With no serious threat of being held to account, the DMCA takedown notice system is seen by some as a mechanism to hurt rivals or sow chaos for unspecified reasons.

 

As part of TorrentFreak’s regular monitoring of the Lumen Database, an invaluable repository of DMCA notices received by Google and other platforms, we recently uncovered a particularly malicious attempt to frame a respected free and open-source project as the entity behind a series of bogus DMCA claims against almost two dozen sites.

MicroG Project and Vanced

The MicroG Project (microG) is a software development initiative that enables Android apps that rely on Google Play services to run without them. The people behind the project say that while Android is a Linux-based open-source operating system, increasing numbers of libraries and APIs are only available on devices that run proprietary Google software.

 

One of many projects that relied on microG was YouTube Vanced, an alternative YouTube app that removed all advertising and enabled background play, among other things.

 

Due to legal issues, Vanced shut down in early 2022 but was soon replaced by ReVanced, a new project with similar functionality. ReVanced and various apps that have emerged as clones or copycats of Vanced/ReVanced still use microG in some way.

Imposters Masquerade as microG

Previously sponsored by Germany’s Federal Ministry of Education and Research, microG is a free-as-in-freedom open-source project. This means that microG is free of charge and has no restrictions on use, so when we saw copyright claims filed in microG’s name targeting almost two dozen sites, that obviously raised alarm bells.

 

On March 30, 2023, someone claiming to be ‘MicroG’ sent a DMCA complaint to Google. “The following websites use our content, which is a significant loss for our company,” it begins, listing the allegedly infringing URLs below.

 

In the majority of cases, the URLs relate to microG’s software when utilized in Vanced-related projects, with one notable exception seen at line 8 where the takedown notice targets microG’s official website.

 

Creator and developer of microG, Marvin Wißfeld, informs TorrentFreak that the copyright complaint wasn’t his work.

 

“I was not aware of any of this prior to your message and I doubt that any microG contributor is involved here either,” Wißfeld says. “I’ve never sent a DMCA takedown notice and don’t plan to ever do so either.”

 

So who sent the complaint, and what was their motivation?

Notice Claims to Protect Business of Vanced.cc

When people file DMCA notices with Google, they are asked to include a URL where the original content that has been infringed can be found. In this case the URL links to Google’s Play Store, a little ironic given it’s the last place one might expect to see microG.

 

Specifically, the URL links to Play Tube, an app with more than 10 million downloads that claims to provide an ad-free YouTube experience while potentially sharing users’ location, sexual orientation, web browsing history and device IDs for advertising or marketing purposes.

 

Circumstantial evidence suggests that, at least potentially, an app of this nature might benefit from having the URLs listed in the notice removed from Google search. After tracking the operators of the app to Vanced.cc, we asked if they were behind the complaint to Google. Two responses arrived in broken English a few minutes apart.

 

“We are not sending this removal request to google may be it’s fake,” said one.

 

“Someone is trying to remove these websites using our app,” said the other. “If we have any problem with these website then we will contact our official mail. Can you provide us with more information on the reporter? Can you provide us with more information on the DMCA removal requester so that we can take legal action against him.”

 

While a little tricky to read in parts, the general message seems to be one of denial.

Not An Isolated Incident

At the time of writing, Google has delisted 13% of the URLs in the complaint with 87% currently marked as pending. Other recent complaints, broadly along similar lines (but also completely bogus) were previously rejected in full.

 

Others, including this one sent by ‘copyright owner’ YouTube Vanced, whoever that is, listed the official YouTube app on Google Play as the original content infringed, before attempting to take down links related to microG and/or Vanced-type software.

 

These notices are sent directly to Google, so any ability to identify the fraudulent senders lies mainly with Google. On the basis that Google is unlikely to take on the role of the DMCA notice police, it requires those negatively affected to take some kind of legal action themselves.

 

The more fundamental problem is that the DMCA has no real teeth when it comes to punishing fraudulent notice senders. At some point that will need to be addressed but that’s unlikely to be anytime soon.

 

The fraudulent DMCA notice, falsely listing microG as the sender, can be found here

 

The European Union recognizes that online piracy poses a serious threat to copyright holders and the public at large.

 

In recent years, Europe has updated legislation to deal with modern piracy threats. This includes a requirement for large platforms to deter repeat copyright infringers.

 

The regulation is mostly targeted at legitimate user-generated content platforms such as YouTube, Twitter, and Facebook. However, traditional pirate sites are also on the EU’s radar, with several of the worst offenders highlighted in the recent piracy and counterfeiting watchlist.

 

According to the EU, pirate sites lead to “high financial losses” for copyright holders. Members of the public face risks too, such as piracy-related malware and scammers determined to obtain their credit card details.

Scammers Exploit Europa.eu

The EU warning highlights a real threat. While not all pirate sites are malware traps, scammers are known to use piracy to lure and exploit people. Ironically, this problem is now causing issues for the European Commission’s official website.

 

Over the past few months, we have documented how scammers are exploiting weaknesses in various Europa.eu portals including, most recently, the European School Education Platform. These scams exploit public upload tools to share .pdf files, which in turn advertise pirated versions of the latest blockbusters.

 

People who fall for these scams are in for a huge disappointment. Instead of gaining access to pirated movies, they are redirected to shady sites that often promise ‘free’ content in exchange for the visitor’s credit card details.

 

The European Commission has been aware of the problem for months and is working on it. After we published a second article on the topic last month, a spokesperson informed us that a long-term solution is being sought, without taking away opportunities for EU citizens to speak out.

 

“We are aware of it and continue working to resolve it. Long-term solutions require changes in the way we enable citizens to exchange with the Commission. It is extremely difficult to proceed quickly without disrupting the services offered to European citizens.

 

“We are working closely with all the concerned services to find the best solutions with the least possible disruption,” the EC spokesperson added.

Pirate Ads Trigger Hundreds of DMCA Notices

Despite these best efforts, the problem continues. Every day hundreds of fresh piracy scam adverts appear on Europa.eu and copyright holders are beginning to take action.

 

The EU website hosts the scams but doesn’t store any infringing material. Nonetheless, dozens of rightsholders have reported the dubious URLs. We don’t know how many reports the EU received, but Google’s transparency report shows that the search engine received over 500 DMCA notices for the Europa.eu domain alone.

 

At the moment, about a dozen URLs are being flagged each week, with a peak of more than 80 reported links. These DMCA notices, most of which point to the aforementioned piracy scams, are sent by rightsholders including IFC Films, Paris Filmes, and Sky UK.

Google Removes Europa.eu URLs

In several instances, the European Commission isn’t able to spot the problematic uploads. For example, a .pdf advertising a pirated copy of the film “The Last Manhunt” remains online today, more than two weeks after it first appeared. Following a DMCA notice, Google decided to remove the link from its search results.

 

In other cases, the Commission spots the scammy ads and removes them. When that happens, Google typically takes no action. According to Google’s records, the company has removed roughly two dozen Europa.eu URLs from its search results thus far.

 

The European Commission is well aware of the problem but this ongoing problem shows that dealing with repeat ‘infringers’ is not always straightforward.

 

Major Hollywood studios Disney, Paramount, Sony, Universal and Warner, plus relative newcomer Netflix, are all members of the Motion Picture Association (MPA). They have something else in common too.

 

Every single minute of every single day, rain or shine, people can be found pirating their movies and TV shows online. In Netflix’s case, that means every single piece of content the company has ever produced.

 

For studios with longer histories and huge catalogs of movies and TV shows, piracy doesn’t win the Oscar for Total Content Coverage, but still gets top marks for effort on top of its annual lifetime achievement award. Hollywood’s corporate sheen and projections of wealth have a tendency to suffocate public empathy, but on any level, that must be pretty intolerable.

Lawsuit Against PrimeWire

When Hollywood sued PrimeWire in late 2021, the only surprise was the timing. For more than a decade, PrimeWire had played a key role in illegally streaming many thousands of movies and TV shows, perhaps hundreds of millions of times.

 

The studios received annual licensing payments of absolutely nothing but were spending money on lawyers in site-blocking actions in multiple countries. PrimeWire’s operator/s never appeared in any of them, most likely too busy running the site and circumventing site-blocking orders.

 

The same applied in the U.S. lawsuit. In the site’s absence, the studios’ attorneys methodically obtained an injunction to shut PrimeWire down, but faced with overseas entities reluctant to take action, PrimeWire never went completely offline.

Can’t Kill What You Can’t See

Links to movies and TV shows did disappear from PrimeWire for a while but the studios weren’t taking the bait. They were already engaged in a compelling investigation to identify PrimeWire’s operator/s.

 

In most shutdown operations, unmasking the target is a priority. Taking a domain or shutting down hosting is the equivalent of shooting a zombie in the body; somewhat irritating but easy to recover from. Unmasking, on the other hand, opens up the possibility of a clean headshot and the elimination of potential resurrections.

Studios Win Lawsuit

In December 2022, the studios’ hard work and patience paid off when they were awarded $20.7m in statutory copyright infringement damages. PrimeWire’s conduct was slammed by the judge as “willful” and “particularly egregious,” with a particular focus on the fact that the site’s operators had avoided his courtroom.

 

Whether those barbed comments were ever heard at PrimeWire HQ, wherever that might be, is unknown. More importantly, the operator/s of PrimeWire were never found and still remain anonymous. The likelihood of the studios receiving $20.7m seems vanishingly small. Likewise, more than $417,000 racked up on attorneys fees.

And the Overall Winner is….

At the time of writing, PrimeWire is still operating from primewire.tf, a domain that should’ve been seized, but clearly has not. On pages where movies are listed, links to third-party hosting sites, including 2embed, OnionShare, CrocoVid, and HDOnline, supply the same content the studios spent a fortune trying to take down.

 

On this basis, it would be easy to conclude that the lawsuit was a waste of time and an even bigger waste of money. After all, what’s the use of a $20.7m judgment when nobody knows who’s supposed to pay it? Perhaps the bigger question is whether it would’ve been paid even under different circumstances.

 

The key question, then, is whether the MPA’s lawsuit achieved its main objective.

 

When the MPA sued PrimeWire in 2021, the site had been enjoying “approximately 20 million monthly visits.” Infringement levels were reported as “breathtaking” along with the following statement:

 

“In less than three years, [PrimeWire’s] U.S. user base has grown from less than 1 million monthly visits to approximately 20 million monthly visits,” the plaintiffs wrote.

 

Three or four months after the lawsuit was filed, traffic levels began to fall.

 

Blatantly repurposing the MPA’s original traffic statement provides a fairly accurate representation of the position today.

 

Three years after the MPA filed its lawsuit, PrimeWire’s entire user base has shrunk from 20 million monthly visits to less than a million monthly visits.

 

Who knows what PrimeWire’s operators have going on elsewhere, but PrimeWire.tf is obviously alive. Or perhaps it’s just not dead. Hard to say for sure.

 

Image Credit: InspiredImages/Pixabay

 

In recent years, website blocking has become one of the most widely-used anti-piracy enforcement mechanisms in the world.

 

ISPs in several dozen countries prevent subscribers from accessing a variety of ‘pirate’ sites. While new blocks are added every month, research on the effectiveness of these efforts is rather limited.

Early Piracy Blocking Research

One of the earliest pieces of academic research, based on UK data, showed that the local Pirate Bay blockade had little effect on legal consumption. Instead, pirates turned to alternative pirate sites, proxies, or VPNs to bypass the virtual restrictions.

 

A follow-up study added more colour and brought hope for rightsholders. The research showed that once a large number of sites were blocked in the UK, overall pirate site traffic decreased. At the same time, the researchers observed an increase in traffic to legal services such as Netflix.

 

These academic studies originated at Carnegie Mellon University. They were conducted independently but the research received sizable gifts from the Motion Picture Association. The movie industry group often cites these results to show that site blocking is effective.

New Blocking Study Adds Nuance

The two blocking papers and their results are founded on quality research, but they’re not without limitations. One shortcoming is that they are based on UK data that may differ from how blocking measures affect piracy and legal consumption in other parts of the world.

 

A recently released study can partly fill this gap. It was conducted by researchers from the Catolica-Lisbon School of Business and Economics in Portugal, in collaboration with a colleague who, again, is affiliated with Carnegie Mellon University.

 

Instead of looking at UK data, the researchers analyzed data from a country where a voluntary pirate site blocking scheme was introduced at some point.

