Just days after Russia’s invasion of Ukraine, Belarusian dictator Alexander Lukashenko appeared on TV.

 

Pointing at a map of Ukraine split into four parts, the Putin ally directed attention toward Moldova, stoking fears that the former soviet republic could be next on Moscow’s list.

 

One month later, Moldova applied for EU membership. In June 2022, EU leaders granted candidate status to the Republic of Moldova, noting that its reform agenda must continue until EU conditions are met.

Harmonization With EU Copyright Law

Under the EU-Moldova Association Agreement of 2014, Moldova was required to reform copyright law to meet EU standards. An EU assessment published early 2021 identified many areas in need of attention (pdf).

 

According to an EU statement dated January 2022, Moldova’s State Agency for Intellectual Property (AGEPI) responded with a new draft transposing nine EU directives in full and four EU directives in part.

 

The EU went on to stress the importance of ensuring transparency and balance “within the system governing the remuneration of authors and performers in a weak bargaining position.” The establishment of “an efficient system” for the collective management of copyright and related rights was also mentioned.

 

Back in Moldova, rightsholder groups were moving ever closer to boiling point.

AGEPI “Working Against Rightsholders”

Last June, in an open letter to the government on behalf of more than 650 members, state-approved collective management organizations National Copyright Association (ANCO) and the National Association of Phonogram Producers and Performers (ANPFI) vented their anger in public.

 

Accusing Moldova’s State Agency for Intellectual Property (AGEPI) of corruption, working against rightsholders, and misleading the government, the groups described the revised draft copyright law as “absolutely incompatible” with Moldova’s status as an EU candidate.

 

On behalf of their members including artists, composers, and performers, ANCO and ANPFI called on Moldova’s parliament to postpone the approval of the draft until reports from international experts could be reviewed.

 

Concerns were mounting that the draft undermined artists and collective management groups while granting “excessive powers” to the head of AGEPI to “decide on all key issues” related to collective management.

Law Was Already Being Approved

On July 3, 2022, ANPFI revealed that the law had been approved during a June 22 government meeting and again on July 1 in the first reading by parliament.

 

“Regrettably, during the last 5 years, AGEPI acted only through attacks against authors, copyright holders and related rights, manifested by illegal decisions issued by AGEPI, which were later found to be illegal up to the Supreme Court of Justice,” the group told the government.

 

“As a result of these attacks, the National Anticorruption Center/Anticorruption Prosecutor’s Office initiated a criminal investigation into the illegal acts of the decision-makers within AGEPI. AGEPI’s competence in the field of copyright and related rights was found by the Courts and qualified as ‘… defiance of the legal order…'”

CISAC Asks Moldova’s Parliament Not to Pass Law

In an astonishing series of published articles and open letters, including those addressed directly to the Prime Minister, ANPFI accused AGEPI of being “intoxicated with forgeries, manipulations and corruption.”

 

On July 6, 2022, ANPFI published a letter sent by the International Confederation of Societies of Authors and Composers (CISAC), a global network of 227 collecting societies representing four million creators, to the Moldovan parliament.

 

The full letter can be read here but suffice to say, CISAC wasn’t impressed with the draft.

 

Following ANPFI pleas to the president of Moldova, the U.S. Amadassor to Moldova, and the European Union, a closed government discussion on July 27 led to Moldova’s new copyright law being passed by parliament a day later.

ANPFI Warns of New Competition From Outside Moldova

With the law set to come into force in the second week of October 2022, ANPFI accused AGEPI of lining up foreign-backed copyright management organizations to operate in Moldova.

 

According to ANPFI and reports published earlier in the year, those organizations receive backing from RAO (Russian Authors’ Society) and VOIS (All-Russian Organization of Intellectual Property), who ANPFI accuse of benefiting from similar arrangements in Georgia, Azerbaijan and Kazakhstan.

 

Whether those claims were investigated is unclear but on October 9, 2022, the new law was officially published by the government of Moldova and there was no turning back.

 

In order to operate legally under the new law, ANPFI and ANCO were required to reapply for their status as approved collective management organizations. The same would’ve applied to any new applicants but if there have been approvals, they are yet to be reported.

 

As a result, no collective rights management groups appear to be operating in Moldova. The country has continued to listen to music, of course, but since no group has received official approval, artists aren’t earning any money when music is played on the radio, on TV, in public places, or anywhere else. Even when people make copies of tracks under Moldova’s private copyright exception, nobody gets paid.

 

With a smooth transition under the new law rendered impossible right from the start, AGEPI’s latest move appears to have turned artists’ rights into a dumpster fire.

AGEPI Terminates Both ANPFI and ANCO

Having scrutinized the provisions of the new ‘Law on Copyright and Related rights’ passed in October, the head of Moldova’s State Agency for Intellectual Property (AGEPI) determined that ANPFI and ANCO failed to meet the specified standards.

 

As a result, ANCO’s work since 2013 and ANPFI’s work since 2019, came to an abrupt end last week when AGEPI terminated their status as collective management organizations.

 

“The decision was issued in accordance with the provisions of the new Law on Copyright and Related rights, which entered into force on 09.10.2022,” AGEPI’s announcement reads.

 

“We remind the associations interested in approval as a collective management organization (which have legal personality, being registered in accordance with the provisions of the legislation, and are based in the Republic of Moldova), about the need to cumulatively fulfill the conditions provided for in art. 84 para. (1) from Law no. 230/2022 regarding copyright and related rights.”

 

“Three months after the entry into force of the new law, not a single public association has received approval from the AGEPI to operate as a collective management organization,” says ANCO chairman, Liviu Stirbu.

 

“This means that the scope of copyright and related rights goes beyond the legal framework, and any use of musical works on radio and television is illegal.”

 

Moldova’s law was introduced to ensure “a high degree of protection for authors and holders of copyright and related rights.”

 

Map credit

 

Popular Internet infrastructure service Cloudflare has come under a lot of pressure from copyright holders in recent years.

 

The company offers its services to millions of sites. This includes multinationals, governments, but also some of the world’s leading pirate sites.

 

These sites have proven to be quite a headache for the San Francisco-based tech company. Ideally, however, the company prefers not to be the arbiter of what content is allowed and what is not.

The Curation Conundrum

The company reiterated its position a few months ago. To shield itself from escalating removal demands, including plain censorship, Cloudflare said it would no longer terminate customers without a court order.

 

Just days after taking this hardened approach, Cloudflare reversed its position. Citing an immediate threat to human life, CEO Matthew Prince justified blocking access to the controversial Kiwi Farms site.

 

There’s no question that death threats are in a league of their own, but copyright holders would also like to see more cooperation from Cloudflare. This call is backed by a recent report from brand protection company Corsearch.

 

Corsearch is no stranger to copyright issues. The company works with several of the largest rightsholders and its subsidiary Incopro has produced a wealth of piracy research, some in collaboration with governments. In this case, the research focuses on Cloudflare.

Whirepaper: Cloudflare & Pirate Sites

The overall tenor of the whitepaper is that when compared to other intermediaries, Cloudflare appears to be linked to a relatively high percentage of torrent sites. Of all the sites flagged by Corsearch, which are all demoted by Google as well, half use Cloudflare’s CDN service.

 

“Cloudflare is not the host of these websites. However, the host is not readily identifiable and Cloudflare is most closely associated with 49% of websites notified for delisting by Corsearch,” the report notes.

 

There’s no denying that Cloudflare stands out but it should be noted that the company is not a hosting provider, like the others on the list. In addition to Cloudflare, these pirate sites may use Amazon or Google’s services as well, even though that’s not immediately visible.

 

Besides pirate sites, the report also links Cloudflare to trademarking. Again, it is the most common online intermediary for these outlets.

 

Technically, Cloudflare can’t take these sites offline, as they are hosted elsewhere. However, Corsearch believes that the company could and should do more to tackle the piracy problem. And it has some ideas on where to start.

 

“Cloudflare is uniquely positioned to do more to protect rights holders and substantially to suppress the scourge of online piracy and counterfeiting,” the report reads.

 

“We are asking Cloudflare to do more to support rights owners by voluntarily implementing certain measures. These measures are reasonable, proportionate and if adopted by Cloudflare will have a significant impact.”

Recommendations

Corsearch doesn’t have just one, but a whole list of suggestions for the CDN provider. Most of these boil down to terminating services to sites that others deem to be infringing. Those include the following;

 

– Cloudflare should terminate accounts of sites that are demoted or deindexed by Google search.

 

– Cloudflare should withdraw services to any site that’s deemed unlawful by a recognized law enforcement body or the ‘Infringing Website List’ (IWL).

 

– Cloudflare should ban sites that are on the US Trade Representative’s annual notorious markets list.

 

– Cloudflare should stop working with sites that are added to the European Union’s Counterfeit and Piracy Watchlist.

What Can Go Wrong?

While it’s understandable that rightsholders want Cloudflare to do more, these suggestions are not without issues of their own. The IWL, for example, is private and can’t be scrutinized by the public. As reported recently, this includes domains of organizations such as GitHub, Blogspot, and a Portuguese University.

 

The USTR’s Notorious Market lists and the EU’s Piracy Watchlist also have various entries that deserve some nuance. These include the Chinese Wechat, which has over a billion users, as well as Russia’s largest social media platform VK.

 

Up until recently, USTR even listed Amazon’s foreign online stores as “notorious markets”. Does that mean that these shouldn’t be allowed to operate?

 

Given Cloudflare’s previous comments, it seems unlikely that the company will start banning accounts left and right. That being said, Corsearch also has some other suggestions that may be more realistic.

 

The report proposes a robust “Know-Your-Client” policy, for example. In addition, it calls for a comprehensive transparency report where Cloudflare would disclose which domain names are flagged by rightsholders and how often.

 

Tomás Escobar is the CEO of Acámica, the Argentina-based tech education company he co-founded a decade ago.

 

Escobar studied Computer Engineering at the National University of Córdoba and in 2014 appeared in MIT Technology Review’s ‘Innovator Under 35‘ list. Before Acámica, however, Escobar also created a rather successful website; Cuevana.

 

In 2011, just four years after its launch, Cuevana.tv was among the top 20 most-visited sites in Argentina. When audiences grew in Chile, Peru, Mexico, and beyond, it was clear that trouble lay ahead. In 2012, one of a rumored nine Cuevana administrators was arrested in Chile following a complaint by HBO.

 

In a 2019 interview, in response to a question asking why he closed Cuevana, Escobar said that the site “grew a lot” in 2013. From there, discussions took place with the industry to see if a business could be developed. When that process encountered difficulties, Escobar decided on a new project – Acámica.

