In 2006 alone, Russia-based AllOfMP3 reportedly banked $30 million from sales of an unauthorized music product for which the major labels received no payment.

The unlikely stage for the industry’s response to global sales of cheap, unlicensed DRM-free music, was Denmark. Under pressure from industry group IFPI, ISP Tele2 blocked AllofMP3’s domain, an event that will soon celebrate its 20th anniversary.

While never likely to threaten the site’s overall traffic, the Danish block was at once symbolic and historic. Nineteen years later, Denmark has almost 2,800 domains on its current blocklist, a figure that’s easily eclipsed by the tens of thousands of domains and subdomains blocked globally every month, largely without report or fanfare.

ICANN Publishes DNS Blocking Report

The Internet Corporation for Assigned Names and Numbers (ICANN) is the non-profit organization whose management of the internet’s name and number spaces (domains and DNS / IP addresses) helps to provide a stable internet. In a recently published report, ICANN provides a comprehensive view of the Domain Name System (DNS) and the effects of its antithesis: DNS blocking.

Published by ICANN’s Security and Stability Advisory Committee ( SSAC ), ‘DNS Blocking Revisited’ aims to raise awareness among all internet users, but especially those whose decisions can make a real difference. For those considering DNS blocking as a potential solution, to the authorities with the power to permit or deny its use, ICANN’s message is clear. Full comprehension of the potential repercussions of DNS blocking is a prerequisite to limiting harm.

“The aim of this report is to advise the Internet community, and especially policymakers and government officials, of the implications and consequences of using DNS blocking to control access to resources on the Internet,” the report begins.

“DNS blocking can have serious side effects. A block may affect users outside the jurisdiction of the party doing the blocking. Users may not know that a block is in place, and can interpret it as a site outage or other error, encouraging potentially insecure behavior to ‘fix’ it. A block may affect domains that provide services for other domains, causing collateral damage beyond the intended scope of the block.”

Motivation and Expectation

ICANN takes no position on whether DNS blocking is good or bad, or whether specific motivations to block tip the scales one way or another. Whether supported by local law, justified on morality grounds, or mandated by governments purely for the purpose of censorship, the report focuses on the technical aspects of DNS blocking, the consequences, and advice to limit harm.

The report defines DNS blocking as an approach to regulating or restricting access to information on the internet by interfering with the normal process of responding to DNS queries about domain names or IP addresses.

This is usually achieved by “denying that a name or address exists or by providing false information about it.”

While easy to implement, DNS blocking is only effective against users of the DNS where blocking is implemented, and has no effect on the existence of the targeted content, which remains accessible by alternative means.

These limitations should be well understood since they help to determine whether DNS blocking can fulfil the stated objectives. Having weighed the benefits and considered the implications, DNS blocking may not be needed at all.

“It is important that any entity mandating or implementing DNS blocking understands the implications of the technology. For example, DNS blocking in one jurisdiction can affect the accessibility of content in another jurisdiction. Legal authorities should form technically informed views about DNS blocking, and understand if, or the extent to which, DNS blocking may accomplish their goals and how it may affect parties outside their jurisdictions,” the report adds.

Bad DNS Blocking is Bad

DNS blocking often amounts to the protection of business interests, yet blocking for security reasons is encountered by millions of internet users every day. They include shielding minors from harmful or adult content, use of domain blocklists by major web browsers to warn users about unsafe sites, and DNS filtering to prevent exposure to malicious domains. An example cited by ICANN suggests that DNS blocking may even be a less restrictive alternative to avoid the global consequences of suspending an entire domain name.

Yet, regardless of motivation, DNS blocking measures of any kind should have clearly defined scope.

“While one jurisdiction may find that it is allowable and desirable to block a domain name, another jurisdiction may consider blocking that domain to be a violation of human or civil rights,” ICANN says.

The report highlights legal action by rightsholders against Quad9 and Cloudflare. Where DNS blocking by ISPs targets a specific, clearly defined local ‘audience’, DNS blocking at public resolvers used by a global audience risks overblocking on a much bigger scale.

In a case involving Quad9 , a court order to block specific sites on copyright grounds offered no guidance on key technical issues, leaving Quad9 to block the sites globally, to avoid being held in contempt.

DNS Blocking Weakens The Battle Against Security Threats

ICANN’s report highlights issues involving internet security that are either caused or exacerbated by DNS blocking measures. For example, redirects due to DNS blocking can cause browser TLS errors that ordinarily signal a potential security threat. ICANN suggests that over exposure effectively ‘trains’ users to ignore certificate mismatches.

In the wider fight against global threat actors, DNS block circumvention reduces visibility of both traffic patterns and security threats.

“DNS data gives Internet Service Providers (ISPs) an important and accurate picture of both traffic patterns and security threats on their networks,” ICANN reports, adding that DNS data can help ISPs diagnose denial-of-service attacks, identify infected hosts, compromised domains, and vulnerable customers.