 

The target country isn’t mentioned but considering that the researchers are Portuguese, paired with the fact that Portugal is one of the few countries which has a voluntary blocking scheme, we can take an informed guess.

Tracking Internet, TV, and Spending Habits

Similar to the UK research, the new study uses a natural experiment, namely, the introduction of ISP blocking efforts. The researchers relied on survey data and received help from a telco provider who provided anonymous data on a random sample of 100k subscribers.

 

These data can differentiate BitTorrent users from the general sample and includes other metrics such as upload and download traffic, paid VoD expenses, aggregate TV viewership time, as well as daily BitTorrent use.

 

This treasure trove of data resulted in an article of which a preprint copy was published recently. The writeup has yet to be peer-reviewed but the results are interesting enough to warrant an early inspection.

Less Traffic

One of the main and most unique findings is that blocking measures have a clear effect on the Internet traffic generated by BitTorrent users. Both upload and download usage decreased significantly for (former) BitTorrent users, without a noticeable rebound over time.

 

This finding is backed up by an overall drop in the percentage of households that used BitTorrent, which clearly declined and continued to do so in the months after the blockades were implemented. All in all, this suggests that piracy has decreased as well.

 

“Our results show that blocking access to copyright infringing websites reduces Internet traffic, which proxies piracy activity,” the researchers write.

 

Interestingly, the drop in upload and download traffic is asymmetric, with a relatively larger decrease in upload traffic. The researchers suggest that this could potentially mean that some BitTorrent users switched to streaming piracy, which doesn’t require uploading, or to legal streaming services that were not measured.

VPN Searches Spiked

The data sample also covered search activity, which was sourced from Google trends. The researchers specifically examined the terms “proxy”, “VPN”, and “DNS” which all spiked when the blocking measures were implemented.

 

We have seen similar patterns in other countries where site-blocking measures first appeared. This would suggest that people were trying to find ways to circumvent the blockades.

 

After a few months, search activity returns to normal levels, but by then, most persistent pirates will have figured out how to access the blocked sites.

 

“These figures suggest that although website blocking seems to have been effective in leading some households away from piracy, some users learnt how to circumvent the DNS blocks and likely continued downloading content from the blocked websites,” the researchers note.

No Boost in Legal Alternatives

Ideally, pirate site blocks should positively impact legal consumption. For example, people could use VoD services more, show interest in paid TV channels, and increase regular TV viewing.

 

However, when comparing the legal use of BitTorrent users before and after the widespread blocking measures, the researchers found little effect.

 

“We found no statistically significant changes in the consumption of the paid legal alternatives considered, only a very modest increase in TV viewership. These results suggest that the website blocks were effective in curbing digital piracy but did not benefit offline legal alternatives.”

 

The referenced modest effect translates to a 2.5-minute increase in total TV time for these pirates and a 1.8-minute boost in viewership for channels dedicated to movies and TV shows.

Limitations

These results show that site blocking impacts Internet traffic and presumably piracy too. However, a boost in legal activity is not guaranteed. There are some important caveats to this overall conclusion, however.

 

One drawback is that legal movie and TV streaming alternatives in the researched country were rather underdeveloped at the time. The availability and use of services such as Netflix was limited, for example.

 

This means that the results may have been different in a country with more legal options. And in general, the researchers note that results in one region, can’t always be generalized to other countries.

 

In addition, the findings are limited to mostly BitTorrent piracy. They don’t show how usage of other pirate options, such as streaming sites and IPTV may have changed.

 

All in all, however, we can say that the study adds some very welcome extra insight into the effectiveness of pirate site blockades.

 

—

 

A copy of the preprint publication titled ‘Controlling Digital Piracy Via Domain Name System Blocks: A Natural Experiment’, is available on SSRN.

 

Reis, Filipa and Godinho de Matos, Miguel and Ferreira, Pedro, Controlling Digital Piracy Via Domain Name System Blocks: A Natural Experiment. http://dx.doi.org/10.2139/ssrn.4335662

 

When the first pirate site blocking applications began to gather momentum in Europe, those concerned about where it all might lead spoke of slippery slopes and thin ends of wedges.

 

More than 15 years later, judges in dozens of countries have not only approved blocking injunctions that target static sites but are also happy to hand down flexible orders designed to rapidly counter new domains, proxies, and mirrors.

 

When pirate IPTV services hit the mainstream less than 10 years ago, the legal and technical challenges of blocking content quickly were considerable. But by carefully tapping in the wedge, showing patience, and not asking for too much at the wrong time, rightsholders can now block pirate IPTV services while judges are tucked up in bed.

Canada’s Blocking Fast Track

Canada’s Federal Court approved the country’s first IPTV blocking order in 2018, and the Federal Court of Appeal upheld it in May 2021.

 

Just two months later, the architects of the first order – Rogers, Bell, TVA, and others – filed a new application demanding faster, more flexible blocking. The Federal Court obliged and in 2022, Justice William F. Pentney handed down Canada’s first dynamic pirate IPTV blocking order, crafted to protect the NHL broadcasters’ revenues.

 

Justice Pentney also issued instructions for one or more experts to review the process to ensure compliance with the Court’s criteria for identifying ‘pirate’ IP addresses. Dates and times when the IP addresses were supposed to be blocked, and whether they actually were, for example. A report on general compliance was the overriding theme.

Report Satisfied Judge, New Injunction Awarded

Before Rogers, Bell, TVA, and the other plaintiffs were able to renew their injunction, the Court reviewed the experts’ report to ensure that its instructions had been followed. The report was produced by IP lawyer David Lipkus and Jon Wilkins, co-founder of Quadra Partners.

 

While both men have business connections with the plaintiffs, the Court saw no issues with their work, and ultimately renewed the injunction. The report’s key findings were as follows: (Note: FMTS is a reference to Friend MTS, an anti-piracy company heavily involved in live pirate IPTV blocking)

 

– Experts verified the criteria used by Friend MTS to select IP addresses for blocking
– ISPs used automated blocking, 9 out of 10 blocked 100% of the IP addresses tested
– No legitimate complaints from individuals or businesses related to blocking
– Data supports the assessment that availability of infringing content was reduced
– Blocking considered effective; delivered a measurable benefit for a low cost

 

The report itself wasn’t available when mentioned last year, but recently appeared on the docket at Canada’s Federal Court. It reveals how the review was conducted and how the data was verified, plus additional details that help paint a bigger picture on site-blocking measures when combined with existing information.

All About The Blocklist

FMTS provided the experts with a spreadsheet containing a confidential blocklist of 568 IP addresses and timestamps indicating when they were added to the blocklist. To verify the selection criteria, the experts used a randomized sample set of 181 IP addresses and were able to confirm that all 181 were added to the blocklist.

 

Perhaps the most interesting aspect here is that ancillary comments appear to add weight to the theory that IP addresses aren’t spotted ‘live’ and then immediately blocked; they’re on the blocklist before live games even begin.

 

IP addresses added to the blocklist are those determined by FMTS to be part of streaming infrastructure making the Copyrighted Content available without authorization during the NHL Live Game Windows, as well as during the Pre-Monitoring Period

 

What constitutes a ‘Live Game Window’ is not detailed in the report since this and similar information is considered highly confidential. However, data made available in other jurisdictions suggests that ‘windows’ go way beyond the competitive live action taking place ‘now’ on TV.

 

In orders issued to ISPs in other countries where FMTS blocks live football streams, “Match Periods” refer to other days in a given week where pirate IPTV services have already been observed illegally streaming matches owned by the same rights owner. It seems likely that ‘Live Game Window’ is the NHL equivalent.

 

Similarly, the ‘Pre-Monitoring Period’ is a block of time that precedes one or more ‘Match Periods’ in the same week as the current live match. Pirate IPTV services that show a) a subscription channel on which match footage is due to be broadcast or b) a sports-related subscription channel operated by a specified broadcaster, are eligible for IP address blocking.

Identifying Pirate Streams

According to the Canadian report, FMTS uses a proprietary technology that allows it to compare legitimate samples of existing NHL game footage with content being made available on pirate platforms.

 

“When matches are detected, the IP addresses of the source and associated streaming infrastructure are flagged for potential inclusion in the blocklist. Screenshots and video footage of the matched content are retained [and] were made available, along with thumbnail images of the identified content and the legitimate sample content it was found to match,” the experts note.

 

The report says that some of the 181 IP addresses in the sample were matched with multiple games in the Pre-Monitoring Period and NHL Live Game Windows, together generating 356 hits.

 

After reviewing thumbnail images, screenshots, and video captured from streams for each, the experts concluded that 178 IP addresses were valid matches, with the remaining three “unintentionally matched” against suspected pirated content. “FMTS immediately corrected the issue,” the report notes.

Limiting Overblocking, Handling Complaints

Blocking a large number of IP addresses over time is likely to lead to a small number of errors. At least statistically, an accuracy rate exceeding 99% is considered commendable in many fields, although not necessarily of comfort to those wrongfully blocked.

 

With that in mind, it was good to learn that FMTS carries out checks to ensure that, as far as it can, target IP addresses are unlikely to have any legitimate uses at the specified time. Interestingly, some of the ISPs also decided to mitigate potential overblocking using their own tools.

 

When carrying out connectivity tests to establish whether ‘pirate’ IP addresses were accessible via ISPs during the ‘NHL Live Game Windows’ of the NHL Finals, 77.51% of tests failed to reach the IP addresses in question. However, on 157 occasions, it was possible to reach ‘pirate’ IP addresses that should’ve been blocked.

 

“In an effort to reduce the potential for over-blocking, some of the ISPs blocked the IP addresses after there was a certain threshold of network traffic,” the report notes.

 

While that may be considered a plus, customers and privacy advocates may be less pleased with other details. ISPs used to champion themselves as oblivious ‘dumb pipes’ but are now required to block specified network locations when courts order them to do so.

 

Did the Federal Court ask the ISPs to monitor customer traffic? Because that’s what some did.

Some ISPs Monitored Demand For ‘Pirate’ IP Addresses

Monitoring customer activity and then disclosing that information to third parties sounds like a privacy disaster, not to mention a legal minefield. No ISPs are mentioned by name but for one reason or another, the information in the report is either disappointing for customers or disappointing for rightsholders.

 

One ISP reportedly had a logging system that tried to count the number of unique customer IP addresses that attempted to access ‘pirate’ IP addresses during NHL Live Game Windows. The counts varied from 109 IP addresses up to 300 IP addresses – 109 subscribers or potentially 300 – give or take. Unfortunately, the number never exceeded 300 because the system “was only capable of recording a maximum of 300” in the relevant periods.

 

One ISP counted 40,105 customer IP addresses, another 50,794, but showing that these customers were actually attempting to watch NHL content proved impossible.

 

“[A]lthough with respect to supply, a number of sites containing Infringing Copyrighted Content were effectively blocked, we lack empirical data to make any reasonable inferences with respect to the impact on the overall supply of Infringing Copyrighted Content,” the report notes.

 

“[W]ith respect to actual Canadian Internet user demand behavior (deterring and dissuading use of Infringing Copyrighted Content), we lack empirical data to make any reasonable inferences with respect to whether, even for those Internet users who may have attempted to access to a given site, the dynamic blocking approach here had any impact on the economic interests of Plaintiffs.”

No Legitimate Complaints About Blocking

While it was determined that no legitimate complaints were received relating to the injunction in general or over-blocking more specifically, some complaints were received. A Proton Mail email address was published on ISPs’ websites (1,2,3) specifically for that purpose and it went as well as could be expected.

 

“There was several vulgar emails from one individual that communicated displeasure with the issuance of the Order, generally. However, these were not relevant complaints,” the report notes.

 

“Additionally, an email was received from an IPTV service advertising ‘free iptv sport, news, kids channel [sic]’ along with a Whatsapp number and website address, and a second email relating to a spear phishing campaign.”

 

The report concludes with some recommendations, including a general suggestion that if ISPs scaled up their monitoring and provided a little more data on user activity, the plaintiffs would be in a better position to determine, in broad terms, if blocking is worthwhile and will make them more money.

 

Should there be any future requests for just a little more data, it seems unlikely that any will carry a wedge warning. Perhaps they should.

 

As the creator of The Witcher series and Cyberpunk 2077, game developer CD Projekt won the hearts of millions of gamers.

 

The Polish company also scored points when it spoke out against DRM on numerous occasions, including the ‘FCKDRM’ campaign promoted by its game distribution service GOG.

