Bungie’s interest in individuals linked to Destiny 2 cheat maker and distributor, Ring-1, became public in 2021.

 

A lawsuit filed at a California court named four defendants as suspected operators with an additional 50 ‘Doe’ defendants to be unmasked as the case progressed.

 

Six causes of action including copyright infringement, trafficking in circumvention devices contrary to the DMCA, trademark violations, and unfair competition, encouraged three defendants to settle with Bungie. However, with Ring-1 still in business, more work lay ahead.

New Lawsuit, New Determination

Filed at a Washington court early August 2023, a new complaint alleging copyright infringement, breaches of the DMCA, and civil RICO violations, among others, targeted up to 50 developers, marketers, customer support staff, and sellers of Destiny 2 cheating software offered by Ring-1.

 

According to the complaint, Bungie’s investigative work had already identified several defendants by name, while others were known only by their online handles. During September and October, identified defendants were served in West Virginia, Delaware, and Ontario, Canada, but in order to identify and serve more, on October 27, Bungie requested assistance from the court.

 

“Like the cheat itself, the Enterprise is sophisticated and its members go to great lengths to conceal their identities,” Bungie’s motion for expedited discovery explained.

 

“Many Defendants do not provide any contact information such as a physical address, email address, or phone number, and conduct their transactions entirely pseudonymously. Defendants also use privacy protection services to hide their names and contact information from the public domain name WHOIS database.”

Third Parties Likely to Hold Identifying Information

While those personal details had proven evasive up to that point, Bungie informed the court that it had been able to identify several third parties with past, current, or ongoing relationships with those it hoped to identify. Those parties, Bungie said, were likely to have records “uniquely attributable” to the unidentified defendants, and these would either directly or indirectly allow Bungie to identify and then serve its targets.

 

In respect of the Ring-1 website, Bungie named Nice IT Services Company (host), Digital Ocean (payment-related subdomains), and Telegram (support) as service providers that allow it to operate.

 

In connection with six alleged operators of Ring-1 (“Hastings,” “Khaleesi,” “Cypher,” “god,” “C52YOU,” and “Lelabowers74”), Bungie identified a further seven third party service providers upon which the Ring-1 operators reportedly rely; Twitch and YouTube (advertising), Streamlabs (enhance revenue, broaden reach) and Steam, where the defendants allegedly play Destiny 2.

 

Other providers include Yahoo and Live (where Hastings has email accounts), Google (where Khaleesi has a Gmail address), and Discord; according to Bungie, the alleged Ring-1 operators used to chat there before deleting their server in July 2021.

 

Bungie’s investigations reportedly identified accounts at ISPs connected to Hastings and Khaleesi; the former at Verizon and Comcast in the United States and the latter at Virgin Media and Sky Broadband in the UK. Five Ring-1 resellers identified by Bungie operated various services including Discord servers, websites, plus Twitter and YouTube accounts.

 

As a result, these third parties plus domain registrars Squarespace and GoDaddy, and e-commerce platform Sellix, are likely to hold identifying information, Bungie informed the court (sample of proposed order below).

 

Order Granted in Part, Denied in Part

Having considered Bungie’s rather broad motion, United States Magistrate Judge Michelle L. Peterson handed down her order this Wednesday.

 

While most of Bungie’s requests were found to be “narrowly tailored” to seek identifying information, requests to serve third-party subpoenas to Cloudflare, Storely, Selly, and “any other third-party Plaintiff identifies to be providing services of any kind to any one or more of the Defendants” were described as unsupported or overbroad.

 

Even with these denials and especially considering the number of services involved, Bungie’s narrowly tailored request could prove pivotal for the entire case. As such, unless extreme caution was exercised at all times, it will only be a matter of time before Bungie begins serving additional defendants.

 

 

Over the years, we’ve witnessed dozens of anti-piracy campaigns. Initially, these pointed out that piracy is illegal and immoral, hoping to change people’s views.

 

“Don’t Copy That Floppy” and “You Wouldn’t Steal a Car” are prime examples of these early attempts. While these campaigns captured the interest of a broad public, mostly for amusement purposes, they did little to stop piracy.

 

In recent years the tone of anti-piracy campaigns has changed. Instead of focusing on legal aspects and financial losses, they now place emphasis on pirates themselves being at risk, by associating piracy with ransomware, credit card theft, and other evils.

 

Just in the past month, two public service announcement campaigns were launched, both with a strong focus on security threats. In addition to rightsholders, these campaigns include State Attorneys General and the U.S. Government’s IPR Center, each adding extra weight to the messaging.

Is Cyber Hygiene a Remedy to IPTV Infringement?

Anti-piracy groups must have a good reason to focus on security issues instead of copyright law. Perhaps the former is more effective?

 

A new paper titled “Is cyber hygiene a remedy to IPTV infringement?” suggests that this could indeed be the case.

 

With this study, researchers from the University of Oxford, Bournemouth University and Hamad bin Khalifa University researched how psychological factors, including risk-taking and security behaviors, impact people’s tendency to use shady IPTV services. Put differently, what determines whether people are more likely to use ‘risky’ piracy services?

 

After completing several questionnaires, the UK-based respondents were presented with a mockup of an IPTV service. There were several mockup versions, ranging from a clean interface to ones with popups, even spy- or ransomware. For each version, respondents had to rate the perceived risk level, and their risk-taking inclination.

 

The resulting scores allow the researchers to see how much risk people are willing to take, with the built-in assumption that unlicensed ‘pirate’ streaming services generally have more risky signs.

Internet Addicted Pirates with Psychopath Personalities

The researchers hypothesized that people who score higher on Internet addiction traits tend to be less reluctant to use risky piracy services. The same should apply to people with dark personalities, which is a combination of the personality traits narcissism, psychopathy, and Machiavellianism.

 

The results of the study confirmed these predictions, showing that people who score higher on Internet addiction and dark personality traits are more likely to see risky streaming platforms as less problematic.

 

Vasilis Katos, Computer Science Professor at Bournemouth University, informs TorrentFreak that this is both good and bad news for anti-piracy advocates. Dark personality traits are relatively fixed and hard to change, but digital addiction can be addressed.

 

“Our findings show that people’s propensity to risk taking – in our case viewing AV content with a risk of getting infected by malware – is dependent on two main aspects: one’s dark personality traits and the degree of digital addiction.”

 

“The former is considered pretty constant and stable over time, as the dark personality traits have genetical and biological components, therefore less prone to change. For digital addiction, however, we accept that there are interventions where people can adopt in order to heal,” Katos says.

Cybersecurity Behavior

There is an important caveat, as the researchers stress that addressing Internet addiction might not only affect online piracy, but also legal consumption. After all, binge-watching on official streaming platforms is also a form of addiction.

 

A more straightforward option to deter pirates lies in the online security realm. The study reveals that people’s cybersecurity practices and behaviors, mediate the link between digital addiction and risky IPTV viewing.

 

 

This mediating effect suggests that when people are warned or educated about the risk of malware, fraud, and other evils on pirate sites, they are less likely to use these services.

 

“(i)n order to reduce the likelihood of someone consuming illegal IPTV content, we can address their digital addiction and/or improve their cybersecurity behaviour and hygiene,” Katos notes.

Piracy Genes?

Put differently, the anti-piracy campaigns that focus on security awareness aspects, which we have seen pop up repeatedly in recent years, can be an effective strategy; perhaps even more effective than legal threats.

 

That said, the researchers stress that piracy is a complex issue that no single measure can solve. People who are born with dark personalities, particularly the psychopathy trait, are genetically predisposed to take more risks online.

 

No matter how many malware threats there are, some people are simply willing to take the risk; just like there will always be people who step in to launch new piracy services. It’s in their genes, apparently.

 

“[A]lthough these [security-focused] campaigns could contribute to the decrease of risky IPTV viewing practices, they will not eliminate the problem, as there is always the portion of the population that are risk takers and perhaps seek thrills, as part of their psyche,” Katos concludes.

 

—

 

A copy of the preprint article covering the research in detail is available below. The results have not yet been peer-reviewed and should be interpreted as such.

 

Shah R, Cemiloglu D, Yucel C, Ali R, Katos V. Is cyber hygiene a remedy to IPTV infringement? A study of online streaming behaviours and cybersecurity practices. Research Square; 2023.

 

Much like regular websites operated by governments, companies, organizations, and the general public, most internet-based piracy services can be accessed using a domain name.

 

From a user’s perspective, domain names are more easily remembered than IP addresses and remain the same despite IP address changes behind the scenes.

 

Domain names also play an important role in conveying branding and as a result can be worth considerable sums of money. For companies enforcing their intellectual property rights, determining who owns a domain can prove invaluable as part of a wider investigation.

 

When the General Data Protection Regulation (GDPR) came into effect in May 2018, it aimed to protect the personal data of EU citizens. That included those whose names appeared in public WHOIS databases as registrants or owners of domains.

 

ICANN, the Internet Corporation for Assigned Names and Numbers, responded with restrictions that on one hand protected registrants’ privacy, but on the other came at the expense of rightsholders’ being able to conduct meaningful WHOIS-based investigations.

ICANN Accused of Hindering Rightsholders

Potential problems had been flagged way ahead but workable solutions remained elusive. Increasingly vocal rightsholders including the RIAA and MPA criticized WHOIS restrictions and piled on with other shortcomings; WHOIS proxy/shielding services that hide registrant information, for example, and the lack of an effective system to ensure the accuracy of collected data.

 

In an August 2023 joint submission to the United States Patent and Trademark Office (USPTO), Hollywood, the recording industry, TV companies, the gaming industry and publishers left little doubt that patience had run out.

 

RDRS: Registration Data Request Service

With WHOIS protocols set to be replaced by RDAP (Registration Data Access Protocol), a technology designed to improve Registration Data Directory Services (RDDS), this week ICANN launched RDRS, an all new service to simplify access to non-public domain registration data.

 

 

“Due to personal data protection laws, many ICANN-accredited registrars are now required to redact personal data from public records, which was previously available in ‘WHOIS’ databases,” ICANN explained.

 

“With no one way to request or access such data, it can be difficult for interested parties to get the information they need. The RDRS helps by providing a simple and standardized process to make these types of requests.

 

“The RDRS can be an important resource for ICANN-accredited registrars and those who have a legitimate interest in nonpublic data like law enforcement, intellectual property professionals, consumer protection advocates, cybersecurity professionals, and government officials,” ICANN added.

Probably Not What Rightsholders Are Pleading For

There appears to be little restriction on who can sign up for RDRS, something that already has some worried about what that could mean for their privacy. ComLaude confirms anyone can file a request but it doesn’t necessarily follow that information will be provided.

 

RDRS is effectively a case management system for handling WHOIS data disclosure requests, rather than a database which can be interrogated, as WHOIS has been. Anyone can make a request, via the system, for certain non-public domain registration data. RDRS identifies the sponsoring registrar for the domain name and routes the request to them, subject to the registrar having signed up to be part of the system. Then, subject to applicable law, the registrar will make a determination on what, if any, requested data will be disclosed.