“When users turn to alternative DNS servers, some network operators, ISPs, and enterprises may experience decreased ability to manage security threats and manage certain network operations. For example, if a user accesses the third party recursive resolver via an encrypted connection using DNS over HTTPS (DoH) or DNS over TLS (DoT) and is infected with malware, the user’s ISP may not be able to detect that and notify the infected user, since DNS telemetry is being diverted away from the ISP.”

Disclosure, Transparency, Blocking Infrastructure

While reduced visibility of threats is cited as a concern, the view of DNS blocking itself is often obscured by a lack of disclosure and limited transparency.

“[DNS] blocking policies and actions are often not disclosed to affected parties, including to end users. This can make it difficult for end-users to understand when they are being blocked, or why,” ICANN warns.

“Absent some level of transparency, DNS blocking can be difficult to recognize for what it is. It can be misdiagnosed as a hosting outage, a misconfiguration, or a malicious attack.”

Before concluding with ICANN’s recommendations, an issue touched on briefly in the report but worth highlighting again, concerns the construction and embedding of online infrastructure to facilitate blocking of piracy, fraud, ransomware, and botnets.

Citing a 2023 open letter written by TCP/IP co-developer Vinton Cerf, “Concerns Over DNS Blocking” warns that the same infrastructure could be easily adapted “to suppress internal dissent, censor outside information, and surveil dissidents and journalists.”

ICANN Recommendations

Listed here verbatim are three rock-solid recommendations from ICANN’s Security and Stability Advisory Committee.

Recommendation 1: SSAC recommends that any entity implementing or mandating DNS blocking understand the implications of the technology.

Recommendation 2: SSAC recommends that DNS blocking implemented by any entity — by a government or any organization that has policy, legal, or operational control over a network or service—follow these guidelines:

A. The entity should determine whether DNS blocking will fulfill its objectives.
B. The entity should have a clear policy about what and how it will block, with well-defined review and decision-making processes that minimize risk.
C. The entity should implement the policy using a technique that minimizes overblocking or collateral damage that could affect its users.
D. The entity should not affect networks or users outside its administrative control.

Recommendation 3: SSAC recommends that operators of recursive servers use DNS Extended Error codes (see section 6.6 Extended DNS Error) to indicate to end users and troubleshooters that DNS blocking is taking place

The report DNS Blocking Revisited is available here (pdf)

From: TF , for the latest news on copyright battles, piracy and more.

In late 2022, music industry giants including Warner Bros. and Sony Music secured a victory in their lawsuit against Internet provider Grande Communications.

The record labels had accused the Astound-owned ISP of failing to adequately address its subscribers’ copyright infringement, specifically by not terminating repeat offenders.

This resulted in a Texas federal jury finding Grande liable for willful contributory copyright infringement and $47 million in damages .

While the Fifth Circuit Court of Appeals later upheld the infringement verdict, the lower court’s decision on how damages should be calculated was overturned, meaning a new trial is needed to determine the final amount. Meanwhile, Grande continues to contest the core liability ruling.

Grande Petitions Supreme Court

In March 2025, Grande took its fight to the Supreme Court. The ISP petitioned for intervention, arguing that existing law offers no clear guidance for providers on how to handle copyright infringement notices or when to terminate subscriber accounts. Grande’s petition specifically asked the Supreme Court to address two key questions:

“Whether an ISP is liable for contributory copyright infringement by (i) providing content-neutral internet access to the general public and (ii) failing to terminate that access after receiving two third-party notices alleging someone at a customer’s IP address has infringed.”

Grande’s petition is similar to one filed by Cox Communications last year, but it’s more tightly focused on the termination threshold. Specifically, it requests clarity on how ISPs are to respond when they receive more than one third-party allegation of copyright infringement.

Record Labels Highlight “Egregious” Infringement

Where Grande is distilling the matter to its basics, the music companies responded by pointing out that the ISP has a “never terminate” policy . The question of how ISPs should respond to two third-party copyright infringement notices is a mere “hypothetical,” they countered.

“Grande refused to terminate service under any circumstance, even after receiving thousands (or tens of thousands) of credible infringement notices about a single customer,” the music companies responded at the Supreme Court.

The rightsholders stress that Grande was well aware of the fact that many of its subscribers were engaged in “egregious” copyright infringement. Instead of taking action to stop this activity, the ISP allegedly did nothing. Therefore, the music companies asked the Supreme Court to deny the petition.

Grande: What Does Egregious Even Mean?

Before the Supreme Court decides whether to take on the case, Grande took the opportunity to have the last word. The ISP vehemently disagrees with the record labels, arguing that they’re trying to dodge a Supreme Court review by mischaracterizing the central legal question and the factual record.