 

The anti-DRM stance is laudable but also has its drawbacks. Most notably, it becomes much easier for pirates to copy and share games. And indeed, new GOG games were swiftly shared online, including on a site that even copied its name: GOG-Games.com.

 

CD Project likely anticipated that their games would be pirated, but seeing a site use its own brand to promote pirated games must have stung. As a result, the videogame company has worked hard to get GOG-Games offline.

GOG-Games Under Pressure

Earlier this week, those efforts appeared to pay off when GOG-Games replaced its game repository with a notice that signaled serious problems.

 

According to the operators, CD Projekt’s GOG team has been trying to take the site offline since 2011. Since GOG-Games uses a host that simply ignores DMCA notices, results have been limited, but more recently, the admin was contacted directly.

 

“(s)omeone from their legal team sent a ‘DMCA – final call’ email directly to our site admin email address,” the notice reveals.

 

The email in question wasn’t directed at the operators of the site directly, but at the hosting company. It notes that GOG-Games violates GOG’s copyrights and trademarks, urging the provider to take action.

 

“The website is infringing GOG’s word by using it to brand an unlawful operation of downloading both CD PROJEKT Group’s and third parties’ games. The website also infringes CD PROJEKT S.A. trademarks and copyrights related to CD PROJEKT S.A games; The Witcher and Cyberpunk 2077.”

 

“We are extremely determined to take the above mentioned website down and we would like to ask you to treat the situation with utmost importance,” the email adds.

 

Fearing that the game company could eventually file a lawsuit against the hosting provider, or worse, GOG-Games.com decided to pull the plug voluntarily. At least for the time being.

 

“We are going to treat this matter seriously. As such, we are honoring the DMCA notice and all the copyrighted content is made in-accessible,” the GOG-Games team announced.

 

The site’s operators apologized to the people who donated in the past but also offered assurances that this wouldn’t necessarily be the end. The operators were considering a move to the dark web, shielding its hosting location.

GOG-Games Moves to the Dark Web

The plan was more concrete than the message suggested. Just a few hours after the ‘takedown’ announcement first appeared, it was already replaced by another one, noting that the site was accessible again on the dark web.

 

As far as we can see, the dark web version of the site continues to operate as it did before, offering a library of pirated games.

 

Commenting on the recent developments, a spokesperson for CD Projekt’s GOG platform informed TorrentFreak that it has a gamers-first approach, while respecting rightsholders.

 

“Piracy is totally against those values and undermines the great work that developers and publishers do to create games we, and our community, cherish. Having said that, we are monitoring pirate sites that violate gamers’ experience and are taking action, as necessary.

 

“Each case is treated individually, and the GOG-games.com case is not an exemption from that rule,” the spokesperson added, noting that the company will continue investigating this issue.

 

For reasons that make absolutely no sense while somehow making perfect sense, millions of internet users think that social media platforms are perfect for piracy.

 

Social media platforms like Facebook are admittedly quick and easy, but such positives are quickly overwhelmed by extraordinary privacy issues, not to mention centralized control. Nevertheless, the masses love quick and easy so in common with similar platforms everywhere, social media has a piracy problem.

Partners Against Piracy

This week Meta and Italian broadcaster RTI announced the signing of a multi-year partnership that will attempt to prevent the latter’s TV content from being pirated on Meta platforms. According to RTI, the companies will “collaborate on the implementation of a set of tools and systems” to protect RTI’s copyrighted content, including its live TV broadcasts.

 

The odds of Meta/Facebook implementing systems that only benefit RTI seem slim, but it may be possible to identify areas for improvement useful to a broader set of rightsholders. However, since RTI specifically mentions that Meta will provide dedicated training on how to use Meta’s ‘Rights Manager’ system more effectively, it wouldn’t be a surprise if that was the key focus of the agreement.

 

So what is Rights Manager, and how does it work?

Rights Manager Took Inspiration From Content ID

YouTube’s Content ID system first appeared more than 15 years ago, and today many users of the site will have seen it in action. Content ID uses algorithms to generate digital ‘fingerprints’ of content uploaded to the platform which can then be compared against reference files (original content) provided by rightsholders.

 

When a match is found, rightsholders have several broad options – block the uploaded content, monitor its statistics, monetize the upload with advertising and take the revenue, or sit back and do nothing.

 

Facebook launched its own content-matching, rights management tool in 2016. In common with Content ID, Rights Manager relies on reference files uploaded to the platform by rightsholders.

 

When a match is found, rightsholders can perform ‘match actions’ – block the uploaded content, monitor for insights into performance and audience engagement, place a banner on matching videos linking to content of their choice, or monetize with advertising and, of course, take the revenue.

 

In common with YouTube’s system, ‘match actions’ can be mixed, such as blocking in one country but taking revenue in another.

 

The details of the Meta/RTI ‘partnership’ are unknown, but it’s worth noting that Rights Manager cannot function without Meta collaborating with rightsholders.

 

In February 2022, Meta told the U.S. Copyright Office that features available in Rights Manager are “the result of a voluntary collaboration between Meta, rights holders, and many other stakeholders.” Meta said it actively solicits feedback from rightsholders which determines what features to add or change in Rights Manager.

Matching Reference Content With User Uploaded Content

Content matching systems have been around for a long time, but those who design and operate them tend not to share too many details. In October 2022, as part of the reCreating Europe project, a group of researchers published a study that pulled back the veil on fingerprinting systems including Audible Magic, Content ID, and Rights Manager.

 

The researchers noted how once a reference file is uploaded to Rights Manager, the owner of the content can specify what constitutes a match, under four general “dimensions” – (1) User Dimension, (2) Geographical Dimension, (3) Comparative Dimension, and (4) Content Dimension – explained by the researchers as follows:

 

According to the user dimension, (1) a reference file uploader can authorize specific pages or accounts to use the content of the reference file. Further, geographical regions (2) can be included/excluded for viewers. Per the comparative dimension (3), reference file uploaders can specify the temporal overlap between the reference file and an uploaded content that will constitute a match, which in practice is a way of enabling copyright exceptions. For example, copyright owners might allow others to use parts of their video if their posts are not longer than 10 seconds.

 

The researchers found that Content Dimension (4) only applies to videos and live video.

 

For example, if RTI uploaded one of its recorded TV shows to Rights Manager, it’s likely to be offered a choice; does the company wish to protect only the moving images or the audio content as well? If the soundtrack contains music to which another company owns the rights, a request to protect both could be problematic.

Taking Down Live Streams

That YouTube and Facebook are able to take down live streams is well-known, especially by those sitting down to watch a Premier League game or a PPV boxing event without having paid for the pleasure. Broadcasters and sports leagues can use Rights Manager to protect their content but in a statement to the U.S. Copyright Office, Meta said it also uses machine learning to recognize patterns on Facebook.

 

“[W]e use automated systems that detect and track the presence of keywords typically associated with piracy, prior IP violations from problematic accounts, and other factors that signal the presence of potentially infringing content and bad actors on our platforms. This includes proactively identifying and removing suspected live pirated broadcasts,” Meta explained.

 

The very nature of live streams means that uploading ‘reference content’ before an event begins is impossible. However, Rights Manager and Content ID both allow rightsholders to pipe live feeds directly into their platforms meaning that even live content can be matched, give or take a few minutes.

 

Whether it’s used by Rights Manager is unknown, but some rightsholders have also developed logo recognition systems.

 

These could be particularly useful during sports broadcasts or PPV events where broadcasters have a tendency to display their logos on screen throughout. There’s also some evidence to suggest that pirate IPTV providers’ logos have been used to identify infringing broadcasts.

 

With so many technologies available, any number or combination of methods could be deployed, and most people would remain completely oblivious. At least until Facebook’s AI flicks the switch.

 

RTI’s statement on its partnership with Meta can be found here (pdf)

 

Image credit: Pixabay/gerault

 

Z-Library has become the go-to site for many readers in recent years by providing access to millions of books, for free.

 

The site’s continued ability to do so was put to the test late last year when U.S. law enforcement seized over 200 domain names connected to the site. Two alleged Z-Library operators were arrested as part of a criminal investigation.

Z-Library Comeback

Despite losing two alleged members of its team, as well as over 200 domain names, Z-Library had no intention of throwing in the towel. The site remained accessible through the dark web and a few weeks ago made a full comeback on the clearnet as well.

 

The new setup comes with some technical tweaks. For example, every user now has a unique subdomain to access Z-Library, which may make it more difficult for law enforcement to take down the whole operation all at once.

 

Implementing these changes and some others, including a new recommendation section and Telegram bot, required substantial investments. To help pay the bill, Z-Library is now asking its users to chip in.

Substantial Damage

In a message posted earlier this month, the Z-Library team revealed that the U.S. law enforcement actions caused substantial damage. While the 220 terabytes of data weren’t lost, getting everything up and running again wasn’t easy.

 

“[A]lmost all public domains of the library were blocked in November 2022 by order of the US Secret Service. The inner infrastructure of the project suffered some substantial damage too,” Z-Library said.

 

“Today, we are still under unprecedented pressure. At the moment, Z-Library is going through the hardest times in all the 14 years of its existence. The library might work with interruptions, and we ask you to be patient.”

Donation Drive

These comments are part of a donation drive encouraging users to contribute. Z-Library offers a variety of support options, including crypto, gift cards, WeChat, and Alipay.

 

“We will be extremely thankful for every dollar that will be donated,” Zlibrary notes.

 

These types of requests are nothing new for pirate sites. In most cases, however, the donation amounts fail to impress, presumably because the audience prefers to spend its money elsewhere. With Z-Library, the situation appears somewhat different.

Tens of Thousands, Per Day?

The donation window opened on March 15 and, based on the public numbers we’ve seen, tens of thousands of dollars have come in so far. The 74 top contributions of $100 and up are already good for $9,802.

 

That number is just a fraction of the total, however. After keeping score for half an hour, we counted 90 donations totaling $928. Repeating this on a different day resulted in nearly the same result; 93 donations and $916.

 

Those numbers are good for an average of over 4,000 daily donations, and $40,000. That figure has to be multiplied by 14 to determine the amount donated over two weeks.

 

We can’t confirm the accuracy of the reported figures but if these are legit, it must be one of the most successful pirate site donation drives in history.

 

This isn’t the first time that Z-Library has asked for donations. In fact, earlier requests for contributions helped U.S. law enforcement identify and arrest two Z-Library suspects.

Follow-The-Money

According to public court filings, Amazon gift cards and associated Gmail addresses helped the authorities to identify two alleged operators who spent part of the donations on clothes and beauty products.

 

The remaining operators must be aware of that so presumably the current donation drive has been set up to avoid a similar fate.

 

If the reported donation numbers are indeed correct, the pirate library should have sufficient funds to keep the site afloat for a while, as long as the authorities don’t intervene again.

 

At the time of writing, the status of the extradition proceeding of the two arrested Z-Library suspects is unclear. TorrentFreak reached out to their attorney in the U.S. criminal case who didn’t provide any further detail.

 

Rightsholders and anti-piracy groups in Japan are committing considerable resources to their fight against online piracy.

 

While no targets are off limits, site owners who operate inside Japan present fewer challenges than those based overseas. A new report from anti-piracy group CODA indicates that with persistence and smart tactics, solutions can be found in difficult overseas regions.

Pirate Manga Site B9Good.com

Manga piracy site B9Good initially appeared in 2008 and established itself under B9DM branding. SimilarWeb stats show that the site was enjoying around 15 million visits each month, with CODA noting that in the two-year period leading to February 2023, the site was accessed more than 300 million times Around 95% of the site’s visitors came from Japan.

 

B9Good had been featured in an MPA submission to the USTR’s notorious markets report in 2019. Traffic was reported as almost 16 million visits per month back then, meaning that site visitor numbers remained stable for the next three years. The MPA said the site was possibly hosted in Canada, but domain records since then show a wider spread, including Hong Kong, China, United States, Bulgaria, and Japan.

Chinese Authorities Shut Down B9Good.com

Wherever the site ended up, the location of its operator was more important. In 2021, CODA launched its International Enforcement Project (CBEP), which aimed to personally identify the operators of pirate sites, including those behind B9Good who were eventually traced to China.

 

Pursuing copyright cases from outside China is reportedly difficult, but CODA had a plan. In January 2022, CODA’s Beijing office was recognized as an NGO with legitimate standing to protect the rights of its member companies.

 

Working on behalf of Aniplex, TV Tokyo, Toei Animation, Toho, Japan Broadcasting Corporation (NHK), and Bandai Namco Film Works, CODA filed a criminal complaint in China, and starting February 14, 2023, local authorities began rounding up the B9Good team.

Four People Detained by Chinese Authorities

CODA reports that public security authorities in Jiangsu Province, China, detained a 33-year-old unemployed man living in Chongqing on February 14. He was held under suspicion of operating B9Good and later confessed to his involvement.

 

The man was held until March 19 before being released on bail. His house, reportedly worth around $580,000, was seized by the authorities.

 

From February 18 to March 21, Chinese authorities arrested three more people. A 30-year-old woman living in Chengdu, a 38-year-old man from Shanghai, and a 34-year-old woman from Fuzhou City were searched and questioned at their homes.

 

The women were allegedly paid by B9Good’s operator to upload pirated content. The man is said to have uploaded pirated content to file-hosting platforms while earning revenue from advertising.

 

B9Good.com remained online until March 27. At the time of writing, it displays the following message in Chinese (English translation provided).

 

In common with many other pirate sites, B9Good also operated from several other domains, including b9dm.com and b9game.com. All currently show the same shutdown message.

 

Several B9Good copycat sites have been in operation for some time, including b9good.tv, b9good.net, b9good.one, and b9good.one. None seem linked to the original, and at least one seems to direct visitors to legal sources.

 

At least two new B9Good-branded domains with similar formatting appeared while the alleged operator of B9Good was still detained. Neither appears related to the original site

 

 

Artificial intelligence has the potential to make our lives more efficient, entertaining, and productive. There are potential downsides as well.

 

From a copyright perspective, AI brings up some interesting questions. For example, can content created by an AI be copyrighted? And can an AI be trained on copyrighted works without limitation?

 

Before ChatGPT and other AI tools started to dominate the news, the music industry had already shared its concerns over the potential threats posed to its business. The RIAA, for example, reported several AI ‘vocal’ extraction tools as a looming piracy threat last October.

 

Since then, numerous experts have opined about the copyright challenges AI presents. As such, it is no surprise that the topic is also mentioned in IFPI’s annual Global Music Report, which discusses the state of the global music industry.

 

A few years ago, online piracy and stream-ripping were featured as cannibalizing technologies, but those have now disappeared into the background. Instead, AI gets a prominent feature, with several music industry bosses commenting on the technology.

The Music Industry’s Looming AI Threat

IFPI’s report starts out by saying that AI isn’t all doom and gloom. It also offers several opportunities for artists and the broader industry.

 

“Some, for example, support artist discovery, others enhance audience identification. Still others enable fans to engage with artists in new ways and some aid in the creative process,” IFPI writes.

 

The report stresses that when AI is used, the ‘human’ element should always remain from and center. At the same time, robust copyright rules and regulations must be respected.

 

The human element is also highlighted by Michael Nash, Chief Digital Officer at Universal Music Group. Nash believes that AI should not replace human artistry. And if an AI uses copyrighted content to create something new, the original rightsholders should get paid.

 

“[U]nless creators are respected and properly compensated when and if their works are used to train AI, then you’re going to see the world’s creative community potentially suffering a lot of damage in the evolution of generative AI.

 

“We need to work very hard to define new models so that we can enable generative AI without looking away from what is essentially going to be wholesale hijacking of the intellectual property of the entire creative community,” Nash adds, mentioning this as a top priority.

AI-Synthesized Voice

This general sentiment is shared by Dennis Kooker, Sony Music’s President of Global Digital Business. Kooker also sees potential in AI as a tool to work smarter and gain new insights, but not at the expense of copyrights.

 

Kooker is particularly concerned about AI tools that can mimic artists’ voices, which have the potential to replace the human efforts of its top-grossing artists.

 

“In particular we have serious concerns about the potential for AI-synthesized voice technology to be used at scale to cover songs and attempt to replace artists. This is something that we need to watch very closely,” Kooker notes.

 

This concern isn’t conceptual, but ultimately boils down to revenue. Sony probably doesn’t mind if artists train an AI on their own voice, but if an unauthorized third party does so without compensating the original artists, that becomes a problem.

 

While not mentioned, there’s also an alternative ‘Black Mirror’ future where labels could handsomely profit from AI by replacing flesh-and-blood artists with AI. That’s still a bridge too far, at least for the time being.

People Went Nuts

Music industry bosses are not the only ones keeping an eye on AI-generated vocals. These tools are already widely used. Most notably, DJ David Guetta played around with AI earlier this year, and used his homebrew “Eminem” lyrics in front of a live audience, who apparently “went nuts”.

 

“I discovered those websites about AI. Basically, you can write lyrics in the style of any artics you like,” Guetta explained.

 

“So I [wrote] a verse in the style of Eminem about Future Rave. And I went to another AI website that can recreate the voice. I put the text in that and played the record and people went nuts.”

 

 

You can see Guetta’s excitement about the potential of AI while he’s retelling his experience. However, clearly, not everyone shares this enthusiasm. And it wouldn’t surprise us if this was made clear to Guetta behind the scenes.

 

“Obviously I won’t release this commercially,” Guatta clarified in a follow-up tweet the next day.

 

Operators of pirate IPTV services in the United States risk prison sentences and civil copyright infringement lawsuits when things don’t go to plan.

 

The recent 66-month sentence handed to YouTuber ‘Omi in a Hellcat’ is one example with a particularly hefty price tag – $30+ million in restitution.

 

IPTV services operated by Texas resident Dwayne Johnson weren’t as big or as profitable, but certainly important enough for Hollywood to step in with overwhelming resources.

Powerful Coalition Sues Johnson

In December 2021, movie and TV giants Universal, Disney, Paramount, Warner, and Columbia teamed up with Netflix, Amazon, Apple, and several other studios, in a lawsuit targeting AllAccessTV (AATV) and Quality Restreams.

 

The complaint alleged that AATV supplied infringing movies and TV shows via its IPTV and VOD services. Titles including The Godfather, Harry Potter, Jurassic Park, and The Office were distributed to subscribers via their smart TVs, computers, set-top boxes, plus mobile and tablet devices.

 

The studios said that most subscribers paid between $10 to $45 per month to access around 2,500 channels.

 

Connected service Quality Restreams allegedly provided infringing movies and TV shows to other pirate IPTV providers, including AATV.

 

In addition to live IPTV channels, its VOD service supplied 600 movies and 600 TV series, organized into named categories, including Netflix, Amazon Prime Video, Hulu, and Disney+.

Disguised as a VPN Provider

While most IPTV providers make at least some effort to hide their nature, the lawsuit alleged that AATV went a little further by presenting itself as a VPN provider.

 

The lawsuit revealed that along with many other pieces of ‘cross contamination’ evidence, the studios had already identified Johnson as a manager of VPN Safe Vault LLC, the entity believed to be behind the ‘VPN’ site.

 

Alleging direct copyright infringement, contributory copyright infringement, and inducement of copyright infringement, the plaintiffs demanded $150,000 in statutory damages for each willfully infringed work, plus a broad injunction.

Johnson Fights Back

At least initially, Johnson’s legal team put up a spirited defense. Describing aspects of the plaintiffs’ evidence as “biased” and details of the proposed injunction as “unsupported” and “absurd,” the defense said targeting a VPN platform would amount to “an unlawful restraint on trade.”

 

Within days, however, the parties informed a California district court that they had agreed to the terms of a preliminary injunction. The court handed down the injunction in February 2022.

 

In May 2022, the parties informed the court that while there was no aversion to reaching a settlement, they would press ahead with discovery nonetheless.

 

Numerous entries preceded a filing dated November 8, 2022, which was followed by more than four months of complete silence.

Parties Shake Hands on $30m Damages Award

With a trial scheduled for July this year, on March 16 the studios and Johnson reached an agreement to bring hostilities to an end. The settlement includes a permanent injunction restraining any and all unauthorized copying, storing and dissemination of copyrighted content to internet users, whether directly or indirectly through third parties.

 

Johnson also agreed not to “distribute, transfer, or give any source code, object code, or other technology,” including domain names, trademarks, brands, assets or goodwill, that are in any way related to the AATV and Quality Restreams services.

 

By having the court sign off on the agreement, Johnson could be held in contempt for breaching its terms. District Court Judge Andre Birotte Jr signed off on the permanent injunction on Monday, along with a judgment in favor of the plaintiffs for copyright infringement and an award for damages.

 

“Damages are awarded in favor of Plaintiffs and against Defendant, in the total amount of thirty million dollars ($30 million),” the judgment reads.

 

The $30m judgment and associated filings are available here (1,2,3,4, pdf)

 

Image Credit: Cdu445/Unsplash

 

More than a decade has passed since Kim Dotcom’s file-storage empire Megaupload collapsed after becoming the prime target in a high-profile law enforcement operation.

 

The U.S. Government booked an early result in 2015 when programmer Andrus Nomm was handed a one-year prison sentence following a plea deal.

 

The case lit up again last year when two of the three remaining defendants, Mathias Ortmann and Bram van der Kolk, signed an agreement to be charged in New Zealand and avoid extradition to the United States. That left Kim Dotcom as the sole ‘active’ extradition candidate.

 

As Dotcom’s extradition battle continues, the U.S. Government’s criminal case has stalled along with a pair of civil lawsuits filed by the RIAA and MPA. These are not expected to begin until the criminal case is finalized, which could take a while.

MPA and RIAA Cases Postponed Again

Over the past several years, Megaupload has repeatedly asked the court to delay these lawsuits. This bi-annual postponement cycle began in 2014 and continued earlier this month.

 

“Defendant Megaupload hereby moves the Court to enter the attached proposed order, continuing the stay in this case for an additional six months, subject to the terms and conditions stated in the proposed order,” the requests note, adding there are no objections from the RIAA and MPA.

 

As expected, District Judge Anthony J. Trenga – who took over the Megaupload lawsuits after complaints about Judge Liam O’Grady’s alleged financial ties to Disney – swiftly signed off on the new six-month delays.

 

“[T]his matter be stayed until September 1, 2023, on the same terms and conditions as set forth in the Court’s original stay order,” the order reads.

Stricken From Active Docket

Interestingly, there is a notable difference compared to earlier orders. One day after extending the stay in both the RIAA and MPA lawsuits, the court struck both cases from the active docket, marking the lawsuits inactive instead.

 

“It appearing to the Court that this case has been stayed nearly continuously since June 10, 2014, it is hereby ORDERED that this case be, and the same hereby is, STRICKEN from the active docket and placed on the inactive docket,” Judge Trenga writes.

 

Marking the case as inactive makes sense, as no progress is expected anytime soon. A decision on whether to extradite Kim Dotcom could take years and even if he was eventually sent to the United States, criminal proceedings could take another decade to complete.

 

There is one notable caveat. Kim Dotcom’s former business associates, Mathias Ortmann and Bram van der Kolk, remain defendants in the civil lawsuits and pleaded guilty in the criminal matter. The Megaupload pair will be sentenced in New Zealand soon, but what that means for the civil cases in the U.S. isn’t immediately clear.

 

If there’s an indication that the civil cases can move forward, the lawsuits can be moved to the active docket again. For now, however, they remain in hibernation.

 

Dotcom, meanwhile, continues to build his online following, inserting himself into political, financial, and other global debates. When the need arises, he will likely turn his attention to the Megaupload battle again.

 

—

 

Copies of the orders to stay the civil cases are available here (MPA / RIAA). Judge Trenga ordered these cases to be stricken from the active record shortly after (MPA / RIAA).

 

The data for our weekly download chart is estimated by TorrentFreak, and is for informational and educational reference only.

 

These torrent download statistics are only meant to provide further insight into the piracy trends. All data are gathered from public resources.

 

This week we have two newcomers on the list. “Avatar: The Way of Water”, which came out as a high-quality pirate release, is the most downloaded title.

