these leaks are broadly advertised by the pirate groups who put them online. Being the first to release a prominent leak, is a key accolade in a business where everything revolves around releasing new content faster than others.

‘Masters of the Air’ Leak

As one of the hit shows of the year, the Apple TV+ series “Masters of the Air” is a key target of pirate groups. However, the leaked episode that appeared a few hours ago wasn’t advertised as such.

 

Information received by TorrentFreak confirms that pirated copies of the latest episode of Apple’s series “The New Look” are not what they seem. Instead, these early pirated copies of ‘The New Look S01E05’ include the video track of an unreleased episode of another series.

 

These erroneous releases include video from the eighth episode of “Masters of the Air,” which is set to be released on March 8. The audio track, however, is from “The New Look”, which likely makes it a confusing watch.

 

There are rumors that there are also full copies available, including the leaked audio track, but we could not confirm those.

 

It’s not clear how this ‘mistake’ came about, but it seems likely that Apple or another party accidentally put the wrong video online. This error was fixed as soon as the issue was noticed, but not before pirate groups grabbed their copies.

 

While some pirate release groups are eager to get leaks out to the public, the content of the release amounts to an unintentional Apple mashup and an unwatchable episode. There are subtitles available on some releases, but they’re from “The New Look.”

 

Many release groups were swift to fix the unusual error and released “repacks” to fix the earlier mistake. These updated releases include the correct video track, removing the inadvertent “Masters of the Air” leak. Some added comments further corroborate the error.

 

“Apple fucked up and put up the video for masters of the air episode 8,” we read in one of the notes that comes with a repack release.

 

 

Even if the leak was a full copy, one can only wonder how welcome it would be. The seventh episode of “Masters of the Air” is scheduled to be released this Friday and true fans typically like to follow the chronological storyline.

 

We reached out to Apple for a comment on the accidental leak but the company didn’t immediately reply.

 

In recent months, rightsholders of all ilks have filed lawsuits against companies that develop AI models.

 

The list includes record labels, individual authors, visual artists, and more recently the New York Times. These rightsholders all object to the presumed use of their work without proper compensation.

 

A few hours ago, OpenAI and Microsoft responded to The New York Times complaint, asking the federal court to dismiss several key claims. Not just that, the defendants fire back with some rather damning allegations of their own.

 

OpenAI’s motion directly targets the Times are the heart of its business, putting the company’s truthfulness in doubt. The notion that ChatGPT can be used as a substitute for a newspaper subscription is overblown, they counter.

 

“In the real world, people do not use ChatGPT or any other OpenAI product for that purpose. Nor could they. In the ordinary course, one cannot use ChatGPT to serve up Times articles at will,” the motion to dismiss reads.

‘NYT Paid Someone to Hack OpenAI’?

In its complaint, the Times did show evidence that OpenAI’s GPT-4 model was able to supposedly generate several paragraphs that matched content from its articles. However, that is not the full truth, OpenAI notes, suggesting that the newspaper crossed a line by hacking OpenAI products.

 

“The allegations in the Times’s complaint do not meet its famously rigorous journalistic standards. The truth, which will come out in the course of this case, is that the Times paid someone to hack OpenAI’s products,” the motion to dismiss explains.

 

 

OpenAI believes that it took tens of thousands of attempts to get ChatGPT to produce the controversial output that’s the basis of this lawsuit. This is not how normal people interact with its service, it notes.

 

It also shared some additional details on how this alleged ‘hack’ was carried out by this third-party.

 

“They were able to do so only by targeting and exploiting a bug […] by using deceptive prompts that blatantly violate OpenAI’s terms of use. And even then, they had to feed the tool portions of the very articles they sought to elicit verbatim passages of, virtually all of which already appear on multiple public websites.”

‘Hired Guns Don’t Stop Evolving Technology’

The OpenAI defendants continue their motion to dismiss by noting that AI is yet another technical evolution that will change the world, including journalism. It points out that several publishers openly support this progress.

 

For example, OpenAI has signed partnerships with other prominent news industry outlets including the Associated Press and Axel Springer. Smaller journalistic outlets are on board as well, and some plan to use AI-innovations to their benefit.

 

The Times doesn’t have any agreements and uses this lawsuit to get proper compensation for the use of its work. However, OpenAI notes that the suggestion that its activities threaten journalism is overblown, or even fiction.