 

What happened in the background with Cuevana is much less clear, but the bottom line was straightforward. By some mechanism or another, a site that looked like Cuevana carried on regardless.

 

Not even an appearance on the U.S. Government’s list of most notorious pirate sites in 2015 made that much difference. Cuevana.tv as a domain eventually fell by the wayside, replaced by Cuevana2 and today’s Cuevana3 variants, many of which enjoy tens of millions of visits per month.

 

In a more recent report to the USTR, the MPA said that in August 2022 alone, a handful of Cuevana-branded domains received 130 million visits. Hollywood had already reported some success after seizing domains a year earlier, but the destruction of the Cuevana movement remained elusive.

Damaging Cuevana’s Domains

Cuevana3.me, which first appeared in 2018, was enjoying ridiculous amounts of traffic last year after the site recovered from the seizure of its .io domain. In August 2022, the .me domain received 66.71 million visits and was ranked the 53rd and 68th most popular site in Argentina and Mexico, respectively.

 

At some point, Cuevana3.me started utilizing subdomains, possibly to mitigate downranking by Google due to excessive volumes of DMCA notices. Of course, the strategy was spotted by rightsholders; Disney sent notices like this one which tackled Cuevana3.me subdomains and at the same time, those deployed by FMovies for the same reason.

Cuevana3.me Comes Under Attack

Cuevana3-branded domains were also appearing on national ISP blacklists, including in Peru, courtesy of local government IP body INDECOPI. Then late September 2022, Cuevana3.me was suddenly reported to Google thousands of times over just a few weeks.

 

By early December 2022, the peak had passed. Rightsholders no longer seemed interested in Cuevana3.me, but that was for good reason. In what may have been a tactic to avoid being tarred with the .me brush for too long at Google, Cuevana3.me began seamlessly redirecting users to Cuevana3.ai.

 

Predictably, it didn’t take long for that to get noticed either.

Cuevana3.ai Also Under Attack

Once again, high volumes of DMCA notices were sent to Google in a short space of time. The names of the most prolific senders won’t come as a surprise since they’re all members of the Alliance for Creativity and Entertainment – Disney, Warner Bros., Amazon, Sony, Apple, NBCUniversal and Paramount.

 

There were also signs that the studios sometimes used Smart Protection, a Spanish anti-piracy company that reportedly uses artificial intelligence to efficiently deal with infringing websites.

New Domain, Rinse and Repeat?

If AI really did lose interest in Cuevana3’s .ai domain in early January, that would’ve been quite fitting, albeit for an extremely predictable reason.

 

A Twitter account previously associated with Cuevana3’s .io and .me domains announced the move to yet another new domain on January 10, 2023.

 

“Now we are Cuevana3.be,” it began.

 

“Spread the word, we are the only original Cuevana, the only one that has been at the forefront for years, providing the best content in HD, in your language and totally free. Help us spread the new domain.”

 

Given that the old domains redirect, finding the new domain won’t be an issue for regular users. It wasn’t a problem for Warner Bros. either. The company sent a DMCA notice to Google targeting the site’s main content page on January 7, three days before the official announcement on Twitter.

Are These Tactics Working?

If we go back to the data cited by the MPA last year, the domain cuevana3.me received 66.71 million visits in August 2022 alone. That’s a big number that the MPA would’ve hoped to reduce with its DMCA notices and from various reports, the knock-on effects of Google downranking.

 

Since then, the site has adopted (and then booted) cuevana3.ai and is now located at cuevana3.be. That should’ve had at least some effect on the site’s traffic.

 

According to SimilarWeb data, there is no obvious effect. Cuevana3 appears to have no problem adapting and has lost no traffic as a result. It even appears to have gained some.

 

At the time of writing, Warner, Sony, Amazon, Apple, Paramount, Lionsgate, Netflix, MGM and dozens of others are sending DMCA notices targeting the new .be domain.

 

A total of 194 individual requests have removed 885 URLs in 2023 but that number will dramatically increase in the weeks to come. At what point Cuevana3 will roll out yet another new domain is unclear, but as long as it keeps retaining the old ones, maintaining traffic won’t be a problem.

 

In a September 2022 blog post, YouTube’s Global Head of Music revealed that in the 12 months between July 2021 and June 2022, YouTube paid over $6 billion to the music industry.

 

Trade groups, including IFPI and the RIAA, believe the return should be even greater.

 

So-called ‘stream-ripping’ services typically use YouTube as a source while allowing users to keep copies of copyright tracks on their devices. According to IFPI’s Engaging With Music Report 2022 (pdf), an estimated 27% of Indian music consumers obtain music this way.

India’s Music Piracy Problem

An IFPI announcement published yesterday focuses on India’s piracy problem. The industry group says that while Indian consumers have access to more licensed digital services than ever before, three-quarters of internet users use unlicensed or illegal ways to listen to music in the country. That statement deserves nuance.

 

While around three-quarters of internet users do obtain content illegally, 88% of Indian music consumers use licensed streaming services too. That’s an impressive level of penetration overall, but IFPI would much prefer it if users consumed all of their content legally. For that to happen, India’s stream-ripping habit needs to be addressed.

Sony, Universal and Warner Take Legal Action

IFPI’s announcement followed the publication of a ruling handed down by the High Court in Delhi on January 12, 2023. The case, Sony Music Entertainment India Private Limited & Ors. vs. YT1S.COM, YT1S.PRO, YT1S.DE & ORS., aims to reduce stream-ripping piracy by compelling India’s internet service providers to block popular stream-ripping platforms.

 

“The ruling, which was published by the Delhi High Court today, requires ISPs in India to block access to 20 stream ripping sites, disrupting one of the most prominent forms of music piracy in the country,” IFPI’s announcement reads.

 

The ruling made available by the High Court mentions three domains specifically. Yt1s.com enjoys around 18 to 20 million monthly visits, while the apparently connected yt1s.de reaches around two million. Yt1s.pro is a distant runner-up with less than 20,000 visits per month.

 

No further domains appear in the ruling itself, but the court mentions 18 defendants “on the basis of their domain IDs.”

High Court Informed About Stream-Ripping

Justice C Hari Shankar’s ruling begins by noting that the plaintiffs are copyright holders, meaning that any entity that transmits, broadcasts, or reproduces their recordings without permission, violates India’s Copyright Act.

 

“[The stream-ripping sites] provide services whereby copyrighted content on various platforms, primarily YouTube, could be downloaded in MP3 or MP4 format by copying the YouTube link in the space provided in the website. This phenomenon, [Counsel for the plaintiffs] submits, is known as ‘stream ripping’,” the Judge notes.

 

The labels informed the court that since the stream-rippers mask their WHOIS details, it would be impossible to pursue them in separate proceedings. That’s important for rightsholders seeking a dynamic injunction, which the labels are in this case.

Are Stream-Ripping Services ‘Rogue Sites’?

The Judge says that the plaintiffs describe the stream-ripping platforms as “rogue sites.” When defendants are labeled as such, that puts plaintiffs in a strong position, but does it apply in this case?

 

The term ‘rogue site’ was defined during a blocking case involving torrent site 1337x.to. Very broadly, if the primary purpose of a site is to infringe, the owner fails to respond to takedown notices and has a general disregard for copyright, that’s usually considered a rogue site. Hiding WHOIS details also supports a ‘rogue site’ finding.

 

In this case, the labels are seeking a permanent injunction against the 18 stream-ripping platforms (or any other “mirror/redirect/alphanumeric websites or any other iteration thereof”) to restrain them from “hosting, reproducing or otherwise making available to the public or facilitating the downloading of the content in which the plaintiffs own copyright.”

 

Justice Shankar states that based on the facts before him, the plaintiffs make out a prima facie case, one that justifies an interlocutory injunction to prevent further infringement.

 

This includes instructions for ISPs to block the domains in question, plus any new domains that may appear as a “mirror/redirect/alphanumeric avatar of the websites which already stand injuncted.”

 

The interim order can be found here (pdf). The next hearing is listed for Feb 22, 2023

 

At the start of last year, a French bill went into effect that sanctioned the formation of a new regulatory body.

 

The old HADOPI anti-piracy outfit merged with the Higher Audiovisual Council, creating the Audiovisual and Digital Communication Regulatory Authority (Arcom).

Sports Piracy Crackdown

Along with this organizational change, Arcom received new anti-piracy powers. It can order online services to rapidly take down unlicensed streams of live sporting events, for example.

 

Eager to put the new law to work, sports organizations quickly began reporting infringing sites. These referrals were investigated by Arcom, which forwarded hundreds of blocking requests to Internet providers over subsequent months.

 

Arcom has published several updates to highlight the effectiveness of these measures. After six months, it reported that sports-related piracy was already cut in half.

New Anti-Piracy Agreement

This week, another major step was taken in the battle against piracy. Arcom announced that the four major Internet providers in France (Orange, Bouygues Télécom and SFR) have signed an agreement with the Association for the Protection of Sports Programs (APPS) to further streamline the process.

 

Details of the agreement are not being shared in public, but Arcom says the goal is to strengthen and facilitate anti-piracy measures to protect sporting events. In addition, the parties also reached an agreement on how the costs of blocking should be covered.

 

The French Telecoms Federation (FFTélécoms) welcomes the deal, which took more than a year to negotiate. Under the new terms, the roles and obligations of the parties are more clear.

 

“We are delighted to have reached an agreement. It will allow Internet access providers to benefit from a contractual and technical framework that facilitates the implementation of these blockades and ensures that rightsholders are even better protected against illegal piracy,” says FFTélécoms president Liza Bellulo.

 

The Federation also taps other online intermediaries, including search engines and hosting providers, arguing that they should also play a greater role in the battle against piracy.

 

“We now call for new agreements to be concluded by new players such as hosting providers and search engines in order to implement this ‘safety net’ throughout the digital ecosystem,” Bellulo notes.

IPTV?

Rightsholders are also pleased with the outcome, the sports protection association says. The deal will make anti-piracy efforts more efficient and able to adapt to modern forms of piracy that are less reliant on websites.

 

“This agreement will make it possible to accelerate and consolidate the fight against sports piracy, while leaving open the possibility of adapting it to the new forms of illegal access, notably IPTV services,” says APPS President Maxime Saada.

 

“Collectively, we will be able to better target illegal services that attack the pillar of sports financing, which are audiovisual rights.”

 

How IPTV services will be targeted is unknown, but it’s possible that instead of focusing on domain names, ISPs will block streaming server IP-addresses too. This is already common practice in other countries, such as the UK and Canada.

1,299 Domain Names

Arcom, meanwhile, takes the opportunity to highlight the successes of the past year. Through 85 referrals from sports companies and additional court rulings, a total of 1,299 domain names were blocked.