The most torrented movies for the week ending on March 27 are:

Movie Rank	Rank last week	Movie name	IMDb Rating / Trailer
Most downloaded movies via torrent sites
1	(…)	Avatar: The Way of Water	7.8 / trailer
2	(3)	Operation Fortune: Ruse de guerre	6.5 / trailer
3	(1)	Cocaine Bear	6.1 / trailer
4	(…)	John Wick: Chapter 4	8.5 / trailer
5	(2)	Everything Everywhere All at Once	7.9 / trailer
6	(8)	Puss in Boots: The Last Wish	7.8 / trailer
7	(9)	Black Panther: Wakanda Forever	7.0 / trailer
8	(4)	The Whale	7.8 / trailer
9	(10)	Boston Strangler	6.5 / trailer
10	(7)	Babylon	7.2 / trailer

 

 

Note: We also publish an updating archive of all the list of weekly most torrented movies lists.

 

There’s something special about professionally produced textbooks. From the information inside to the tactile feel of the paper, textbooks can be items of beauty.

 

Unfortunately, reality rains on the parade more than just a little. Textbooks are bulky, woefully underpowered for mass research purposes, and then suddenly out date for any number of reasons. After factoring in the extraordinary expense, it’s no surprise that some turn to sites like the recently resurrected Z-Library.

Check Out The Bargains, Beware of the Scams

A student posting on Reddit’s /r/college earlier this year posed questions about digital textbooks. As a distance learner, digital copies made sense since they don’t have to be physically returned.

 

After spotting a website offering every textbook the student needed for ‘just’ $20 each, a question needed to be answered: Is Fenlita.com really ‘legit’?

 

As suggested by some of the responses, sites selling new textbooks for $20 should always be viewed with caution. Several people claiming to have used Fenlita say they pretty much got what they expected – a pirated copy of a textbook in PDF format, in some cases delivered via a Dropbox link.

 

Other reviews and reports suggest more serious problems for potential buyers.

 

One reported purchase consisted of a file that “took about an hour” to download and then turned out to be 400 pages of screenshots. Given the low price, that might’ve been tolerable; if the textbook in its original form hadn’t run to 650 pages.

 

Reports of multiple charges to credit cards and items appearing in baskets multiple times weren’t supported by proof but are still a concern. A report from a buyer, who complained that a download link went to an apparently ‘seized’ website, hardly inspires confidence.

Publishers Target Fenlita.com

Given the above, it’s interesting to note that major educational publishers Cengage, Macmillan, McGraw-Hill, and Pearson were in court earlier this month on a mission to unmask the operator of Fenlita.com via DMCA subpoena.

 

Court documents reveal that the publishers filed a complaint with domain registrar Namecheap on February 21, 2023. When the website remained operational, counsel for the publishers filed a second complaint on March 2, requesting an urgent response.

 

The application was accompanied by four-and-a-half pages of microscopic text listing hundreds of URLs where infringing textbooks were being offered.

 

The publishers asked Namecheap to take action, including by disabling the fenlita.com domain. When that didn’t happen, Cengage, Macmillan, McGraw-Hill, and Pearson asked a Washington court to compel Namecheap to hand over the domain owner’s personal details.

Namecheap Ordered to Unmask Domain Owner

The court granted the request a few days ago, and after being served with the DMCA subpoena, Namecheap must now produce the following:

 

Identifying information for the person(s) responsible for the alleged infringing content listed in the attached Exhibit A, including but not limited to billing or administrative records that provide the name(s), address(es), telephone number(s), email address(es), account number(s), or any other contact information for such persons.

 

These requests for information aren’t always successful. Domain buyers are often aware of the trail they leave behind, so it’s possible that Namecheap has only false information to hand over. That being said, the publishers’ are likely to be aware of the bigger picture.

Commerical Pirates and Deception

Most pirate sites have no interest in passing themselves off as legal suppliers. For commercial operations like Fenlita, the impression of being a legitimate vendor offering discounts is helpful when offering pirate copies available for free elsewhere.

 

A physical address for the ‘company’ behind Fenlita.com features prominently on the website. It leads to a residential property in Sedalia, Missouri, and is unlikely to be genuine. The same address is linked to ads promoting an ethical and environmentally aware seller of returned Amazon books.

 

Fenlita endeavor to redirect books from landfills, keep books reasonable, offer assistance support library maintainability and through their accomplices, give important arrangements to the worldwide issue of lack of education. That books are a ageless expression of disclosure, creative ability, and accomplishment. Fenlita let stories live on by guaranteeing books are perused once more, given to somebody in require, or reused as another valuable buyer great with a modern story to tell.

 

This entire pitch was ripped off from genuine booksellers, Discover Books, before being transformed into a mangled mess. That adds to the weight of evidence pointing to an operation people should really avoid.

 

Unfortunately, people seeking advice from the ‘People also ask’ section of Google search are likely to get the opposite impression. In fairness to Google, the structure of the linked article doesn’t help.

 

Google’s Transparency Report reveals that since January 2023, the publishers sent takedown notices requesting 12,113 fenlita.com URLs to be removed from search results. Unfortunately, 99.4% of those requests failed to remove anything because the URLs didn’t exist when Google processed the request.

 

It’s not hard to see why that might be annoying for the publishers but buyers might be a little annoyed too.

 

WHOIS records show that fenlita.com was registered with Namecheap in October 2021 and currently uses Cloudflare which hides its server IP address. In Fenlita’s case, it was possible to obtain an IP address of a server it had used in the past when Cloudflare wasn’t providing cover.

Payments Diverted, Spam Calls Accepted

When people buy books from Fenlita today, without their knowledge their payment is processed on a subdomain of another ‘book’ store located at getelfinbook.com, which uses the same IP address used by Fenlita in the past.

 

Whether people supply or have their phone numbers obtained by the platform in other ways is unclear, but in the tiniest of print, buyers agree to receive recurring automated text messages from an automatic dialing system which charges for the privilege.

 

The same IP address mentioned earlier shows hundreds of similar sites, all products of an instant online shopping website creation platform. We haven’t viewed them all but we did check a few dozen, and many show hallmarks of some type of scam; fake addresses and fake contact details, images culled from other sites, and the same bogus DMCA complaint page.

 

The publishers’ DMCA subpoena application can be found here (1,2,3,4, pdf)

 

In 2020, publishers Hachette, HarperCollins, John Wiley and Penguin Random House sued the Internet Archive (IA) for copyright infringement, equating its ‘Open Library’ to a pirate site.

 

IA’s library is operated by a non-profit organization that scans physical books and then lends the digital copies to patrons in an ebook format.

 

While ‘digital’ book lending is not uncommon, libraries typically loan out DRM-protected files after acquiring a license from publishers. In this case, IA sent physical books it owned to a scanning facility and made its own copies.

Fair Use or Mass Copyright Infringement?

These digital copies were subsequently loaned out to patrons, with IA ensuring that only one person at a time could access a single digital copy of a single physical book.

 

IA previously sought summary judgment in its favor, arguing that a digital copy of a physical book ‘transforms’ the original work, with lending limits and the absence of profit also supporting a finding of fair use.

 

In contrast, the publishers described IA’s library as a rogue operation engaging in willful mass copyright infringement. Claiming direct damage to their bottom line, the publishers’ lawsuit aimed to put an end to the “illegal” lending program once and for all.

 

The publishers went on to request summary judgment and a declaration that this type of copying is a clear case of copyright infringement.

Opinion and Order

Earlier this week, the parties had the opportunity to back up their arguments during a New York Court hearing. District Court Judge John Koeltl questioned both sides on their summary judgment requests, before deliberating on his final decision.

 

After weighing the arguments. Judge Koeltl published his opinion and order yesterday. His order clearly sides with the publishers, whose request for summary judgment was granted. IA’s fair use defense and summary judgment in its favor was denied.

 

Courts typically weigh four factors when determining fair use. Judge Koeltl concludes that all four factors weigh strongly in favor of the publishers.

 

Starting with the first factor – whether the use is transformative – the order stresses that IA failed to show that its book lending operation meets the standard. The fact that only one patron at a time can borrow a book is irrelevant to the fair use question, the order notes.

 

“The crux of IA’s first-factor argument is that an organization has the right under fair use to make whatever copies of its print books are necessary to facilitate digital lending of that book, so long as only one patron at a time can borrow the book for each copy that has been bought and paid for,” Judge Koetl writes.

 

“But there is no such right, which risks eviscerating the rights of authors and publishers to profit from the creation and dissemination of derivatives of their protected works.”

 

The court fails to see how IA’s operation transforms the original work. The fact that IA is a non-profit organization isn’t a strong defense either, as the lending program still allows IA to benefit through donations and other means, without obtaining an appropriate license from the publishers.

 

“IA’s wholesale copying and unauthorized lending of digital copies of the Publishers’ print books does not transform the use of the books, and IA profits from exploiting the copyrighted material without paying the customary price,” Judge Koetl notes.

Competing With Free?

Profits and revenue are also relevant in determining the fourth fair use factor, which questions whether the library affects the original book market and existing revenues.

 

IA argued that this isn’t the case, as sales volumes fail to show a negative correlation with its lending service. Unconvinced by the argument, Judge Koetl says that IA’s program amounts to direct competition for licensed alternatives.

 

“In this case, there is a ‘thriving ebook licensing market for libraries’ in which the Publishers earn a fee whenever a library obtains one of their licensed ebooks from an aggregator like OverDrive.

 

“This market generates at least tens of millions of dollars a year for the Publishers. And IA supplants the Publishers’ place in this market.”

 

IA’s library offers a vastly cheaper alternative to licensed platforms, which allows libraries and the public to save money. However, it does so at the expense of the publishers and their authors, according to the court.

 

“It is equally clear that if IA’s conduct becomes widespread, it will adversely affect the potential market for the Works in Suit,” Judge Koetl writes.

IA is Liable for Copyright Infringement

Since the remaining fair use factors weigh clearly in favor of the publishers, IA’s fair use defense fails. As a result, the court concludes that the Internet Archive is indeed liable for copyright infringement.

 

The scale of the damages has yet to be established. IA asked for statutory damages to be remitted, citing its status as a nonprofit library. Judge Koeltl says that at this time, any decision on damages is premature.

 

Based on this order, it’s clear that IA’s ebook lending library won’t be allowed to continue in its current form. That said, the Archive still has the option to appeal.

 

In response to the order, IA’s Director of Open Libraries, Chris Freeland, confirmed that an appeal is forthcoming.

 

“We will keep fighting for the traditional right of libraries to own, lend, and preserve books. We will be appealing the judgment and encourage everyone to come together as a community to support libraries against this attack by corporate publishers.”

 

The InterPlanetary File System, more broadly known as IPFS, has been around for a few years now.

 

While the name may sound a little alien to the public at large, the peer-to-peer file storage network has a growing user base among the tech-savvy.

 

In short, IPFS is a decentralized network where users make files available to each other. A website using IPFS is served by a “swarm” of users in much the same way BitTorrent users share content with each other.

Completely Decentralized

The advantage of this system is that websites can become completely decentralized. If a website or other resource is hosted on IPFS, it remains accessible as long as the computer of one user who “pinned” it remains online.

 

The advantages of IPFS are clear. It allows archivists, content creators, researchers, and many others to distribute large volumes of data over the Internet. It’s censorship resistant and not vulnerable to regular hosting outages.

 

IPFS is also a perfect match for ‘pirate’ sites. Due to its decentralized nature, IPFS sites are virtually impossible to shut down. This aspect was already highlighted by Pirate Bay co-founder Peter Sunde back in 2016. More recently, IPFS was promoted by Z-Library after its domain names were seized.

Cloudflare’s IPFS Gateway

IPFS has also been embraced by many legal services. Most notably, Cloudflare gave it a boost by launching its own IPFS gateway, allowing the public to access IPFS resources without having to install specialized software.

 

Cloudflare’s IPFS gateway has been running for a few years now. Technically, the internet infrastructure company has no control over any of the content being made available, but that doesn’t mean there are no complaints.

 

Apparently, some people or organizations have complained about the content that can be accessed through Cloudflare’s IPFS gateway.

 

While the accessed content is in no way controlled by Cloudflare, the San Francisco company takes these complaints rather seriously. The same also applies to the Ethereum gateway, which offers easy read-and-write access to the Ethereum network.

Cloudflare Disables IPFS Access

In its most recent transparency report, Cloudflare explains that it will respond to valid abuse requests by disabling access. This includes spam reports as well as copyright infringement complaints.

 

“Although Cloudflare does not have the ability to remove content on IPFS or Ethereum, Cloudflare may disable access through Cloudflare-operated gateways to certain content on IPFS and the Ethereum network in response to abuse reports, including reports of copyright, technical, and other abuse.”

 

“This action does not prevent access to that content through other gateways, which Cloudflare does not control,” Cloudflare clarifies.

 

In the first quarter of 2022, Cloudflare reports that this policy resulted in 1,073 IPFS actions. Presumably, this means that the company disabled access the same number of items on the IPFS network. No such actions were taken for the Ethereum gateway.

 

Cloudflare’s actions are notable for a couple of reasons. For one, it shows that decentralized and censorship-free networks lose their key feature when they are accessed through centralized gateways.

IPFS vs. DNS vs. CDN

What also stands out is that Cloudflare disables content in response to copyright complaints. The policy for its CDN service is different; it only forwards complaints to the affected users.

 

For example, when rightsholders send a complaint about The Pirate Bay, which uses Cloudflare, the company takes no action aside from forwarding the notification to The Pirate Bay team.

 

We asked Cloudflare about its motivation to take action in response to copyright complaints for its IPFS gateway, but the company didn’t immediately respond. If we had to take a non-informed guess, we expect that the lack of forwarding options for IPFS content might have something to do with it.

 

Cloudflare has no option to forward any complaints for IPFS content because it does not know who controls it.

 

That said, this raises the question of how the IPFS gateway is different from Cloudflare’s DNS resolver, which essentially operates as a gateway to the regular Internet. Cloudflare previously said that it will fight copyright-related DNS blockades, even if they’re backed up by a court order.

 

Apparently, that’s not the case for IPFS.

 

Legal video streaming services such as Amazon, Disney, and Netflix are booming. At the same time, there’s a flourishing dark market of pirate streaming tools.

 

These unauthorized alternatives increasingly use slick designs and easy-to-use apps to appeal to a broad audience. And unlike the legal options, they offer all popular titles under the same roof, without charging a penny.

 

Cloudstream is one of the apps that made its mark in recent years. The Android-based software can aggregate pirated content from several third-party sources and is fully customizable through open-source extensions.

 

This hasn’t gone unnoticed by rightsholders. Sky UK targeted the software last year and across the pond, Cloudstream also appeared on the radar of the MPA, Hollywood’s anti-piracy group.

MPA Targets Cloudstream

This week, the MPA decided to take action. The organization, which represents the major Hollywood studios and Netflix, sent a DMCA notice to GitHub, asking the developer platform to remove several Cloustream-related files.

 

“We […] request your assistance in addressing, the extensive copyright infringement of motion pictures and television shows that is occurring by virtue of the operation of the domain cloudstream.cf, which is hosted on and available for download from your repository GitHub Inc.

 

“Specifically, at the URL, the Repository hosts and offers for download the APK CloudStream, which in turn is used to engage in massive infringement of copyrighted motion pictures and television shows,” the notice adds.

 

When GitHub receives DMCA notices it typically informs developers of the targeted content, allowing them to address the problem on their own. That also happened in this instance and led to a drastic decision.

Cloudstream Takes Voluntary Action

Yesterday, Cloudstream developer “Lag” informed the app’s Discord followers that they had received a “very serious DMCA notice” that simply can’t be ignored. For that reason, the team will voluntarily remove the contested files from GitHub.

 

According to “Lag”, complying with the takedown request was the only viable option. The developer didn’t wait for GitHub to respond and decided to pull the plug, hoping to avoid legal repercussions.

 

“Having the absolute worst anti-piracy coalition on our asses is not preferable. They will undoubtedly fuck us legally if they have to. Think what you want but I do not want all of Hollywood after me because of some hobby project,” Lag wrote.

 

“At least they will never be able to shut down torrents :)”

 

The MPA’s DMCA notice also mentioned the Cloudstream.cf domain, which has gone offline too, and remains unreachable for the foreseeable future.

 

Speaking with TorrentFreak, “Lag” explains that the site linked to the reported repositories and was taken down for that reason. The developer is still waiting to hear from GitHub to see if his removal actions are sufficient, before making choosing how to go forward. However, challenging the MPA isn’t on the table.

A Prime Enforcement Target

The MPA’s head of Global Content Protection and Enforcement Operations, Jan van Voorn, confirmed the legitimacy of the takedown request, adding that it hasn’t contacted the developer directly, yet.

 

“The popularity of Cloudstream’s website, which received millions of visits in the last few months alone, and its Discord channel, with over 46,000 members, naturally made it appear on our radar as a prime target for enforcement,” Van Voorn says.

 

As we publish this article, all of the reported GitHub URLs are unreachable. Most return a 404 error, indicating that the developer removed the content voluntarily. In addition, a repo from ‘third-party’ developer “Eddy976” displays a DMCA removal notice, so GitHub likely intervened there.

 

Given the immediate response of developer “Lag”, it seems unlikely that they will stage a comeback under the same team. However, the door remains open for an external restart, according to the Discord message.

 

“The project may be handed off to another development team within a couple of days so I would refrain from calling it over yet,” Lag wrote.

 

That will likely ensure the MPA’s continued interest.

 

—

 

A copy of the MPA’s DMCA notice to GitHub is available here. Below is a list of all the targeted URLs.

 

https://raw.githubusercontent.com/recloudstream/cloudstream-extensions/builds/repo.json
https://raw.githubusercontent.com/recloudstream/cloudstream-extensionsmultilingual/builds/repo.json
https://raw.githubusercontent.com/hexated/cloudstream-extensions-hexated/builds/repo.json
https://raw.githubusercontent.com/yoyzo/arab/builds/repo.json
https://raw.githubusercontent.com/Jacekun/cs3xxx-repo/main/repo.json
https://raw.githubusercontent.com/daarkdemon/cs-darkdemon-extensions/builds/repo.json
https://raw.githubusercontent.com/LikDev-256/likdev256-tamil-providers/builds/repo.json
https://raw.githubusercontent.com/Stormunblessed/kamy-cs3/master/repo.json
https://raw.githubusercontent.com/Eddy976/cloudstream-extensions-eddy/builds/repo.json
https://raw.githubusercontent.com/Stormunblessed/stormunblessed-cs3/master/repo.json
https://raw.githubusercontent.com/821938089/cloudstream-extensions/master/repo.json
https://github.com/recloudstream/cloudstream-extensions
https://github.com/recloudstream/plugin-template
https://github.com/yoyzo/arab
https://github.com/Eddy976/cloudstream-extensions-eddy

 

After reporting on all things BitTorrent-related for the 13 years leading up to May 2018, TorrentFreak spotted something out of the ordinary.

 

BitTorrent Inc., the company founded by BitTorrent inventor Bram Cohen, and the owner of uTorrent, the world’s most recognized torrent client, suddenly had a new name. When asked about the change, Rainberry Inc. said it was a “corporate decision” not unlike the Alphabet/Google exercise.

 

Less than two weeks later, we were able to reveal that TRON founder Justin Sun was planning to buy BitTorrent Inc. Less than a month after that, Sun closed the deal with a reported offer of $140 million.

 

A shareholder quoted in a TechCrunch report revealed that one of Sun’s aims was to use the BitTorrent acquisition to “legitimize” TRON’s business.

 

According to a Securities and Exchange Commission announcement published a few hours ago, the plan failed in at least one key area. Most likely, many, many more.

Fraud: SEC Charges Justin Sun and Three Wholly-Owned Companies

Claims that the SEC had already opened an investigation into Sun’s business activities have been around for a long time. An extraordinary article written by Christopher Harland-Dunaway and published by The Verge last year left very little doubt.

 

In an announcement Wednesday, the SEC revealed charges against Justin Sun and three of his wholly-owned companies – Tron Foundation Limited, BitTorrent Foundation Ltd., and Rainberry Inc. (formerly BitTorrent Inc.) – for the unregistered offer and sale of crypto asset securities Tronix (TRX) and BitTorrent (BTT).

 

Sun and his companies were further charged with fraudulently manipulating the secondary market for TRX through extensive wash trading, described by the SEC as “simultaneous or near-simultaneous purchase and sale of a security to make it appear actively traded without an actual change in beneficial ownership.”

Alleged Crypto-Shill Celebrities

The SEC also charged eight celebrities for promoting TRX and/or BTT without disclosing they were being paid to do so.

 

Actress Lindsay Lohan, YouTuber/Boxer Jake Paul, DeAndre Cortez Way (Soulja Boy), and singer/songwriter Austin Mahone, are joined by porn actress Michele Mason (aka Kendra Lust), Miles Parks McCollum (Lil Yachty), Shaffer Smith (Ne-Yo) and Aliaune Thiam (Akon) on the SEC’s list.

 

The SEC’s complaint alleges that Sun and his companies sold TRX and BTT as investments via unregistered “bounty programs” that saw partners promote the tokens on social media while recruiting others to join Tron-affiliated Telegram and Discord channels.

 

Sun, BitTorrent Foundation, and Rainberry reportedly sold BTT in unregistered monthly airdrops to investors who purchased and held TRX in Tron wallets or on other crypto trading platforms. The SEC says that every offer and sale violated Section 5 of the Securities Act.

Fraud and Market Manipulation

The SEC alleges that Sun was also the architect of a scheme that sought to artificially inflate the volume of TRX on the secondary market.

 

During a 10-month period 2018/2019, Sun allegedly directed his employees “to engage in more than 600,000 wash trades of TRX between two crypto asset trading platform accounts [Sun] controlled, with between 4.5 million and 7.4 million TRX wash traded daily.”

 

Sun is said to have supplied a significant amount of TRX to facilitate the scheme while also selling TRX into the secondary market himself. These “illegal, unregistered offers and sales” reportedly generated $31 million.

Sun’s Stunts Slammed by SEC

“While we’re neutral about the technologies at issue, we’re anything but neutral when it comes to investor protection,” said Gurbir S. Grewal, Director of the SEC’s Division of Enforcement.

 

“As alleged in the complaint, Sun and others used an age-old playbook to mislead and harm investors by first offering securities without complying with registration and disclosure requirements and then manipulating the market for those very securities.

 

“At the same time, Sun paid celebrities with millions of social media followers to tout the unregistered offerings, while specifically directing that they not disclose their compensation.”

 

According to the SEC, six of those celebrities have already paid their way out. Lohan, Paul, Lust, McCollum, Smith, and Thiam agreed to hand over a combined $400,000 in settlements for their alleged roles in a magic bean business we called out almost four years ago.

 

Dutch anti-piracy group BREIN has been at the forefront of the anti-piracy battle since the turn of the millennium.

 

For most of this period, unauthorized sharing via BitTorrent has been a prime concern. Traditionally, BREIN focused its enforcement efforts on website operators, but in recent years there’s been a shift to uploaders as well.

 

In late 2020, the anti-piracy group announced an elaborate program to monitor and warn some of the most active BitTorrent uploaders. The goal of this “FLU” scheme was to change the behavior of prolific pirates, without obtaining their identities.

 

The project received government research funding but BREIN had a major obstacle to overcome. Unlike ISPs in other countries such as the United States, Dutch ISPs are not required to forward piracy notices to their subscribers.

ISP Refuses to Forward Warnings

BREIN hoped that Internet providers would be willing to cooperate, but that wasn’t to be the case. When BREIN approached Ziggo, the largest ISP in the Netherlands, with a request to forward piracy alerts to its subscribers, the company refused to do so.

 

According to Ziggo, linking IP addresses to specific subscribers raises serious privacy concerns, even if personal information isn’t shared with BREIN.

 

The anti-piracy group was unhappy with the refusal and took Ziggo to court. BREIN argued that warnings are a relatively mild measure that would help rightsholders to address the piracy problem. The system wouldn’t result in any claims for damages either, as the identities of the alleged pirates would remain private.

 

BREIN lost the case last year. The court found that there is no legal basis to compel Ziggo to forward warnings. In addition, the ISP lacks a license to link IP-addresses to personal information.

 

This outcome was a disappointment for BREIN which appealed the ruling, but without result. The appeals court affirmed the lower court’s ruling, noting that there is no legal basis to require Internet providers to forward the notices.

No Supreme Court Challenge

This was yet another setback for the anti-piracy group, which considered taking the matter to the Supreme Court. However, after weighing the available options, it chose not to do so, which effectively means the end of the original FLU program.

 

In its most recent annual report, the group cites the ‘costs’ as the primary reason not to appeal the matter to the highest court.

 

“In light of the costs, BREIN decided not to appeal at the Supreme Court,” BREIN writes. “We don’t rule out that the FLU project will be adapted to the conventional form of enforcement. In that case, a claim will be filed if the summons is not heeded.”

 

Having spent years developing its piracy monitoring plan, BREIN leaving the door open for a revised warning scheme is to be expected. Aside from the technical investments, BREIN was also required to obtain a data processing license. Ideally, it would like to put that to use.

Piracy Fines Are on the Table Now

BREIN typically takes a pragmatic and reasonable approach. This was exemplified by its original plan to alert or warn prolific uploaders, without having to obtain their identities. Ironically, this benign approach must now be reconsidered after the court determined there is no legal basis to compel ISPs to forward warnings.

 

“We think anonymous warnings are a form of enforcement but Ziggo didn’t want to do it,” BREIN director Tim Kuik tells TorrentFreak.

 

“The appeal court said we need to be able to bring a claim to court if there is no compliance. So we will consider adapting the FLU protocol to that. A claim could be a cease-and-desist undertaking with a fine in case of recidivism.”

 

In other words, BREIN is considering whether to file more concrete claims against prolific uploaders because that’s the only way they can be approached. In that case, the alleged offenders will be identified, facing a potential fine for their wrongdoing.

Open Directory Case Pending

At the moment it remains unclear what type of claim is sufficient. In a related case, the court previously decided that Ziggo didn’t have to forward a notice or disclose the identity of a subscriber who shared 200 pirated ebooks in an open directory.

 

This open directory case does involve a claim, BREIN contends, and the case is currently under appeal. The decision on this matter is expected in a few weeks and could provide more clarity.

 

BREIN will likely await the ruling in the open directory case before it takes any further decision regarding the future of the BitTorrent uploader warnings. In the meantime, its other enforcement actions will continue, of course.

 

In a world where clear and independent reporting struggles to get heard in a sea of sensationalized clickbait, the German Heise group is generally recognized as a reliable and accurate news source.

 

For several days last week, an unknown number of visitors to heise.de were denied access to the company’s reporting. Instead, they found themselves redirected to Germany’s anti-piracy website blocking portal and statements that had no basis in fact.

Silently Blocked For Several Days

A Heise analysis, published Tuesday, reveals that the publication first learned of issues affecting access to its website last Friday, March 17. More messages from readers were received on Monday, and all reported the same thing. When attempting to access heise.de, web browsers responded with a certificate error and an explanation.

 

A bright orange splash page informed Heise readers that due to copyright infringement, Heise had been rendered inaccessible. The message usually confronts internet users who attempt to access a specific set of sites previously identified as facilitators of mass online copyright infringement.

 

Heise had no idea why the message was being displayed but did find a common denominator. All of the readers reporting problems were using the same internet service provider – 1&1 AG, a €3.9 billion telecoms group servicing 15.6 million fixed line and mobile customers.

DNS Tampering/Poisoning

Heise reports that its editors and system administrators were getting closer to the source of the problem on Friday but then a reader provided crucial information.

 

“He had set up his provider’s standard DNS server with the IP address 82.144.41.8 as the DNS server in his router,” Heise reports.

 

“This temporarily answered a question about www.heise.de with a CNAME entry that referred to the notice.cuii.info page. Other readers also confirmed that they were using the provider’s default DNS servers.”

 

Under normal conditions, web browsers accessing heise.de receive a response from the Domain Name System (DNS) to visit an IP address defined by the publication. In this case, Heise.de’s domain had a surprise CNAME (Canonical Name) entry that mapped heise.de to notice.cuii.info, the location of the orange splash screen carrying the copyright notification.

 

Since Heise itself is a 1&1 customer, staff tried to replicate the issues experienced by customers on a 1&1 DSL connection in the company’s editorial office. That ultimately failed and the redirect eventually disappeared on its own.

Heise Requests Answers, Receives None

In an effort to get to the bottom of the mystery, Heise said it contacted 1&1’s press office. The publication was informed that the internet service provider’s technical department would investigate but as things stand, Heise has received no response.

 

“The case remains a mystery: Only a small proportion of the queries to 1&1 DNS servers seem to be affected, and it is also not a regional problem. The tips came from Berlin and Hesse, among others,” Heise reports.

 

Starting from the position that the Domain Name System shouldn’t be tampered with, the question is why that appears not to be the case here. The short answer is that, with assistance from 1&1, Germany has implemented a DNS tampering system that enables rightsholders to redirect 1&1’s customers to a blocking page when they attempt to access specific pirate site domains.

CUII and Site-Blocking in Germany

Copyright Clearing House on the Internet (CUII) was launched in 2021. It operates from cuii.info and its blocking notification page is located at notice.cuii.info, the subdomain/domain that appeared in Heise.de’s DNS CNAME records.

 

“The Copyright Clearing House on the Internet (CUII) is an independent body. It was set up by Internet access providers and rights holders in order to use objective criteria to check whether the blocking of access to a structurally infringing website is lawful,” CUII explains.

 

Current members of CUII: 1&1 AG (telecoms), German Book Traders’ Association, Federal Music Industry Association (BVMI), German Football League (DFL), Freenet DLS (telecoms), German Games Industry Association, Motion Picture Association (MPA), Sky Deutschland, STM (publishers), Telefónica Germany, Telekom Germany, German Film Producers Association (VDF), and Vodafone Germany.

 

“At the request of the rights holder, a review committee will examine and, if the requirements are met, recommend a DNS blocking of this structurally copyright-violating website,” the CUII website notes.

 

When a blocking decision is recommended, the matter is then referred to the German government’s Federal Network Agency (BNetzA) to confirm that a blockade will not violate net neutrality. Currently a small number of pirate sites are affected.

Code of Conduct

CUII’s stated purpose to recommend blocking of websites whose main purpose is to infringe copyright. The body is limited to handling “clear cases” where platforms have no real interest in supplying legal content.

 

Under its code of conduct, CUII observes the requirements laid down by the Court of Justice of the European Union to prevent internet service providers from encroaching on internet users’ freedom to access information online.

 

“For this reason, the Federal Network Agency is also involved in the process as the competent authority so that it can review the recommended blocking based on the requirements of the Net Neutrality Ordinance,” CUII notes.

Who Will Accept Responsibility?

Given all of the checks, processes and systems in place to prevent the blocking system from doing harm, what happened to Heise should’ve been impossible. As things stand, not only was it possible but nobody seems prepared to offer an explanation. That’s a big issue.

 

At the time of writing, Swiss DNS resolver Quad9 is being forced by a German court order to implement blocks after losing a case to Sony Music.

 

Sony Music is a member of BVMI, which in turn is a member of CUII. As things stand, a completely innocent website has lost traffic for 72 hours and the visitors who were redirected to the CUII blocking page were informed that Heise was blocked for copyright reasons.

 

Indeed, as per CUII’s own standards, Heise was labeled a “clear” infringer of copyrights with no interest whatsoever in providing legal content. That probably needs to be addressed with a clear explanation, sooner rather than later.

 

Human beings have a tendency to want things they can’t have. A modest interest in a particular item or activity can inexplicably soar when it’s recognized as rare or unavailable. When strictly forbidden, even regular fruit can prove irresistible.

 

Spotify offers 100 million tracks to hear right now, including the vast majority of the greatest pieces of music ever written. Yet for some, the lure of an unreleased track can outweigh every single one of them; unattainable, forbidden and rare is a potent mix and may explain why pirates are paying silly money for leaked, pirated music.

Dozens of Avicii Leaks

When producer Tim Bergling passed away in 2018, the prospect of never hearing a new Avicii track was suddenly very real. Two albums and various tracks were eventually released, but then – PAB happened.

 

In 2022 the Public Avicii Buy Server (PAB) channel on Discord became a hot location for unreleased Avicii tracks. Faced with having to pay for them, fans worked to ‘groupbuy’ a long list of Avicii tracks including ‘Let’s Roll’ and ‘Lethal Drug V2’ which featured Chris Martin & SZA.

Sources Unknown But Some Files Were Apparently Stolen

How the music was obtained isn’t clear; some believed the PAB seller bought the tracks and then sold them to fellow Avicii fans at cost price. Others spoke of hacked accounts and big profits. Late 2022, after another ‘PAB’ release (‘Island’) appeared online, a Reddit user jumped in to comment

 

“Hey guys! My name is Jonas Wallin and my alias is The High,” the music producer posted on Reddit.

 

“I wrote Island and it’s coming out soon in fact. The leaked vocals are mine, my vocal stems. It’s the same with Loving Feeling. I would recommend you to not pay someone for these files since they were stolen from me. Thanks.”

RIAA Investigates Unreleased Sounds

According to various sources, the track made its way to PAB via a private leak site called Unreleased Sounds. It’s unclear whether the RIAA’s member labels have any interests in the dozens of Avicii tracks leaked so far, but they do want to know who runs the 15/16 month-old site.

 

Citing three previously leaked tracks – ‘Hot Saturn’ by Lil Nas X, ‘Rockstar Status’ by Juice WRLD, and PnB Rock’s ‘I Know They Mad’ — on March 13 the RIAA filed an application for a DMCA subpoena at a district court in Columbia, Washington.

 

“The purpose for which this subpoena is sought is to obtain the identities of the individuals assigned to these websites who have reproduced and have offered for distribution our members’ copyrighted sound recordings without their authorization,” the application reads.

 

In a letter to Cloudflare, the service targeted in the subpoena, the RIAA requests several pieces of information.

 

“As is stated in the attached subpoena, you are required to disclose to the RIAA information sufficient to identify the infringers. This would include the individuals’ names, physical addresses, IP addresses, telephone numbers, e-mail addresses, payment information, account updates and account history, as available.”

 

The DMCA subpoena, which also references two additional platforms (NoTube.net and Aonode.com), has now been issued so it’s likely Cloudflare will hand over the information in the coming days, if it hasn’t already.

Unreleased Sounds

It’s not difficult to find reports of unreleased tracks being leaked by Unreleased Sounds. Operating from at least two domains – unreleasedsounds.gg and unreleased.gg – the platform became a members-only service last October, meaning that today’s prospective members need an invite code to sign up.

 

“Our website is now a closed/invite only marketplace,” the site’s operator wrote.

 

The screenshot above (visit site, they don't share images elsewhere) reveals Kanye West and Avicii as featured artists on Unreleased Sounds. While that doesn’t provide hard evidence that the platform was the source of previous Avicii leaks, comments from the site’s operator suggest that if fans have the money, more Avicii music is indeed available.

 

The DMCA subpoena also covers Aonode.com and NoTube.net, a stream-ripping platform with tens of millions of monthly visits.

DMCA Subpoenas and Links to Infringing Content

The RIAA previously sent DMCA takedown notices to Cloudflare asking for the allegedly infringing content to be removed. How Cloudflare responded to those notices is unclear but in one case, it may have been difficult to know exactly what to take down.

 

Unlike the URLs for the other sites, the three Unreleased Sounds links appear to be artist categories rather than links to specific content. Given the overall nature of the platform, that’s not particularly unreasonable, but it does raise the question of why the direct links were left out.

 

One possibility is that the links were external and carried the domain of a far less interesting hosting site. Another is that artist page URLs are much easier to guess from outside once the general format is known. But whatever the reason, RIAA subpoenas are relatively rare and being featured in one rarely ends well.

 

The RIAA’s DMCA subpoena application can be found here (1,2,3,4, pdf)

 

In 2020, publishers Hachette, HarperCollins, John Wiley and Penguin Random House sued the Internet Archive (IA) for copyright infringement, equating its ‘Open Library’ to a pirate site.

 

IA’s library is a non-profit organization that scans physical books, which can then be lent out to patrons in an ebook format.

 

Staying true to the centuries-old library concept, only one patron at a time can get a copy. These restrictions were temporarily loosened at the height of the Covid epidemic when IA launched the National Emergency Library.

Mass Copyright Infringement or Fair Use?

The publishers see IA’s library as a rogue operation that engages in willful mass copyright infringement, directly damaging their bottom line. As such, they want it permanently taken down.

 

“Without any license or any payment to authors or publishers, IA scans print books, uploads these illegally scanned books to its servers, and distributes verbatim digital copies of the books in whole via public-facing websites,” their complaint reads.

 

The publishers are not against libraries per se, nor do they object to ebook lending. When lending digital content, ‘authorized’ libraries typically obtain a license or negotiate specific terms. The Internet Archive has no such license.

 

The Internet Archive wholeheartedly disagrees with the copyright infringement allegations. Stressing that the library offers a vital service, Internet Archive’s defense centers on the legal concept of fair use.