Some rightsholders may be disappointed that the system only covers gTLDs such as .com, .net, and .org, plus new gTLDs including .xyz, .online and .horse. Common ccTLDs deployed at pirate sites, including .ag, .am, .cc, .me, .pw, .re, .sx, and .to, are excluded from the system.

Hands-On Test

Kevin Murphy at Domain Incite took RDRS for a spin and posted his first impressions of the service.

 

“The system is defined largely by what it isn’t. It isn’t an automated way to get access to private data. It isn’t guaranteed to result in private data being released. It isn’t an easy workaround to post-GDPR privacy restrictions,” Murphy explains.

 

“It is a way to request an unredacted Whois record knowing only the domain and not having to faff around figuring out who the registrar is and what their mechanisms and policies are for requesting the data.”

 

Murphy also got the impression from interface settings that simply walking in off the street and requesting domain registration data might not be what ICANN has in mind. As a tool for rightsholders demanding so much more, it’s certainly nothing like what they have in mind.

 

“The RDRS merely connects Whois data requestors — the default settings in the interface suggest that ICANN thinks they’ll mostly be people with court orders — with the registrars in charge of the domains they are interested in,” Murphy concludes.

 

Like many other countries around the world, India’s copyright law allows rightsholders to limit access to pirate sites.

 

Major entertainment industry companies regularly obtain injunctions that require local Internet providers to block websites to prevent piracy.

 

In essence, these measures are straightforward as specific domains are identified for blocking. However, injunctions can be issued before infringements take place and can be dynamic or temporary, depending on the situation.

 

In the early years, blocking injunctions were used as a blunt instrument, instructing Internet providers to block legal platforms such as Vimeo, while GitHub and the Internet Archive also ended up in the crosshairs years ago.

GitHub Blocking Troubles

Accuracy-wise, some progress has been made over the years but that doesn’t mean that overblocking is no longer an issue. Throughout this year, several GitHub users have reported persistent problems accessing the platform.

 

The issues related to GitHub appeared in January of this year, when several Indian developers noted that they could no longer use the site properly. The main Github.com domain was still accessible but raw.githubusercontent.com, where code is typically stored, was blocked.

 

This made it impossible for developers to work on projects and several applications that used GitHub-hosted code started to return errors.

 

“This URL has been blocked under the instructions in compliance with the orders of a Hon’ble Court,” a typical error message read.

 

Since some pirate apps use GitHub it’s possible that raw.githubusercontent.com was listed in a copyright-related injunction, resulting in massive overblocking. As far as we know, the court order in question hasn’t been published but several ISPs were affected.

Problems Persist Despite Reversal

After some backlash, the underlying order was reportedly retracted, after which GitHub started working properly again for most Indians; but not for all. After nearly a year, there are still widespread reports from people who can’t use the site.

 

The problem is discussed repeatedly on social media and local news outlets with users from ISPs such as JIO and Hathway complaining that raw.githubusercontent.com is not accessible.

 

“From the past few weeks I am unable to access raw.githubusercontent.com on my Jio network,” one Redditor writes, with many others sharing a similar experience. On X, several users are reporting that they continue to have issues too.

 

 

Not all subscribers appear to be affected and other Internet providers don’t appear to have the same issue. This suggests that the affected ISPs didn’t properly unblock the URL earlier this year when the court order was retracted.

GitHub Responds

GitHub is aware of the problems in India. The Microsoft-owned platform informs us that it’s investigating the issue to see if full access for all users can be restored.

 

“As the global home for all developers, we firmly believe that everyone should be able to contribute to the future of software development regardless of where they live,” GitHub informed us.

 

“We are aware of reports that there may be issues with accessing the raw.githubusercontent.com domain in India and are investigating to determine how access can be restored.”

Transparency / Speculation

The lack of transparency regarding Indian court orders and retractions doesn’t help to solve the problem. To the public at large, it still isn’t clear on what grounds GitHub was partly blocked.

 

One potential tie-in could be the PikaShow app. After becoming the official sponsor for the Afghani cricket team during last year’s Asia Cup, Indian rightsholders pulled out all the stops to block the app.

 

Through an injunction, GitHub was ordered to disclose information on the developers behind the PikaShow account, but it’s possible that a separate blocking order also targeted the site’s raw.githubusercontent.com URL.

 

The above is pure speculation, which emphasizes the need for more transparency. That’s especially important now that Indian authorities are requiring domain registrars to comply with blocking orders too if they want to continue operating in the country.

 

Meanwhile, the developers affected by the continuous blockade have to find ways around the technological restrictions. Luckily, that’s not too hard for this tech-savvy audience.

 

Over the past four years, anti-piracy campaign Operation 404 has become a permanent fixture in the enforcement calendar with the results of new phases announced every few months.

 

The results of the fifth wave of Operation 404 were released in March 2023; around 200 illegal streaming and gaming sites, 128 domains and 63 music apps were reported blocked, with raids on locations across Brazil leading to 11 arrests.

 

While Brazil has been the focus of Operation 404 from the very beginning, the campaign has received considerable support from international rightsholders, government bodies and law enforcement agencies. The latest results relating to the sixth wave (Operation 404.6) released this week reveal progress and continued support from a laundry list of international contributors.

 

They include: City of London Police, United States Department of Justice, UK Intellectual Property Office, Peruvian anti-piracy group Indecopi, Argentina’s Public Ministry, a dozen Civil Police forces in Brazil, Alliance for Creativity and Entertainment, MPA Latin America, International Federation of the Phonographic Industry, US Patents and Trademarks Office, Brazilian Pay TV / Telecom Association, Latin American anti-piracy group Alianza, Premier League, Brazil’s National Council for Combating Piracy and Crimes Against Intellectual Property, the Entertainment Software Alliance, and Brazilian anti-piracy body APDIF.

Sixth Wave of Operation 404

A statement from IFPI notes that Operation 404 remains one of the largest campaigns of its type. Thus far the operation has resulted in the suspension of nearly 1,500 domains, the removal of 780 infringing music apps, and delivery of more than 100 search warrants, IFPI says.

 

Action against 12 major stream ripping and MP3 download apps supported the music industry in wave six, with IFPI reporting that collectively the apps received over 4.3 million downloads in Brazil alone. While the apps go unnamed, the global music industry group says that they were removed from major app stores and other sites offering them for download.

Reports By Authorities in Brazil

Information obtained from government and law enforcement resources reveals the execution of 24 search and seizure warrants; 22 in Brazil, and one each in Argentina and the United States. Reports indicate a total of 606 websites and applications blocked or suspended for illegal content streaming; 238 in Brazil, 328 in Peru and 40 in the United Kingdom. In some cases sites were deindexed from search engines and their accounts removed from social media by court order.

 

How many of the affected domains are currently redirecting to the latest seizure banner is unclear. We can confirm the banner is hosted on a subdomain of gov.br, the Brazilian government’s website, and we include it below for reference and for being perhaps the most comprehensive notice of its type ever seen online.

 

 

Local law enforcement agencies provide additional detail on operations carried out in their regions, some of which are summarized below.

Premier League Piracy, IPTV Operator Raided

Civil Police forces in several states are reported to have targeted the operators of websites and IPTV services offering illegal streams of Premier League matches.

 

In Mato Grosso, a large state in west-central Brazil, police targeted what appears to be an illicit IPTV provider. Authorities say that the service’s records show it had more than 60,000 customers; its operators face potential prosecution for intellectual property crimes, money laundering, and criminal association.

 

The Civil Police of Paraná (PCPR) report two search and seizure warrants executed against individuals suspected of ‘digital piracy’ offenses in the municipalities of Londrina and Assis Chateaubriand. Electronic equipment including cell phones and computers (image below) were seized as evidence.

 

 

Police also carried out a search-and-seize operation at an apartment in Ponta Verde, Maceió. Their targets were a couple from Brazil’s smallest state, Sergipe, said to have been living locally for the past several months. Police believe the pair are guilty of copyright infringement offenses but at the time of the raid, only a 26-year-old woman, her daughters, and their nanny, were at home.

 

According to his wife, the man was visiting the capital, Aracaju. That’s likely to have come as a disappointment to the Premier League, which had been reportedly working with police to target a pirate IPTV service and its operator at the Ponta Verde address. Nobody was arrested.

 

Other targets reported locally include the VidMate stream-ripping app said to have been downloaded 870 million times worldwide with over 1.1 million active users in Brazil.

 

Finally, reports indicate that the Peruvian government body Indecopi took action to block 157 domains dedicated to music piracy and stream ripping. There doesn’t appear to be any recent official reports of that nature but Indecopi has previously published lists of domains subject to blocking (1) including as part of Operation 404 (2).

 

Signed into law a quarter century ago, the Digital Millenium Copyright Act (DMCA) aimed to equip copyright holders with new tools to protect their works online.

 

A key element of the law requires online service providers to remove or disable access to infringing content in response to a takedown notice.

 

The system isn’t bulletproof. Rightsholders repeatedly complain that their content swiftly resurfaces after it’s removed. At the same time, the takedown process is abused by bad actors to censor or remove material in bad faith.

Shopify DMCA Harassment

DMCA abuse is nothing new, but it’s rare for online platforms to take public action against it, let alone take the matter to court. In an attempt to protect its vendors, e-commerce giant Shopify is one of the rare exceptions.

 

Last month, we reported that Shopify had filed a lawsuit against a “John Doe” who used DMCA takedown notices to remove listings from third-party stores. According to Shopify, the senders of these takedown requests did so without owning the rights.

 

This alleged scammer isn’t the only one wreaking havoc on the platform. A few days ago, Shopify filed a fresh DMCA abuse complaint at a Florida federal court. This time, the e-commerce platform has a named target; Orlando resident Amir Mokrian, a.k.a Clayton Burnz.

 

“Defendant Mokrian has repeatedly harassed, and continues to harass, Shopify merchants and Shopify itself through knowingly false allegations of copyright infringement. This lawsuit seeks to halt that misconduct and hold him accountable for the damage he has caused,” Shopify writes.

 

Dozens of False DMCA Notices

Shopify informs the court that it takes copyright infringement very seriously. The company receives thousands of notices each month and regularly removes shop listings deemed to be infringing. If a store owner is repeatedly targeted, they’re at risk of having their store closed completely.

 

The e-commerce platform relies on a mix of both human and automated reviews to process DMCA takedowns. This works well in most cases but the process is not bulletproof, as this lawsuit exemplifies.

 

Using several aliases including “Clayton Burnz”, Defendant Mokrian allegedly sent dozens of DMCA takedown notices to Shopify containing false claims. These requests targeted stores selling snore-reducing mouthguards and footwear insoles over alleged copyright infringement.