Grande argued that the core issue is, and always has been, whether an ISP can be held liable for contributory copyright infringement simply for providing internet access to subscribers who are merely known (i.e., received two or more infringement notices), rather than proven “egregious,” infringers.

They accuse the music companies of inventing the “egregious infringement” standard that was never part of the case, to make their victory seem less controversial. According to Grande, the judgment against it was based on the broader, lower threshold of two or more notices.

“Respondents have no basis for contesting the obvious certworthiness of this question. So they instead try to dodge review by blatantly rewriting the record,” Grande notes, adding that the appeal court “did not say anything about ‘egregious’ infringement because respondents’ case was not limited to egregious infringement.”

Maybe 10 notices? 20? 50? 500?

The Internet provider stresses that current copyright law isn’t clear on the threshold for repeat infringement. This was simply not defined by Congress in the DMCA and, after being a non-issue for years, has now resulted in multiple lawsuits with billions of dollars on the line.

The music companies’ argument citing “egregious” infringement is not what this case boils down to, the ISP notes, as providers have been held liable for subscribers that allegedly infringed twice. Grande adds that it isn’t even clear what “egregious” means.

“Aside from being divorced from reality, respondents’ new theory is also half-baked. What exactly is ‘egregious’ infringement? Respondents never say. If not two notices, where is the threshold? Maybe 10 notices? 20? 50? 500?” Grande writes.

“Respondents never even try to define where their line exists. And the reason for that failure is obvious: any number above two is inherently arbitrary. If the point is that ISPs are aware of specific users engaged in specific infringement, then any notice should suffice.”

In addition to disputing the number of infringements that qualify for liability, the ISP also highlights the Supreme Court’s recent analysis of secondary liability in Twitter v. Taamneh , suggesting that providers may not be secondarily liable for subscribers at all.

Cox and the U.S. Amicus Brief

Grande has made many of these arguments before, but it now sees itself strengthened by an amicus brief the U.S. Solicitor General sent to the Supreme Court, encouraging it to take on the related Cox petition. That case also revolves around liability, with music companies taking on the ISP.

The U.S. opinion referenced the aforementioned Taamneh ruling, questioned ISP liability, and warned that the current precedent may lead to disconnections for many innocent subscribers. While Grande’s petition has different nuances, the company says that it would serve as an “ideal companion” case.

“The government has confirmed that Cox should be granted — as it plainly should. This case remains an ideal companion to Cox. It presents the purest form of the question on the cleanest record,” the ISP writes.

With all arguments now on the table, the decision rests with the Supreme Court. The Justices will decide whether to grant Grande’s petition, a move that could have profound implications for the entire ISP industry and its role in battling online piracy.

—

A copy of Grande’s reply brief, which was submitted to the Supreme Court a few days ago, is available here (pdf) .

From: TF , for the latest news on copyright battles, piracy and more.

In common with many services provided by Google, its search engine is wide open and free of charge at the point of delivery.

The quid pro quo is the user’s consumption of Google ads, placed by millions of advertisers for all kinds of products.

Given the scale, it’s no surprise that some offer products of dubious origin. The question is who can be held liable beyond the seller, and under what specific circumstances.

Textbook Pirates

In June 2024, some of the world’s largest publishers came together in a joint lawsuit targeting Google. In a complaint filed at a New York federal court, companies including Cengage Learning, Macmillan Learning, Elsevier, and McGraw Hill bemoaned Google’s ‘systemic and pervasive advertising’ of infringing copies of their copyrighted textbooks.

The publishers’ allegations concerning Google Shopping describe ads that use unauthorized images of the publishers’ genuine textbooks, some with visible trademarks, to promote sales of pirated copies. A ‘bait-and-switch’ by Google, the publishers allege. More generally, the publishers claim that Google searches for their textbook titles return piracy-heavy results, making their original products more difficult to find.

The publishers claim ‘pirate’ ad takedown notices were sent repeatedly to Google, but to little effect. Notifications identifying specific ‘pirate sellers’ as repeat infringers didn’t lead to Google terminating their accounts “within a reasonable time, if at all.”

Google’s Motion to Dismiss

In a recent motion to dismiss, Google sought to thin out the publishers’ claims, which include vicarious copyright infringement, trademark infringement, and violation of New York’s deceptive business practices law.

In an opinion and order handed down this week, United States District Judge Jennifer L. Rochon analyzes the publishers’ claims and relevant legal precedents. Google believes the publishers’ vicarious copyright infringement claim should be dismissed; the Judge put that to the test.

A vicarious copyright infringement claim must contain two elements:

• The right and ability to supervise the infringing conduct and
• Direct financial interest in the infringing activity

Google moved to dismiss based on the publishers’ alleged failure to plead both elements. The Court had no need to go further than the first.

Ability to Supervise or Control

A finding of vicarious liability in this case turns on Google’s relationship to the pirate textbook sellers (direct infringers), not just the infringement itself. The first element must show that Google had the ability to supervise or control the third parties’ infringing activity yet failed to do so.

Google says that because the alleged direct infringement (sales of pirated textbooks) took place on the pirate sellers’ third-party websites, it’s clear that its ability to supervise or control doesn’t extend that far.

Citing precedents such as Perfect 10 v. Amazon and Perfect 10 v. Visa, Judge Rochon agrees with Google.

In these cases, the ability to terminate an advertising or payment processing relationship, which might indirectly reduce infringement on third-party websites, was not considered to be the ‘direct control’ over infringing activity required for a claim of vicarious liability.

In cases including Napster, the opposite was true due to the infringement taking place on a system under Napster’s control, where it had the right to terminate access.

Indirect Effect is Insufficient

The Court accepts that the removal of infringing ads and the termination of accounts may have an indirect effect by reducing traffic to the pirate sellers’ websites. However, that doesn’t mean that Google has any control over the websites where the infringement takes place, or that any measures applied to search would change that.

“The fact that ‘search engines [can] effectively cause a website to disappear by removing it from their search results’ is not enough to give rise to vicarious liability,” the order reads.

“Plaintiffs have not adequately pleaded that Google has sufficient ability to control or supervise the Pirate Sellers’ infringement, and therefore, Plaintiffs’ vicarious copyright infringement claim fails to state a claim.”

Court Denies Request to Dismiss Trademark Claim

Google’s request to dismiss the publishers’ trademark claim was rejected.

The publishers’ claim under 15 U.S.C. § 1114(1)(b) relates to “advertisements intended to be used in commerce upon or in connection with the sale, offering for sale, distribution, or advertising of goods or services” when such use is likely to “cause confusion or deceive.”

The plaintiffs claim that Google included unauthorized reproductions of their trademarks in the pirate sellers’ ads, having acquired the images containing the marks from the sellers themselves. Google denied that, insisting that it only displayed images where the marks were already applied.

The Court found that the publishers had sufficiently pleaded their direct trademark infringement claim, so this element of Google’s motion to dismiss was denied.

The case will continue with the trademark claim intact, alongside a contributory copyright infringement claim that was not included in Google’s motion to dismiss.

Judge Rochon’s opinion and order is available here (pdf)

From: TF , for the latest news on copyright battles, piracy and more.

Two years ago, the European Commission published a non-binding recommendation to tackle the problem of live-streaming piracy, sports in particular.

For instance, the EU encouraged member states to introduce measures to facilitate prompt takedowns of live streams, while service providers and rightsholders were encouraged to tackle challenges through collaboration.

To the disappointment of many rightsholders, the recommendation required no mandatory action by EU member states. So, when the Commission recently launched an evaluation asking stakeholders to share their views on the recommendation, many asked for more robust legislation.

Advanced piracy blocking systems are high on the agenda. Semi-automated mechanisms capable of blocking sources quickly are preferred. These should be implemented by ISPs, but rightsholders see a role for DNS services and VPNs too.

Variations on this type of mechanism are currently active in Italy, Spain and France. Rightsholders, including the MPA and DAZN, mentioned this in their responses to the Commission, calling for expansion in the EU. However, not everyone agrees that broader and more automated blocking efforts are the right path forward.

Cloudflare Issues Stark ‘Blocking’ Warning

American tech giant Cloudflare, which provides CDN, proxy and DNS services, is fiercely against automated blockades. The company has been at the center of various blocking actions in recent months, as its infrastructure was targeted in Italy, Spain, and France.

In some instances, this has led to overblocking where legitimate Cloudflare customers (and their users) were hit as collateral damage.

“Over the past two years, we have witnessed disproportionate and damaging efforts by rightsholders to use blocking measures to tackle piracy online, particularly in relation to unauthorized live streaming of sports,” Cloudflare writes.

Cloudflare notes that pressure from rightsholders has led some European national governments to implement “problematic and imprecise” blocking mechanisms. It says that these blocking tools “often lack due process” and result in “significant collateral damage” for legitimate internet users and businesses across the EU.

As an intermediary, Cloudflare’s infrastructure and IP-addresses are used by pirate sites and services. However, since these are shared with innocent sites, blocking renders those inaccessible too.

“Blocking one IP address, thus can render thousands, tens of thousands, or even hundreds of thousands of domains unreachable,” Cloudflare warns.

Italy, Spain, and France

Cloudflare specifically highlights Italy, Spain, and France as countries where problems have emerged. The Italian “Piracy Shield” law has resulted in “overblocking on a massive scale,” the company says, adding that it violates the Charter of Fundamental Rights and EU law.

In Spain, blocking orders also caused substantial collateral damage . Cloudflare explains that, due to a broad court order that included Cloudflare IP-addresses, millions of Spanish users were blocked from accessing thousands of non-targeted websites.

“This blunt approach not only demonstrates a fundamental misunderstanding of how the Internet works, it also raises significant questions about compliance with the European Union’s Open Internet Regulation,” Cloudflare writes.

In France, meanwhile, courts have ordered VPN providers and DNS resolvers to block pirate sites. At the same time, there are plans to update the law to enable blockades of pirated live sports broadcasts in real-time, which also raises overblocking concerns.

No VPN and DNS Blocking

Cloudflare urges the EU to tread with caution going forward. Instead of updating the law to enable broader blocking powers, it calls for limiting the blocking efforts.

For example, it argues that blocking orders should never extend to core, global Internet technologies such as global DNS resolvers and VPNs. These services operate globally and can’t easily restrict blocking measures geographically, the company notes.

“Blocking applied to an ISP-owned DNS resolver will have a geographically restricted effect, since an ISP typically only serves users in one country. In contrast, public DNS resolvers or VPN providers operate globally.”

Aside from the technical challenges, Cloudflare notes that VPNs and proxies are widely used to protect free expression. Interfering with these services through onerous regulation could amount to a violation of privacy and freedom of expression.

Transparency, Safeguards and Compensation

Cloudflare recognizes that piracy is a real problem that needs to be addressed. However, it believes that more extensive blocking is not necessarily the answer. Instead, it calls for more transparency, proper safeguards, and cooperation between all stakeholders.

Cloudflare’s suggestions include the following (abbreviated and summarized).

– Last Resort Only: Blocking should only be used as a final option to reduce local access to pirated content.

– Protect Core Internet Technologies: Blocking orders must not apply to essential global internet technologies like global DNS resolvers and VPNs.

– Prioritize Notice-and-Takedown: Rightsholders must first attempt notice-and-takedown procedures with hosting providers before requesting blocking.

– Independent Verification: All blocking requests need formal justification and independent verification by a designated governmental or independent regulatory body.

– Transparency: Transparency reports should detail the blocked domains, implementation times, and the identities of requesting parties.

– Rapid Rectification: Publicly available rapid response systems should be in place to quickly correct any incorrect or overly broad blocking measures.

– Independent Dispute Resolution: An independent body should hear appeals from any affected parties, ensuring legal review and procedural fairness.

– Liability for Overblocking: Rightsholders should be held liable for any economic or reputational harm caused to non-targeted third parties due to overblocking.

EU Urged to Resist One-Sided Blocking Calls

More drastic blocking demands are not the way to tackle piracy, according to Cloudflare. Instead of drafting new legislation, the EU is encouraged to facilitate healthy cooperation where all stakeholders are heard.

“The European Commission should resist excessive requests to expand network level blocking as a means to tackle piracy,” Cloudflare writes.

“Effectively dealing with piracy of live events will depend on multiple solutions being deployed simultaneously, combining sharing of data, law enforcement measures, industry cooperation, and measures for distribution of legal content that better satisfy the demand.”

This can all be done without new legislation, Cloudflare says. While that may be true in theory, previous calls for increased collaboration haven’t led to concrete progress. And with tensions rising to the point where disagreements are fought out in public , cooperation between some parties might be a challenge.

—

A copy of Cloudflare’s submission in response to the European Commission’s assessment of the May 2023 Commission Recommendation to combating online piracy of sports and other live events is available here (pdf)

From: TF , for the latest news on copyright battles, piracy and more.

The original Napster service was launched by Shawn Fanning and Sean Parker on June 1, 1999 . Had it not been sued into oblivion by the record labels, it would’ve celebrated its 26th anniversary last Sunday.

In reality, Napster didn’t live for very long at all. The service was shut down by court order in July 2001 and in this month 23 years ago, Napster Inc. filed for bankruptcy.

Napster Brand Lives On, Legally

For more than two decades, the Napster brand has lived on. The company’s assets were initially acquired by Roxio, which led to its PressPlay music service relaunching in 2003 with Napster branding. After a fresh start as a legal music store, Napster was later acquired by Best Buy. In 2011, streaming service Rhapsody became Napster’s new owner and a few years later, Rhapsody itself reappeared with Napster branding.

These changes in Napster’s ownership offer very little excitement, a sign perhaps that Napster’s pirate roots were ancient history. Yet, starting in early 2017, the RIAA began sending DMCA notices to Google containing requests to have Napster URLs deindexed from search results. In January 2022, that suddenly stopped, only to suddenly start back up again, exactly two years later.

What exactly triggered these complaints is unknown but, earlier this year, a complaint filed in Italy went further still. Characterizing Napster as a platform of mass infringement, the complaint requested measures that would effectively prevent Napster from doing business anywhere in the country.

“Massive Copyright Violations”

The Italian Society of Authors and Publishers (SIAE) is one of the world’s largest collection societies. According to its website, it represents over 100K members, administers 62 million Italian and international works, and has “reciprocal representation agreements” with 184 authors’ societies around the world.

On March 24, 2025, SIAE filed a complaint with Italian telecoms regulator AGCOM, containing a long list of allegedly infringing URLs linking to songs by mainly local artists. The complaint described the list as an example of infringing content offered by Napster, so should not be considered exhaustive.

SIAE’s complaint noted that “the massive nature of the copyright violations” is highlighted when SIAE’s repertoire index is used as a reference.

Having confirmed that the content reported by SIAE was actually available on Napster.com, these alleged violations of copyright (Law 633/41 ( pdf ) ) were sufficient for AGCOM and any linked bodies to examine the complaint more closely.

In this case and those similar, a step-by-step process resulting in an adverse decision usually leads to domains being blocked by ISPs nationwide. Pirate sites tackle blocking with new domains and other circumvention tactics. Legal streaming sites aren’t typically confronted with that kind of problem.

AGCOM Launches Investigation

Checks revealed that the domain Napster.com was registered at Cloudflare “on behalf of an unidentifiable customer” with hosting services for the platform also provided by Cloudflare.

A preliminary investigation carried out by the Directorate for Digital Services and Protection of Fundamental Rights confirmed the alleged violations, so the complaint wasn’t considered inadmissible or unfounded.

Since Napster’s servers were deemed to be located overseas, “personal communication” advising the start of a procedure against it was described as “overly burdonsome”.

Instead, a notification via AGCOM’s website and via email (most likely to Cloudflare) were considered sufficient. The communication raised the possibility of Napster “spontaneously complying” with SIAE’s requests, which usually means taking down the content in question.

No Defense by Napster, Disaster Looms

AGCOM reports that no counter-arguments were received in response to its notifications and the recorded music listed in the site blocking application remained accessible on the pages reported by SIAE. Of course, that’s potentially problematic in copyright cases generally, so when AGCOM found that under Italian law no exceptions applied to the content in question, its continued online presence was “believed to be unjustified.”

All of the above taken together, especially in light of the overseas servers, led to the conclusion that service providers could be instructed to block access to Napster in Italy, to prevent ongoing copyright infringement. Or rather, that’s typically what happens to pirate sites. Here, various factors took the matter in a different direction.

Before issuing a blocking order, AGCOM must consider adequacy, necessity, and proportionality; i.e whether the measure is suitable for the task in hand, is necessary or can the same effect be achieved by less restrictive means, and is a reasonable response under the circumstances.

Blocking Would Be Disproportionate

Based on the report of AGCOM commissioner Elisa Giomi, who happens to be an outspoken opponent of Italy’s Piracy Shield blocking system, AGCOM concluded that disabling access to the entire Napster website was not an option.

[T]he website http://napster.com reported by the applicant is a paid music streaming service which features a very high number of songs (110 million, as reported on the site’s homepage ) which are not limited exclusively to the sound works referred to [in the blocking application],” AGCOM’s decision reads.

“Considering that the violation ascertained concerns a limited number of works compared to the content of the reported site, the adoption of a measure to disable access to the entire website would be a disproportionate measure on the basis of the principles detailed above.”

The Right Decision But a Very Strange Case

In borderline cases, subjective assessments could go either way but, in this case, it’s obvious that AGCOM made the appropriate decision under the circumstances. However, there’s an unusual element to this blocking application that raises the question of why it even exists.

Under Italian copyright law, two entities are responsible for “ preventing and ascertaining ” certain violations within their competences. The first entity is telecoms regulator AGCOM, the second is the Italian Society of Authors and Publishers, the same entity listed as the applicant in the blocking case against Napster.

Even after a fleeting view of the paperwork, blocking was always the incorrect response in these circumstances. Miracles aside, the application was always likely to fail against a substantially non-infringing licensed music streaming service based in the United States, where a failure to license usually ends in a mauling from the major labels.

So, on the basis that AGCOM came to the same conclusion very easily, that raises a question;

Why did a public economic body founded 140+ years ago, with a key role in Italy’s Permanent Advisory Committee on Copyright, and recognized as the institution representing the interests of Italian authors, press ahead with a blocking application that had virtually no chance of success?

More fundamentally, success would’ve prevented the alleged infringement, but presumably would’ve denied the artists and companies behind Napster’s 110 million track library any opportunity to make money via that platform in the Italian market.

Any responses to our requests for comment will appear here in due course.

AGCOM’s decision, which denies the blocking request but refers the alleged violations of copyright to the judicial police, is available here ( pdf )

From: TF , for the latest news on copyright battles, piracy and more.

After a decade of focusing efforts overseas, the push for website blocking has landed back on American shores.

Earlier this year, U.S. Rep. Zoe Lofgren introduced a new site blocking bill, titled: Foreign Anti-Digital Piracy Act (FADPA).

With piracy blocking efforts expanding globally, the introduction of a U.S. site blocking bill was perhaps only a matter of time. But it took time. The new bill arrived more than thirteen years after the previous SOPA bill was shut down. Interestingly, however, the bill is not alone.

In addition to FADPA, Representative Darrell Issa is also working on his own version of a pirate site blocking bill. While it has yet to be formally introduced, a discussion draft framework seen by TorrentFreak lays out the intended framework in great detail.

It’s important to keep in mind that this is a preliminary draft of the framework, not the final bill. Several changes in the text may take place before it is formally introduced, if it’s introduced at all.

The American Copyright Protection Act (ACPA)

The draft American Copyright Protection Act (ACPA) proposes a streamlined court procedure for U.S. copyright owners to block access to foreign pirate sites, or those whose U.S. operators cannot be found after reasonable investigation.

The site blocking process would involve four phases. First, a court determines if a target website qualifies as a “foreign piracy site” based on evidence presented by a copyright owner. This evidence would include proof of ongoing copyright infringement, details of the site’s foreign ownership (or inability to find a U.S. operator), evidence that piracy is its primary purpose and it has no significant non-infringing purpose, or is marketed to induce infringement.

In the second phase, the court could issue a blocking order requiring service providers, such as ISPs and DNS resolvers, to take “all reasonable steps” to prevent U.S. users from accessing the target website. These orders would remain valid for up to 12 months but would not prescribe specific blocking technologies.

The draft outlines third and fourth stages which cover how a blocking order would be maintained and modified, if necessary. The deadline for implementing a blocking order would be set at 10 days, but copyright owners could request a shorter timeframe when targeting live events.

ACPA vs. FADPA

The broad description of the new bill doesn’t differ much from the previously introduced FADPA legislation. Both target ISPs and DNS resolvers, for example, but there are several key differences and nuances.

For example, ACPA proposes that the Judicial Conference of the United States would maintain a list of specific district judges to hear all judicial piracy blocking cases, with at least one judge per regional circuit. Blocking requests would then go through the previously mentioned four-phase process.

The FADPA bill, on the other hand, relies on standard U.S. District Court jurisdiction and would establish a ‘preliminary order’ through a proposed Copyright Act amendment at section §502A.

The new ACPA draft further mentions that the Act would preempt state and local laws, with the Government Accountability Office (GAO) providing reports to Congress on the Act’s effectiveness and impact.

Transparency and Protections

The draft also has some explicit transparency provisions. For example, it tasks the U.S. Copyright Office with maintaining a public website where all active blocking orders are listed. In addition, copyright owners must demonstrate they attempted to notify the target site’s operator and domain name registry of the infringement.

The proposed bill also places restrictions on the service providers that can be named in a blocking order, excluding those with fewer than 50,000 annual users or, for ISPs, those representing 1% or less of U.S. market share. Operators of coffee shops, libraries, universities, and other premises, would be excluded.

Finally, overblocking is addressed directly in the draft. While this should be prevented, if a third party’s site other than the pirate site was blocked due to an error caused by the copyright owner, the third party could request up to $250,000 in compensation from the copyright owner.

DNS ‘At Risk’

Rep. Issa’s proposed framework excludes blocking measures against the root nameservers and TLD nameservers. Additionally, DNS resolvers providing services to fewer than 50,000 users annually would be exempt under the general exclusion for small providers. However, based on commentary in response to foreign DNS blocking efforts, the proposal can expect to meet some pushback.

This week, the Internet Infrastructure Coalition (I2Coalition), which represents major tech companies including Amazon, Cloudflare, and Google, released a detailed report and website warning the public about DNS blocking threats.

The report details various examples of DNS blocking efforts around the world, including pirate site blocking actions in Italy, Spain, and France. According to Christian Dawson, Executive Director of the i2Coalition, the report is a wake-up call.

“DNS resolvers are neutral infrastructure—not censorship tools. When governments use them to enforce content policies, the result is overreach, disruption, and long-term harm to the open Internet.”

“We’ve built dnsatrisk.org to document these incidents and to help the global community push back with evidence and clarity,” Dawson adds.

Immunity & the DMCA

Companies running DNS servers are not alone in their concerns. Internet providers will likely want to ensure that their concerns are heard too. Previously, we reported that ISPs would like to have retrospective immunity.

The discussion draft does indeed mention immunity when it comes to liability for any blocking related actions, plus immunity from copyright claims by rightsholders who request blocking orders, insofar these apply to the blocked sites.

“A named service provider in a blocking order that is implementing the order in good faith is immune from all claims of copyright infringement by the copyright owner who obtained the blocking order based specifically on allegedly infringing activity on the foreign piracy site occurring on or after the date when the blocking order was issued, or when the provider was added to the order after issuance (whichever is later).”

The proposed immunity would not carry over to other claims of copyright infringement, meaning there would be no impact on the subscriber-related piracy liability lawsuits currently faced by Internet providers such as Cox and Verizon.

The draft framework explicitly and clearly states that the bill would not affect any existing DMCA liability claims, nor would it impact DMCA safe harbor protections.

“Except as expressly stated in this Act, nothing in this Act shall be construed to change or affect any determination under the DMCA, or modify or expand any existing claims, liability, or immunity under the DMCA, including the scope, protection, and requirements for any safe harbor under section 512. Nothing in this Act shall be construed to provide for any new liability or immunity with respect to the DMCA or any other provision of law outside of this Act.”

Although it’s still unclear what type of retrospective immunity ISPs are looking for, the draft framework doesn’t provide any additional detail.

Overall, the discussion draft describes a well-thought-out plan, with some important transparency provisions and accountability for overblocking. That said, the inclusion of DNS providers and potentially ‘other intermediaries’ is already causing opposition before the final text is ready.

From: TF , for the latest news on copyright battles, piracy and more.

As online piracy continued to cause headaches for South Korea, in 2023 key media entities formed the Video Copyright Protection Council.

The VCPC coalition adopted a unified “stronger together” strategy for operational efficiencies and greater governmental leverage, swiftly putting its first target on notice with a criminal complaint and a $3.7 billion damages claim .

NunuTV / NooNooTV

Popular in the local market, streaming site NunuTV (or Noonootv based on domain name format) had been servicing tens of millions of visitors per month and was reportedly responsible for 1.5 billion views of pirated movies and TV shows.

With billions of dollars worth of damage allegedly suffered by legitimate platforms, NunuTV became a clear candidate for aggressive site-blocking measures. The authorities blocked domain after new domain but nothing seemed capable of significantly reducing the site’s popularity.

Coupled with a warning from the coalition, an announcement that the Ministry of Culture, Sports and Tourism, would create a new piracy investigation unit, in hindsight signaled the beginning of the end for NunuTV.

Less than two years after its launch in June 2021, the site announced that it would shut down on April 14, 2023, citing “outrageous” bandwidth costs and “pressure on the site from all directions.”

Site Down, Legal Subscribers Up, Hail Blocking

The site’s closure was cause for cautious celebration. In a July 2023 report published by subscription streaming platform Tving, a growing subscriber base was attributed to customer loyalty and the closure of NunuTV. In the United States, the tactics used against the site highlighted were seen as important.

After nominating the site for ‘notorious market’ status in 2022 (pdf) , the MPA’s 2023 submission ( pdf ) , attributed the site’s demise to the success of site blocking and the and the Ministry of Culture’s announcement regarding its investigation team..

Season 2: Surprisingly Short

In the background, the emergence of a new site just weeks after the disappearance of the first, had already prompted an announcement by the government.

Aggressive site blocking was back on the table, with blocks updated several times each day. It remained to be seen what other “strong measures” could be taken that hadn’t been tried before.

Quite quickly, however, the problem found its own solution.

“Hello, this is NunuTV Season 2. After careful consideration, the NunuTV Season 2 site is closed. Although it is a short period of time, we sincerely appreciate your interest.”

With over 1,300 domains containing “noonootv” registered and ready for use, copycat sites were always likely to be a problem. Yet, minus the features that made the original so popular, few if any could expect anything like the same success.

As is often the case with site resurrections, only those behind the original site could realistically deliver the same experience. Late last year, the chances of that happening collapsed in an instant.

Operator of NunuTV Arrested in South Korea

In November 2024, Korean authorities announced the shutdown of TVWIKI , a popular streaming piracy site with millions of users. A special unit under the Ministry of Culture, Sports and Tourism arrested the site’s alleged operator, who according to reports, was also behind streaming platform OKTOON.

A takedown notice hosted on GitHub revealed that the individual, identified only as ‘Person A’, was also the operator of NunuTV.

Concerns that the raids and arrest were an of elaborate hoax were soon dismissed by Korean authorities.

According to local news reports, law enforcement authorities seized assets worth 2.6 billion won (US$1.9m) including two luxury cars, and a total of 14 bitcoin.

Six months later, ‘Person A’ appeared before a court in South Korea to discover how his immediate future would be playing out.

Sentenced to 3 Years in Prison, $500K Fine

On May 26, Judge Koh Young-sik at the 9th Criminal Division of the Daejeon District Court, sentenced ‘Person A’ for offenses under the Copyright Act.

“The nature of the crime is bad because it systematically infringed on property rights over a long period of time for profit-making purposes such as obtaining advertising revenue,” Judge Koh said.

To avoid the effects of site blocking and other government action, Person A continued to operate using dozens of domains and overseas servers, including in the Dominican Republic and Paraguay. