In 2023, Lithuania amended its Code of Administrative Offenses, allowing media watchdog LRTK to fine pirates, without going to court.

This legislative change was specifically designed to deter piracy in the European country. With potential fines on the line, pirates would reconsider their habits, the idea was.

Tracking Torrent Tracker Pirates

Over the past two years, dozens of fines were handed out. The targets were mostly first-time offenders who received the minimum fine of 140 euros. For repeat offenses, however, fines can potentially reach 850 euros.

What makes these fines stand out is that LRTK predominantly targets users of the private torrent trackers Linkomanija and Torrent.lt. These are two of the most-visited pirate sites in the Eastern European country.

The media watchdog does not only target local piracy communities; it also focuses on protecting locally produced media. In a recent announcement, LRTK notes that, this year, it fined more than 30 people who shared a copy of the film “ Pietinia Kronikas ” (The Southern Chronicles).

These targets are again linked to the Linkomanija and Torrent.lt torrent trackers, and ten of them were fined in November, suggesting an increase in enforcement activity.

In most cases, the suspects were fined in their absence, as they failed to respond to inquiries from the media watchdog.

“The LRTK contacted the violators in writing, requesting explanations and inviting them to participate in the investigation of the administrative offense. However, the majority of individuals did not respond to the invitations and failed to appear for the investigation,” LRTK writes.

From 250+ Blocked Domains to Malware Threats

In addition to targeted fines, the regulator is also expanding its site blocking efforts. According to new figures, LRTK blocked more than 700 IP addresses and 250 domain names linked to pirate sites in 2025 alone.

Andrius Katinas, Head of the Supervision Division at LRTK, admits that while piracy activity has decreased, it remains a significant problem. Therefore, the regulator is adding a “consumer safety” narrative by warning that pirate sites are linked to malware and other cyber threats.

In a report by local news outlet Delfi, the watchdog links pirate sites to data theft, malicious software, ransomware, stolen credit cards or bank details, compromised accounts, and hacked social media.

“These cases constantly happen,” Katinas warns. “Individuals who lost access to their personal or work accounts often receive offers to recover them for a ransom, are threatened with the publishing of compromising content, or are otherwise manipulated.”

Changing Piracy Rates?

There is no silver bullet to stop piracy. While site blocking, fines, and awareness campaigns have some effect, some people continue to return to pirate sites. That includes the heavily targeted Linkomanija and Torrent.lt trackers.

Historically, piracy rates have always been high in Lithuania, but, according to LRTK Chairman Mantas Martišius, piracy is now clearly on the decline.

Martišius notes that enforcement has paid off. Importantly, however, the economic situation in Lithuania is improving, so people now have the opportunity to spend money on legal platforms and services.

All in all, LRTK is adamant that its efforts to curb piracy are paying off. That becaome apparent earlier this year when the watchdog publicly criticized data reported by piracy tracking firm MUSO, stressing that “Lithuania is no longer the leader in piracy”.

From: TF , for the latest news on copyright battles, piracy and more.

While Australia’s site-blocking mechanism has made few enemies since 2018, it hasn’t been known for being fast.

As discussed earlier this year , accuracy has traditionally been favored over speed, which is contrary to less cautious approaches taken in other countries.

After an unprecedented request and cooperation from the Federal Court, Australia will now step up several gears and show whether it can achieve both.

Not Just Another Blocking Order

When Justice Halley handed down his order in Universal City Studios LLC v Telstra Limited [2025] FCA 1390 on November 12, in most respects it was much like any other issued in recent years.

Member studios of the MPA – Universal, Disney, Paramount, Columbia, Warner Bros., Netflix and Apple (plus Viacom) requested an injunction under Section 115A of the Copyright Act, requiring around 50 local ISPs (operating as Telstra, Optus, Vocus, TPG Telecom, Aussie Broadband and Superloop) to block 52 overseas-based pirate streaming sites.

The copyright works applicants aim to protect necessarily play a key role in blocking proceedings. The difference in this case was the emphasis placed on the Universal Pictures movie Wicked: For Good and its inevitable appearance on high-traffic sites using familiar branding: HydraHD, Hurawatch, Braflix, Soap2Day, MyFlixer, HiAnime, OnionPlay, 123movies, SolarMovies, Gomovies, Fmovies – the list goes on……and on.

With Wicked: For Good ‘s international release scheduled for November 17, Australian ISPs agreed to take all reasonable steps to disable access to 23 sites as a matter of urgency, with the remaining 29 to be blocked within the usual span of 15 business days.

In order to have a fighting chance against adaptable piracy platforms, a dynamic blocking order was issued, meaning that new domains and IP addresses could be added to deal with the inevitable countermeasures. Under normal circumstances, that can take time but for Wicked: For Good ‘s theatrical release in Australia, time was already running out.

Additional Urgent Access Means

Less than two weeks after handing down the initial order, Justice Halley was handing down a second. Dated November 25, the order reveals that studios filed an urgent application for an order to tackle countermeasures deployed by the sites.

Operating from new domains, described in the order as “Additional Urgent Access Means”, the sites were already illegally distributing Wicked: For Good which was set to continue playing in theaters in Australia until the end of 2025.

New domains, IP addresses, and/or URLs are normally reported by rightsholders to the ISPs, who are then expected to respond within seven working days. If neither the respondent nor the court requires the matter to be relisted, the ISPs have a further 15 working days to disable access.

The prospect of the movie being distributed unhindered for free until Christmas Eve was considered unacceptable.

Urgent Additional Blocking Order

On November 28, just over two weeks after handing down the initial blocking order, Justice Halley authorized a second.

In response to the studios’ calls for urgency, Universal City Studios LLC v Telstra Limited [2025] FCA 1485 targeted the ‘Additional Urgent Access Means’ (new domain names/IP addresses/URLs) deployed by the sites to circumvent the previously implemented blocks.

The court recognized that standard procedures, which require notification and then a response period, would allow the sites to operate unhindered for at least 22 days.

“This would have the consequence that those sites would remain accessible for the majority of the theatrical release period for the film ‘Wicked: For Good’ which would have the likely effect of reducing the commercial success of the film as infringing copies of the film would be available without charge from the Additional Urgent Access Means,” Justice Halley noted in his order.

Rapid Response

To combat this, the new order required the ISPs to disable access to the new means of access, whether domain names, IP addresses, or URLs, by 4.00 pm on Friday, November 28, 2025. As far as we’re aware, a response time this short is unprecedented in Australia.

The ability to quickly respond to blocking countermeasures is crucial. For Australia, this is new territory but shouldn’t be unnecessarily difficult. However, as months of delay have decreased to weeks and now just days, rightsholders elsewhere in the world – especially in the live sports arena – still aren’t satisfied, even when blocking takes place within hours. In some areas, rightsholders consider 10 minutes to be reasonable.

Under those demands, Australia’s traditional accuracy would face challenges, with or without a reduction in overall piracy rates. Right now, despite aggressive worldwide blocking measures, piracy continues to trend up.

The orders dated November 12 and November 28 are available here and here

From: TF , for the latest news on copyright battles, piracy and more.

A report published by the European Commission last month assessed whether its Recommendation of May 2023 had made a difference in the fight against pirated streams.

No significant improvement ” was the downbeat conclusion.

From the perspective of top-tier Spanish football league, LaLiga, new legislation is the only workable solution, and it needs to be implemented in Europe, sooner rather than later.

LaLiga Claims to Have Slashed Piracy in Half, Give or Take

At the same time as urgently calling for new legislation, LaLiga claims to have reduced piracy of its content in Spain by as much as 60% . This was achieved under existing legislation for the season that concluded at the end of the summer. A 40% reduction, the lower figure previously cited by LaLiga, would still be unprecedented.

Yet, in the context of LaLiga’s court-ordered authority, which permits aggressive blocking of almost any site or service facilitating access to pirate streams of its premium content, such results are not absolutely impossible, at least in measured short bursts. LaLiga regularly laments Cloudflare’s refusal to prevent piracy platforms from using its services and for every week that remains the case, Cloudflare IP addresses – utilized by pirates and regular customers alike – are blocked by Spanish ISPs.

LaLiga reports that in May 2025, 38% of piracy involving LaLiga content “was distributed through Cloudflare’s infrastructure.” So at least on paper and without considering circumvention and other factors, aggressive yet effective blocking of Cloudflare would in theory be sufficient to claim a ~40% reduction in piracy rates.

The problem, which has thus far proven impossible to solve, is how blanket denial of service to piracy platforms can be executed without subjecting innocent parties to the same fate.

Internet Private Security Guard

As Head of Web Application Protection at DDoS-Guard , a Russian Internet company providing protective online services, Dmitry Nikonov understands the importance of connectivity. Operating in broadly the same market as Cloudflare, DDoS-Guard has been paying close attention to the events playing out in Spain.

LaLiga’s legal authority allows it to block Cloudflare and in the event that DDoS-Guard’s services also become a concern, there would be no legal barrier to prevent it from being treated in much the same way. The consequences of non-compliance seem to have alarmed Nikonov.

“This is happening right now, in the fall of 2025, and the scale of this phenomenon is astonishing. It seems LaLiga is beyond control,” Nikonov writes in a column for Forbes Russia .

“LaLiga can essentially apply a ‘piracy’ mask to entire ranges of addresses, often affecting endpoints that are not directly related to illegal broadcasts.”

‘Private Regulation’ of the Internet

Nikonov believes the authority delegated to LaLiga should serve as a wake-up call for the global internet. He says that the authority to interfere with internet functioning has elevated the company to a powerful position; the big question is whether anyone can do anything about it.

“LaLiga is becoming a private regulator: not a state or an independent regulator, but a commercial organization that has delegated authority to interfere with network infrastructure. Football matches have become the pretext for a large-scale experiment on the internet, testing whether there is anyone to protect its freedom,” Nikonov says.

“If the football league has such powers today, then nothing will stop other major players from acquiring them tomorrow. We’re talking about media holdings, streaming companies, and corporations for whom content is not entertainment, but a source of profit.”

Trade Barriers, No Legal Recourse

In a late October submission to the 2026 National Trade Assessment Report, Cloudflare warned the Trump administration that Spanish courts allow rightsholders to request “overbroad court orders” that cause collateral damage affecting tens of thousands of legitimate websites.

Since the Spanish government has chosen not to intervene, and “no judicial opportunity for remedy” currently exists, Cloudflare said that creates “significant trade barriers between the countries.”

Nikonov uses similar terms to those used in a Cloudflare-commissioned report released in the summer . “The internet will become fragmented,” he says, before reminding readers that state institutions won’t be responsible, but commercial organizations shielded by government.

“This scheme avoids public debate (the Spanish parliament refused to consider the issue, citing a court ruling) and instead considers the proportionality of the measures. Under the guise of copyright protection, a tool is emerging that allows commercial players to directly influence the accessibility of parts of the internet, bypassing legal proceedings.

“Access to resources will be determined not by technical standards, but by the interests of private corporations with administrative resources,” he warns.

More Powerful Tools Than Previously Reported?

Nikonov suggests that more powerful tools are being deployed in Spain, beyond simple DNS blocking. He claims that a key role belongs to the National Telecommunications Market Commission (CNMC), which, at the behest of LaLiga issues “mandatory directives” to all Spanish ISPs, urging “the fastest possible compliance.”

“[This] effectively forces them to implement DNS and BGP filtering. Border Gateway Protocol is the primary dynamic routing protocol on the internet,” he continues.

A phrase often used to convey the importance of BGP is simple but effective: BGP is the glue that holds the internet together . That’s not overblown or alarmist ; but some would argue that meddling with it is.

“As a result, telecom operators are becoming the enforcers of state anti-piracy policies. What we’re facing is no longer an isolated failure, but a testing of a model that sets a precedent for new internet governance — a private corporation, through the regulator, gains de facto access to leverage over network infrastructure.”

Regulation and Using the Same System For ‘Something Else’

It’s possible that at some point there will be calls for site blocking to be regulated, but according to Nikonov, some may welcome that with open arms.

“[M]odern digital ecosystems are structured in such a way that anyone who gains access to regulatory levers automatically gains power over the infrastructure used by millions of people. In other words, the internet today is no longer a distributed network, but a set of control points, each of which becomes a juicy target,” he notes.

“And if today this point is used to protect football broadcasts, tomorrow it will be used for something entirely different.”

From: TF , for the latest news on copyright battles, piracy and more.

The Supreme Court case between several major record labels and Internet provider Cox Communications is one of the landmark copyright battles of this decade.

The outcome will determine how Internet providers should deal with pirating subscribers on their networks.

The Supreme Court must decide whether an ISP can be held liable for failing to disconnect repeat copyright infringers. In addition, it must determine if this ‘inaction’ amounts to willful copyright infringement, even if the ISP wasn’t aware that its specific conduct was illegal.

Supreme Court Hearing

Yesterday, the Supreme Court heard oral arguments in the case, grappling with these questions for nearly two hours. The justices critically questioned all sides in their effort to form a final opinion.

Cox’s attorney, E. Joshua Rosenkranz, began by arguing that it would be a dangerous expansion of the law to hold an ISP liable for the actions of its subscribers.

He argued that under the “purpose” standard, liability should only apply if an Internet provider takes “affirmative steps” to facilitate copyright infringement. For example, by advertising piracy services.

Rosenkranz added that, under the record labels’ theory, Cox would be liable for failing to take action against alleged crimes. That would essentially turn ISPs into the “Internet police” with devastating consequences.

“[T]he consequences of Plaintiffs’ position are cataclysmic,” Rosenkranz said, noting that universities, hospitals, and entire towns would risk being disconnected from the Internet.

“Turning Internet providers into Internet police for all torts perpetrated on the Internet will wreak havoc with the essential medium through which [the] modern public engages in commerce and speech,” Rosenkranz added.

The “Gun Dealer” Analogy

At the hearing, several justices seemed skeptical of Cox’s claim that inaction is fine. Justice Sonia Sotomayor was particularly aggressive, stressing that Cox could know exactly which subscriber accounts were infringing but simply opts to do nothing.

To illustrate her point, Justice Sotomayor challenged Rosenkranz with a vivid analogy.

“If I’m a gun dealer and I’m selling to someone who says to me, ‘I’m going to kill my wife with this gun,’ I think the common law would say you knew what he was going to do with the gun; you joined in. Why isn’t your continuing to provide Internet service the same?”

Cox’s attorney responded by noting that, unlike a murder weapon, an internet connection has substantial legal uses. However, the challenges were not over yet.

Justice Ketanji Brown Jackson continued to test Cox’s theory that “inaction” does not create liability. She presented an even more extreme hypothetical scenario featuring an addicted infringer.

“Suppose I come to you and I want to buy your services. I tell you that I as a customer am addicted to infringing on the Internet. I’ve been sued before. I know what I’m doing is illegal, but I just keep doing it. And not only that, Cox, based on where I live, is my only option.”

Rosenkranz replied that even in that extreme scenario, selling internet access would not create liability for Cox, adding that the music companies or other rightsholders could sue this hypothetical piracy addict instead.

The “Meaningless” Safe Harbor

Representing the record labels, attorney Paul Clement stressed that Cox was not an innocent bystander but a “willfully blind” party that profited from piracy. He pointed to Cox’s internal communication, in which employees expressed contempt for the law, including a now-infamous “f*** the DMCA” email.

The attorney, backed by Justice Kagan, argued that Cox’s legal theory is fatally flawed. If an ISP can never be liable without taking affirmative steps to encourage piracy, then the DMCA’s “safe harbor” would be unnecessary.

“Why would anybody care about getting into the safe harbor if there’s no liability in the first place?” Justice Kagan asked. And after follow-up questioning, Cox’s attorney agreed that the safe harbor is not doing anything under their suggested liability rule.

“Mass Evictions” & “BitTorrent Throttling”

While Cox was grilled on the ‘inaction’ vs. ‘intent’ issue, the record labels faced tough questions over the requested Internet disconnections. Justices Alito and Gorsuch appeared concerned that the record labels’ liability standard would force ISPs to disconnect thousands of innocent people.

Justice Alito specifically asked attorney Clement how an ISP is supposed to respond to repeated piracy notices if their customer is a university with 50,000 students.

Clement argued that ISPs and rights holders could simply “have a conversation” to resolve such issues, a suggestion Cox’s attorney later dismissed as a “terrible answer” for a company facing “crushing liabilities”.

Since it is impractical for a university to be disconnected from the Internet, or for a university to disconnect thousands of students, the record labels’ attorney suggested that bandwidth throttling could also be a viable anti-piracy measure.

“I don’t think it would be the end of the world if universities provided service at a speed that was sufficient for most other purposes but didn’t allow the students to take full advantage of BitTorrent. I could live in that world,” Clement answered.

U.S. Government Backs Cox

The U.S. Government appeared as an amicus curiae and largely supported Cox’s legal interpretation. Deputy Solicitor General Malcolm Stewart urged the Court to adopt a strict “purpose” requirement, arguing that unless an ISP provides “targeted assistance” specifically to pirates, it shouldn’t be liable for the actions of subscribers.

Stewart warned the Justices that expanding liability beyond this “purpose” test would be dangerous. He argued that forcing ISPs to disconnect allegedly pirating subscribers would clash with the essential role the internet plays in society.

“The approach of terminating all access to the Internet based on infringement… seems extremely overbroad given the centrality of the Internet to modern life and given the First Amendment,” Stewart told the Court.

What’s Next?

The Supreme Court now has to decide whether the $1 billion verdict will stand, or if the case will get a do-over at the lower court.

If the court sides with the record labels, ISPs across the United States will continue to need strict “repeat infringer” termination policies to avoid legal liability. If Cox wins, rightsholders will have a hard time holding ISPs liable for pirating subscribers.

The justices are expected to cast their preliminary votes in a private conference later this week, but a final written opinion is not expected before the summer of 2026.

—

A copy of the oral arguments hearing transcript and the audio is available at the Supreme Court’s website .

From: TF , for the latest news on copyright battles, piracy and more.

After years of uncontrolled piracy, in 2019 authorities in Brazil teamed up with ICE and the US Department of Justice to launch Operation 404.

Described as a “milestone” for Brazil’s momentum in the fight against piracy, it was revealed that with assistance from overseas, 136 websites and 100 apps had been put out of action, either by domain suspension or site blocking measures.

Local agencies and anti-piracy groups including ANCINE (National Film Agency) and the National Council for the Fight Against Piracy (CNCP), were pleased with their work, although it was far from done.

Operation 404.1 Was Only the Beginning

Named after the well-known HTTP error indicating a currently unavailable website, Operation 404 would need to build on its early momentum. To understand the scale of the challenge, one only has to look at one of the earliest targets, Futemax, which remains active today despite years of blocks.

For the past six years, authorities and rightsholders in Brazil have continued to add Futemax-branded domains to Brazil’s secretive blocklist.

Whether Futemax, FutemaxHD, FutemaxBR or FutemaxTV variants, the domain-blocking Whac-A-Mole has seen commitment from both sides. At the time of writing, over 360 of these domains appear on the list, presumably at least some in connection with subsequent waves of Operation 404, which have generally taken place on an annual basis since 2019.

Ministry of Justice Announces 404.8

Brazil’s Ministry of Justice and Public Security (MJSP) announced that phase Operation 404.8 was ‘carried out’ November 27, without clarifying that only a relatively small number of events and achievements presented to the media actually took place on that day. This approach to presentation has persisted from 404.1 to the present day but the volume of work as reported only really makes sense as part of a longer timeline.

In common with 404.5 (March 2023), 404.6 (November 2023) and 404.7 (September 2024), this year the Ministry reported an international effort in which local authorities collaborated with partners from Argentina, Ecuador, Paraguay, Peru, and the United Kingdom.

This was Ecuador’s first direct appearance within Operation 404 but for the United States government, which has provided significant support right from the very beginning, there was no direct involvement.

The Ministry says that along with representatives from Mexico, the role of the U.S. Department of Justice and Department of Commerce was to observe, in order to “learn about the methodology used in combating digital piracy.”

Much to Observe

The MJSP said a total of 44 search and seizure warrants were executed, which includes four preventive arrest warrants and three arrests in flagrante delicto in various Brazilian states. The Ministry says the aim was to identify and hold accountable the operators and various individuals behind an unspecified number of “pirate platforms.”

“Audio and video content, such as games and music, were removed,” the Ministry continued. “There was also the blocking and suspension of 535 websites and one illegal streaming application, in addition to the removal of thousands of pirated materials from repositories and social networks. In this phase, the focus broadened to reach the financing and monetization structures of these illegal services.”

In common with previous phases, the Ministry reported collaboration with local federal agencies. They include the National Telecommunications Agency (Anatel) and the National Film Agency (Ancine), both of which are actively involved in having pirate websites blocked by local ISPs.

That raises questions over Brazil’s broader site-blocking regime that receives very little attention.

Operation 404 Blocking is a Fraction of Overall Blocking

On face value, the number of pirate domains blocked under Operation 404 is publicly reported. Given tendencies seen in the past, that include conflating the number of sites blocked with the number of domains, the overall figures may or may not provide a reasonable account of events on the ground.

Refusal to reveal exactly which platforms have been targeted are compounded by the secrecy surrounding Brazil’s primary blocklist, which is restricted and certainly not open for scrutiny. The same applies to the many orders handed down by judges that provide it with constant fuel.

The table below covering Operation 404.1 to 404.8 inclusive, suggests that since 2019, just over 3,000 ‘pirate’ domains have been blocked on copyright grounds as part of Operation 404.

Yet the country’s master blocklist currently contains over 30,000 entries. Since it also contains gambling site domains, the full list can’t be attributed purely to pirate sites.

Nevertheless, the number of sites/domains publicly declared as blocked is clearly just a drop in the ocean. Or, rather, it appears to be; for the last six years no domains have been mentioned in connection with Operation 404 blocking, which effectively rules out fact checking.

Even access to the list of blocked domains is quickly of limited use. Without all-important context, it’s ultimately just a big list of domains.

—————–

Operation 404 receives cooperation from the following agencies, organizations, rightsholders, and anti-piracy partners:

[UK] City of London Police – Police Intellectual Property Crime Unit (PIPCU)
[UK] Intellectual Property Office (IPO),
[USA] U.S. Department of Justice
[USA] Department of Commerce
[Peru] National Institute for the Defense of Competition and the Protection of Intellectual Property (INDECOPI)
[UK] English Premier League
[Spain] LaLiga
[International] Alliance for Creativity and Entertainment (ACE)
[Brazil] Brazilian Association of Pay Television (ABTA)
[LATAM] Alliance against Audiovisual Piracy (ALIANZA)
[Brazil] National Council to Combat Piracy (CNCP)
[Brazil] Association for the Protection of Intellectual and Phonographic Rights (APDIF)
[International] International Federation of the Phonographic Industry (IFPI)
[International] Entertainment Software Association (ESA)
[USA] Motion Picture Association (MPA)
[Paraguay] National Directorate of Intellectual Property (DINAPI)
[Japan] Content Overseas Distribution Association (CODA)
[S.Korea] Copyright Overseas Promotion Association (COA)
[Ecuador] National Intellectual Rights Service (SENDI)
[Ecuador] National Police
[Argentina] Specialized Fiscal Unit for Cybercrime Investigation (UFEIC)
[Argentina] Federal Police of Argentina (PFA)
[Paraguay] Specialized Unit for Punishable Acts Against Intellectual Property
[EU] European Union Intellectual Property Office (EUIPO)

From: TF , for the latest news on copyright battles, piracy and more.

With an estimated 85 million visits per month, Nhentai is one of the most trafficked websites online today.

The site serves adult-oriented anime and manga, also known as hentai. These spicy Japanese comics are popular worldwide, but not everyone is happy with with the content Nhentai has to offer. Some rightsholders consider the site a deviant pirate operation.

In the summer of 2024, California-based rightsholder PCR Distributing (PCR), which operates under brands including J18 and JAST USA, took legal action against Nhentai , describing the site as a significant threat to its business.

Nhentai Owner Unmasked

PCR initially requested a DMCA subpoena asking Cloudflare to unmask the people behind the site. However, when Nhentai filed an objection, PCR swiftly dropped the subpoena request and launched a full lawsuit against the site’s owner at a California federal court.

In January, Nhentai asked the court to dismiss the lawsuit in its entirety. Among other things, the site’s attorneys argued that a representative of PCR’s brands previously granted written permission for the use of their content while exploring the option to run paid ads on the site.

Besides a dismissal, the site’s operator/owner requested a protective order to proceed in the case anonymously, at least in the early stages. Keeping personal details out of public filings would shield them from potential retribution, they argued.

In April, California District Court Judge Cynthia Valenzuela denied both Nhentai’s motion to dismiss and the motion for a protective order . This meant that the lawsuit would continue, with Delaware company X Separator LLC stepping forward as Nhentai’s owner/operator.

Nhentai Owner Denies Wrongdoing

Last week, X Separator filed a formal answer to PCR’s complaint. The company admits that it owns and operates Nhentai.net with the intention of making it available in the United States while earning revenue there as well.

In the same filing, the company denies that it engages in copyright infringement or piracy activities, and further denies any connections to or involvement with Nhentai.to.

Denials such as these are typical under the circumstances. Together with a list of affirmative defenses, they make up the formal answer that a defendant must submit once a federal lawsuit moves forward.

However, Nhentai’s filing doesn’t stop there. In addition to the mandatory response, X Separator is countersuing PCR for fraud and negligent misrepresentation.

Copyrights And Permission

The countersuit centers on PCR’s copyright registrations and the permission that was allegedly given to Nhentai. It argues that PCR Distributing didn’t just tolerate the site; the rightsholder actively approached Nhentai for promotions, partnerships, and advertisements.

The legal paperwork includes the examples above, as well as many others where representatives of PCR brands suggest deals or partnerships while their content remains on the site. These offers run counter to the copyright allegations in the complaint.

In addition, Nhentai’s countersuit points out that these works were not initially registered at the U.S. Copyright Office.

“From at least October 29, 2020 through April 21, 2022 – the timeframe in which the above-referenced emails were sent – Plaintiff/Counter-Defendant knew it had not filed or registered any U.S. copyrights,” X Separator’s filing reads.

In March 2023, PCR Distributing reportedly began registering its works at the Copyright Office but never rescinded the permission previously given to Nhentai. PCR went on to sue Nhentai for copyright infringement in 2024.

Nhentai Countersues for Fraud

The emails where PCR Distributing allegedly approved the use of its works on Nhentai form the basis of the fraud and misrepresentation counterclaims.

For example, the counterclaim notes that PCR CEO Dave Adams submitted a declaration where he, “under penalty of perjury,” claimed to have personal knowledge of “countless instances” where PCR’s works were posted on nHentai.net without authorization.

X Separator argues that these statements are demonstrably false. The company alleges that PCR’s executives knew about the “permission” emails but chose to mislead the court to secure a DMCA subpoena and file the lawsuit.

$500k in Damages

The countersuit formally lists claims for Fraud/Intentional Misrepresentation and Negligent Misrepresentation .

Because of the alleged deception, Nhentai’s parent company claims to have suffered significant harm so is requesting compensatory damages “which currently exceeds $500,000.00”.

In addition, the company seeks punitive damages, arguing that the rightsholder acted “willfully, fraudulently, maliciously, and oppressively” with the specific intent to injure the site’s owner.

PCR Distributing has yet to respond to allegations. Meanwhile, the case will move forward to an eventual trial, if it gets that far. For now, Nhentai remains online.

—

A copy of X Separator LLC’s first amended answer to the amended copyright infringement complaint, including the counterclaims, is available here (pdf)

From: TF , for the latest news on copyright battles, piracy and more.

Described by the MPA, Premier League and other rightsholders as a priority piracy threat, a set-top box available to buy right now on popular markets, initially sounds like an attractive buy.