 

As mentioned earlier, half a year ago the anti-piracy agency already claimed that 50% of all sports piracy had evaporated. We haven’t seen any similar updates since, but at this rate, there won’t be any pirates left by the end of the year.

 

Plenty of challenges remain though. Arcom says that some people circumvent ISP blockades using VPNs or by changing their DNS servers. Those issues will be harder to root out.

 

As one of the most notorious torrent sites, The Pirate Bay has been blocked by ISPs around the world.

 

The UK was one of the first countries to do so more than a decade ago when the High Court ordered local ISPs to prevent users from accessing the site.

 

These ISP blockades have ignited a cat-and-mouse game, with pirates actively looking for alternative routes to access the site. A popular option is ‘proxy’ sites, which allow access to The Pirate Bay through alternative URLs.

 

‘The Proxy Bay’ is a site that helps people to find these alternatives. The site doesn’t act as a proxy service directly but does provide an overview of available options elsewhere on the web.

 

The legality of the service is up for debate but in the UK, thepirateproxybay.com and similar sites have been added to court-sanctioned blocklists.

Police Alert GitHub

Backed by this knowledge, City of London Police’s Intellectual Property Crime Unit (PIPCU) reached out to GitHub a few days ago. On behalf of music group BPI, PIPCU sent a takedown request to the Microsoft-owned company, alerting it to the alleged criminal activity taking place on its domain.

 

As it turns out, one of the Proxy Bay sites used a GitHub subdomain at proxybay.github.com. According to the DMCA notice, this meant that GitHub could potentially be aiding criminal activity.

 

“This site is in breach of UK law, namely Copyright, Design & Patents Act 1988, Offences under the Fraud Act 2006 and Conspiracy to Defraud,” PIPCU wrote.

 

In response to the DMCA notice, GitHub swiftly disabled the domain, which now returns a 404 error instead. In most cases, that would effectively end the matter, but the Proxy Bay operator isn’t giving up just yet.

Proxy Bay Files Counternotice

A few hours ago, the operator of the site sent a DMCA counternotice to GitHub, arguing that PIPCU’s takedown request is wrong because there isn’t any copyright infringing content hosted on the site.

 

“The person claiming DMCA doesn’t understand, that there is no content hosted on proxybay.github.com hence why it is wrong to send a DMCA request for it,” the site owner notes.

 

“This is why companies like [private] and other reputable Domains Registrators like [private] ignore those fake DMCA claims submitted by bots which are just automatic submissions triggered by keywords.”

 

The counternotice doesn’t refer to the police directly but uses the term ‘mister DMCA robot’ instead. The notice asks for further clarification on the claimed infringements and notes that the operator is happy to remove content if needed.

 

“There are no content/media of any kind hosted on proxybay.github.com, if there is – again ask mister DMCA robot to provide with exact links of media files which were infringed and I will be glad to remove them from repository.”

Reinstated?

The counternotice puts the ball back into PIPCU’s court. The police or the rightsholders they represent now have two weeks to file a lawsuit against The Proxy Bay operator. If that doesn’t happen, the DMCA prescribes that GitHub should restore the domain.

 

In the past, we have seen that counternotice can indeed be effective. Three years ago, Popcorn Time challenged a DMCA takedown request from the Motion Picture Association. And indeed, two weeks later, GitHub restored the repository.

 

Whatever the outcome, the counternotice clearly shows that The Proxy Bay isn’t giving up without a fight.

 

Early January 2022, Activision filed a lawsuit in the United States against German companies EngineOwning UG and CMN Holdings S.A., several named defendants, and 50 ‘John Does’

 

Activision claimed that the Call of Duty cheats sold by the defendants are copyright-infringing “circumvention devices” and trafficking in them is illegal under the DMCA. The gaming company went on to allege that selling the cheats to Activision customers constitutes contract interference and selling cheats into the market amounts to unfair competition.

 

In an amended complaint filed last September, Activision added new claims under the Computer Fraud and Abuse Act, and two further counts of racketeering (RICO). On January 14, 2023, several EngineOwning-linked defendants responded by asking for the whole lawsuit to be thrown out.

Activision sued Defendants in Germany Two Years Ago

In a sprawling 53-page motion to dismiss, EngineOwning UG and ten named defendants begin by describing Activision Blizzard as a $50 billion dollar company with offices all around the world, including three in Germany.

 

They note that ten of the defendants are German citizens living in Germany, yet Activision chose to sue them in California for alleged conduct occurring entirely abroad, mostly in Germany. “The appropriate forum for such a case is not the United States – but Germany,” their motion reads.

 

The defendants go on to reveal that Activision is already suing two of them in Germany, in a lawsuit that was filed at least a year before Activision filed its lawsuit in the United States.

 

“Plaintiff previously filed a lawsuit based on the same underlying unfair competition allegations in Germany against two of the Foreign Defendants in this case – Valentin Rick and EngineOwning UG…..more than two years ago.

 

“That case is still pending and could be resolved one way or another as soon as February 7, 2023,” the defendants inform the court.

 

Since Activision did not mention the German action in its original or amended complaints, the defendants present a theory for the consideration of the court.

 

“Perhaps Plaintiff feared such disclosure would make the Court think this matter is better left resolved in the German court system. After all, all of the Foreign Defendants making this Motion are foreigners with no connection to the United States. Moreover, none of the Foreign Defendants’ conduct at issue was even alleged to have occurred in the United States,” they add.

Allegations Too Broad, Too Vague

Over the last year, Activision has named more than 20 defendants, in addition to a potential 50 ‘Doe’ defendants. The motion claims that when Activision alleges any conduct, it tends to be general in nature while targeting “unspecified defendants”, i.e it doesn’t differentiate between one defendant and another.

 

“Does Plaintiff mean every Defendant literally conducted every described action? Or does Plaintiff mean that every Defendant is simply just liable for the actions of every other Defendant? Or is it a mix?” the motion reads.

 

“This extremely vague form of pleading makes it impossible to tell who did what where and when. Instead, Plaintiff leaves it to each Defendant, and the Court, to guess.”

Grounds For Dismissal – Jurisdiction

The motion says that for general jurisdiction to exist over a nonresident defendant, it must be shown that the defendant engaged in “continuous and systematic” business contacts. They insist that’s the not the case here.

 

Activision doesn’t allege that the defendants have ever lived or held property in the U.S., or paid any taxes there. As for Activision’s claim that the defendants operated “at least two servers” in the United States, the defendants cite Dish Network, LLC v. Jadoo TV, Inc..

 

“[T]he physical location of servers cannot confer the necessary contacts between a defendant and a forum for the exercise of personal jurisdiction,” the citation reads.

 

In respect of specific jurisdiction, the defendants loop back to their earlier claims that Activision’s pleadings are too vague, because it “hopes to avoid having to plead any particular fact to any particular Defendant.”

Forum Non Conveniens

Looping back to the revelation that Activision is already pursuing two of the defendants in Germany, the defendants state that by its own actions, Activision has already shown which forum is most convenient.

 

“Under these circumstances, Germany, where each of the Foreign Defendants are amenable to service, is the more appropriate forum,” the motion adds.

 

“In this case, it is uncontroverted that all Foreign Defendants are amenable to service in Germany,” and if a case in Germany is successful, they add, “… injunctive relief and damages are potentially available to Plaintiff.”

Private and Public Interest

Given that none are citizens of the United States, the defendants say that the private and public interest factors weigh in favor of dismissal. They predict evidentiary problems, including the physical attendance of the defendants at a trial in California and whether unwilling witness can be compelled to travel. It might even prove difficult to enforce any judgment, they add.

 

The motion acknowledges that Activision has included U.S. defendants but dismisses that as an attempt to “make weight” and give the lawsuit a nexus to U.S. courts. Citing $35,000 in travel expenses alone, the defendants insist that a lawsuit in Germany makes much more sense.

 

The memo accompanying the motion to dismiss is available here (pdf)

 

Every day, millions of people enjoy fan-made subtitles. These files help foreigners to better understand English entertainment and provide the hearing impaired with a way to comprehend audio.

 

These subtitles are often used in combination with pirated films or TV shows, a thorn in the side of entertainment industry companies, who see this as a threat to their business.

 

This was also the case with Legendas.tv, a Brazilian fansubbing community founded in 2006. For many Brazilians, Legendas (Portuguese for ‘subtitles’) was their first introduction to characters such as Jack Bauer, Michael Scofield and Hiro Nakamura.

Legal Issues Came Early

The site, which relied on a team of contributors, soon gained a steady user base. With its presence growing, the concerns of major entertainment industry companies increased as well.

 

In 2009, legal pressure resulted in a temporary shutdown. Representing the major Hollywood studios, Brazil’s Antipirataria Association Cinema and Música (APCM) complained to the site’s hosting company Softlayer, which pulled the plug shortly after.

 

Legandas.tv’s downfall didn’t last for long. The site quickly switched to a new hosting company, from where it continued to serve subtitles. Meanwhile, sympathizers of the site went after the anti-piracy group. The hackers defaced APCM’s website which started to link to torrents.

Avid Consumers

Shortly after the crackdown, Legendas.tv team sent out a different message. While the entertainment companies were quick to brand them as pirates, Legendas argued that they were probably some of the most avid consumers.

 

“We are those who purchase the latest technology products and subscribe to the best cable TV packages and the most powerful broadband plans. We voraciously consume culture. And even with all that, we don’t think it’s enough,” the Legendas team wrote at the time.

 

The fansubbers argued that they simply wanted to consume content that wasn’t available legally around the world. At the time, many countries had to wait months before popular content became legally available, if it became available at all.

Mission Complete

Pirate sites and subtitle repositories have a history of meeting demand when availability is lacking. With the shortening of release windows and the rise of online streaming, the gap has started to close. Today, affordability is a bigger issue than availability. While there is still plenty of interest in subtitles, the Legendas team feels that it served its purpose.

 

A few days ago Legendas.tv voluntarily shut down. In a message to its users, the site explains that times have changed. There are now many legal platforms making the latest content available, with subtitles included.

 

“For many years Legendas.TV was one of the main repositories of Portuguese subtitles for a variety of content. Those were other times, the content was distributed in different ways and, after many years, the market took over with more and more accessible streaming services,” the translated note reads.

Funds Dried Up

There are other factors that played into the shutdown decision as well. The team notes that the financial position was dire due to a decline in user contributions and issues that prevented it from having decent advertisements.

 

The site was not being operated with a profit motive. However, the lack of funds made it harder to cover the costs. Three years ago, the operators threatened to shut the site down unless more people subscribed to their VIP plan. This extended the site’s life, but Legendas eventually made the decision to pull the plug.

 

The voluntary shutdown is the end of an era but the site’s subtitle archive won’t simply vanish. According to the farewell message, the files will be made available to the public in some shape or form during the weeks to come.

 

Other than that, Legendas’ journey has come to an end.

 

In 2020, YouTube-ripper Yout.com sued the RIAA, asking a Connecticut district court to declare that the site does not violate the DMCA’s anti-circumvention provision.

 

The music group had previously used DMCA takedown notices to remove many of Yout’s appearances in Google’s search results. This had a significant impact on revenues, the site argued, adding that it always believed it was not breaking any laws and hoped the court would agree.

 

That wasn’t the case. Last October, Judge Stefan Underhill ultimately concluded that the service had failed to show that it doesn’t circumvent YouTube’s technological protection measures. As such, it could be breaking the law.

$250,000 Attorneys Fees

Soon after the court’s decision, the RIAA submitted a request to have Yout pay the $250,000 in attorneys fees it incurred thus far. As the prevailing party, RIAA felt that it was entitled to compensation.

 

Yout wanted to press on, however. Site operator Johnathan Nader swiftly filed an appeal as he believes that YouTube rippers don’t violate the DMCA. A few weeks ago, his legal team asked the court to put the RIAA’s request for attorneys fees on hold while the appeal is pending.

 

Postponing the fees decision was important for Yout because immediate payment might undermine its ability to properly fund its legal campaign. It would also harm Yout’s defense and the many other sites and services indirectly impacted by the case, Yout informed the court.

No Money?

The RIAA didn’t buy it. In a response brief, the music group doubted that Yout lacks the means to fund its legal campaign. After all, it was still operational and able to retain a new team of lawyers for its appeal.

 

“The record in this case suggests that Yout does not lack resources: Yout admits that its service is still operational and it has hired three new lawyers for the appeal,” the RIAA wrote.

 

Again, Yout disagreed. Backed up by a bank statement, the YouTube ripper showed the court that the site was barely running break-even. In fact, Nader used his personal funds to bankroll the appeal.

 

“(i)f a judgment on fees is issued at this time, that could severely impact Plaintiff’s ability to fund the appeal whether through company funds, personal funds, or third-party assistance,” Yout argued in court.

Court Denies Fees Request, For Now

After hearing the arguments from both sides, U.S. District Court Judge Stefan Underhill decided to deny the RIAA’s request for attorneys fees altogether. However, the music group can refile it after the appeal. This means that Yout’s request to stay the matter is moot.

 

“Here, I choose to exercise my discretion to deny the fee motion without prejudice and grant the RIAA leave to re-file the motion upon resolution of the appeal,” Judge Underhill writes.

 

The Judge argues that delaying the issue saves judicial resources. In addition, the party that wins the appeal will likely request attorneys’ fees as well, so the order also avoids piecemeal adjudication.

 

To outsiders, the ruling may seem nothing more than an administrative battle, but it may prove to be a crucial one for Yout. Without legal funds, an appeal would have been virtually impossible to win.

 

—

 

A copy of U.S. District Court Judge Stefan Underhill’s order is available here (pdf)

 

Rightsholders involved in the creation and broadcasting of live events say their businesses face a persistent threat from unlicensed and illegal competition.

 

Since live sports sector stakeholders are particularly vulnerable, undermining pirate IPTV services is a key priority. Civil enforcement – including hard-fought proactive and real-time ISP blocking measures – may have had some positive effect, but pirate IPTV subscriptions are selling well and rightsholders are still worried.

 

On the criminal side, multiple police-led operations around Europe often sounded spectacular but didn’t have a significant effect on the market. What rightsholders really want is a change in the law, to compel intermediaries in receipt of a takedown notice to disable streams immediately, or face liability themselves.

 

Last October, over 100 rightsholders, organizations, and powerful media groups coordinated to demand just that. MPA, UEFA, Premier League, beIN, LaLiga, Serie A, Sky, and BT Sport, to name just a few, told the European Commission to ‘End Live Piracy Now’.

 

The EC’s answer came three weeks later but for rightsholders, it wasn’t worth the wait. With no legislative instruments or European-wide regulation on the table, the EC pledged to follow up on a European Parliament resolution by offering a “toolbox” to fight the illegal streaming of live events.

EC Calls For Evidence to Fight IPTV Piracy

The European Commission has just issued a call for evidence to ensure that its upcoming “toolbox” contains the right tools to effectively address the IPTV problem, within the boundaries of existing EU law.

 

“It is necessary to identify effective solutions, in accordance with EU law, to promptly remove or block access to unauthorized retransmissions, taking due account of the nature of the content,” the EC’s announcement reads.

 

“Various remedies against the unauthorized retransmissions of content are already provided for in the EU legislation. In particular, the recently adopted DSA constitutes a robust general framework to counter illegal content online.

 

“It harmonizes the rules on notice and action mechanisms, and will streamline the processing of notices sent to providers of hosting services to remove unauthorized retransmissions of live events.”

 

Whether the Digital Services Act (DSA) can provide sufficient tools remains to be seen. The EC cites no additional benefits beyond a more streamlined takedown process. Instead the focus is on tools already in use – injunctions against infringers and intermediaries, plus dynamic ISP blocking orders.

 

“The Commission will recommend to Member States and market players the best use of these existing tools for the specific case of unauthorized retransmissions of live events. It will also aim at promoting cooperation between market players and between the relevant administrative authorities established in certain Member States,” the EC adds.

“Likely Impacts”

Over the past few years the EU has published a number of in-depth piracy reports, detailing the IPTV landscape, challenges faced by sports broadcasters, and the use of dynamic blocking injunctions (pdf).

 

On the other side, rightsholders have listed their demands extremely clearly. They need real-time stream takedown tools, toughened repeat-infringer policies, and ‘take down means stay down’ measures.

 

Given that the EC disappointed rightsholders last year, it’s not inconceivable that leverage points will be found under copyright law and the DSA to allow the parties to meet somewhere in the middle. At this stage, however, the EC is promoting the efficient use of tools that are already available, such as ‘notice and action’ mechanisms supported by blocking injunctions.

 

If these existing measures prove insufficient, all is not lost. The EC says that subject to an assessment, it will propose new legislation to mitigate the problem.

 

“The Commission will set up a monitoring system to assess the effects of the recommendation on the effectiveness of the legal remedies, based on the information gathered in particular from Member States, the EUIPO Observatory on infringements of IP rights, rightholders and intermediaries,” the EC says.

 

“This will ensure appropriate follow-up, including by proposing legislation if the desired results are not achieved.”

 

The EC initiative “Combating online piracy of live content” is live and accepting stakeholder input until February 10, 2023.

 

By now, various courts around the world have concluded that The Pirate Bay is a copyright-infringing website.

 

In response to various court orders over the years, the notorious torrent site was blocked by dozens of ISPs all around the world. That’s also the case in the UK, where The Pirate Bay was added to the local piracy blocklist over a decade ago.

 

These blocking efforts triggered the rise of hundreds of Pirate Bay proxy sites. While many of these were subsequently blocked, new ones continue to pop up, as do sites that provide an overview of the latest working proxies.

 

“The Proxy Bay” falls in the latter category. It provides links to the latest Pirate Bay proxies and also shares information on how people can start a proxy of their own. While rightsholders don’t like this type of information being shared, there are no links to copyrighted material on the site.

Proxy Blocking

The lack of infringing content hasn’t stopped local music group BPI from pursuing legal action. As part of the original Pirate Bay blockade, thepirateproxybay.com and many similar sites are blocked by UK ISPs. Voluntarily complying with the same ruling, Google followed suit by deindexing whole domains.

 

One domain managed to escape these blocking actions; proxybay.github.com. This GitHub subdomain is a copy of thepirateproxybay.com and appears to be operated by the same people, but it’s not blocked by UK ISPs.

 

Interestingly, we did spot the site on an advertising blacklist maintained by City of London Police’s Intellectual Property Crime Unit (PIPCU). In our article from a few months ago, we questioned why the police couldn’t have taken an easier route by sending a DMCA notice.

‘Criminal’ GitHub Subdomain

Fast forward to 2023 and PIPCU has decided to take up the matter on behalf of music group BPI. Police sent a takedown request to the Microsoft-owned company, alerting it to the alleged criminal activity taking place on its domain.

 

“This site is in breach of UK law, namely Copyright, Design & Patents Act 1988, Offences under the Fraud Act 2006 and Conspiracy to Defraud,” PIPCU writes.

 

“Suspension of the domain(s) is intended to prevent further crime. Where possible we request that domain suspension(s) are made within 48 hours of receipt of this Alert,” the notice adds.

 

This takedown request was honored by GitHub, meaning that people who try to access the domain now get a 404 error instead.

 

Muddying the Waters

While GitHub’s swift response is understandable, it’s worth pointing out how these blocking efforts are evolving and expanding, far beyond blocking the original Pirate Bay site.

 

The Proxy Bay doesn’t link to infringing content directly. The site links to other proxy sites which serve up the Pirate Bay homepage. From there, users may search for or browse torrent links that, once loaded, can download infringing content.

 

Does this mean that simply linking to The Pirate Bay can be considered a crime in itself? If that’s the case, other sites such as Wikipedia and Bing are in trouble too.

 

A more reasonable middle ground would be to consider the intent of a site. The Proxy Bay was launched to facilitate access to The Pirate Bay, which makes court orders less effective. In 2015 UK ISPs began blocking proxy and proxy indexing sites, so that explains why thepirateproxybay.com and others are regularly blocked.

 

Whether this constitutes criminal activity is ultimately for the court to decide, not the police. In this regard, it’s worth noting that City of London Police previously arrested the alleged operator of a range of torrent site proxies.

 

The then 20-year-old defendant, who also developed censorship circumvention tool Immunicity, was threatened with a hefty prison sentence but the court disagreed and dismissed the case.

 

The data for our weekly download chart is estimated by TorrentFreak, and is for informational and educational reference only.

 

These torrent download statistics are only meant to provide further insight into the piracy trends. All data are gathered from public resources.

 

This week we have two newcomers on the list. “Puss in Boots: The Last Wish” is the most downloaded title.

The most torrented movies for the week ending on January 16 are:

Movie Rank	Rank last week	Movie name	IMDb Rating / Trailer
Most downloaded movies via torrent sites
1	(2)	Puss in Boots: The Last Wish	7.8 / trailer
2	(1)	The Menu	7.3 / trailer
3	(4)	Avatar: The Way of Water	8.1 / trailer
4	(5)	Black Adam	7.1 / trailer
5	(7)	The Pale Blue Eye	6.7 / trailer
6	(3)	Glass Onion: A Knives Out Mystery	7.4 / trailer
7	(…)	Devotion	6.7 / trailer
8	(…)	The Old Way	5.4 / trailer
9	(10)	Top Gun: Maverick	8.3 / trailer
10	(6)	Violent Night	6.9 / trailer

 

 

Note: We also publish an updating archive of all the list of weekly most torrented movies lists.

 

As Android-based piracy apps go, streaming app PikaShow ticks most of the usual boxes.

 

Compatible with smartphones, tablets and set-top boxes, PikaShow allows users to stream live TV channels in excellent quality or download the latest movies and TV shows for offline viewing.

 

For those with a preference for larger screens, PikaShow allows casting. Subtitles are also available, meaning that PikaShow can be enjoyed by viewers worldwide. The downside for PikaShow is that expanded reach means irritation for overseas rightsholders, not just local ones.

Disney, Star India, MPA, USTR

In 2022, the existence of the PikaShow app became intolerable for Disney Star, a wholly-owned Indian subsidiary of The Walt Disney Company. After a criminal complaint to the Tamil Nadu Police Cyber Cell failed, Disney filed a First Information Report (FIR) with the Bengaluru Cyber Cell, alleging various crimes under computer abuse and copyright laws.

 

PikaShow didn’t shut itself down – it doubled down instead. After becoming the official sponsor of the Afghan cricket team during Asia Cup 2022, PikaShow was able to advertise its pirate streaming app via legal TV broadcasts watched by millions of people.

 

Describing this as a bold move would be a significant understatement.

 

Through its team sponsorship deal, PikaShow was able to advertise its pirate services on Star India’s official TV broadcasts of Asia Cup 2022. This meant that Disney effectively paid to advertise a pirate app it was already pursuing in a criminal action for illegally streaming its licensed content.

 

Adding insult to injury, PikaShow streamed Star India’s official TV broadcasts to its own users for free.

Rising Pressure, High Court Injunction

In the wake of its TV stunt, the MPA reported PikaShow to the United States Trade Representative. After targeting PikaShow in a May 2022 civil complaint, Star India filed a criminal complaint with the police in Delhi and then followed up with another copyright complaint at the High Court in Delhi.

 

In November 2022, the Court issued a broad injunction restraining the operator(s) of PikaShow. Companies doing business with PikaShow were ordered to hand over all available information on its operator. Registrars were told to suspend PikaShow’s domains, and every ISP in India received blocking instructions (pdf).

 

PikaShow didn’t shut itself down. But, as the saying goes, hindsight is always 20/20.

Police Arrest College Student

On Saturday, Anoop Shetty, Deputy Commissioner of Police, North East Division, Bengaluru City, confirmed the arrest of a man in northern India in connection with the PikaShow app.

 

“We have arrested Shisharam Badiya from his native place Rajasthan for copyright violation based on a complaint by Star India,” Shetty said.

 

According to Economic Times, the suspect is a college student who was arrested after police traced his cellphone number. He stands accused of illegally streaming Star India and Disney+ Hotstar content via PikaShow and monetizing those pirate streams through advertising.

 

While comments on Indian discussion platforms are a mixed bag, news of the arrest doesn’t appear to be generating much sympathy. Some suggest that monetizing pirated content was the problem, while others suggest that the only mistake was not escaping with the money. One poster simply expressed sadness at students destroying their futures.

 

Predictably, some comments note that since apps tend to come and go, others will appear to take PikaShow’s place. Whether PikaShow survives this or not (there’s no confirmation either way), PikaShow’s ‘place’ has been under threat for a while now.

 

At the time of writing, there are at least 100 domains with obvious ‘PikaShow’ branding. Dozens claim to offer the official app, but a hash value comparison of various APK files tells a very different story. There are a thousand pieces of advice for staying safe online, but if a site introduces its product with a flat-out lie, things won’t get any better from there.

 

Over the past several months, we have repeatedly reported on Google’s decision to voluntarily remove pirate sites from its search results.

 

Google will do so if local court orders require ISPs to block access to the sites. These measures are geo-targeted at the applicable countries, which include the UK, France, and the Netherlands.

 

Thus far Google hasn’t publicly commented on its motivation but several rightsholders have confirmed the actions. Interestingly, however, Google is not the only search engine where pirate sites have gone ‘missing’. In fact, it’s quite a persistent problem on other search engines as well.

Bing’s Missing Pirate Sites

This week we conducted various tests on Bing’s search engine across multiple countries. This revealed that several of the top pirate sites only have their home pages indexed, while others are completely unfindable.

 

For example, when we use the site: command to find all Pirate Bay pages indexed by Bing there’s just one visible result. A message at the bottom clarifies that “some results have been removed” but that’s an understatement, as there are supposed to be millions.

 

For comparison, the same search on Google claims to return ~24,000 URLs from The Pirate Bay, provided that the site hasn’t been stripped completely due to the aforementioned voluntary removal process.

 

The problem is also apparent when searching for “Pirate Bay Linux”. On Bing this doesn’t return any useful results from The Pirate Bay, while Google lists a collection of relevant pages from the notorious torrent site.

 

This isn’t to argue that Google is better than Bing, we merely want to show the differences. Depending on the search term and your location, Microsoft’s search engine may provide better results for other search terms.

 

Bing’s meager search results are not limited to The Pirate Bay. The same applies to various other torrent sites such as Fitgirl-Repacks.site, and TorrentGalaxy.to. In addition, other pirate portals including 9anime.to yield the same result.

Entire Domains Disappear

The domains mentioned above still have their home pages listed, but the same can’t be said for many others.

 

When we search for 1337x.to there are no results (for that domain) at all, even though Bing does pull up the correct Wikipedia page in an information panel. Similarly, results are missing for Fmovies.to, Rarbg.to, and other popular sites as well.

 

For the record, these results are the same in the various geographical locations we tested.

 

And there’s more to this mystery, as other prominent pirate sites remain indexed as usual. This includes the most popular torrent site YTS.mx which, aside from a few DMCA takedowns, has numerous pages in Bing’s search results.

‘No Editorial Decision’

So what is going on here? Is this an anti-piracy measure? Or are these domains being punished for another reason?

 

When we reached out to Microsoft, the company couldn’t immediately give us an explanation. However, the team stressed that the removals are not the result of an editorial decision.

 

“We can share that we did not make an editorial decision to remove these domains. We have passed this along to our technical team,” a spokesperson informed us.

 

Whatever the reason, the removals are not without consequence. Several other search engines that rely on Bing data are missing the same results. This includes the privacy-centered search engine DuckDuckGo.

Colateral Damage

Last year we reported on an issue with disappearing pirate sites at DuckDuckgo. This was also related to Bing. While some links were put back manually by DuckDuckGo, these issues persist.

 

When we search for “rarbg” on DuckDuckGo, Rarbg.to is correctly identified as the official site and the top result.

 

This result is only triggered by certain keywords. When we search for “rarbg official site,” RarBG is nowhere to be found. Instead, we get the same results as we do in Bing.

 

That brings us to another side-effect of the disappearing sites. With the disappearance of the official domains, copycats are now making their way to the top results. These are generally more likely to show malicious advertisements or cause other trouble.

 

This copycat problem equally applies to Google, where demoted or removed sites are regularly replaced by dubious sites.

 

After reporting on the activities of the Alliance for Creativity and Entertainment (ACE) for more than five years, it’s clear that the coalition is digging in for the long haul.

 

For operational reasons, ACE doesn’t announce the results of all of its work, nor does it produce any statistics. What we suspect from our own research is that in December 2022 alone, ACE may have taken control or otherwise rendered inoperable more than 40 domains, perhaps more than 50.

 

Accurately identifying every last domain affected by ACE action isn’t an exact science. No one source of information reveals a precise, reliable figure but, when combining various methods, a potentially startling statistic raises its head. Since its inception in 2017, ACE may be responsible for the demise of more than 600 domains, one way or another.

 

Whatever the mechanism, under pressure or voluntarily, domains are redirecting to the ACE portal at a rapid rate. The handful of sites below barely scratch the surface of the last few months of activity, but the result is the same – domain redirects followed by ACE seizure banners, right across the board.

 

Sites can find themselves on the radar for many reasons, but when ACE/MPA obtain DMCA subpoenas in United States courts, that often signals trouble ahead.

 

This roundup covers dozens of sites/services operating in the IPTV, web streaming, and streaming app sectors, that were named by ACE/MPA in their most recent applications as infringers of their members’ rights.

Subpoena 1: HDO Box (streaming app)

This DMCA subpoena application requiring Cloudflare to hand over a site operator’s details was filed in the United States District Court for the Central District of California (Western Division).

 

The main target is the popular HDO BOX pirate streaming app, currently available at hdo.app. The app claims to offer a “big catalogue of HD Movies and TV Shows” which obviously makes it a prime target for ACE.

 

The supposed links to Google Play and Apple’s App Store are misleading – one triggers a direct download (not from Google Play) and the other links to a Telegram channel with more than 100,000 members – another reason for ACE to be interested.

 

In common with similar apps, HDO BOX obtains its content from other services. Operated by the MyCloud hosting service, a subdomain of mycloud.to is listed in the application as the host of an .m3u playlist file utilized by HDO BOX.

 

The other is a subdomain of hosting site Streamhub (streamhub.to) from where a .ts file (Video Transport Stream) allegedly supplied the movie ‘Bumblebee’ to HDO BOX users.

 

The DMCA subpoena targeting Cloudflare can be viewed here (pdf)

Subpoena 2: IPTV Services

Filed in the same California court, the second DMCA subpoena also targets Cloudflare.

 

In common with similar applications, this one seeks the names, physical addresses, IP addresses, telephone numbers, e-mail addresses, payment information, account updates and account histories of the people behind two IPTV websites.

 

IPTV Dark (iptvdark.com) is listed as the main target domain, line.darktv-pro.me as the URL supplying the service’s .m3u playlist file, plus an IP address from where the movies Aquaman and Like a Boss were allegedly streamed.

 

IPTV Finland (iptvfinland.me) operates under Streamy IPTV branding and claims to offer 10,000 TV channels. According to the DMCA subpoena, the .m3u playlist for the service is provided by worldiptv.me while a specific IP address allegedly supplied the movies Men in Black II and Top Gun.

 

The DMCA application targeting Cloudflare can be viewed here (pdf)

Subpoena 3: Streaming Sites

The third DMCA subpoena application has a lot in common with the two detailed above. Filed in the same California court, it targets Cloudflare and seeks the same level of personal information that, at least potentially, could push investigations forward.

 

The key difference is the volume of domains/sites involved – 40 in total. A small number of the domains targeted are shown below, with all 40 listed at the end of this article.

 

“The purpose for which this subpoena is sought is to obtain the identities of the individuals assigned to these websites who have exploited ACE Members’ exclusive rights in their copyrighted motion pictures without their authorization,” the subpoena application reads.

 

Aside from the volume of sites targeted, the subpoena is unusual in that it mentions an ACE member that may not have been previously announced. Along with Columbia, Disney, Netflix, Paramount, Universal, Warner and Village Roadshow, BRON Creative USA Corp makes an appearance as a rightsholder in the application.

 

BRON Studios notably teamed up with Warner to finance ‘Joker’, which does appear in this set of court documents as an infringed movie. BRON’s involvement may be for other reasons, however.

 

The DMCA application targeting Cloudflare can be viewed here (1,2, pdf)

 

A subpoena targeting Tonic Domains (solarmovie.to) available here (pdf)

 

Domains targeted in DMCA subpoena 3 are listed below.

 

hurawatch.cc
kisskh.me
tvhayvn.org
motphimtv.info
phimmoichilly.net
ItamilMV.media
hindilinks4u.tel
divicast.com
5movierulz.am
xemphim.club
solarmovie.pe
dutafilm.xyz
movieboxpro.app
gimmepeers.com
motchill.com
yifytv.co
ibomma.cc
moviesmod.com
hindilinks4u.skin
hindilinks4u.top
divicast.org
yomovies.icu
prmovies.com
watchseriesproject.com
wawacity.bond
pelisplus.lat
pelisplushd.nz
cinecalidad.run
pelisflix2.online
pelisgratishd.io
seriesyonkis.nu
cinehdplus.org
cuevana3.nu
repelis2.co
allcalidad.ms
elisflix2.to
gogohd.net
gogodownload.net
animeseries.so
solarmovie.to

 

There are plenty of options for copyright holders to frustrate the operations of pirate sites, but one of the most effective is to attack their domain names.

 

In recent years, various entertainment industry groups have called on the domain name industry to help out on this front.

Trusted Notifiers

As a result, the MPA signed a landmark agreement with the Donuts registry in 2016, under which the movie industry group acts as a “trusted notifier” of “pirate” domains. A similar deal was later announced with the Radix registry.

 

Lesser known is the trusted notifier agreement between the RIAA and the Donuts registry. That company was acquired by the Afilias registry and both have since rebranded to “Identity Digital.”

 

Identity Digital is a serious player in the domain name industry. The registry oversees close to 300 TLDs, including .movie, .wtf, .rocks, and .legal. In addition, the company also owns domain name registrar Name.com.

 

Over the past several years, very little information has been released on the use of the “trusted notifier” system. There was an early announcement that the first two domains had been taken down by the MPA, but we haven’t seen any new statistics since.

 

TorrentFreak reached out to both the RIAA and MPA to get more details, but these groups prefer not to share information, with the latter referencing a non-disclosure agreement. In recent months, however, Identity Digital started to lift this veil.

Domain Suspension Transparency

A few months ago, Identity Digital published its first-ever abuse report, documenting how many of its domain names had been suspended due to unauthorized use.

 

As the company oversees millions of domain names, it’s no surprise that a fraction are used by bad actors. Indeed, during the third quarter of last year, 3,225 abuse cases were opened, resulting in 4,615 closed domain names. The vast majority were related to phishing activity.

 

The careful reader will notice that “copyright infringement” isn’t listed separately in the table above. It could fall under another category but Identity Digital actually reports content flagged by “trusted notifiers” separately.

 

Aside from the RIAA and MPA, these notifiers also include the Internet Watch Foundation (IWF), which reports sites that are associated with Child Sexual Abuse Material. The table below shows the total number of reported URLs in the third quarter.

 

As it turns out, there are only a small number of flagged ‘pirate’ URLs per quarter. The MPA reported four URLs while the RIAA submitted none.

No Fluke

This low number isn’t a fluke. The numbers look very similar in the previous transparency report, where the MPA flagged six URLs. The RIAA didn’t submit any domain names for review in the quarter either.

 

It’s tricky to interpret these findings. In theory, it could mean that pretty much all pirate sites have been dealt with already on these TLDs. We reached out to RIAA to hear their thoughts on the lack of activity but, as hinted before, the music group had no comment.

 

To double-check, we searched Google and found that it isn’t hard to find some infringing URLs using Identity Digital domain names. However, these are not the most prominent sites, so perhaps it’s simply not a priority?

 

What we can say for sure is that the trusted notifier system doesn’t lead to mass suspensions in this case. That said, Identity Digital’s transparency only goes so far. We don’t know which domains were suspended following MPA reports or what kind of infringing content they listed.

 

The relatively low number of reports may be partly due to the fact that Identity Digital’s TLDs are not the most common ones. This would likely be different for Verisign, which oversees many popular TLDs including .com, .tv and .net.

 

Thus far, Verisign prefers not to actively police content, but U.S. lawmakers have started to increase pressure on the company.

 

With tens of millions of fans playing every month, Genshin Impact is a huge free-to-play gaming success story.

 

While Genshin Impact publisher Cognosphere undoubtedly enjoys this global attention, some groups of fans are taking their enthusiasm a little too far.

 

As revealed by TorrentFreak last December, Cognosphere is targeting gamers who leak Genshin Impact content to the public in advance of the company’s schedule.

 

A notable target for Cognosphere was Ubatcha, a Genshin Impact leaker with an extremely high profile and broad fan base. Today we can reveal that Cognosphere has new alleged leakers on its radar.

DMCA Subpoena Applications Filed in U.S. Court

Filed yesterday at the United States District Court for the Northern District of California (San Francisco Division), four new DMCA subpoena applications were filed pursuant to 17 U.S. Code § 512(H).

 

This section of copyright law allows a rightsholder to obtain a subpoena to help identify an alleged infringer. All four DMCA subpoena applications target users alleged to have breached Cognosphere’s copyrights.

 

All were filed by Mitchell Silberberg & Knupp LLP, the same Los Angeles law firm that previously targeted Ubatcha.

DMCA Subpoena #1 – Genshin Impact Leakers’ Group

Before filing the applications for these DMCA subpoenas, Cognosphere’s attorneys sent copyright complaints to Discord requesting the removal of several pieces of content. The DMCA takedown notice in this case is dated January 11, 2023, and the subpoena application itself is dated January 12.

 

“It has come to our attention that numerous images and videos infringing Cognosphere’s copyrighted Game are being made available by user ‘Linxian#0001,’ via the Discord channel ‘原神内鬼爆料区’ (Genshin Impact Leakers’ Group),” the takedown notice reads.

 

The example above is just one in a series of 11 screenshots, all depicting allegedly infringing content posted to Discord.

 

The DMCA subpoena application can be found here, DMCA takedown notice here (pdfs)

DMCA Subpoenas #2, #3, #4 Target ‘House of Daena’

The remaining three DMCA subpoena applications target users of the ‘House of Daena‘ Discord channel.

 

The general format of these applications is the same as the first targeting Genshin Impact Leakers’ Group. Similar copyright complaints were also filed with Discord to have the content taken down.

 

Three Discord users are affected: ‘LJ.#8200’, ‘M9G#3656’ and ‘rice cooker#9289’

 

In addition to taking down the identified content, the DMCA notices suggest that removing or disabling the entire channel is also an option for Discord.

Common to All Four Subpoena Applications

While the targeted Discord channels, users, and the content they allegedly posted to those channels differ in each case, the overall aim is the same.

 

“Petitioner, Cognosphere Pte. Ltd. (‘Cognosphere’) through its undersigned counsel of
record, hereby requests that the Clerk of this Court issue a subpoena to Discord, Inc. (‘Discord’) to identify alleged infringers at issue, under the Digital Millennium Copyright Act (‘DMCA’), 17 U.S.C. § 512(h),” each reads.

 

While they target different users, the proposed DMCA subpoenas to Discord are mostly the same in all four cases. They require Discord to produce information including, “name(s), address(es), telephone number(s), e-mail address(es), and IP address(es), or other information,” sufficient to identify the alleged infringers.

 

At the time of writing the clerk of the court has not yet signed off on the applications, meaning that Discord has not yet produced any documents. However, it’s more than likely that the applications will be approved today or in the coming days. At that point, Discord will need to comply.

 

Finally, the initial takedown notices to Discord note that the platform should take “appropriate measures to prevent further infringements” by the named users and “any other parties responsible for the infringement.”

 

Discord’s ‘repeat infringer’ policy is directly mentioned, meaning that account suspensions remain a possibility for the listed users.

 

The remaining three DMCA subpoena applications can be found here (1,2,3, pdf)

 

More than two years ago the federal government shut down Gears-branded IPTV services operated by Pennsylvania and New Jersey man, Bill Omar Carrasquillo – better known online as ‘Omi in a Hellcat’.

 

The seizure of dozens of high-end cars and a reported $5.2m from bank accounts made international headlines in November 2019, further boosting Carrasquillo’s profile. A criminal indictment unsealed in 2021 revealed that the popular YouTuber wasn’t the only one under the government spotlight.

 

Together with Carrasquillo, Jesse Gonzales of California and Michael Barone of New York were charged with serious offenses relating to the illegal capture and redistribution of Comcast, Verizon, Spectrum, DirecTV and Frontier Communications broadcasts. ‘Person 1’ and ‘others’ known to the authorities were described as participants in the scheme but none were listed as defendants.

Carrasquillo Pleads Guilty

With access to court records restricted, news of progress in the case had been limited. Then in early 2022, Carrasquillo suddenly announced a key development.

 

Urging others not to go down the same piracy path, the former IPTV provider said he would plead guilty to criminal copyright infringement, tax fraud, wire fraud, and other offenses.

 

Around a month later, the government filed a nine-count superseding indictment (pdf). Someone entered a plea on April 1, 2022, but what it contains is still unknown.

Barone Entered a Guilty Plea

Until this week, the same applied to a second plea entered August 16, 2022, but we can now confirm that on that date, Michael Barone pled guilty to Count 1 of the superseding indictment, which includes copyright infringement offenses under 17 U.S. Code § 506(1)(A) and 18 U.S. Code § 2319

 

Specifics include the willful reproduction of movies and other audiovisual works for commercial advantage and private financial gain, and circumvention of access controls under (17 U.S. Code § 1201(a)(1)A and 17 U.S. Code § 1204(a)(1)). Access device fraud and wire fraud are also included in a list that spans 18 pages.

Forfeiture and Sentencing

The government’s motion for forfeiture against Barone states that all property held by him that “constitutes or is derived from proceeds traceable” to the pirate IPTV scheme will be forfeited to the United States.

 

Given that the Gears operation reportedly generated in excess of $30 million, the amount to be forfeited by Barone is relatively low, just $122,402.50 according to court records.

 

Since the government is unable to locate any further assets, it’s assumed that Barone “dissipated or otherwise spent the proceeds that he obtained. If anything appears in the future, the government can take action, however.

 

The forfeiture order will take effect once Barone has been sentenced. In August 2022, a sentencing hearing for Barone was scheduled for late November 2022 but that doesn’t appear to have gone ahead.

 

In September 2022, sentencing hearings for Carrasquillo and Gonzales were scheduled for later this month, so it’s at least possible that all three will attend on the same date.

 

Documents related to the motion for forfeiture can be found here (1,2, pdf)

 

By offering free access to millions of ‘paywalled’ research papers, Sci-Hub is often described as “The Pirate Bay of Science”.

 

The site is used by researchers from all over the world, to acquire papers they otherwise have a hard time accessing. For some, Sci-Hub is essential for their work.

 

Major academic publishers such as Elsevier, Wiley, and American Chemical Society, view this rogue research library as a direct threat to their business model. This has resulted in several lawsuits, including two that were won by publishers through default judgments in U.S. courts.

 

Despite these court rulings and various site-blocking orders in other countries, Sci-Hub and founder Alexandra Elbakyan refuse to back down. On the contrary, the site has become a household name in many academic institutions, where open access to research carries more value than copyright protection.

Pirate Sites First?

A recent research paper confirms this preference while providing further insight into the prevalence of Sci-Hub use. The goal of the study is to find out if academics are willing to use pirate sites to bypass paywalled content and what their main motivations are.

 

The study (paywall), published in the peer-reviewed journal Information Development, shares the results of an international survey among more than 3,300 researchers. These academics come from a variety of disciplines, including STEM, social, and life sciences.

 

One of the main findings is that piracy is not the default option when people are confronted by a paywall. Finding an open-access version is the most common option, followed by asking colleagues from other institutions for a copy.

 

The use of shadow libraries, with Sci-Hub as the prime example, is the third most popular bypass. This makes it more popular than interinstitutional loans or paying for articles with one’s own money.

Majority Use Pirate Sites

While pirate sites may not be the first option for researchers trying to circumvent paywalls, it is fairly common. The researchers report that more than half of all respondents (57%) use or have used pirate sites to access research.

 

The main reason to go to Sci-Hub and other pirate portals is to bypass restrictions. However, the main motivation for nearly 18% of the self-proclaimed ‘pirates’ is that shadow libraries are easier to use due to the authentication systems deployed by legal alternatives.

 

Perhaps even more worrying for publishers is that 12% cite publishers profiting from academics as the main reason.

Growing Problem?

Looking at the demographics more closely, the researchers found that younger academics are more likely to use shadow libraries. The same applies to researchers at less wealthy institutions. This suggests that the problem isn’t going away anytime soon.

 

“[W]e found that younger researchers are keener to use piracy services. This might imply that younger scholars are incorporating pirate libraries as a natural element of their environment and information retrieval tools. However, their older colleagues are more reluctant to use such services.

 

“This finding might seriously impact the attitudes and landscape of scholarly information in the future,” the researchers add.

 

Of course, there are also plenty of researchers who never use pirate sites. Their main motivation is that shadow libraries are seen as unethical (46%) but a large percentage of scholars are simply unaware that these sites exist (36%).

 

All in all, the findings confirm that Sci-Hub and similar sites remain relatively popular. The research shows that legal options to bypass paywalls are preferred, but if those are not available, most researchers can find their way to pirate libraries.

 

—

 

Segado-Boj, F., Martín-Quevedo, J., & Prieto-Gutiérrez, J. (2022). Jumping over the paywall: Strategies and motivations for scholarly piracy and other alternatives. Information Development. https://doi.org/10.1177/02666669221144429

 

Over the past several decades, Sony has established itself as a leading player in the technology, music, film, and gaming industries.

 

The Japanese company hasn’t shied away from taking on the competition, but one adversary has proven particularly difficult to overcome; piracy.

 

Sony recognized this threat early on. At the Americas Conference on Information Systems in 2000, Sony Pictures Entertainment’s U.S. senior vice president Steve Heckler declared an all-out attack on piracy.

Whatever It Takes…

Responding to the Napster threat, which had just reached its peak, Heckler promised to take aggressive steps to tackle the online scourge.

 

“We will develop technology that transcends the individual user. We will firewall Napster at source — we will block it at your cable company, we will block it at your phone company, we will block it at your ISP. We will firewall it at your PC,” Heckler said.

 

This wasn’t an exaggeration. In the years that followed, Sony rolled out some rather aggressive technology, most notably the software exposed in the DRM rootkit scandal. After affecting millions of people, a mass recall of infected CDs and several class action lawsuits ensued.

 

Fast forward more than two decades and Sony is still fighting online piracy. The company hopes that cloud technology will eventually defeat piracy in the gaming sector, but on the video entertainment side, blocking may still be required.

 

As Heckler envisioned at the start of the century, Sony has since obtained various blocking orders around the world, requiring ISPs to block subscriber access to pirate sites. More recently, this effort was expanded to DNS resolvers with Sony’s lawsuit against Quad9.

Anti-Piracy Blacklist Patent

Interestingly, a new patent application suggests that Sony’s blocking vision is not limited to Internet providers. Once again, the company also wants to gain blocking powers on people’s media devices, including smart TVs.

 

The proposed patent, titled “Anti-Piracy Control Based on Blacklisting Function,” describes a technology to ban third-party applications that allow users to access pirated content. These illicit apps will be detected on consumer hardware through the use of monitoring software, which in turn will form part of an operating system.

 

“The monitor application has system privileges to examine the code and execution of the third-party application installed on the electronic device,” Sony writes.

 

Banning Pirate Apps

Sony details several scenarios where the patent can be useful, including one where streaming devices allow users to install unvetted apps. Another envisions intervention when people try to sideload apps that are banned by official stores such as Google Play.

 

“Some of these third-party applications may include pirate applications that may acquire content from rogue websites to stream pirated content onto the streaming device,” the patent description reads.

 

“In such scenarios, the pirate applications may provide premium content to the streaming device without authorization, and may subvert the services of legitimate content providers,” Sony adds.

 

The full patent application goes into detail on various techniques the monitoring software could use to detect and block apps. Monitoring external network sources accessed by apps, for example, or directly inspecting an app’s code.

 

Whether Sony is actually working on a project to be rolled out in the real world is unknown. However, the patent clearly shows that online piracy has yet to be ‘rooted’ out so it remains a serious concern for the company.

 

—

 

A copy of the patent application titled “Anti-Piracy Control Based on Blacklisting Function” is available here (pdf)

 

If you purchased a new car in the past few years, chances are good that it contains at least one embedded modem, which it uses to offer some connected services. The benefits, we've been told, are numerous and include convenience features like interior preheating on a cold morning, diagnostics that warn of failures before they happen, and safety features like teen driver monitoring.

 

In some regions, connected cars are even mandatory, as in the European Union's eCall system. But if these systems sound like a potential security nightmare, that's because they often are. Ars has been covering car hacks for more than a decade now, but the problem really cemented itself in the public consciousness in 2015 with the infamous Jeep hacking incident, when a pair of researchers proved they could remotely disable a Jeep Cherokee while it was being driven, via an exploit in the SUV's infotainment system. Since then, security flaws have been found in some cars' Wi-Fi networks, NFC keys and Bluetooth, and in third-party telematics systems.

 

Toward the end of 2022, a researcher named Sam Curry tested the security of various automakers and telematics systems and discovered security holes and vulnerabilities seemingly wherever he looked. Curry decided to explore the potential holes in the auto industry's digital infrastructure when he was visiting the University of Maryland last fall after playing around with an electric scooter's app and discovering that he could turn on the horns and headlights across the entire fleet. After reporting the vulnerability to the scooter company, Curry and his colleagues turned their attention to larger vehicles.

 

Curry said:

 

We brainstormed for a while and then realized that nearly every automobile manufactured in the last five years had nearly identical functionality. If an attacker were able to find vulnerabilities in the API endpoints that vehicle telematics systems used, they could honk the horn, flash the lights, remotely track, lock/unlock, and start/stop vehicles, completely remotely.

 

The researchers found extensive problems with 16 OEMs, telematics services like LoJack, new digital license plates, and even Sirius XM radio.

Remote services

Armed with nothing more than a vehicle identification number, the hackers were able to access the remote services for cars from Acura, Honda, Infiniti, Kia, and Nissan, including locating and unlocking the cars, starting or stopping the engines, or honking the horns. It was also possible to take over a user's account with a VIN, and in Kia's case, the researchers could even access live parking cameras on a vehicle.

 

Genesis and Hyundai vehicles were similarly exploitable, albeit with an owner's email address instead of a VIN. Porsche vehicles were also susceptible to a telematics vulnerability that allowed Curry to locate a vehicle and send it commands.

Telematics exploits

The telematics company Spireon—which provides services like LoJack—had multiple security holes that allowed the hackers to gain "[f]ull administrator access to a company-wide administration panel with [the] ability to send arbitrary commands to an estimated 15.5 million vehicles (unlock, start engine, disable starter, etc.), read any device location, and flash/update device firmware," Curry said. As a proof of concept, Curry and his colleagues "invited ourselves to a random fleet account and saw that we received an invitation to administrate a US Police Department where we could track the entire police fleet," he said.

 

Digital license plates recently approved for use in California were also exploitable. Curry discovered that he could gain super admin access and manage all user accounts and devices, including tracking the cars and changing the messages displayed on the e-ink license plates.

As an employee of Simon & Schuster, London-based Filippo Bernardini would’ve been expected to act in the interests of the publishing sector. According to a federal indictment unsealed early 2022, that was certainly not the case.

 

Between August 2016 and July 2021, Bernardini used his insider knowledge as a rights coordinator to execute an audacious plan that would see him obtain more than a thousand pre-release manuscripts of novels and other unreleased books.

 

Following his arrest by the FBI, after touching down at John F. Kennedy International Airport last January, the Department of Justice revealed an extraordinarily complex operation that relied on deception and Bernardini’s knowledge of the publishing world.

Unpicking Pre-Release Content Security

In all entertainment industry sectors, content being prepared for general release is closely guarded. Unfinished works leaking out to the public can wreak havoc on everyone involved, from authors and publishers to interested parties in film and other secondary markets. Bernardini understood that and went ahead anyway.

 

U.S. authorities said that Bernardini registered more than 160 domain names that masqueraded as real entities and individuals in the publishing sector. Talent agencies, publishing houses, and literary scouts had their names carefully mimicked in domains with subtle typographical errors, not unlike those deployed in phishing operations.

 

Supported by those domains, Bernardini created email addresses in the names of real people who worked at the entities he mimicked, and used them to contact authors, managers, agents, publishers, and editors. When he solicited copies of unpublished books, novels and other content, targets believed they were speaking to someone in a position of trust.

Impersonated Hundreds of People

Emails recovered by the authorities revealed that Bernardini had impersonated hundreds of people across hundreds of attempts to obtain electronic copies of unreleased content. Some unsuspecting targets were lured to fake websites where they entered their usernames and passwords, only to have them phished and subsequently used by Bernardini in furtherance of his scheme.

 

In the wake of his arrest, the Italian citizen pleaded not guilty to several charges, including obtaining property under false and fraudulent pretenses and aggravated identity theft. Another charge – causing valuable and unpublished literary manuscripts to be sent and received by wire – carried the prospect of a 20-year prison sentence.

Bernadini Pleads Guilty

On January 6, 2023, a flurry of court filings, including superseding information from the prosecution (pdf), a waiver of indictment (pdf), and Bernardini’s consent to proceed before a magistrate judge (pdf), signaled a change of direction for the Italian.

 

Filippo Bernardini pled guilty to one count of wire fraud in connection with his multi-year scheme, through which it’s now claimed he obtained more manuscripts than the hundreds announced earlier.

 

“Filippo Bernardini used his insider knowledge of the publishing industry to create a scheme that stole precious works from authors and menaced the publishing industry,” says U.S. Attorney Damian Williams.

 

“Through impersonation and phishing schemes, Bernardini was able to obtain more than a thousand manuscripts fraudulently. I commend the career prosecutors of this Office as well as our law enforcement partners for writing the final chapter to Bernardini’s manuscript theft scheme.”

 

The now 30-year-old has agreed to pay restitution of $88,000 and is scheduled to be sentenced before U.S. District Judge Colleen McMahon on April 5, 2023.

 

Offering pirate streaming services is a serious offense in the UK, where several vendors have received multi-year prison sentences in recent history.

 

These sentences haven’t deterred others from following in their footsteps. Illegal access to paid sports and TV content remains readily available, with vendors and operators profiting from these unauthorized subscriptions.

 

Last month, anti-piracy group FACT announced that one of these IPTV operations had been disrupted. Worcester Trading Standards officers, helped by West Mercia Police, FACT and BT, seized a variety of equipment and identified a main target.

Knocking on Pirates’ Doors

The alleged operator of the service now faces a criminal prosecution which, as we’ve seen in other cases, may lead to a serious sentence. More surprising, perhaps, is the fact that subscribers are in the crosshairs too.

 

This month, FACT and police will pay home visits to people who used illegal streaming services. These people, more than 1,000 in total, were presumably identified following last month’s raids by West Mercia Police.

 

The raided service offered modified streaming boxes, Firesticks, and subscriptions. While details are scarce, those targeted were identified as users of the service through administrative records.

 

This month, some of them will receive a knock on the door, paired with an in-person warning notice.

 

“Throughout January, FACT and police are visiting homes across the UK, serving notices to individuals to cease illegal streaming activities with immediate effect and informing users of the associated risks, which include criminal prosecution,” FACT writes in a press release.

 

These home visits will undoubtedly have a deterrent effect but how many of the 1,000+ identified users will be visited remains unknown.

 

Responding to a request for clarification, FACT informed TorrentFreak that the plan is to reach out to all subscribers. However, some will receive an email instead of a knock on the door.

 

The home visits are scheduled to begin tomorrow in North East England, followed by Wales, North West, West Midlands, South East and London, up until January 24.

Prison Sentences for Pirate Viewers?

The overall theme of the announcement is that consumers of pirated streams are far from innocent. According to FACT, the unauthorized activity can even lead to lengthy prison sentences.

 

“In 2021, two individuals, Paul Faulkner and Stephen Millington were sentenced to a total of 16 months in prison for watching unauthorised streams,” FACT notes.

 

While it’s certainly true that consuming pirated streams is against the law, the cited convictions were not just for the “watching” part.

 

Millington, for example, also developed the pirate Kodi addon Supremacy, while Faulkner operated pirate IPTV service TV Solutions. Both also earned significant revenue through these illicit operations.

No Prosecutions Planned

Of course, any prison sentence should be sufficient to send a clear message to casual streamers. But in the event potential prison sentences aren’t enough of a deterrent, in their notices FACT and police also mention malware, viruses and scams as pirate streaming risks.

 

Technically, rightsholders could also choose to set an example by taking one or more of the subscribers to court, but that is not in the planning here.

 

“No, we are not planning any prosecutions during this initiative, the notice explains that a criminal offense may have been committed and that to date two people in the UK have been convicted of that offense,” FACT tells us.

 

An interesting feature of copyright law is its tendency to lag behind the times while new technology races ahead and exploits its numerous ‘loopholes’.

 

One of the most famous loopholes was ‘exposed’ when streaming overtook BitTorrent to become the delivery method of choice for millions of video-oriented pirates. Most people understood the risks associated with uploading copyrighted content, not least since the word ‘distribution’ is clearly defined in law.

 

But with streaming, no significant uploading takes place and, just as importantly, no copies of movies or TV shows are made on users’ machines. So, if that wasn’t illegal, how could it be illegal to sell someone a piracy-configured set-top box to consume content in a manner that didn’t break the law?

BREIN Takes on Wullems

Jack Frederik Wullums sold set-top boxes, some of them through his site Filmspeler (Filmplayer). He pre-installed Kodi and a selection of addons on the devices which enabled customers to access pirated copies of movies, TV shows, and live TV. Even though Wullums had no control over what those addons did, Dutch anti-piracy group BREIN insisted that his actions were illegal.

 

The case went all the way to the Court of Justice of the European Union, which ultimately revealed another interesting feature of copyright law – its ability to accommodate situations that were never envisioned at the time and then close all perceived loopholes.

Illegal Streams Are Illegal

The CJEU said that since copyright holders hold exclusive rights to authorize “communication to the public,” that right was breached when Wullems knowingly modified his ‘Filmspeler’ devices to enable direct access to illegal copies of copyrighted works, for profit.

 

The idea that the transitory nature of streams qualified for protection under Article 5 of the InfoSoc Directive was also dismissed, in part because the pirate movies and TV shows were (surprise) pirated and therefore undermined the legitimate market.

 

The final ‘loophole’ was shut down when the CJEU determined that when users of set-top boxes make unlawful use of copyrighted works, that is also illegal (pdf). And with that, BREIN had the authority to target all players in the pirate IPTV market.

BREIN Has Targeted 370 IPTV sellers since ‘Filmspeler’

In a roundup published this week, BREIN reveals that in 2022 alone, it tracked down and identified 19 suppliers of pirate IPTV subscriptions, before dealing with them under civil copyright law. Since the ‘Filmspeler’ decision in 2017, BREIN says it has targeted around 370 IPTV sellers/providers, with cases usually involving settlements of tens of thousands of euros.

 

“Just last month, the court in Arnhem sentenced a Dutchman living in the Dominican Republic to pay BREIN more than 25,000 euros in costs,” the anti-piracy group notes, adding that when it comes to IPTV pirates, size doesn’t really matter.

 

“BREIN does not limit itself to just the big fish, even small fry that think they are getting a piece of the pie don’t avoid danger,” says BREIN director Tim Kuik.

Small Fines For Small Traders Prepared to Go Straight

As an example, BREIN says that it recently contacted an online trader about his illegal sales. He agreed to pay a relatively small settlement of 500 euros. On top, BREIN likes to ensure that there’s no return to the illicit market.

 

The declaration of abstention signed by the seller to get BREIN off his back contained a clause allowing for fines of 1,000 euros per day for repeat offending – or a 500 euro fine for every single hyperlink to infringing content offered to the public.

Criminal Prosecutions Always On The Table

In addition to clarifying liability under civil copyright law, the Filmspeler decision also smoothed the way for prosecutions under criminal law.

 

In the years that followed, IPTV sellers, providers, and other players acting at scale in the unlicensed streaming market were targeted in the UK, Denmark, France, and the Czech Republic, among others. BREIN says that option remains open in the Netherlands but is considered a last resort.

 

“Intentional copyright infringement through the sale of illegal IPTV subscriptions is punishable as a crime. BREIN does not exclude the possibility that it will file a report in the event of recidivism or large-scale organized trafficking,” BREIN says.

 

“The policy of the government, however, is that the rights holders themselves are primarily responsible for enforcing their rights. They have set up the BREIN foundation for this purpose. Criminal law is the last resort.”

 

Classic videogame Mortal Kombat has won the hearts and minds of multiple gaming generations over the last 30 years.

 

Developed by Midway Games, the second release of the fighting game made its debut in arcade halls back in 1993. Ports were later released for multiple home platforms, including MS-DOS, Game Boy, SNES, and PlayStation.

 

The releases were a big hit for American game developer Midway but couldn’t prevent the company from going under. After several financial setbacks, Midway eventually filed for bankruptcy, with Warner Bros. picking up the assets.

 

These assets included Mortal Kombat’s source code and all the copyrights that come with it. Those rights were taken over by the newly founded Warner Bros. subsidiary NetherRealm Studios, which continues to release Mortal Kombat titles to this day.

‘Mortal Kombat II’ Source Code Leak

Warner Bros. and NetherRealm are not solely focused on new content, they’re very protective of historical rights as well. That became apparent over the past few days after the 1993 source code for Mortal Kombat II leaked online.

 

The leak was met with excitement by gaming history fans, who discovered unused artwork and an early or alternative storyline.

 

The files in question were posted to a GitHub repository by the user account ‘Historical Source,’ which has leaked many other game assets in the past. While many of those remain online, Warner Bros. was quick to object.

DMCA Notice

A Warner Bros. Discovery employee sent a DMCA notice to GitHub, asking the developer platform to remove the leaked files posted by ‘Historical Source’.

 

Specifically, the notice claims that the files infringe the intellectual property rights of “The Mortal Kombat series of video games, and all names, characters, logos and original source code”.

 

The request was successful. People who try to access the repository today will see a message from GitHub explaining that the files were removed in response to a DMCA takedown notice.

Retaliate?

The swift removal was a disappointment to classic games fans who were eager to browse through the historical artifacts. That said, Warner Bros. does own the rights, so ultimately gets to decide what happens with its content.

 

Historical Source must be quite displeased as well. While we haven’t seen a public response to the DMCA notice, a new repository that was published by the same user, shortly after the takedown, is quite telling.

 

The repository is titled “not-mk2” but instead of reposting the leak, it simply contains a copy of a Wikipedia entry, discussing complaints of gender discrimination and a toxic workplace at NetherRealm. These complaints first emerged three years ago following the release of Mortal Kombat 11.