 

However, according to Shopify, these notices were littered with false information. They didn’t include any legitimate copyright complaints but were merely intended to harm other merchants.

Taking Out Competitors

The reason for this behavior is obvious; according to Shopify, Mokrian was running competing stores. By taking out the competition, interest in their own products should rise.

 

“It is plain that Mokrian submitted his fraudulent DMCA takedown notices for anti-competitive purposes. TeraNue—one of Mokrian’s stores on Shopify—sells snore-reducing mouthguards. Through his takedown notices, Mokrian targeted the same or similar mouthguard products sold by competing merchants,” Shopify informs the court.

 

“X-Care—another Mokrian store on Shopify—sells foot insoles, the same type of product sold by Rizzsoles.com, a Shopify merchant Mokrian targeted with his false notices. Mokrian used takedown notices not in an effort to root out copyright infringement, but in an effort to root out competition.”

 

One of Mokrian’s stores

 

Shopify ended up removing 38 competing products based on these false takedown claims. While these decisions were ultimately reversed, serious harm was done to both the affected shops and the platform itself.

 

The complaint notes that Shopify was financially impacted by the abuse. The company spent tens of thousands of dollars in personnel time and resources to address the issue. In addition, its goodwill was seriously harmed.

 

Through the lawsuit, Shopify hopes to be compensated for its losses. In addition, the company asks the Florida court for an injunction against the Orlando resident, prohibiting them from sending any fraudulent DMCA notices going forward.

 

—

 

A copy of the complaint Shopify filed at the U.S. District Court for the Middle District of Florida is available here (pdf)

 

 

Created by software developer Elias Saba and released on the Amazon Appstore in November 2016, ‘Downloader’ offered two things; an empty URL field and a download button.

 

Downloader was intentionally basic but as a former Fire TV Product Manager at Amazon, Saba knew that a simple tool to transfer files would solve a fundamental shortcoming. Over 50 million installs of Downloader to date speak for the software’s popularity but in May 2023, progress came to a screeching halt.

 

Several Israeli TV companies filed a DMCA complaint at Google Play alleging that Downloader offered copyrighted content. The companies supplied no details of the content allegedly infringed and said nothing about how ‘Downloader’ somehow managed to violate copyright law.

 

Google suspended Downloader leaving Saba no other option than to file a DMCA counternotice. The developer was forced to wait 10 business days for the complainants to respond and a total of 20 days for Downloader to be restored. After almost three weeks offline, Downloader had lost 47% of its active users.

 

Just six months later and it’s happening all over again.

Another Baseless Copyright Complaint

Speaking with TorrentFreak last evening, Saba calmly explained that a new DMCA takedown notice, filed by India-based anti-piracy outfit Markscan, had resulted in Google suspending Downloader once again. The news was delivered by Google on Sunday evening via the notice below.

 

Deficient DMCA Notice, Entirely Deficient Claims

Given Downloader’s limited capabilities, even a sensible discussion on the merits would’ve required Markscan to come up with something special. In the event, the DMCA notice filed at Google Play falls substantially short of the established minimum standard for removing a single URL, let alone an app boasting 50 million downloads.

 

In response to a request to ‘Identify and describe the copyrighted work’ allegedly infringed, the response ‘Properties of Warner Bros. Discovery Inc.’ is especially unhelpful.

 

In 2022, Warner revealed that its library consists of more than 145,000 hours of programming, including 12,500 feature films and 2,400 television series comprised of more than 150,000 individual episodes.

 

Alleging infringement of just one of these copyrighted works would’ve been trivial, had the DMCA notice stated a valid claim against an app that carries and indexes zero content, and is substantially less functional than a web browser.

 

Google says that it was notified that Downloader “allegedly infringes upon the copyright of others, and violates applicable copyright laws in the relevant country/jurisdiction.” Logic suggests that any alleged infringement would indicate a violation of United States copyright law. However, if we take Markscan’s home turf as an example, are vague allegations acceptable in India?

 

Just two examples picked at random (1,2, pdf) show that takedown notices filed by the same team offer a level of detail likely to meet standards almost anywhere. Why this wasn’t replicated in the complaint against Downloader raises serious questions.

Another DMCA Counternotice, More Time Offline

On Monday evening, Saba filed an appeal at Google Play and 24 minutes later received notification that it had been rejected.

As a result the developer followed up with a DMCA counternotice. No response had been received at the time of writing.

 

Shortly after, Saba was contact by Google AdMob who informed him that ads in the Downloader app will stop being served if it isn’t restored by Tuesday (today). The background to this message is interesting, as Saba explains.

 

“You see, I never had ads in my app and relied solely on donation buttons in the app. But when the app was suspended last time, I learned those donation buttons stop working, even for people that already had the app installed,” he informs TorrentFreak.

 

“As a backup plan, in case the app was suspended again, I added ads to the app for the first time. Now I know it was a mistake going with Google for the ads since, evidently, they break those as well when the app is suspended. I just can’t catch a break.”

 

Popular Internet infrastructure service Cloudflare has come under a lot of pressure from copyright holders in recent years.

 

The company offers its services to millions of customers including multinationals, governments, but also some of the world’s leading pirate sites.

Cloudflare Must Stop Pirate Site

Pirate sites have proven to be quite a headache for Cloudflare and have landed the San Francisco-based tech company in court on several occasions. This includes a case in Germany, where the local branch of Universal Music sued Cloudflare for offering its services to pirate site DDL-Music.

 

The lawsuit initially didn’t make any headlines, but when Cloudflare displayed an ‘Error 451’ to DDL-Music users in early 2020, it was clear that something was up. The 451 error code is rare and typically reserved for cases where content has been made inaccessible for legal reasons.

 

In this case, Universal obtained a preliminary injunction against Cloudflare that required the company to stop providing its services to the pirate site. Failure to comply could’ve invoked a fine of up to 250,000 euros ($274,000) or, even worse, Cloudflare’s managing director could’ve been sent to prison for up to six months.

 

Cloudflare complied with the order but took the case to appeal. The case eventually made its way to the Cologne Higher Regional Court, which handed down a mixed decision earlier this month.

Mixed Decision from Higher Court

In its decision, the Court confirmed that Cloudflare must take action against the blatantly-infringing pirate site, dismissing Cloudflare’s concerns that this could lead to overblocking. According to the ruling, DDL-Music has no other purpose than to share pirated music and Cloudflare plays a central role in making the site available.

 

The ruling will come as a disappointment to the Internet infrastructure company, but there’s a positive note as well. In addition to stopping its services to DDL-Music as a customer, Universal also wanted Cloudflare to block the site on its public DNS resolver 1.1.1.1.

 

The Cologne court concluded that a DNS blockade would be a step too far, as Cloudflare’s DNS doesn’t play a central role in making the site accessible. There are other DNS providers that do the same.

 

“[D]efendant’s DNS resolver does not play a ‘central role’ in ensuring that the disputed music album could be freely shared on the Internet. The use of the defendant’s DNS resolver was neither necessary to find the IP address via the domain name, nor does it make access easier,” the court writes.

 

“The domain name could be resolved into the IP address just as easily using any other DNS resolver. The defendant’s public DNS resolver 1.1.1.1 is just one of many freely accessible DNS resolvers, the best known and most used of which is the Google public DNS resolver 8.8.8.8. The defendant’s DNS resolver therefore had no significant relevance to the accessibility of the infringing content of the disputed domain.”

 

According to the verdict, a DNS provider operates in a purely passive, automatic and neutral manner. This sets it apart from hosting providers or CDN services, which can invoke liability under Germany’s Telemedia Act (TMG) and EU law.

The DNS Blocking Frontier

The Cologne Higher Regional Court’s ruling is significant, and not just for Cloudflare. After many countries established that pirate sites can be blocked by Internet providers, copyright holders are trying to expand similar obligations further up the intermediary chain.

 

In this case, the Court established that CDN services can be liable but drew the line at DNS resolvers. That could prove to be important for DNS resolver Quad9, which faces a similar legal battle in Germany.

 

The issue isn’t limited to Germany either. A similar court order in Italy requires Cloudflare to block access to three pirate sites through its public DNS resolver.

 

These and other court orders will ultimately lead to important precedents going forward. However, the direct effect of the recent German ruling is rather limited. As Tarnkappe rightfully notes, DDL-Music has been offline since 2021, so there’s no need to block it at all.

 

Heise reports that the German Federal Music Industry Association (BVMI) is nonetheless pleased with the outcome, as it shows that Cloudflare plays a “central role in making illegal content accessible.”

 

According to the music group’s Managing Director of Legal & Politics, René Houareau, the decision sends “a further signal against the illegal use of music recordings by tightening liability as real perpetrator liability”.

 

Over the past few years, increased enforcement by players in both the private and public sectors has made Denmark one of the riskiest places in Europe for pirate site operators and prolific file-sharers.

 

Relentless pushback from local anti-piracy group Rights Alliance and its partnership with Denmark’s Special Crime Unit (National enhed for Særlig Kriminalitet (NSK)) has led to many site closures, arrests, and subsequent prosecutions.

 

The most recent reported conviction saw a 37-year-old man receive a 60-day suspended prison sentence in September for pirating more than a thousand works through local BitTorrent trackers.

 

In connection with this and other successes over the past few years, last month Rights Alliance revealed that Thomas Heldrup, the anti-piracy group’s Head of Content Protection & Enforcement, had been running an undercover operation in piracy circles since 2016.

Fears of Infiltration

Concerns that a site might have a spy on board certainly aren’t unusual; for many site operators, however, it’s the kind of thing that only ever happens to someone else, usually those perceived to be less careful than them. In some cases that might be true but
Denmark’s distinguishing features as a country may introduce complications.

 

A relatively small population and a language rarely spoken outside Denmark’s borders, presents an increased chance of local piracy communities overlapping. Combine that with a shared reliance on locally attractive content and one site’s security issues risk becoming a much broader problem, as the last couple of years appear to show.

 

Until recently, however, there were few signs to suggest those at the top of the so-called ‘Piracy Pyramid‘ may also have become targets in Denmark. Nevertheless, some of those with connections to Scene entities are starting to ask questions.

47-Year-Old Arrested in Denmark

In a statement last week, Denmark’s National Unit for Special Crime (NSK) announced that as part of a long-running investigation, a man was arrested on November 22 and then charged with copyright infringement offenses.

 

NSK said its officers searched the home of a 47-year-old man in South Zealand (Sydsjælland) and seized IT equipment in connection with illegal file-sharing and “copyright infringement of a particularly serious nature.”

 

“The case is about an organized network that has illegally shared extremely large quantities of films and TV series via file sharing services,” said NSK Police Commissioner Anders-Emil Nøhr Kelbæk.

 

While noting that NSK had no further information to offer at this time, Kelbæk said he was pleased that NSK had arrested another suspect believed to have played a ‘significant role’ in the unnamed network.

At Least Five Arrests Thus Far

Last week’s arrest was only the latest in a series of arrests carried out as part of the same long-running NSK investigation into the illegal distribution of movies and TV shows.

 

In late August, NSK arrested four people on suspicion of sharing “extremely large quantities” of movies and TV shows. NSK raided addresses in South-West Jutland, North Zealand and Bornholmand. A 43-year old was arrested at the last location, but it’s claimed he lives elsewhere. In common with last week’s arrest, all were charged on suspicion of “particularly serious” copyright infringement offenses.

 

In an almost identical statement to that issued last week, Commissioner Anders-Emil Nøhr Kelbæk said the case was about “an organized network that shares extremely large amounts of data, presumably in the form of films and series.”

Does Available Information Really Indicate a ‘Scene’ Bust?

TorrentFreak sources report concerns that last week’s arrest may be linked to Scene groups. Terminology used by NSK doesn’t instantly rule that out and does seem to suggest something potentially more significant than other arrests over the past few years.

 

According to NSK, the August arrests took place on August 28, 2023. Using information in Scene release databases we looked for Danish Scene groups and/or groups that were releasing Denmark-focused content before that date but then made no releases afterward; while that wouldn’t provide conclusive proof that a group had been targeted, the method has proven useful in the past. Findings as follows:

 

⦿ Nordic blu-ray release group (including Danish) paused Aug 13, restarted Oct 16. Nothing since
⦿ TV show release group paused Aug 28 to Sep 1 but continued as normal
⦿ At least one TV show group made dozens of releases on Aug 28 suggesting little ‘panic’ on that date

 

While activity late August suggests nothing especially out of the ordinary, activity since the arrest last week stands in contrast.

 

Notable Danish content release group inactivity since November 22 arrest as follows:

 

⦿ ‘HYGGE’ | TV shows | 550+ releases since March 23 | Last release Nov 23, 2023 07:43:39
⦿ ‘HiVE’ | TV shows | 650+ releases since March 23 | Last release Nov 23, 2023 05:03:52
⦿ ‘DKiDS’ | TV shows | 3000+ release since March 23 | Last release Nov 21, 2023 10:34:50
⦿ ‘DANES’ | TV shows | 640+ releases since May 23 | Last release Nov 22, 2023 08:13:21
⦿ ‘JYSK’ | TV shows | 520+ releases since March 23 | Last release Nov 23, 2023 08:20:39

 

TF is informed that some groups may have gone dark simply out of an abundance of caution. That may or may not include all or none of the above. It’s also possible that the groups have nothing to release. Furthermore, there are many other global groups with no obvious links to Danish content or Denmark that also stopped releasing on November 21. The reasons for this are unknown but holidays in the United States may play a role.

 

In an information vacuum, rumors are extremely common but if the authorities and/or Rights Alliance used intelligence obtained in other operations to infiltrate Scene groups or their affiliates, it wouldn’t be a surprise. It wouldn’t be surprise to hear that any group downtime was directly linked to turkey and/or alcohol consumption either but in any event, the next couple of weeks should prove informative.

 

Over the past few years, copyright holders have reported more than seven billion copyright-infringing URLs to Google.

 

At one point, the search engine processed close to three million links per day. A dazzling number to say the least.

 

In recent years the daily volume has slowly declined. This is in part due to Google’s active policy of making pirate sites less visible in search results. After years of complaints, these efforts were well received by copyright holders.

Five Million ‘Pirate’ Domains

In response to Google’s enforcement efforts and other anti-piracy measures, some pirate sites regularly switch to new domain names. That can help to get these sites back into the search results, albeit temporarily, since progress often doesn’t last.

 

This week, the search engine reached a new milestone. Since its records began, Google has now received takedown notices for five million unique domain names.

 

 

This ‘achievement’ prompted us to take a close look at the underlying data. Where are all these alleged pirate sites coming from? Who are the main offenders, and which domains shouldn’t be on the list?

Top Offenders

The two top-reported domain names, daft.sex and dsex.to, are relatively new. These adult sites were targeted in a massive enforcement effort by Pornhub’s parent company Mindgeek, which previously filed a lawsuit against the sites’ operator in a U.S. federal court.

 

After the Daftsex site lost its .com domain, it moved to alternatives, which were then targeted by Mindgeek both in court and through Google. The daft.sex and dsex.to domains had only been active for a few months but triggered close to a quarter billion takedown notices in that short period.

 

 

The other domain names in the top ten are a mixed bag. In third place, we find file-sharing service 4shared.com with more than 68 million targeted URLs. The majority of these were removed years ago. More recently, 4shared began actively working with rightsholders to prevent piracy by deploying filtering technologies.

 

The list also includes unknown sites such as mp3toys.xyz. This domain has been inactive for more than half a decade but previously hosted pirated MP3s, triggering over 50 million reported URLs.

20 Domains Received 10% of All Notices

While looking through the list of targeted domains it becomes apparent that it’s top-heavy. The 20 domains that were called out most frequently have nearly 750 million flagged URLs. This means that less than two dozen targeted domains account for more than 10% of all notices.

 

This means that while five million domains is an impressive number, it doesn’t mean that all pose an equal threat. There’s a long tail of sites that were targeted less than a handful of times.

 

Overall, we can say that the majority of the five million reported domains are only flagged incidentally. These may be smaller pirate sites or sites exploited by scammers to post spam links. However, it’s also very common for legitimate sites to be targeted, often by mistake.

Legal Sites?

The five million figure includes a wide variety of domains that obviously don’t deserve the ‘pirate’ brand. This includes dictionaries, which sometimes list terms that are associated with copyrighted content, for example. The same is true for many reputable news outlets such as The New York Times, the BBC, and TorrentFreak.

 

Ironically, Google also received takedown requests for pretty much all legitimate streaming platforms. Netflix was flagged 259 times over the years, while Disney+, HBO, Hulu, Paramount+, and many others were reported too. These are all errors, but they still contribute to the overall total.

 

Rightsholders have also reported Google.com URLs to Google, and not just a handful either. Over the years the company was asked to remove 775,454 Google.com URLs from its own search results.

Tens of Thousands of Copycats

Finally, it’s worth pointing out that the reported domain names include a lot of variations of the same pirate brands. Some of these are operated by the original owners, but popular names are also hijacked to draw search traffic.

 

The list of five million domain names includes nearly 1,000 sites that have the phrase “piratebay” in their name and the same is true for “fmovies” and “YTS”. The “123movie” brand takes the crown, however, with well over 3,000 domain name variations.

 

Overall, it is safe to say that the milestone of five million flagged domains should be seen in the proper context. On the one hand, it consists of a small group of notorious pirate sites. On the other, many more sites don’t deserve the piracy label.

 

News that Sky had won a new High Court injunction to tackle pirate IPTV services first appeared in the Financial Times on July 30, 2023.

 

The article outlined an injunction similar to those previously obtained by the Premier League, noting that ISPs would be compelled to block Sky’s “best selling football games and blockbuster TV shows.” Why Sky would go to the trouble of obtaining an injunction to block access to matches, already being blocked by the Premier League, still makes little sense. Blocking TV shows was new, however.

Means to Shut Down Sites at Certain Times

The FT reported that the order obtained by Sky was designed to protect a “broader range of content” from across its programming.

 

“Sky will now have the means to shut down individual pirate sites at certain times,” the article noted, adding: “For example, the ruling could be used to block illegal access to The Ashes on Sky Sports Cricket, or to a specific show such as House of the Dragon on Sky Atlantic when it is first broadcast and reaches its largest audience.”

 

Apart from the apparent futility of blocking already blocked football matches, the report was entirely plausible and easily confirmed, had the actual High Court order been made available. Unfortunately, the UK’s system isn’t great and in the case of blocking injunctions, specific details are hidden to prevent circumvention. Even the names of the target IPTV providers can be difficult to determine, although not impossible.

Sky Causes Major Disruption

With almost no information accessible to the public and mystery surrounding Sky’s strategy, it’s impossible for outsiders to provide anything like a comprehensive overview. We certainly don’t claim to offer one here, but since all signs point to one of the most extraordinary mechanisms we’ve ever seen, taking a closer look seems warranted.

 

As reported earlier, BunnyStream, Enigma Streams, GenIPTV, CatIPTV, GoTVMix and IPTVMain are among the priority targets and from the information available to us, Sky’s blocking efforts have not gone unnoticed.

 

Providing exact dates is difficult and potentially unhelpful, but we estimate that over a period of four to six, maybe even eight weeks starting in August, Sky targeted between 80 and 100 domains/subdomains, most of them operated by the services listed above.

 

Subdomains were already in use on some platforms, but there are fairly clear signs that some targets deployed new subdomains as a countermeasure against blocking. At least for a while that can pay off, but we get the impression that Sky doesn’t wait long to respond either. In other cases, blocked domains seem to have been abandoned, suspended for abuse, or put up for sale.

 

 

Other countermeasures include the acquisition of new domains, backup domains being dusted off, and subscribers receiving advice to use a VPN to overcome blocking, as the text on one portal shows.

 

IPTV streaming is increasingly being targeted by cable operators and their lawyers. This has led to some IPTV services being blocked by ISPs. One popular example is the blockage of IPTV services regularly exhibited during Premier League matches in the UK.

 

Some IPTV services are able to circumvent this. However, the easiest and most reliable way to ensure you can still stream despite ISP blocks is to use a VPN.

Another 300 Blocks – But Blocking What?

With at least one of the targeted platforms resorting to what appear to be machine generated subdomains, Sky is certainly being kept busy, so at some point the High Court may be responsive to closing that loophole.

 

On top of what may have been the first batch of 90 domains/subdomains blocked previously, our estimates suggest another 250+ blocks since, and potentially more than 300. Whatever the true number, the volumes are high but as mentioned earlier, impossible for outsiders to properly measure.

 

That leaves the question of what Sky content these platforms are offering and how blocking that content dovetails with the order handed down in July. After obtaining a copy of the High Court order, the nature of the blocking is easily understood. Justice Meade’s key statements are as follows:

 

– The order sought has two elements, a dynamic block and a static block. Each of these, individually, is well precedented in decisions going back now over ten years in the case of the static blocking orders and, in many respects, the order sought today is a straightforward combination of those two types of orders.

 

– I do think it is appropriate to give some reasons in relation to the respects in which the orders sought today is different from what has come before. The significant difference, in my view, is that Sky seeks, in relation to the dynamic part of the order, to apply blocking measures at times and for periods of its choosing. The length of period and the amount of time that can be blocked per amount of calendar time is confidential (lest it facilitate evasion), and I will not state it in this judgment because I am sitting in open court.

 

– Under the proposed dynamic blocking approach, it would be Sky that chooses when to apply blocking measures, and for how long. The reason why this might be a potentially significant change is that it somewhat diminishes the amount of foresight that the court can use about the proportionality of the blocking. It might have, I was concerned, a slightly unpredictable effect or at least the capacity for an unpredictable effect. Without, as I say, going through the details of the periods permitted because they are confidential, I would be concerned about the effect that the new approach might have on the ISPs.

 

– That concern in relation to the ISPs is, of course, very substantially ameliorated by the fact that they have not opposed this order and have been in dialogue with Sky and its experts about what is proposed. On the evidence I have seen, I am satisfied that they are not unduly concerned.

These details pertaining to the blocking aspects of the injunction are certainly interesting. Unfortunately, the nature of the content that effectively authorizes blocking under the terms of the injunction is even less clear now than it was in the summer.

Not Particularly Valuable, “Relatively Banal” Content

Blocking injunctions have nearly always been sought to protect specific, high-value content. Hollywood obtains injunctions to protect movies and the recording industry aims to protect music, it’s usually as simple as that. The overall goal of the Sky injunction is no different in that respect.

 

However, it appears that unlicensed distribution of Sky’s most popular football matches, House of the Dragon, or other high-value content, isn’t the specific trigger for blocking under the terms of the injunction. Indeed, Justice Meade’s comments made at various points in the order indicate that the opposite is true.

 

– This is quite a significant departure from previous orders which have been more specifically targeted at, particularly, valuable content in the nature of a particular sporting events and the like.

 

– I do think the proportionality analysis is different and merits comment because the blocking is not, in this instance, targeted at particularly valuable or notable content.

 

– [T]he fact that the blocking windows permitted are not around the clock and are to be targeted by Sky at its own election, and the fact that that will, in principle, allow Sky to deploy blocking windows against content which might, theoretically, at least be relatively banal…

 

– Although the blocking is not necessarily to be directed to premium content, the goal of doing it is to protect that content and to protect the totality of Sky’s investment in its broadcast business as a whole.

Such an unorthodox yet innovative blocking injunction could be a sign that a specific issue presented unique challenges. We have no clear information to show that was actually the case, but coming up with a hypothetical scenario that fits isn’t too difficult.

Hypothetical Problem, Hypothetical Solution

Under EU law, sporting events are not classifiable as works under the Copyright Directive. Football matches, for example, are subject to the rules governing the game, which leaves no room for creative freedom. As a result, live football matches are not protected by copyright law.

 

However, if a live match is recorded before its onward transmission, augmented by unique copyrighted elements such as logos, graphics, incidental music, and other intellectual property already owned by a broadcaster, a match becomes a film protected under copyright law.

 

That might lead to a theoretical injunction application requesting site-blocking to protect ancillary content, but has the ultimate goal of protecting all content, in and around it, while potentially avoiding time-consuming licensing intricacies.

 

After all, site-blocking is a blunt instrument, so if a smash-hit TV show just happened to air seconds after a copyrighted advert, potentially containing copyrighted music theoretically owned by a broadcaster, blocking wouldn’t discriminate.

 

Useful collateral damage then? Possibly, at least in theory.

 

Ulož.to is one of the most popular sites in the Czech Republic, built on a reputation of allowing users to share files with each other and those further afield. In common with other sites operating in that field, Ulož has found the road ahead becoming increasingly complicated.

 

While users are free to share almost any file on Ulož, some inevitably share copyrighted content including music, movies, and TV shows. That has drawn negative attention from rightsholders who have sued the platform again and again. In July this year, one of those actions led to a local court fining the site for a movie uploaded by one of its users.

 

Ulož has also faced pressure to implement upload filters. Citing fears that over-blocking would ensue, Ulož resisted the calls and warned that restricting access to legal content would run contrary to EU law.

EU Law Forces Restriction of Content

To that background, an Ulož statement published Friday is somewhat ironic. Announcing fundamental changes to its business model, Ulož says that from December 1, 2023, users of its file-hosting services will only be able to download files they uploaded themselves. The change effectively ends file-sharing on Ulož and according to the site’s owners, the EU’s Digital Services Act is to blame.

 

“We have always carefully ensured that the operation of Uloz.to is in accordance with valid Czech and European legislation. This was repeatedly confirmed by court rulings in disputes, which were often purposefully conducted against us,” says Jan Karabina, CEO of Cloud Platforms, the company behind Uloz.to.

 

“In order to continue to meet all legal criteria in the future, especially in connection with the new European legislation, we are introducing significant changes to the functioning of the cloud storage Uloz.to Disk from 1 December 2023.”

Fundamental Changes Imminent

Now just a week away, Uloz characterizes the incoming changes as fundamental.

 

“Uloz.to Disk cloud storage services will only be accessible to registered users from Friday 1 December 2023. They will only be able to upload files that they have uploaded to the storage. It will not be possible to share the files to the public or to an address via a link,” the company’s announcement reads.

 

On a more positive note, Uloz says that users don’t have to worry about losing their files. If any customers are unhappy with the restrictions and don’t want to continue with a premium subscription, they can terminate their accounts or convert to a free package. In any event, any remaining subscription or credits will be refunded.

Digital Services Act

While Uloz notes that the EU’s Digital Services Act (DSA) imposes obligations on digital services acting as intermediaries, its announcement stops short of explaining exactly which parts of the DSA render its current business model untenable. There’s no shortage of candidates, however.

 

That ‘actual knowledge’ of illegal content is triggered when takedown notices are sent to intermediaries could prove itself to be a risk too far for those without deep pockets. Not allowing content to be shared with third-parties mitigates that, but given its scope and potential for being overly burdensome on smaller companies with disproportionately large userbases, the DSA’s requirements – as well-intentioned as they are – may have proven simply too much.

 

Finding itself nominated for notorious market status by the MPA last month is unlikely to have been welcomed by Uloz. Whether that contributed to the decision announced today is unknown but by disallowing file-sharing, it seems likely that Hollywood’s complaints will eventually fade into the distance.

Two years ago, Bungie filed a complaint at a federal court in Seattle, accusing AimJunkies.com of copyright and trademark infringement, among other things.

 

The same accusations were also made against Phoenix Digital Group, the operating company behind the website, and third-party developer James May.

 

AimJunkies denied the claims and argued that cheating isn’t against the law. In addition, it refuted the copyright infringement allegations; these lacked substance because some of the referenced copyrights were registered well after the cheats were first made available, AimJunkies said.

AimJunkies Strikes First

Last year, U.S. District Court Judge Thomas Zilly handed an early and partial win to AimJunkies. The original complaint didn’t provide sufficient evidence for a plausible claim that the ‘Destiny 2 Hacks’ infringed any copyrights, the Judge concluded.

 

This was a setback for Bungie, but the court allowed the game developer to amend its complaint, which it promptly did. As a result, the copyright infringement dispute is currently ongoing and progressing to trial.

 

During 2022, Judge Zilly also referred several of the non-copyright-related complaints to arbitration, including allegations that AimJunkies’ cheats violated the DMCA’s anti-circumvention provision and were illegally sold to third parties.

Bungie Wins Arbitration ‘Battle’

The arbitration process was conducted behind the scenes and resulted in a resounding win for the game developer; Bungie was awarded a total of nearly $4.4 million in damages and fees.

 

The bulk of the award was DMCA-related damages. According to arbitration Judge Ronald Cox, the evidence made it clear that AimJunkies and third-party developer James May bypassed Bungie’s technical protection measures in violation of the DMCA.

 

In addition to breaching the DMCA’s anti-circumvention provisions, the defendants were also found liable for trafficking in circumvention devices. Or, put differently, selling and shipping the cheats.

AimJunkies Files ‘Arbitration’ Appeal

The AimJunkies defendants were disappointed in the arbitration outcome and decided to challenge it at the Court of Appeals. In an opening brief, filed this week, they maintain that no law forbids cheating in computer games.

 

Bungie has repeatedly stressed that cheaters are not tolerated as they ruin the pleasure of honest players, which ultimately hurts sales of games such as Destiny 2. However, AimJunkies sees things differently.

 

“(i)n order for companies such as Bungie to obtain legal relief for any such ‘cheating,’ they, as with any litigant, need to demonstrate violation of an actual law or statute, such as patent or copyright laws, rather than simply shout, ‘Cheaters’ and hope the pejorative alone will be sufficient to establish liability,” the brief reads.

 

 

Bungie previously won several lawsuits against cheaters, either by default or through confidential settlements, but AimJunkies assigns little value to these achievements. According to the cheat seller, it’s first to take a stand and fight the issue on the merits.

 

“To the best of Appellants’ knowledge, they are the first actually to stand up to Bungie and seek a decision on the merits as to whether ‘cheating’ in computer games is unlawful in the absence of an actual violation of a recognized and existing intellectual property right, such a patents and copyrights,” they write.

Uncontested Witness Credibility

These musings mostly serve an introductory purpose. At the heart of the appeal is the question of whether the arbitration process was fair and correct; Aimjunkies believes it was not.

 

In concluding that Aimjunkies violated the DMCA by circumventing Destiny 2’s technical protection measures, the arbitrator largely relied on testimony from Bungie’s witness Dr. Kaiser. However, the appellants believe that the entire process was one-sided and erroneous.

 

A key aspect is that Dr. Kaiser, who was the only witness during the arbitration, was protected from a detailed and elaborate cross-examination. This meant that AimJunkies’ attorney couldn’t reveal any inconsistencies or weaknesses in the arguments that were made.

 

“[A]s Dr. Kaiser was the only witness offered by Bungie to support its claims that the ‘cheat’ software distributed by Phoenix Digital circumvented technological measures used by Bungie, the entire Final Arbitration Award is based on Arbitrator Cox’s admitted wholesale acceptance of whatever Dr. Kaiser said.

 

“Again, Arbitrator Cox declined to permit cross-examination based on Dr. Kaiser’s earlier, and contradictory deposition testimony which goes to the very heart of the credibility issue.”

 

This is a clear error according to the appellants. The credibility of the witness was a key factor in the arbitration outcome, while the other side was denied the chance to properly challenge this credibility.

Arbitrator Bias

The appeal brief goes on to argue that the “excessive” $4.3 million damages award in favor of Bungie is yet more evidence that arbitrator Cox is biased.

 

AimJunkies stresses that, after Bungie sent a cease and desist letter in 2021, it removed the contested software from its platform. Until then, AimJunkies made roughly $43,000 from the product’s sales, just a fraction of the awarded damages.

 

As a result of this ruling, four people will effectively be rendered bankrupt, the opening brief states.

 

“Arbitrator Cox’s grossly excessive award, – over 100 times the maximum possible actual damage found by Bungie’s own damages expert and which will bankrupt the four individual Appellants if allowed to stand – demonstrates a clearly punitive intent on the part of Arbitrator Cox, far removed from any actual damage suffered by Bungie.

 

“It is further evidence of prejudice on the part of Arbitrator Cox, given that it rests largely on testimony that was never given and acceptance of arguments even Bungie itself never made,” the brief adds.

Battle Continues

The arguments presented above are just a fraction of the 44-page brief which ultimately concludes that Arbitrator Cox violated the JAMS arbitration rules.

 

AimJunkies believes that it didn’t receive the arbitration “service” it paid for and was entitled to receive. As such, the damages award should be reversed.

 

Before the Court of Appeal rules on the matter Bungie also has the chance to share its side of the story, so this battle is far from over. In addition, both parties continue to battle in federal court, preparing for the upcoming trial on the copyright infringement ‘cheating’ claims.

 

—

 

A copy of the opening brief, filed by AimJunkies and the other appellants at the U.S. Court of Appeals for the Ninth Circuit, is available here (pdf)

 

While premium IPTV services have built a reputation for beating legal platforms on both selection and price, they also cost at least some money to access.

 

Sites offering ‘IPTV for free’ can go either way, but thanks to so-called ‘FAST’ services such as Pluto TV and Peacock TV, taking risks is no longer necessary. That’s if older mainstream content scratches the itch and users don’t mind lots of advertising.

Something For Everybody

If showman P. T. Barnum had offered IPTV, the content indexed by iptv-org would’ve been the perfect fit. An eclectic mix of thousands of free TV channels from all over the planet, complete with EPG and the ability to fine tune exactly the type of content received via customizable playlists, iptv-org really does have something for everybody.

 

As a result, iptv-org’s repo is regularly found trending on GitHub and this week is no exception.

The fact that iptv-org aims to index streams that are already publicly available is an interesting angle, since at least in theory it makes the project a less straightforward target for rightsholders. A legal notice on the repo explains how rightsholders can have links taken down but of course, removing links does nothing to remove the actual streams.

Not that any of those pointers make any difference to some, however.

LaLiga Battles Pirate IPTV and iptv-org

Top-tier Spanish football league LaLiga (Liga Nacional de Fútbol Profesional) finds itself in perpetual conflict with pirate IPTV providers and controversy is rarely far behind.

 

In 2018, LaLiga updated its Android app, turning fans’ phones into spying devices capable of identifying unauthorized broadcasts in bars and restaurants. That resulted in a large fine for privacy breaches but didn’t deter a more recent proposal to remotely delete pirate apps from users’ phones.

 

LaLiga also sends conventional DMCA takedown notices to numerous sites and services. The truncated example below dated November 20, 2023, was sent to Google and demands the removal of over 1,100 URLs from search results.

 

The first 18 URLs concern the iptv-org repo on GitHub, based on the specific allegation that “the reported website sells channel services or subscriptions to servers that provide decryption keys for payment channels in an unauthorized manner.”

LaLiga Takedown Notice (Full version courtesy of Lumen Database)

 

While iptv-org does accept donations via OpenCollective, it doesn’t sell access to channel services or subscriptions. Since the entire point of the project is to index streams already open to the public, the claim that iptv-org sells subscriptions to servers that provide decryption keys is hard to fathom.

Google Yet to Make a Decision

Whether any of LaLiga’s content appeared on a channel indexed by iptv-org is impossible to determine from the information to hand. The notice references no specific content allegedly infringed or any specific URLs/channels where infringement allegedly took place. Instead it tries to deindex the project itself from Google search by targeting everything from its main page to pages dedicated to licensing and frequently asked questions.

 

At the time of writing, Google lists 92.1% of the 1,151 URLs in the notice as ‘pending’ which suggests the search engine may be taking a closer look.

 

Whether GitHub has received any direct complaints from LaLiga about iptv-org is currently unknown. However, since GitHub itself has been heavily targeted by erroneous LaLiga takedown notices, additional scrutiny probably wouldn’t go amiss.

 

Under U.S. copyright law, Internet providers must terminate the accounts of repeat infringers “in appropriate circumstances.”

 

This legal requirement remained largely unenforced for nearly two decades but a series of copyright infringement liability lawsuits, including a billion-dollar damages award against Cox, have shaken up the industry.

Music Companies Sue Optimum

While Internet terminations are more common today, that hasn’t stopped the lawsuits. Last December, a group of music rightsholders including BMG, UMG, and Capitol filed a complaint at the Eastern District of Texas, accusing Optimum’s parent company Altice USA of facilitating massive copyright infringement.

 

The pirating activity of subscribers shouldn’t be a surprise for the ISP, plaintiffs argued, as the company received numerous copyright infringement notices. This included those sent by the tracking company Rightscorp, which were paired with settlement demands.

 

“Rather than work with Plaintiffs or take other meaningful or effective steps to curb this massive infringement, Altice chose to permit infringement to run rampant, prioritizing its own profits over the Plaintiffs’ rights,” the complaint read.

 

To make the music companies whole, they demanded roughly a billion dollars in damages and an order requiring Optimum to prevent repeat copyright infringements on its network going forward.

Questioning the Evidence

Optimum’s parent company fiercely denies the allegations and argues that it’s protected by the DMCA’s safe harbor. To mount a proper defense, the ISP is conducting discovery for the upcoming trial, showing particular interest in Rightscorp’s piracy evidence.

 

Specifically, the ISP believes that the reliability and accuracy of Rightscorp’s detection system are central to its defense. Thus far, however, the piracy tracking company has failed to hand over all requested information.

 

To force the matter, Altice submitted a motion to compel Rightscorp to comply with the subpoenaed information. In its request, the company also scolds the music companies for trying to turn ISPs into copyright police, while characterizing Rightscorp’s copyright notices as ‘spam’.

 

“This case is the latest attempt by the music industry to engineer a copyright-liability regime that makes ISPs responsible for all infringement that takes place on the internet—and thereby turn ISPs into their de facto enforcers.

 

“Rightscorp intentionally sends out millions of notices a year, and includes threatening settlement demands therein, as it stands to gain a portion of each settlement received as a result of each notice. In reality, the volume of these notices is so high that it risks crippling Altice’s systems,” the motion adds.

 

More Information Needed

If the music companies want to hold Optimum liable for the copyright infringements of its subscribers, the ISP wants to review all underlying evidence in detail. Although Rightscorp has handed over some information, including notices and spreadsheets with metadata, the ISP seeks more.

 

For example, Rightscorp should be able to share information on its agreements with the music company plaintiffs, assessments of the accuracy of its piracy detection system, documents related to settlements with the ISP’s customers, and more.

 

“Given that the notices are at the center of the lawsuit between the Plaintiffs and Altice, Altice is seeking evidence concerning the accuracy and reliability of Rightscorp’s systems for detecting infringement and sending notices, as well as the data, evidence, records, or information on how Rightscorp verified the files before sending such notices,” the motion reads.

 

The complaint itself doesn’t include any of this information. Instead, the plaintiffs refer to Rightscorp, which takes a central role in this case as a result.

 

Rightscorp has yet to file a response to the motion, which is due mid-December. After that, the court will decide whether the piracy tracking company must hand over additional information, or not.

 

—

 

A copy of Optimum’s patent company Altice USA’s request for a motion to compel Rightscorp to comply with the subpoena is available here (pdf)

When cassette recorders, VCRs and similar devices hit the mainstream, entertainment companies with business models reliant on customers buying copies faced uncertainty.

 

The fear of consumer copies was encapsulated by the now-famous words of the MPAA’s Jack Valenti: “The VCR is to the American film producer, as the Boston Strangler is to the woman home alone,” Valenti said.

 

With the benefit of hindsight the VCR did more to help than it did to hinder but still, copying carried out privately in the home was considered a major threat with few enforcement options.

Private Copying Levy

Valenti’s statement in 1982 reached a broad audience but its essence wasn’t new. The potential for blank media to undermine the creative industries saw Germany introduce a levy in 1966, usurping the exclusive reproduction right with a right to equitable remuneration.

 

In 1985, France introduced “remuneration for private copying” to ensure that rightsholders were compensated for any harms caused by private copying of their works. A levy was placed on sales of blank media such as cassette tapes but as technology progressed, the levy became applicable to CDs and other recordable media.

 

Today, smartphones are the main source of private copying revenue which according to figures from 2021, now generates around €300 million per year for rightsholders.

Pushback Begins

While an annual boost of €300 million is good news for the beneficiaries, some believe the levy system is outdated and unnecessarily opaque. Since the price of a mobile phone 64GB and above is inflated by roughly 17 euros, whether anything is copied on the device or not, some have described the levy as anti-consumer too.

 

Compensation is paid to rightsholders through the company Copie France, at rates decided by a committee consisting of rightsholders, manufacturers of recording media, and consumers.

 

A French government report on private copying compensation published in October 2022 (pdf) offered several proposals for improvement. Noting that the rightsholders themselves provide usage statistics, using methods dating back a decade, calculation methods need to be updated transparently to reflect the reality of private copying today, in a market dominated by streaming.

French Politician Responds to Government Report

A L’Informe report published Monday reveals proposals from Member of Parliament Philippe Latombe in response to the government’s report.

 

Latombe’s first proposal is to transfer the decisions on how much levy is applied to each medium into the hands of the government.

 

“(i)n the same way as the finance law or the social security financing law, parliamentarians must be decision-makers and accountable to our fellow citizens,” the politician explains.

 

Latombe isn’t proposing the end of the existing panel (Private Copying Commission) but says its role should be to propose rates to parliament. L’Informe notes that the panel would also be prevented from initiating usage studies carried out by private companies at the levy fund’s expense. Instead, that work should be carried out by telecoms regulator, Arcom.

People Pay Levy Who Shouldn’t, Devices Shouldn’t Incur Levy Twice

The MP also criticizes the current system where the levy is collected on smartphones and tablets at the point of import, something that forces professional end buyers not liable to pay the levy, to enter a process to try and claim the excess back. Overpayments are currently estimated at between 40 and 50 million euros, so there are calls to simplify the process and ensure quicker refunds.

 

Latombe’s third proposal is to exempt smartphones and tablets reconditioned in France, currently subjected to a levy of 10 euros per unit. This would not only promote the use of the recycling market, protect the environment and create jobs, but would also ensure that devices would remain accessible to the socially disadvantaged.

 

 

Popular Internet infrastructure service Cloudflare serves millions of customers and provides a variety of connectivity and privacy features to the general public.

 

People can freely use the company’s open DNS resolver 1.1.1.1, for example, or use its IPFS and Ethereum gateways to access content on these decentralized web services.

 

One of Cloudflare’s main aims is to make the Internet more secure while respecting the privacy of its users. This laudable goal is broadly respected but in common with other internet services, abuse of Cloudflare’s services can lead to conflicting situations.

 

The California-based company previously terminated service to controversial sites including the Daily Stormer and Kiwi Farms. These actions were taken voluntarily, with Cloudflare citing an immediate threat to human life as the reason for the Kiwi Farms intervention.

Domain Blocking

In addition to these rare events, the Internet infrastructure company is also subject to court orders from around the globe. In some cases, these orders require the company to block access to piracy-related domain names.

 

Cloudflare mentions these blocking orders in its latest transparency report which covers the second half of 2022. The report doesn’t mention the number of court orders or blocked domains, but it confirms that Cloudflare complies with legitimate legal rulings.