Manufactured in China, EVPAD TV boxes look fairly unremarkable, and with an Android 7.0 operating system under the hood, they are. When purchased with a cheap ‘lifetime’ subscription, with installable apps providing access to all the content most people will ever need, looks become less important.

However, a look under the hood reveals that the trade-off between content and privacy cannot be ignored.

Researchers Investigate EVPAD

Android-based EVPAD devices provide access to a huge library of infringing movies, TV shows, and live TV, sourced from countries including Canada, Taiwan, the UK, and the United States, among others. As a result, major rightsholders have regularly reported EVPAD and similar devices to the USTR’s Notorious Markets review.

A team of researchers at Korea University took an interest in the EVPAD ‘3p’ and ’10p’ devices when considering what type of anti-piracy measures might be effective against device-specific apps, operating within closed, subscription-based networks.

In this case, the EVPAD website advises buyers of the ‘3p’ device to download two apps from a third party website. ‘StarLive’ and ‘StarVod’ provide access to live TV broadcasts and VOD content, respectively. For the ’10p’ device, a single app called ‘StarV10’ is sufficient and in all cases, installation is simplicity itself.

“Interestingly, during the installation process from such unknown sources, the service applications are installed seamlessly without requiring any additional user interaction or explicit permissions,” the researchers report.

“Upon further inspection, we found that the global system setting for package installation from non-market sources (install_non_market_apps) was set to 1, indicating that side-loading from unknown sources is universally permitted on this Android 7-based device.”

For regular buyers, zero control over permissions should’ve been an immediate red flag. For the researchers, the secrets of obfuscated source code were still to be discovered.

“Streaming is Safer Than Torrents”

Since regular streaming is a process of consumption and the law tends to view supply more seriously, the theory that streaming is safer than torrents usually finds solid ground.

That doesn’t necessarily mean that streaming pirated content is legal, but in a client/server streaming scenario, obtaining evidence of downloading meets technical challenges that aren’t easily overcome. In contrast, BitTorrent users upload by default, which makes evidence of a more serious offense comparatively easy to obtain.

When people buy an EVPAD TV box, many will expect to ‘stream’ pirated content to the device. While that may be a part of the process, the reality is less straightforward.

A Hybrid Network

The researchers at Korea University found that EVPAD devices initially communicate with centralized servers, which manage authentication, various updates, and the all-important content lists. Once obtained, EVPAD devices use that information to join a BitTorrent-like peer-to-peer (P2P) network , in which unwitting downloaders become simultaneous uploaders, or as they say in court, unlicensed distributors of infringing content .

StarLive uses the ‘ libtvcore ‘ library to establish connections with other EVPAD devices, enabling real-time data sharing among peers, including the distribution of live TV broadcasts.

When a user of StarVod selects a video to watch, the system identifies a corresponding .torrent file and HTTP file server. Encrypted using XOR, the .torrent file is decrypted by the libp2ptrans library then used to perform standard BitTorrent functions, with a tracker providing a list of available peers.

“Simultaneously, the user engages in both P2P communication with other peers and HTTP communication with the file server delivering the selected VoD title. This dual approach ensures both downloading and streaming, but in practice, HTTP streaming via a dedicated file server significantly enhances service availability and playback speed, often playing a major role in video streaming,” the researchers note.

Hybrid Network Complicates Blocking

This hybrid approach to networking complicates blocking efforts. While blocking certain domains would prevent service updates, that may not necessarily disrupt the P2P network.

In the event that the source of content becomes unavailable, the researchers say that data broadcasting nodes in the P2P network provide a fallback mechanism by acting as servers within the ‘swarm’. For video-on-demand (VoD) content, the system utilizes P2P but when necessary, HTTP is used to reach servers operating as Content Delivery Networks.

“[These servers] distribute torrent files and video content, and the presence of multiple similar domains suggests that they are designed to quickly circumvent domain blocks. Additionally, there are domains and IP addresses for Trackers to facilitate torrent-based communication,” the researchers add.

After manipulating IDs used to identify content categories, the researchers obtained all VOD lists from the servers above, which together identified 24,934 pieces of video content. That included 1,052 movies and TV shows in the ‘Nflix’ category alone.

Building Resilience Introduced Weakness

No system is completely bulletproof, and this one is no exception. In theory, the decentralized nature of the P2P network makes the system more difficult to shut down. In practice, it also introduces vulnerabilities that can be exploited to disrupt the service.

The researchers discovered two vulnerabilities. Using the Android emulator NoxPlayer to mimic an authenticated EVPAD device, the first allowed them to bypass authentication. This enabled content to be viewed from around the world, without a subscription, with the potential for “unlimited replication.”

While the first vulnerability granted access to the network, the second vulnerability instantly denied it.

“Given the critical nature of this vulnerability, we determined that even a single, carefully crafted TCP packet is sufficient for an individual to trigger service termination on a remote peer device. This drastically lowers the bar for potential abuse, as no significant bandwidth or coordinated effort is required,” the team note.

Blocking Measures Disrupt the EVPAD Network

When combined, these vulnerabilities form the basis of a theoretical anti-piracy strategy. Once a node is deployed in every available TV channel, the data normally used to connect peers can be leveraged for a different purpose. It allows an attacker to identify specific users and hit them with a TCP packet, causing an instant disconnection.

There’s n o suggestion that such an attack has ever been used outside a lab environment. However, the researchers mention an injunction obtained in India by the Premier League that granted authority to block certain domains, which caused network disruptions lasting four days.

While service was restored, the researchers say that would’ve been more difficult if additional capability had been deployed alongside.

Implications For End Users

Beyond the inherent risks of sharing copyrighted content, the implications for users of EVPAD devices are significant. Often distributed in a pre-rooted state with no package installation restrictions, EVPAD devices are highly vulnerable to abuse. The researchers found that the device update process lacks any mechanism to verify integrity or authenticity.