 

“The Times’s suggestion that the contrived attacks of its hired gun show that the Fourth Estate is somehow imperiled by this technology is pure fiction. So too is its implication that the public en masse might mimic its agent’s aberrant activity,” the defense writes.

Fair Use

None of the allegations above address the copyright infringement allegations directly. However, OpenAI stresses that its use of third-party texts should fall under fair use. That applies to this case, and also to many other AI-related lawsuits, it argues.

 

This fair use defense has yet to be tested in court and will in great part determine the future of OpenAI and other AI technologies going forward.

 

To make its point, OpenAI aptly compares its use of third-party works in the journalistic realm. Newspapers, for example, are allowed to report on stories that are investigated and first reported by other journalists, as the Times regularly does.

 

“Established copyright doctrine will dictate that the Times cannot prevent AI models from acquiring knowledge about facts, any more than another news organization can prevent the Times itself from re-reporting stories it had no role in investigating,” OpenAI writes.

 

The fair use defense will eventually be argued in detail when the case is heard on its merits. With the current motion to dismiss, OpenAI merely aims to limit the scope of the case.

 

Among other things, the defense argues that several of the copyright allegations are time-barred. In addition, the DMCA claim, the misappropriation claim, and the contributory infringement claim either fail or fall short.

 

—

 

A copy of the motion to dismiss is available here (pdf). TorrentFreak broke this story, but other journalists are welcome to use it. A link would be much appreciated, of course, but we won’t sue anyone over it

 

TorrentFreak asked the Times for a response to the ‘hack’ allegations but the company didn’t immediately respond.

 

When attempting to block pirated content online, there is always a significant risk that legitimate content will be blocked too.

 

Proponents of a tough new law in Italy that granted significant powers to rapidly block sites, waved away such concerns last year. However, after less than a month in full operation, the Piracy Shield system made its biggest blunder thus far last Saturday. Rather than opt for a surgical strike, someone rolled out a blunderbuss.

It Could Never Happen…

IP address 188.114.97.7 belongs to Cloudflare and is used by many sites, including legitimate ones, so shouldn’t have been targeted at all. However, when that IP was blocked by Italy’s ISPs, under orders of telecoms regulator AGCOM, just 15 minutes later the effect was significant.

From people whose innocent sites were rendered inaccessible, to networking experts, ISPs, and regular Italian internet users, all want to know why this happened, why it was allowed to happen, and how something similar will be prevented moving forward.

 

As far as we’re aware, no official comments from AGCOM, rightsholders, or indeed anyone responsible for the blunder have even mentioned it in public, let alone that they provided an explanation.

ASSOProvider Files Access to Information Request

In a letter dated Monday seen by TorrentFreak, independent ISP association ASSOProvider calls on AGCOM to grant access to information under relevant law.

 

“According to these resolutions, anyone with a personal and concrete interest in the protection of legally relevant situations may exercise the right of access to documents held by the Authority by sending a written and reasoned request. The person in charge of the procedure shall do so within 30 days and inform the Council,” the letter reads.

 

To illustrate the association’s legitimate interest, the letter lays out ASSOProvider’s participation in working groups related to the law introduced last year, and the legal appeal it subsequently filed to protest its site-blocking provisions. The association further notes that its own members are impacted by the actions of the Piracy Shield system since they’re required to use it.

 

“As of February 1, 2024, the Piracy Shield platform for combating piracy is active. Moreover, among ASSOprovider’s Associates, there are providers affected by the activities put in place by the Piracy Shield platform as they are members of the same platform, and also in this way the Association makes this petition,” the letter continues.

Legitimate Request For Data Relating to Two Events

ASSOProvider’s request seeks data connected to two reported overblocking events. The first, against IP addresses belonging to Zenlayer CDN, with the second relating to last weekend’s blocking of the Cloudflare IP address. Since there have been suggestions that ISPs could find themselves targeted with legal claims related to unlawful blocking, having AGCOM hand over relevant records is a reasonable request.

 

“It is therefore in the interest of the Association, engaged on the judicial front and for its own and its members’ protection, to know the acts and documents that gave rise to these inhibitions,” the letter continues.

Information Requested

ASSOProvider requests access to the following documents:

 

• The list of FQDN domain names and IP addresses submitted to Piracy Shield from February 1, 2024, to date.
• Specifically, all documents related to IP blocking issued, communicated and implemented, on Feb. 14, 15 and 24.
• The reports and all documents received from rights holders that resulted in blocking tickets on the same dates.
• The notice sent by AGCOM to the owner of the officially targeted site.
• Copies of blocking tickets sent to the Piracy Shield platform on Feb. 14, 15 and 24.
• Copies of blocking revocation tickets sent on the same days.

 

Given that AGCOM hasn’t yet released domain and IP address information on its website to allow relevant parties to appeal against blocking instructions, it will be interesting to see its response to this official request. The request seeks significantly more information than AGCOM has provided thus far, including that which AGCOM is required to publish.

Official Declarations Fail to Indicate Scale of Blocking

The table below shows the bare details of information released thus far, plus information that should be declared relating to post-order blocking, but to date has not. AGCOM may provide additional details at a later date but since that information is available the moment domains and IP addresses are blocked, providing them quickly shouldn’t be an issue.

The big question is how the above table translates to the actual number of domains and IP addresses blocked.

 

Information made available to TorrentFreak shows that from February 1 to last week (not including events last weekend), over 1,200 IP addresses have been blocked by Piracy Shield. The volume of domain names, which includes subdomains, is considerably larger, well over 1,600.

 

We understand that the law does not specify or recognize unblocking of domains or IP addresses and no system is in place to remove blocks that are out of date. Cursory tests show that some IP addresses on the list no longer facilitate access to pirate services, assuming that was initially the case.

This weekend, we reported that the open source movie search app movie-web lost control over the domain name of its demo site.

 

Registrar Namecheap suspended the domain following a complaint from several major Hollywood studios and Netflix. Initially, broader context was missing but new information suggests that an Indian order lies at the basis of this intervention.

 

Like many other countries around the world, India’s copyright law allows rightsholders to limit access to pirate sites. This measure is widely used by major American movie companies to obtain injunctions that require local Internet providers to block websites to prevent piracy.

Dynamic+ Blocking Orders

Over the years the nature of these court orders has evolved. The initial measures were straightforward, in the sense that they pointed out specifically which domains should be blocked. These later evolved into ‘dynamic’ versions, allowing rightsholders to add new domains and proxies whenever they are launched.

 

The Indian courts are not stopping at dynamic blocking orders either. In several instances, Internet providers have been instructed to block websites because they might make infringing works available in the future. This includes content yet to be created.

 

In addition, ISPs are no longer the only parties that are covered by dynamic+ injunctions. The orders also require domain name registrars worldwide to disable the mentioned domain names. Domain registrars that refuse to comply risk losing their ability to operate in India.

Movie-web.app and 44 Other ‘Pirate’ Domains

Namecheap’s decision to suspend the movie-web.app domain follows after Netflix, Disney, Warner Bros. and others obtained a new dynamic+ injunction at the High Court of Delhi earlier this month. The complaint in question lists 45 domain names linked to 28 defendants (full list below).

 

 

The injunction requires Indian ISPs to block the domains, but also lists ‘domain registrars’ as a broad category, without specifically naming any.

 

“The respective Domain Name Registrars of Defendants No. 1 to 28, upon being intimated by the Plaintiffs, shall lock and suspend the said domain names. In addition, any details relating to the registrants of the said domain names including KYC, credit card, mobile number, etc. be also provided to the Plaintiffs,” it reads.

 

According to the order, the operators of these websites are doing all they can to hide their identities. Attempts to compel the operators to stop the allegedly infringing activity presumably failed.

 

“Plaintiffs’ legal notices to takedown the infringing content from the websites have been futile. Defendants No. 1 to 28 are thus knowingly engaging in the impugned activities, in utter disregard of the Plaintiffs’ rights,” the order notes.

 

While the above typically applies to rogue pirate sites, we’re not sure how accurate it is for movie-web. The identities of the developers involved in the open source project are easy to find and, in their shutdown message a few days ago, they said that they “would go down without a fight,” if it came to that.

 

Movie-web kept its word. After Namecheap put the domain on clientHold, it didn’t make any comeback attempts. The software is still available for others to use but the official demo website will remain offline.

Not all Domains are Offline

The movie-web example suggests that Namecheap complied with the Indian court order. This is further confirmed by other Namecheap-registered domains from the same injunction that also went offline, including moviemods.dev, epxmovies.com, sflix.watch and goflixtor.com.

 

All of these domains now have a clientHold status, rendering them inaccessible. The same applies to domains that were registered through Porkbun, which include cinehub.wtf, filmygallery.baby, and other filmygallery domains.

 

Domains registered through Namebright and Dynadot are also unreachable, but these don’t have a dedicated status code.

 

Not all domains covered by the order are offline though. At the time of writing, several Tucows registered domains remain accessible or redirect to new ones, and the same applies to domains that are linked to Dynadot, Sarek, Realtime Register, and Godaddy.

 

The above are just our initial findings and these shouldn’t be used to draw broader conclusions, especially since some domain registrars are only tied to a single domain name. However, it is worth taking note and comparing these actions to any in the future.

.To Complications

The above suggests that at least some American domain registrars are responsive to an Indian court injunction, obtained by American movie studios. This means that this “Indian route” could be a fruitful anti-piracy measure for rightsholders.

 

Thus far, however, none of the .to domain names listed in the injunction have gone offline. The .to registry ‘Tonic‘ is not covered by the injunction, but it appears that none of the registrars of these domain names has ‘intervened’ either.

 

The .to domain whois doesn’t list who the registrars are but TorrentFreak has information which shows that upmovies.to, zorox.to, flixwave.to and others were registered through Namecheap. This is interesting because Namecheap suspended non- .to domains.

 

We asked Namecheap for a comment on our findings but the company didn’t immediately respond.

 

One explanation for the response discrepancy could be that the Tonic registry doesn’t support the clientHold status code. Namecheap used this to suspend the other domain names, so the lack of action with regard to the .to domains may be of a technical nature.

 

Whatever the explanation is, these dynamic+ orders are among the most effective we’ve seen so far. With that in mind, we expect Hollywood to use the Indian route more often going forward, if they want U.S. companies to take action.

 

—

 

A copy of the dynamic+ injunction issued by Justice Sanjeev Narula at the Delhi High Court is available here (pdf). A full list of all affected domain names is available below.

 

1. fzkidd.net
2. ofilmyzilla.ms
3. ofilmyzilla.com.ve
4. ofilmyzilla.it
5. tamilyogi.plus
6. tamilyogi.love
7. tamilyogi.band
8. soap2day.tel
9. myflixer.la
10. flixer.ph
11. myflixer.ph
12. sflix.watch
13. sflixz.to
14. moviesmod.dev
15. moviesmod.wiki
16. moviesmod.one
17. freemovies360.cc
18. streamm4u.com
19. streamm4u.to
20. desicinemas.ink
21. epxmovies.net
22. movi.pk
23. 123moviesfree.mx
24. filmygallery.baby
25. filmygallery.app
26. filmygallery.cab
27. filmygallery.club
28. filmygallery.foo
29. filmygallery.lol
30. filmygallery.pro
31. zorox.to
32. zoro.vc
33. flixwave.to
34. upmovies.to
35. mydownloadtube.net
36. movie-web.app
37. moviekhhd.biz
38. movieshd.watch
39. goflixtor.com
40. cinehub.wtf
41. arc018.to
42. flixerplus.com
43. netmovies.to
44. aniwatch.to
45. toonstream.in

 

The data for our weekly download chart is estimated by TorrentFreak, and is for informational and educational reference only.

 

Downloading content without permission is copyright infringement. These torrent download statistics are only meant to provide further insight into piracy trends. All data are gathered from public resources.

 

This week we have three newcomers on the list. “Mean Girls” is the most downloaded title.

The most torrented movies for the week ending on February 26 are:

Movie Rank	Rank last week	Movie name	IMDb Rating / Trailer
Most downloaded movies via torrent sites
1	(…)	Mean Girls	6.0 / trailer
2	(2)	The Beekeeper	6.5 / trailer
3	(…)	The Zone of Interest	7.7 / trailer
4	(5)	Land of Bad	6.5 / trailer
5	(6)	Wonka	7.3 / trailer
6	(7)	Oppenheimer	8.5 / trailer
7	(3)	Aquaman and the Lost Kingdom	6.7 / trailer
8	(…)	Red Right Hand	5.3 / trailer
9	(4	The Marvels	5.7 / trailer
10	(1)	The Iron Claw	7.9 / trailer

 

 

Note: We also publish an updating archive of all the list of weekly most torrented movies lists.