 

The Archive states that making a digital copy of a physical book ‘transforms’ the original work before it is loaned to one patron at a time. That would qualify as fair use, they argue, especially since there is no profit motive.

 

Another factor in favor of fair use is the fact that there are numerous benefits to the public at large. There is also no evidence to show that the book publishers’ sales or traditional licensing revenues were impacted.

New York Court Hearing

Over the past two-and-a-half years, the parties have gone back and forth in court, disputing each other’s arguments. This eventually resulted in contrasting motions for summary judgment, with both sides hoping for a ruling in their favor ahead of the trial.

 

Yesterday, IA and the publishers had the opportunity to back up their positions during a New York District Court hearing. Both parties laid out their cases and were questioned by District Court John Koeltl.

 

The publishers’ attorney Elizabeth McNamara pointed out that the IA strives to make all knowledge available for free, but doesn’t want to compensate rightsholders for their works.

 

“IA does not want to pay authors or publishers to realize this grand scheme and they argue it can be excused from paying the customary fees because what they’re doing is in the public interest,” she said, quoted by The Register.

 

The publishers’ attorney added that IA’s lending platform directly harms authors and publishers, but Judge Koeltl didn’t see any direct evidence of harm. IA’s attorney Joseph Gratz said evidence of harm doesn’t exist.

 

“There’s no evidence that the publishers have lost a dime,” Gratz said, as quoted by Ars Technica.

Unauthorized Reproductions

The four-factor fair use test that applies in these cases isn’t straightforward, but a Reuters report highlights some interesting comments from Judge Koeltl.

 

Koeltl stressed that libraries absolutely have the right to lend books that they own but in this case, IA goes a step further by making a digital copy, a reproduction of the original work.

 

“You avoid the question of whether the library has the right to reproduce the book that it otherwise has the right to possess, which is really at the heart of the case,” Koeltl said, noting that “the publisher has a copyright right to control reproduction.”

 

IA’s attorney responded by pointing out that the reproductions serve a ‘transformative’ purpose in this case, while adding that every fair use case deals with copies or reproductions by definition.

Battle For Libraries

The above is just a fraction of the legal arguments under discussion. While in essence this is a copyright dispute subject to existing law and jurisprudence, it’s exemplary of a bigger problem.

 

The publishers are not only up against IA; a large public movement has formed in support. This includes Fight for the Future’s “Battle for Libraries” campaign, which argues that the publishers act as malicious gatekeepers, preventing the free flow of information and undermining libraries’ ability to serve their patrons.

 

The general complaint is that publishers want to control and restrict digital access to books through relatively expensive licensing agreements. This serves a commercial purpose, but can also be used to censor content and restrict access whenever they see fit.

 

The issue also attracted the attention of Creative Commons founder and Harvard Law Professor Lawrence Lessig, who describes this as a critical moment in the history of culture.

 

“The lawsuit that the Internet Archive faces will determine whether the business model of culture is the commercial model alone, or whether there will continue to be a place for libraries,” Lessig notes.

 

Lawmakers have taken an interest in the dispute too. A few months ago, U.S. Senator Ron Wyden and Congresswoman Anna Eshoo sent a letter to the major publishers, asking them about their restrictive lease terms for ebooks.

 

“Many libraries face financial and practical challenges in making e-books available to their patrons, which jeopardizes their ability to fulfill their mission,” their letter reads.

 

“It is our understanding that these difficulties arise because e-books are typically offered under more expensive and limited licensing agreements, unlike print books that libraries can typically purchase, own, and lend on their own terms.”

 

These comments show that this isn’t just another copyright lawsuit. Whatever the immediate outcomes of the pending motions and trial, this matter is likely to be contested all the way to the Supreme Court.

 

Last fall, several of the world’s largest music companies including Warner Bros. and Sony Music prevailed in their lawsuit against Internet provider Grande Communications.

 

The record labels accused the Astound-owned ISP of not doing enough to stop pirating subscribers. Specifically, they alleged that the company failed to terminate repeat infringers.

 

The trial took more than two weeks to complete and ended in a resounding victory for the labels. A Texas federal jury found Grande guilty of willful contributory copyright infringement, and the ISP was ordered to pay $47 million in damages to the record labels.

 

U.S. District Court Judge David Ezra confirmed the judgment on January 31st, but the legal dispute is not over yet. Grande asked the court to either overrule the verdict or grant a new trial. If those options fail, the Internet provider plans to file an appeal.

Music Labels Want $12 Million Extra

While Grande is playing defense, the major music labels are taking a more offensive approach with demands for more compensation. In addition to the previously awarded $47 million in damages, they recently requested an additional $12.7 million in attorney fees, interest, and other costs.

 

Courts have the freedom to issue this type of compensation when warranted. The labels say this is a prime example of when such an award is appropriate.

 

In a detailed motion, the music companies explain that Grande was well aware of its misconduct. The company willingly ignored piracy notifications and stopped terminating subscribers based on these accusations, as was admitted at trial.

 

“[R]ather than acknowledge its wrongdoing and address its role in contributing to the widespread infringement of Plaintiffs’ copyrights, Grande litigated this case aggressively from start to finish.

 

“At trial, Grande still did not acknowledge any wrongdoing, but instead manufactured arguments about the reliability of the notices of infringement it received that were admittedly never asserted (or even considered) by Grande during the relevant time period.”

Flouting Of And Disdain For The Law

Grande has repeatedly argued that it didn’t act on the notices sent by tracking firm Rightscorp because it doubted their accuracy. The ISP was under the impression that it didn’t have to act on the notices and suggested that it would continue to ignore them if the jury agreed.

 

The labels say that Grande made no attempts to determine the accuracy of the notices before the ISP was taken to court. According to the music labels, the suggestion that the ISP might not have to act on piracy notices is illustrative of Grande’s “disdain” for the law.

 

“Most egregiously, Grande even argued to the jury that, if it were found not to be liable in this case, it would again ignore the infringing conduct of its subscribers,” the labels write.

 

The labels conclude that since Grande’s “intentional flouting of and disdain for the law” must be deterred, the additional $12.7 million in attorney fees, interest, and other costs is warranted.

Grande Responds

Grande opposed the request a few days ago. Calling on the court to deny the music companies any additional money, the ISP says that the statutory damages awarded by the jury already represent a windfall for the labels.

 

Grande believes the $47 million award is already more than any actual losses attributable to piracy activity.

 

“Plaintiffs have already obtained a recovery that far exceeds any reasonable estimation of actual harm they suffered — indeed, Plaintiffs never even attempted to prove the amount of any loss. Thus, there is no rationale supporting an additional monetary award,” Grande writes.

 

The ISP also rejects suggestions that it flouted the law or that its defense was unreasonable. On the contrary, whether the copyright notices sent by Rightscorp were sufficient to establish liability was a key question to be answered at trial.

 

Based on these and other arguments, Grande believes that the court should reject the labels’ motion for attorneys fees, interest, and additional costs.

 

Whatever the court decides, this case is far from over. And with dozens of millions at stake, both sides are expected to fight tooth and nail.

 

—

 

A copy of the music labels’ motion is available here (pdf) and Grande’s response can be found here (pdf)

 

The data for our weekly download chart is estimated by TorrentFreak, and is for informational and educational reference only.

 

These torrent download statistics are only meant to provide further insight into the piracy trends. All data are gathered from public resources.

 

This week we have four newcomers on the list. “Cocaine Bear” is the most downloaded title, beating Oscar winner Everything Everywhere All at Once.

The most torrented movies for the week ending on March 20 are:

Movie Rank	Rank last week	Movie name	IMDb Rating / Trailer
Most downloaded movies via torrent sites
1	(…)	Cocaine Bear	6.1 / trailer
2	(…)	Everything Everywhere All at Once	7.9 / trailer
3	(1)	Operation Fortune: Ruse de guerre	6.5 / trailer
4	(8)	The Whale	7.8 / trailer
5	(3)	A Man Called Otto	7.5 / trailer
6	(2)	Luther: The Fallen Sun	6.5 / trailer
7	(…)	Babylon	7.2 / trailer
8	(4)	Puss in Boots: The Last Wish	7.8 / trailer
9	(5)	Black Panther: Wakanda Forever	7.0 / trailer
10	(…)	Boston Strangler	6.5 / trailer

 

 

Note: We also publish an updating archive of all the list of weekly most torrented movies lists.

 

When file-hosting service Zippyshare showed its first signs of life in September 2006, accessing the site using an iPhone was impossible; the smart phone’s existence wouldn’t be announced for another four months.

 

Zippyshare’s success was built on solid yet basic foundations; straightforward free hosting of files, via a clean interface, at zero cost to the user. With relatively few options available elsewhere, Zippyshare was a huge success and to celebrate its first birthday, Zippyshare went BIG.

 

“A few days ago Zippyshare.com turned one year old,” its operators wrote in 2007. “For Zippyshare’s first birthday we are raising the filesize limit to 100mb.”

Upgrade After Upgrade

After repeatedly upgrading to meet rising demand, Zippyshare launched Zippyshare Uploader, a software application that allowed users to upload files without using a web browser.

 

Almost three years after the surprise 100mb limit was introduced, Zippyshare doubled its filesize limit to 200mb. A little later, when the internet was consumed with Megaupload being taken down, Zippyshare carried on as if nothing had happened, or it did once its email servers had been fixed.

Zippyshare Breaks Five-Year Silence With Bad News

When Zippyshare’s operators announced the shutdown of the site yesterday, that was the first update posted to the site for almost five years.

 

“We’ve decided that we’re shutting down the project at the end of the month. Please make backups of your important files, you have about two weeks to do so. Until then, the site will run without any changes,” the announcement reads.

 

In addition to hardware upgrades, Zippyshare also received visible updates over the years, but in broad terms, the view for users stayed much the same. As the file-hosting market developed and competition increased, being zippy was still good but wasn’t enough.

Simple Formula Meets Innovation and Mass Ad-Blocking

“Since 2006 we have been on the market in an unchanged form, that is, as ad financed/free file hosting. However, you have been visiting in less and less over the years, as the arguably very simple formula of the services we offer is slowly running out of steam,” Zippyshare continues.

 

“I guess all the competing file storage service companies on the market look better, offer better performance and more features. No one needs a dinosaur like us anymore.”

 

While Zippyshare was never likely to return to its heyday, it still receives tens of millions of visits every month. The problem is that even when users get a free service, they continue to block ads. For sites like Zippyshare, that almost guarantees a downward spiral, one exacerbated by today’s rising energy costs.

 

“Sure, we all use [adblockers], but they take away any control the site owner has over the site. Eventually we get to the point where a vicious cycle begins, in order to pay for the server infrastructure you are forced to place more and more ads, then users fire up more and more adblockers and we get to a point like today,” the site continues.

 

“Over the past year, electricity prices have gone up 2.5 times, which, with a large number of servers, gives a significant increase in costs that we have no way to balance. There are still a bunch of smaller reasons [for closing down], but we could write a book on this, and probably no one would want to read it.

 

“To sum it up, we can no longer afford to maintain the site.”

Odds Always Stacked Against Zippyshare

That Zippyshare survived this long is a minor miracle in itself. While the platform survived the shutdown of Megaupload, traffic volumes took a dive over the next few years to a background of copyright-related complaints by entertainment industry groups.

 

Nominated for “notorious market” status by the RIAA in 2013, Zippyshare became a magnet for rightsholder complaints, regular referrals to the U.S. government, and millions of DMCA notices.

 

To date, rightsholders have requested the removal of more than 14.5 million Zippyshare URLs but for internet users in Europe, worse was on the horizon.

 

In March, April and June 2019, Zippyshare blocked users from the UK, Germany, and Spain, respectively. Why this action was taken remains unclear but it seems likely that copyright issues were a factor and geo-blocking was seen as the solution.

 

If Zippyshare closes as promised at the end of the month, it will still have considerable assets at its disposal. The site still enjoys around 45 million visits per month and Zippyshare.com is one of the top 1000 most-visited domains on the internet today.

 

We asked Zippyshare what will happen to the domain when the site closes down, but at the time of writing, we’re yet to receive a response. As for the team behind the site, they’ve rarely appeared from the shadows but will live on…somewhere.

 

“Thanks for being with us over the years. See you in the depths of the Internet.”

 

Zippyshare (2006-2023)