 

“If we determine that the order is valid and requires Cloudflare action, we may limit blocking of access to the content to those areas where it violates local law, a practice known as ‘geo-blocking’,” Cloudflare writes.

DNS Blocking

DNS blocking orders apply locally and shouldn’t affect people in other countries. However, things got more complicated recently when an Italian court required Cloudflare to restrict access to three torrent sites through its public DNS resolver 1.1.1.1.

 

Cloudflare fiercely objected to the order but ultimately lost the legal battle. That left the company with no other option than to take action. But, instead of blocking content through its global DNS resolver, it geo-blocked the domains for Italians.

 

“To the extent that those websites used Cloudflare services, Cloudflare took steps following the issuance of the order to disable access to those websites for users in Italy or from Cloudflare equipment in Italy.

 

“Cloudflare took action to geoblock all three domains that were addressed by the court’s order and were using our service at the time the orders were issued via Cloudflare’s pass-through CDN and security services,” the company added.

IPFS and Ethereum Restrictions

In its most recent transparency report, Cloudflare further notes that it has implemented access restrictions on its public Ethereum gateway. The company doesn’t store any content on the Ethereum network, nor can it remove any. However, it can block access through its service.

 

If Cloudflare receives valid abuse reports or copyright infringement complaints, it will take appropriate action. The same applies to the gateway for the decentralized IPFS network.

 

In its previous transparency report, Cloudflare already mentioned more than 1,000 IPFS actions a figure that increased slightly in the second half of last year. At the same time, Cloudflare also restricted access to 99 ‘items’ on the Ethereum network.

 

 

Since these are ‘gateway’ related restrictions there’s no impact on the content hosted on IPFS or Ethereum. Instead, it will only make it impossible to access content through Cloudflare’s service.

 

It’s not clear how many of these restrictions are abuse or copyright-related, as not much context is provided. The Ethereum actions are, at least in part, a response to the U.S. Department of Treasury’s sanctions against the cryptocurrency tumbler Tornado Cash.

 

“Those sanctions raise significant legal questions about the extent to which particular computer software, rather than individuals or entities that use that software, can be subject to sanctions,” Cloudflare writes.

 

“Nonetheless, to comply with legal requirements, Cloudflare has taken steps to disable access through the Cloudflare-operated Ethereum Gateway to the digital currency addresses identified in the designation.”

DMCA Notices and Subpoenas

There are more obvious copyright responses as well. While Cloudflare generally doesn’t block content in response to DMCA notices for customers that use its CDN services, it does remove infringing content permanently hosted on its servers.

 

These hosting services have expanded over the years and the same is true for the volume of valid DMCA notices received, up from 18 to 972 in the span of a year, as shown below. That’s still a fairly modest number for a company with millions of customers.

 

 

Finally, Cloudflare reports that the number of civil subpoenas, including those issued under the DMCA, has decreased. Rightsholders including the Motion Picture Association (MPA) typically use these requests to obtain identifying information about Cloudflare customers.

 

In the second half of last year, the company received 20 civil subpoenas which targeted 57 domain names. That’s the lowest number since Cloudflare first disclosed this statistic five years ago, signaling a downward trend.

 

—

 

A copy of Cloudflare’s latest Transparency Report is available here (pdf)

 

According to data published by the UK’s Office for National Statistics, UK residents made 15.6 million visits to Spain in 2022, with holidays the most popular reason.

 

Whether Brits are on a two-week vacation or embedded within the ex-pat community, there’s a tendency to appreciate things less available at home, sunshine in particular.

 

For many, however, a longing for British things has created opportunities for those prepared to meet the demand. By offering BBC and ITV channels, for example, pirate IPTV services have become very popular indeed but since the packages offer much more, they’re almost a must for bars and restaurants in tourist areas.

Social Media Sales Attract Attention

According to information released by Spain’s National Police on Monday, a broadcaster’s representative filed a complaint after spotting a profile on social media platforms offering pirate IPTV subscriptions. Those packages granted access to sporting events to which the broadcaster holds the rights.

 

Officers assigned to the Technological Crimes Group of the Provincial Judicial Police Brigade of Alicante launched an investigation to identify the person behind those accounts.

Investigation: Key Findings

Benidorm is a seaside resort on Spain’s east coast. It’s a popular destination for tourists from the UK, including those who enjoy watching live football at local bars, often courtesy of IPTV packages.

 

Police investigators say they located several ads offering the subscriptions for sale. In one of the ads it was claimed that the person offering them had been “supplying IPTV to bars and restaurants in Benidorm for ten years, with support 24 hours a day, seven days a week.”

 

Police say the subscriptions were on sale for as little as £7 up to a maximum of £50, presumably based on subscription length and the content on offer. At least one package provided access to 594 channels, including those belonging to the broadcaster behind the original complaint.

 

Other findings led investigators to conclude that the person offering the subscriptions was from the UK and his target audience likely consisted of English speakers in Spain.

 

“During the investigation, police officers verified that the payments made were destined for a bank account in the United Kingdom and, in addition to sporting events, offered access to English, Scottish and Irish channels. For this reason, the audience to which the television offer was directed was of British or English-speaking origin,” police reveal.

 

“After various police efforts, the agents verified that the person who seemed to be behind the scheme was a British citizen who was linked to various bank accounts and who had his own Internet server to offer the services. The man had a home address in Benidorm and made continuous trips from the United Kingdom to the Alicante town.”

Policía Nacional Arrest Brit in Benidorm

After obtaining permission from a local court, police raided the man’s home in Benidorm. During the search, officers found two IPTV devices, a mobile phone, and a laptop. It’s alleged that an application open on the laptop allowed the man to control the IPTV services he offered on social media and at the time of the police intervention, he was offering several dozen, including some in Spain.

 

An inspection of the suspect’s mobile phone revealed various apps for accessing “banking entities” in the UK. Officers were only able to access one of those apps but found that the suspect had made transactions worth over £9,500. Many additional transactions were found by other means.

 

“[A]fter the officers of the Technological Crimes Group analyzed a payment platform through which the detainee charged for subscriptions, they verified that the person involved had allegedly received nearly 5,500 payments for the subscriptions, the majority in pounds sterling and about 200 payments in euros. The amount exceeded 185,000 pounds sterling and about 6,500 euros,” police note.

“Market and Consumer” Offenses

Police say a 62-year-old British man stands accused of intellectual property offenses, specifically those related to the market and consumers. That terminology suggests an eye on events back in 2019 that didn’t go exactly to plan.

 

Following complaints by top-tier football league, LaLiga, more than 50 people in the Alicante area appeared in court for showing LaLiga matches in bars and restaurants either via illegal IPTV packages, or official subscriptions designed for residential use.

 

After some of those individuals were found guilty, a criminal court in Alicante found that showing the matches in public wasn’t an intellectual property crime. That led to acquittals and the reversal of earlier guilty verdicts on the basis that “football does not have the character of a literary, scientific or artistic work” so copyright did not apply.

 

Cases against several bars in Valencia also failed to convince the court of intellectual property crimes. Instead, the court found that a minor crime related to the market and consumers had been committed.

 

 

As one of the leading niche blog platforms, Tumblr receives thousands of DMCA takedown requests every year. Many of these point to copyright-infringing material, but not all.

 

Tumblr’s parent company Automattic is known to inspect all takedown notices carefully and has a track record of defending its users, whether abuse is intentional or not.

 

To set an example, the company occasionally highlights the worst offenders in its “Hall of Shame.” This overview of the worst offenders welcomed a new entry last week; triggered by the unlikely confusion between a Star Trek fandom blog and an adult entertainment actress.

La Sirena

The recent Hall of Fame entry centers around “La Sirena,” which is Spanish for The Mermaid. Aside from being a dictionary term, Star Trek fans will know La Sirena as the Kaplan F17 Speed Freighter featured in the Picard series.

 

This starship is more than just another prop for die-hard Trekkies. The person behind the Tumblr blog “Mapping La Sirena” has spent countless hours and dedicated dozens of posts to the iconic Speed Freighter.

 

 

The term “La Sirena” isn’t exclusive to the starship, however. Others have adopted it too, including Venezuelan adult actress Antonella Alonso who picked La Sirena 69 as her stage name.

 

 

In theory, such diverse uses of “La Sirena” should never cross paths. According to Tumblr’s parent company Automattic, third-party takedown service ‘DMCA Piracy Prevention Inc’ has trouble distinguishing between the two, earning it a spot in the company’s ‘Hall of Shame’.

Hall of Shame

DMCA Piracy Prevention began sending takedown notices to Tumblr at the beginning of the year and has since submitted over 300 complaints. While Tumblr users occasionally post copyrighted content without permission, in this case many of the reported blogs were not infringing at all.

 

Instead, DMCA Piracy Prevention appears to confuse the ‘La Sirena’ fandom blog with their client ‘La Sirena 69’ based on little else than the similarity between the names. This resulted in a flurry of inaccurate takedown requests.

 

“In one recent copyright claim, the monitoring service targeted over 90 Tumblr posts that matched a keyword search of “la sirena,” Automattic’s Emily Fowler writes.

 

“But instead of alerting our team to La Sirena 69’s allegedly infringed content, the company reported a wide array of mappinglasirena.tumblr.com’s original posts—like a short essay about a new La Sirena booklet, an article analysis of the starship’s design, and even the blog owner’s thoughts on the fourth trailer for Picard season two.”

 

None of the reported links from the fandom blog contained anything that would even remotely violate the rights of the adult performer. As such, Tumblr’s takedown team rejected the notices and kept all the posts online, adding DMCA Piracy Protection to its “Hall of Shame” instead.

Prevent DMCA Abuse

The Trust and Safety team at Automattic hopes that by calling out these overbroad takedown campaigns, companies will review their processes and do better going forward. In this instance, there is plenty of room for improvement.

 

“Copyright monitoring services should not flippantly report content entirely irrelevant to their clients’ content; that is an abuse of the DMCA. These companies have a responsibility to verify that the content targeted in their takedown notices is actually owned by their client.”

 

Automattic’s team reviews DMCA notices meticulously and spotted that “La Sirena 69” is not “La Sirena” but that’s a difference takedown companies should notice, before sending their takedown requests. If not, independent creators such as “Mapping La Sirena” are at risk of being needlessly censored.

 

“Whether it’s an improved algorithm or more human eyes on every notice that they’re submitting, guardrails must be implemented to prevent DMCA abuse—otherwise, these monitoring services risk unnecessarily burdening innocent content creators, or removing innocuous content,” Emily continues.

 

“Tumblr is a special place—not only for Trekkies, but for anyone who writes prose, creates artwork, constructs moodboards, or expresses themselves in their own unique way. This mission is why we do what we do, and we will never stop fighting for users to champion this right in our little pocket of cyberspace.”

 

 

Online security is the headline theme of the StreamSafely anti-piracy campaign and this week the U.S. Government’s Intellectual Property Rights Coordination Center (IPRCenter) and Hollywood’s Motion Picture Association (MPA) revealed two new PSAs to boost the campaign’s visibility.

 

“There are piracy sites that appear legitimate and safe, but most are operated by global crime syndicates,” said Jan van Voorn, MPA’s Chief of Global Content Protection and head of ACE.

 

While that’s a fairly dramatic claim, at the highest level it appears to be true; it’s also entirely in keeping with the current drive to convince pirate site users there are much safer options elsewhere. That’s the foundation on which StreamSafely is built to ensure it meets its overarching goals. So what are those goals?

 

Through the prism and messaging of StreamSafely, the chief concern is to protect the financial welfare of consuming pirates and their families. Put much more bluntly, entertainment companies want to make sure that the people ‘stealing’ their content are kept safe and don’t have their private information unnecessarily exposed.

 

The most cynical might conclude that a) the campaign isn’t really concerned about pirates having their bank accounts emptied because b) its key aim is to demonize piracy through scare tactics and then c) wait for the signups to legal subscription services.

 

StreamSafely may have a straightforward message but the oversimplification above, convenient as it is, undersells the complexity of a campaign that is so much more.

StreamSafely: How it All Began

The people who came up with the StreamSafely campaign and still run it today are collectively known as Ctam Cable Marketing Association Inc., or CTAM for short. As the current member list shows, cable marketing has considerable scope.

 

Around 2018/19, CTAM approached IE Network, a company that describes itself as “part intelligence agency, part newsroom.”

 

IE Network says that by compiling the best data, insights and information, it’s able to “transform research and strategy into precise messaging with the right voice and tone, driving powerful storytelling that inspires, educates and persuades.”

 

Under the heading The Cable Industry v. Content Piracy the story CTAM wanted to tell is detailed on IE Network’s website.

 

 

CTAM wanted to combat an escalating content piracy industry that was robbing legitimate content creators of their intellectual property and risking the privacy and safety of content users. The members of CTAM turned to i.e. network to educate themselves about the bad actors in content piracy—and its end-users—to determine how best to educate the public about the implications of unauthorized entertainment content and to discourage people from consuming it.

“What followed was StreamSafely.com, a website sponsored by CTAM with content developed by IEN. Launching in late 2019, StreamSafely.com has already achieved its primary goal: to help visitors get smart about piracy and how to avoid illegal content consumption,” the website reads.

 

CTAM Stream Safely Video from the i.e. network on Vimeo

StreamSafely: Four Years Later

In November 2023, the same story is still being told. Piracy volumes remain massive and as highlighted earlier, risks are increasing. These threats disproportionately affect casual pirates who are less likely to know that adblocking software like uBlock doesn’t just block unwanted advertising.

 

When correctly configured, uBlock restricts the ability of the most cynical sites to offload malicious code onto the machines of unwitting site users. As a result, their ability to make money is massively undermined and if that’s taken to its logical conclusion, time spent running a site for profit is better spent elsewhere.

 

Before we explore what else uBlock is good for, CTAM’s tax filings (designated as a 501(c)6 nonprofit) for 2021 make for a fairly interesting read: $4.93 million in revenue vs. $4.56 million expenses, $1.1 million in compensation for the top three executives alone, and then a key mission revealing action to mitigate piracy and password sharing.

That leads us to CTAM’s business priorities for 2023, including: “Protect revenue by neutralizing content piracy through consumer education site StreamSafely.com” (pdf).

Can’t Study Pirates Properly Without Data

The CTAM website as a whole is an intriguing read but somewhat unfortunately, sections marked ‘Audience Intelligence Reports’ relating to the audience of StreamSafely.com are unavailable to the public. Nevertheless, it’s safe to conclude that visitors to the StreamSafely site are a useful source of data.

 

According to CTAM’s most recently published tax filing, in the last reporting period the marketing group spent $432,000 with IEN, the company it worked with to conceive StreamSafely back in 2019. The nature of the work carried out is unclear but since the company was previously asked to provide information on “bad actors” and their “end-users”, refreshed information may still be coming through.

That theory might make more sense if the MPA wasn’t involved in StreamSafely, and by default, anti-piracy coalition ACE, which has access to the best intelligence, globally.

 

Since CTAM also mentions an alignment of tactics with Digital Citizens Alliance, whose reporting is aligned with the MPA’s, not to mention many of CTAM’s own members, the entire project is surrounded by pools of piracy data, although the extent of any sharing is impossible to say.

Campaign Data, Measuring Success or Otherwise

That leads to the question of how CTAM is able to measure the performance of the StreamSafely campaign, i.e whether visitors to the StreamSafely website (mostly consumers of pirated content, if the targeting is right) find value and that leads to positive changes in behavior.

 

From the very first visit to StreamSafely.com it’s clear that a number of technologies deployed on the site can provide the campaign with significant insight, providing those visitors aren’t running uBlock, which blocks most if not all of them.

 

With help from tools offered by The Markup, which describes itself as a “nonprofit newsroom that investigates how powerful institutions are using technology to change our society”, the nature and abilities of those technologies can be presented in no-nonsense terms.

 

The Blacklight Privacy Inspector had a look at StreamSafely.com and reported back with its findings.

StreamSafely has ‘only’ five ad trackers, less than the average seven found on popular sites. But while popular sites usually get by with three third-party cookies on average, Blacklight’s Privacy Inspector found almost four times that on StreamSafely.

 

“These are commonly used by advertising tracking companies to profile you based on your internet usage. Blacklight detected 11 third-party cookies on this site. Blacklight detected cookies for Alphabet, Inc. and Microsoft Corporation,” Blacklight’s report reads.

Other technologies on the anti-piracy campaign site include behavior analytics system, Hotjar. By recording website visitors’ keystrokes, clicks, mouse and trackpad movements, Hotjar allows website operators to view visitors’ journeys through their websites using heatmaps and videos.

 

Combined with Google Analytics, Hotjar is a very powerful tool and sensitive too, especially when considering StreamSafely’s target audience.

The target audience of the StreamSafely campaign consists of people who visit pirate sites, who are unaware of the potential dangers. The aim of the site is to inform those people of the risks and make them aware of legal alternatives. At some point, success can be measured by the transformation of at-risk free-loading pirates into consumers of safe, legal alternatives.

 

That may be why StreamSafely uses tools provided by TK Interactive because, after all, stopping pirates from consuming pirated content is only the first step in their rehabilitation journey. And now that the risk of their bank accounts being emptied has been eliminated, they can put some of that hard-earned cash to good use.

 

Welcome aboard and stay safe.

In recent years copyright holders have tried many things to dissuade the public from visiting pirate websites.

 

Simply stating that piracy is illegal doesn’t appear to work very well, so this type of messaging often tries to appeal to other emotions.

 

For example, anti-piracy campaigns frequently stress that piracy hurts normal workers as it costs the entertainment industry thousands of jobs. Another strategy is to scare the public directly, by pointing out the ills people may encounter on pirate sites.

‘Holiday’ Piracy PSAs

This latter strategy continues to gain traction and it’s also the main focus of a new public service announcement (PSA) campaign launched by the U.S. Government’s Intellectual Property Rights Coordination Center (IPR Center) and Hollywood’s Motion Picture Association (MPA).

 

There are two videos, both set to appear in a short and longer version. The shorter 15-second clips are intended for social media, where they will be circulated in the coming weeks.

 

The gist of the PSAs is that people who use pirate sites and services to watch online entertainment risk running into malware, identity theft, and credit card fraud. This is illustrated quite dramatically, by burglars who raid the home of a happy couple enjoying an unreleased film from a pirate source.

 

Burglars Rob a Pirate

 

Interestingly, the video specifically (yet indirectly) suggests that a VPN service can’t do much to protect against these risks. Here’s the relevant dialog.

Man: Check this out. (starts film)
Woman: I didn’t even know this was out yet.
Man: It’s not, but I have my ways.
Woman: Are you sure that’s safe?
Man: I have a VPN, we’re good.

The VPN doesn’t stop people from physically entering your home, as the PSA depicts. And if we follow this analogy, it’s also true that VPNs can’t stop identity theft or malware, although some offer separate protection tools against the latter.

 

The second PSA is a message from IPR Center director Jim Mancuso, who issues a straightforward warning, again focusing on malware and fraud.

 

“If you watch pirated films or TV shows you could be exposing yourself to credit card fraud, malware or worse. Why deal with that when you could be watching your favorite series and films on legitimate platforms? Don’t let anyone ruin your screen time,” Mancuso says.

 

Stream Safely

 

Both PSAs point people to the Stream Safely campaign site which guides people to legal sources. In addition, the site provides additional information on piracy and file-sharing technologies.

Torrenting Isn’t Illegal

The Stream Safely site points out the potential risks of piracy but it doesn’t condemn file-sharing outright. For example, it acknowledges that downloading torrents isn’t by definition illegal, it depends on what people share.

 

Legal torrenting can be a good way to get large legitimate files, the website reads, adding that “generally speaking, sharing files across an internet connection is legal, so long as the files being shared aren’t themselves illegal and/or copyright law isn’t being violated.”

 

This language is paired with obligatory malware warnings and highlighted legal risks, including “copyright trolls” who sue people for allegedly downloading pirated films.

 

“[L]egal trouble is becoming more common for those who are torrenting illegal content, as internet service providers (ISPs) and copyright trolls get more and more aggressive in tracking down and prosecuting illegal torrents,” the website warns.

Beware of Trolls!

 

In summary, the campaign aims to point out that piracy isn’t risk-free. It appears to be aimed at casual pirates, who may not be as tech-savvy and therefore more at risk of running into trouble.

 

“Many consumers remain unaware of the risks involved in streaming or downloading pirated films. There are piracy sites that appear legitimate and safe, but most are operated by global crime syndicates,” says Jan van Voorn, MPA’s Chief of Global Content Protection and head of ACE.

Nuance

The main message of the PSAs is that “watching pirated content is never safe”. This is a conclusion we have seen in many industry reports over the years and while it’s certainly true there are elevated risks, there have been more nuanced voices too.

 

For example, we previously heard from anti-virus experts, who pointed out that email is likely a higher risk factor than pirate streaming sites. In addition, research from the EU Intellectual Property Office previously concluded that not all pirate sites are malware-ridden.

 

“At present, suspected copyright-infringing websites and streaming services are not normally considered to be dominant sources of malware or otherwise unwanted software distribution,” the research found.

 

That research may be dated by now, of course, and there are thousands of pirate sites, all with a unique risk profile. However, this nuance, understandably, didn’t make it into the Holiday anti-piracy PSAs.

 

In summary, there is at least one conclusion we can safely draw. Those who use legal streaming services such as Netflix, Amazon Prime, Disney+, and HBO are less likely to run into trouble than those who use pirate sites and services.