 

Following a statement that Italy’s all-new anti-piracy system had received top marks from telecoms regulator AGCOM for “working perfectly,” on Saturday the truth came out in all its glory.

 

Piracy Shield has only been fully operational for a few weeks. So, expecting it to work flawlessly, right out of the box, was always unrealistic. There have been reports of unexpected behavior in the ticketing system, for example, plus other issues one might describe as relatively normal for a new system, or at least non-critical.

 

But while any unexpected behavior needs to be understood, the Piracy Shield system, i.e software, hardware, and sundry biological components, arguably had just one job to perform perfectly in its first month. Through meticulous care, prove the naysayers wrong by not blocking innocent sites and staying away from CDNs. A single IP address blocked in error can do damage anywhere but, on a platform such as Cloudflare, problems can multiple extremely quickly.

Like a Moth to a Flame

As reported less than two weeks ago, the first issue to cause elevated public concern was the blocking of Zenlayer CDN IP addresses. During the first two weeks in the public spotlight, that wasn’t ideal or even an isolated incident.

 

Black spots = No connectivity

 

When AGCOM and anti-piracy group FAPAV turned up on TV recently to announce an expansion of Piracy Shield blocking, the system was said to be “working perfectly” while reports to the contrary were labeled “fake news.”

 

But even before those statements had time to fully sink in, along came Saturday afternoon, otherwise known as ‘TTFN CDN’.

AS13335 Cloudflare – IP: 188.114.97.7

Around 16:13 on Saturday, an IP address within Cloudflare’s AS13335, which currently accounts for 42,243,794 domains according to IPInfo, was targeted for blocking. Ownership of IP address 188.114.97.7 can be linked to Cloudflare in a few seconds, and doubled checked in a few seconds more.

 

The service that rightsholders wanted to block was not the IP address’s sole user. There’s a significant chance of that being the case whenever Cloudflare IPs enter the equation; blocking this IP always risked taking out the target plus all other sites using it.

 

Why blocking went ahead anyway has no good answers; from didn’t check and don’t understand to oops, too late…, how it managed to traverse the claimed checks and balances defies logic. Giorgio Bonfiglio, Principal Technical Account Manager at Amazon Web Services, warned of this specific risk last year. Some of the best advice available, pro bono, yet simply ignored.

 

“When I talked about the risks of the Piracy Shield last year I focused on the impossibility for an external observer to understand whether an IP is shared or not. I never expected they would block one of the top 5 CDNs in the world, an AS that does ONLY that,” Bonfiglio wrote.

Block Party Erupts

On February 2, 2024, developer Marco d’Itri (aka rfc1036) published a pearl of wisdom on Twitter. On Saturday, a little over three weeks later, he was the first to publicly confirm that what shouldn’t have happened, had obviously happened, to the surprise of no one.

Reports of sites suddenly going offline came in quickly. The IP address block went live at 16:13 and by 16:31, Italy was already covered head to foot in black spots indicating no connectivity (Source: RIPE via @auguzanellato).

 

 

EU citizens’ right to receive and impart information without interference often enters site-blocking discussions. Such concerns were waved away in Italy because the above would never be allowed to happen.

Communication to the Public, By The Public

On X, @handymenny quickly pinpointed the source of his initial connectivity problem, and then went on to discover he was more affected than first thought. That appeared to pique his curiosity, so he decided to find out who else had been blocked.

 

His discoveries included the ODV Prison Volunteers Association, a charitable group with a key goal of improving communication between prisoners and their families. Elimobile.it, a telecoms company that relies on people communicating so that they a) buy SIM cards and b) can access Elimobile’s video services, was also blocked.

 

 

Several schools also suffering downtime is not just a terrible look. The laws and regulations passed last year that authorize rapid blocking include a mandatory educational component for kids. If anyone can think of a statement that will resonate with kids, to explain why preventing football piracy has a negative effect on education, answers on a blackboard please.

Block Quietly Removed, But That Won’t Be Enough

Around five hours after the blockade was put in place, reports suggest that the order compelling ISPs to block Cloudflare simply vanished from the Piracy Shield system. Details are thin, but there is strong opinion that the deletion may represent a violation of the rules, if not the law.

 

Another legal aspect of potential interest involves a general principle of EU law, one that requires authorities to strike a balance between the means used and the intended aim when exercising their powers.

 

IT enthusiast Ernesto Castellotti wasted no time deciding his course of action. Since his website was also unlawfully blocked on Saturday, he’s sent a civil access request to AGCOM demanding all information held on file to show why that happened. He’s also calling for the immediate resignation of the head of AGCOM “for demonstrated negligence in the implementation of the Piracy Shield project.”

 

As far as we’re aware, there has been no formal comment from AGCOM on Saturday’s disaster.

 

Share information with TF in confidence here

 

Note: An earlier version of this article reported on a Bonfiglio tweet which appeared to estimate the number of sites potentially blocked on Saturday. We’re informed the tweet used an Italian phrase that simply suggests a very large number. The direct translation lacked nuance and has since been removed.

 

The last time over 200 pirate sites went offline at the same time was…..well, probably never. Certainly, so many sites have never gone down and stayed down for four days straight in what still amounts to a relatively tight niche.

 

Yet that’s exactly what happened this week, when at least 200 .TV domains were suddenly rendered useless. WHOIS records revealed that the domains had a status of ‘serverHold’ which indicates a domain with no presence in the domain name system.

Registry >> Registrar >> Domain Owner

The suspended domains were all registered at Sarek Oy, the Finland-based domain registrar with connections to former Pirate Bay spokesman, Peter Sunde. Those in need of a liberal, privacy-focused domain registrar, with a pedigree supported by thousands of news articles, countless interviews, TV appearances, and a full-blown movie, have fewer reasons than most to shop for domains elsewhere.

 

Site operators understand Peter and he understands their requirements, as other projects including Njalla demonstrate. Unfortunately, when everything went dark Tuesday/Wednesday with no sign of recovery by Thursday, lack of information from obvious sources seemed to have no solution.

 

When domains are placed on ‘serverHold’ that’s the work of domain registries, not registrars, but domain owners still need to know where they stand.

Frustrations Build

One of those people is Jomo, the person who put together the list of suspended .TV domains mentioned in our earlier report. He’s the owner of Jomo.tv, which unlike most of the .TV domains currently suspended, isn’t a pirate site.

 

“I use the affected domain for my tech blog and my email address. I have received zero information about what’s going on, and I don’t know if or when this is going to be resolved,” Jomo told TF early on Friday.

 

“Njalla does not seem to know anything, the registry did not want to tell me anything and only referred to Sarek without any further info, and Sarek does not respond at all.”

 

GoDaddy completed its takeover of registry services for .TV domains late 2022, after previous controller Verisign chose not to bid when .TV last came up for grabs. When attempting to contact GoDaddy for comment earlier this week, TorrentFreak’s first email received an automatic response saying “Message blocked” while a second to a different address informed us that “The recipient’s mailbox is full and can’t accept messages now.”

 

While frustrating for us, domain owners like Jomo had serious issues to contend with.

 

“It is extremely frustrating to not get any info or updates, in addition to being unable to send or receive any emails, and being unable to log in to several services. By now I’m sure some emails are lost forever as the domain has been unavailable for several days,” Jomo added.

Problem Acknowledged on Friday

When no official updates were provided on Thursday, the situation was looking increasingly grim. Then on Friday, Jomo suddenly had luck reaching GoDaddy via TurnOn.tv.

 

“They actually replied fairly quickly,” Jomo says, “but only told me to ‘contact your sponsoring registrar, Sarek Oy.'”

 

After logging into his Sarek Oy account, a new message appeared: “Some .tv domains have been put on serverHold by the registry and we are in contact with them to resolve the issue.” There was no response to his support ticket filed earlier but at least the issue had been acknowledged.

Then a few hours later, a ray of light appeared at the end of the tunnel.

‘Technical Issue’ Resolved With Registry

After three days without any useful information, Jomo received a response from Njalla, sometime Friday evening we believe.

 

“It is a technical issue. We’ve squared things out with the registry and we’re just waiting for them to lift the serverHold,” a message from Njalla reads.

 

“That will happen anywhere between in a few minutes till Monday, but we’re hoping sooner than later of course. We apologize for the troubles it had caused.”

 

At the time of writing, Jomo’s domain still hasn’t returned and when we last checked, the same was true for around 200 others. While there’s optimism that all domains will eventually return to service, the episode leaves big questions unanswered.

The Information Age

Perhaps the most pressing question from a consumer perspective is the decision by the registry to suspend so many domains in one swoop with zero notice. The fact that so many domains are used by pirate sites does muddy the waters somewhat but as Jomo will confirm, non-pirate sites are affected too.

 

When a particular entity takes action to suspend domains, whose responsibility is it to keep customers informed? In this case the action was taken by the registry but when asked to provide information, the registry refused to supply it, referring questions back to the registrar instead.

Problems Over, or More to Come?

Then there’s the question of the issue that prompted the suspensions; what was it and is it likely to reoccur? Should domain registrants avoid .TV domains? Without information to the contrary, rightly or wrongly some will draw that conclusion.

 

Of course, by offering domains with toughened privacy, Sarek Oy/Njalla find themselves disproportionately involved in legal proceedings where a plaintiff hopes to identify a domain operator but runs into firewall instead.

 

A live case in the United States required various domain registrars including GoDaddy, Namecheap and Sarek Oy, to take action against several app stores to prevent apps with ‘Temu’ branding being made available to the public.

 

As far as we can see, Namecheap, GoDaddy, and Sarek Oy were ordered to disable the platforms’ domains but to date, only domains registered through Sarek remain both intact and online.

 

At least in part, that’s to be expected and to some extent, the service as promised. Also to be expected are complications arising from an accumulation of these types of cases and similar disputes that come with the territory, the supply of which seems endless.

 

Italy’s Piracy Shield blocking platform is the mechanism through which sports rightsholders exercise their right to use state-approved tools in their fight against IPTV piracy.

 

In common with other systems in use around Europe, Piracy Shield acts on information provided by rightsholders. After identifying the target to be blocked, domain names and IP addresses are fed into the Piracy Shield system.

 

From there, data is pumped directly to the nation’s ISPs who must block or risk financial penalties.

 

Given that Piracy Shield cannot function without human input, when we refer to Piracy Shield here that means the entire chain. From data collection and approval for entry, through to actual blocking, regardless of whether any component is software, hardware, or human.

Who Benefits From Overblocking?

Pirates aside, two broad pools of people participate in site-blocking debates: those who understand the internet and the fallibility of human beings, and those who are equally aware of the risks but have an overriding and extremely urgent piracy problem to solve.

 

The concerns of the former include the not insignificant risk of innocent platforms being blocked in error. Such overblocking can be triggered by a simple typo or something more complex, a pirate site sharing an IP address with one or more completely innocent sites, for example.

 

Similar concerns are shared by rightsholders and anti-piracy groups; nobody ever reduced piracy by blocking innocent sites and no anti-piracy group’s work has ever been made easier by a belligerent mob shouting about censorship.

 

Given that a high-paced, dynamic environment virtually guarantees at least some mistakes, debating the inevitable isn’t anywhere near as important as finding out what went wrong, improving the system, and if required, having a discussion about it.

Piracy Shield “Works Perfectly”

During an appearance on Sky TG24 by AGCOM commissioner Massimiliano Capitanio and Federico Bagnoli Rossi, president of anti-piracy group FAPAV, it was revealed that since the launch of the Piracy Shield platform, there have been no overblocking blunders whatsoever.

 

Yet media reports published by DDAY.it and Wired recently, both contained sufficient evidence to mount a credible and, in at least one case, publicly verifiable argument directly to the contrary.

 

So did the publications both make blunders of their own? Is it feasible that they independently decided to report instances of collateral damage, against innocent web entities, without evidence or regard for the truth?

AGCOM Analysis: FAKE NEWS

A text excerpt from the TV show published by Libero.it begins by stating that AGCOM and FAPAV give the Piracy Shield system “full marks” based on its work thus far and that any reports of “friendly fire” blocking should be considered “fake news.”

 

“This is absolutely false and unfounded news,” states Capitanio. “Since the launch of the platform no DNS or IP address holder has made a request to AGCOM, as required by law, to have a site rehabilitated. There is a procedure for those who report that is so rigorous, I am not aware of any public administration sites being blocked in recent weeks.”

In other words, since AGCOM received no complaints of wrongful blocking from anyone wrongfully blocked, it must follow that no wrongful blocking took place. Whether the two publications mentioned above now consider their reporting debunked seems unlikely.

 

Similar stories are regularly discussed among workers at the country’s ISPs and associated entities. The so-called “rigorous” complaints procedure is mostly mocked for its critical failings.

Rigorously Impossible to Complain

After spending the last two weeks in the virtual company of people who keep Italy’s internet running, one thing is beyond doubt: how the system is being portrayed in public does not align with facts on the ground.

 

Workers at Italy’s ISPs and closely related companies don’t seem entirely consumed by the imposition of Piracy Shield on their businesses, but they are showing signs of frustration.

 

Many feel they have no voice and after AGCOM and FAPAV appeared on TV, unhindered by the views of the IT workers compelled to make blocking happen, it was immediately understood that bickering among themselves in public would’ve “spoiled the advertorial.”

 

Others chimed in on the rigorous complaint procedure referenced by AGCOM that, through its own basic failings, effectively doesn’t exist.

Instant Blocking on Tap (No Instant Undo)

The image below shows summaries of three recent orders for full and perpetual blocking to be administered through the Piracy Shield platform. The full orders are also available and can make for interesting reading.

But while commendably detailed in almost every respect, a decision has clearly been made to list only a single domain (some with subdomains) in each order to identify the platform authorized for blocking. Once an order is published there is a five-day window of opportunity for a complainant to file a complaint.

The text here shows that this option is useless for those wrongfully blocked; it seems highly unlikely that an unknown third party would receive a copy of an order in advance of Piracy Shield accidentally blocking them. That raises the prospect of a blocked innocent third party having to a) proactively discover that their connectivity has been limited b) isolate the problem to Italy c) discover the existence of AGCOM d) learn Italian and e) find the blocking order relating to them.

Don’t Get Too Optimistic

Awkwardly, and after all that detective work, the domains of innocent third parties do not appear in blocking orders for obvious reasons. That may suggest that they have been unlawfully blocked, especially since the regulations and Piracy Shield policy disallow any blocking of innocent parties.

 

In any event, overblocking is almost always the result of other things, such as shared IP addresses, which also do not appear in the orders published by AGCOM. While AGCOM does publish aggregated figures for IP addresses blocked after the initial order, zero IP addresses are published in public.

 

Since IP addresses don’t appear in initial orders, they can only appear in ‘subsequent reports’. The good news here is that those allowed to complain can at least try to file a complaint if they’re negatively affected. They must do that within five days of the ‘subsequent report’ (containing the IP addresses) being published on the AGCOM site.

 

There are some issues with that logic, however. First, AGCOM doesn’t publish subsequent reports. Second, a complaint will not stop the blocking.

Third, and probably most importantly, wherever the complaint procedure is mentioned, only recipients of a blocking order are specifically mentioned as qualified to complain.

 

That raises the prospect of pirate IPTV providers – immaculately reported to AGCOM for scrutiny before being deemed illegal by the regulator – being allowed to file a complaint. Those who have done absolutely nothing wrong, on the other hand, are treated as if they don’t even exist.

 

Of course, since they don’t even exist, filing complaints can be tricky. And, as established earlier, if there are no complaints that leads to the clear conclusion mentioned on TV: there has been no overblocking and any news to the contrary is fake.

‘Everyone Breaks The Rules’

This remarkable system “is a shit show” from beginning to end, a source familiar with it informs TF. There’s even a sarcastic suggestion that everyone abiding by the rules and regulations could bring the entire system down.

 

First, the law that disallows blocking of legitimate servers doing the legitimate work of legitimate third parties, is being violated. That means legitimate users are blocked, maybe in violation of their basic human right to send and receive information.

 

Second, information about blocks that should be published to facilitate correction of blunders, is not being published, also in violation of the regulations. Finally, we’re informed that some ISPs, having seen the mess, have decided to unblock some IP addresses without permission from those who initiated the mess, thus contravening the rules themselves.

 

One IT worker also expressed an interest in appearing on TV during the next debate but expects the spot to be scooped up by an ISP that also sells TV subscriptions.