The device also operates with SELinux in permissive mode , where policy violations occur without enforcement. These factors and others lead to the conclusion that attackers could secure a global network of “zombie” devices through which they could execute further attacks by remote control.

“At its peak, [the Mirai botnet] generated about 1TB of attack traffic using 145,000 devices,” the researchers note, adding that 17,000 compromised EVPAD devices could “potentially generate up to 0.12TB of malicious traffic at peak.”

The study identified 131,175 devices across 116 countries and 78 operational servers located in the United States, Japan, Singapore, Hong Kong, and other countries

“Even if malicious intent is not the primary motive, the lack of commitment to user security by such illegal operators places users in a vulnerable position, making them susceptible to attacks.”

Watch Out Your TV Box: Reversing and Blocking a P2P-based Illegal Streaming Ecosystem, is available here ( pdf )

From: TF , for the latest news on copyright battles, piracy and more.

Five years ago, YouTube ripper Yout.com sued the RIAA , asking a Connecticut district court to declare that the site does not violate the DMCA’s anti-circumvention provision.

The music group had previously used DMCA takedown notices to remove many of Yout’s links from Google’s search results. This had a significant impact on Yout’s advertising revenues, according to operator Johnathan Nader, who always believed he wasn’t breaking any laws.

In 2022, the district court concluded that Yout had failed to show that it doesn’t circumvent YouTube’s technological protection measures. That rendered Yout’s defamation and business disparagement claims moot, but the legal battle was far from over.

Yout.com Appeals

Yout’s operator did not give up. In 2023, Nader appealed in the belief that YouTube rippers do not violate the DMCA. The argument received backing from the EFF and GitHub in their supporting amicus briefs.

The RIAA disagreed, countering that Yout is an “illicit stream-ripping service” that effectively allows people to “bypass YouTube’s technological restrictions” that prevent downloading of works streamed through YouTube. As such, the service violates the DMCA, a position supported by the Copyright Alliance.

One of the key issues in this dispute is whether YouTube’s “rolling cipher” is a technological measure designed to control access to or copying of copyrighted works. The difference between access and copying has become a key point of contention in a new AI twist.

AI Relevance: Access Controls vs. Copy Controls

Last month, AI music companies Suno and Udio filed an amicus brief at the Court of Appeals, alerting it to an alleged error the Connecticut district court made in its original ruling against Yout.

Suno and Udio, who were both sued by music companies, argued that the lower court’s ruling failed to recognize the difference between “access controls” and “copy controls”. This is crucial, they noted, as Congress explicitly separated these two copyright controls to enable fair use.

Congress recognized that to claim fair use, people have to copy something first. If the law were to prohibit the circumvention of copying restrictions, fair use would be effectively outlawed as well.

– Circumventing access controls is prohibited under 17 U.S.C. § 1201

– Circumventing copy controls is NOT explicitly prohibited under 17 U.S.C. § 1201.

For AI companies like Suno and Udio, the legal distinction between access controls and copy controls is not just a technicality. It’s the difference between having a viable fair use defense and being automatically liable for massive damages.

If the court rules that YouTube’s “rolling cipher” is an access control, Suno and Udio effectively lose their ability to argue fair use for the data they’ve scraped by accessing YouTube.

Yout Cites New Paywall Defense

Last week, Yout’s legal team told the Court of Appeals that they wholeheartedly agree with Suno and Udio. In a response brief, they note that the AI companies have it precisely right.

Yout’s lawyer, Evan Fray-Witzer, once again stresses that YouTube doesn’t have any access controls, as it is obvious that anyone with a web browser can watch videos on the platform.

“The District Court’s opinion ignores the simple fact […] that the videos displayed on YouTube are freely available to ‘anyone who requests them’ without a paywall, encryption, password, or decryption,” Yout’s response reads.

To back this up, Yout points to a very recent ruling: the July 2025 decision in a lawsuit between Emmerich Newspapers and the news aggregator Particle Media, better known as NewsBreak.

In that case, a court ruled that the news aggregator didn’t violate the DMCA when its bots stripped “paywall code” from the newspaper’s website. The judge concluded that, because the newspaper’s server voluntarily sent the full article text to the bot (including the paywall code), the bot didn’t “break in” to an access-controlled area. Instead, it simply “used” the data it was given in a way the publisher disliked.

Yout stresses that the same logic applies to its interaction with YouTube. Because YouTube sends audio and video data to anyone who visits the site without requiring a password, Yout argues the “gates are up,” making it legally impossible to “circumvent” an access control.

RIAA: You Can Watch, But You Can’t Touch

The RIAA also filed a brief in response to Suno and Udio, urging the Court of Appeals to reject the arguments from these AI companies.

RIAA’s central argument is that YouTube’s “rolling cipher” is designed to distinguish between two different things: access to a performance (the stream) and access to the work (the fixed digital file).

The RIAA agrees that YouTube allows people to view the stream, but they argue that the rolling cipher is designed to control access to the underlying fixed file.

“Amici’s argument conflates access to a ‘performance’ of a work with access to the ‘work’ itself,” the RIAA writes. In bypassing the cipher to download the file, stream-rippers such as Yout can access something YouTube never intended to give: a permanent digital copy.

While YouTube allows the public to view the performances without restriction, it uses the “rolling cipher” to restrict direct access to the underlying file. By modifying this cipher, Yout bypasses a valid access control, the RIAA notes.

The YouTube Whisperers

Both sides clearly have an opinion on how and why YouTube implemented its rolling cipher code. However, YouTube itself is not a party to the lawsuit, nor has it filed an amicus brief to explain its technology.

Yout’s lawyer previously argued that there is a legal vacuum where the court has to guess YouTube’s intentions, instead of moving the case forward so YouTube itself can be heard.

“There is a question as to what YouTube intended with these measures. We don’t know because YouTube isn’t here,” Yout’s lawyer argued in a previous hearing .

The RIAA, however, argues that YouTube’s intent is irrelevant. The music group maintains that the DMCA only cares about whether a measure “effectively controls access” in its ordinary operation, not what the engineers were thinking when they wrote the code.

Suno & Udio Settle: Yout Continues

Interestingly, both Suno and Udio settled their legal disputes with several major music labels recently, opting for licensing deals instead.

Udio settled its copyright dispute with Universal Music Group in October, followed by a similar agreement with Warner Music Group in November. Earlier this week, Suno followed suit, announcing a “landmark” partnership with Warner Music Group.

These settlements were agreed upon after Suno and Udio submitted their amicus brief in the legal battle between Yout and the RIAA. This means that their critique and the responses from both Yout and the RIAA still stand. Whether the Court of Appeals agrees remains to be seen.

—

A copy of Yout’s response to the brief of Suno and Udio is available here (pdf) . RIAA’s response can be found here (pdf) .

From: TF , for the latest news on copyright battles, piracy and more.

Founded in 2019, pirate streaming service aggregator OnionPlay has been around for half a decade already.

While the site had to switch domain names occasionally, OnionPlay maintained its core identity while its user base continued to grow.

Discord Deletes OnionPlay Channel

At a time when pirate streaming sites are under heavy pressure from the MPA and its anti-piracy branch ACE, staying online can be quite a feat. This pressure also affected OnionPlay to some degree, as it suddenly lost its main Discord channel at the end of October.

OnionPlay’s owner and operator, who uses the online handle “TexasHomie,” was told that the channel was shut down after copyright-infringing links were posted in violation of Discord’s rules.

As a result, two years of community-building work disappeared overnight but TexasHomie didn’t throw in the towel. Inside two weeks, a new Discord channel was active.

At the same time, OnionPlay traded in its .mx domain name for a new .bz variant. While business seemed to continue as usual, a new filing at federal court in California would soon reveal who was behind the Discord shutdown.

MPA/ACE Demanded the Discord Shutdown

On November 14, the Motion Picture Association (MPA) requested a DMCA subpoena on behalf of its member studio Warner Bros. These subpoenas can be signed off by a court clerk, provided that the requester has sent a DMCA notice to the intermediary involved.

In this case, the MPA seeks information from Discord, and their legal request includes a copy of a DMCA notice in which ACE complains about links that were posted in OnionPlay’s old Discord channel.

The DMCA notice was sent late October, shortly before the OnionPlay channel was taken down by Discord. As shown above, the email came with an exhibit mentioning “OnionPlay” by name and urged Discord to take the channel offline.

“We request Discord’s assistance to (i) remove or otherwise disable access to the channels and servers identified above; and (ii) take steps to address Piracy Contents on the Discord platform,” the takedown notice, signed by MPA’s Larissa Knapp, informed Discord.

Discord complied with the takedown notice, but that was not the end of the matter. With the recent DMCA subpoena, the movie industry group now hopes to unmask the owner and operator of the site.

Discord Subpoenaed to Unmask TexasHomie

The legal paperwork includes two examples of infringing links that were allegedly posted by a Discord user. One links to a pirated copy of the season 2 finale of “Peacemaker” and the other links to a pirated stream of the movie Weapons.

The MPA specifically requests Discord to identify the user behind ID ‘417142124228771850,’ which it had previously linked to “TexasHomie”.

“Warner Bros. (via the Motion Picture Association, Inc.) is requesting issuance of the attached proposed subpoena that would order Discord, Inc. to disclose the identities, including the names, physical addresses, IP addresses, telephone numbers, and e-mail addresses, of the individual(s) that operate the Discord account with the following User ID: 417142124228771850”

The request notes that information obtained through the subpoena will only be used to identify the alleged infringer so that Warner Bros. can protect its rights. This was sufficient for the court clerk, who signed off on the subpoena on November 17.

As shown above, Discord has until November 28 (tomorrow) to comply with the subpoena and hand over the information to the MPA.

TexasHomie Remains Calm and Collected

The DMCA subpoena is a useful tool for the MPA, but whether it will result in actionable information has yet to be seen. The MPA and ACE have tried to get information on OnionPlay’s operator before, with subpoenas targeting Cloudflare and the .to registry , presumably without effect.

TexasHomie informs TorrentFreak that he was not aware that the MPA was behind the shutdown of the Discord channel. Nor has he been informed that Discord was asked to disclose his personal information.

OnionPlay’s operator doesn’t appear to be particularly worried either and notes that he keeps his online and offline identities separate.

“I’ve always operated behind VPNs, privacy layers, separate identities—the usual precautions when you spend enough years around the internet and IT infrastructure. It’s not about being shady; it’s about minimizing noise and keeping my real life cleanly separated from my online projects,” TexasHomie notes.

“I’ve dealt with plenty of takedown notices and all the usual headaches, but when you work with the right hosting providers and understand how the infrastructure works, you learn how to manage things calmly and professionally.”

TexasHomie takes pride in the fact that he has managed to keep OnionPlay going in a rather competitive streaming landscape. Community input is taken seriously, he notes, adding that OnionPlay is mainly an old-school “passion project” that requires quite a bit of manual work.

Needless to say, this is a high-stakes passion project that can have criminal repercussions if the operator’s identity is unveiled. These are life-altering risks, making this Discord subpoena all the more important.

—

A copy of the subpoena issued by the U.S. District Court for the Northern District of California on November 17 is available here (pdf)

From: TF , for the latest news on copyright battles, piracy and more.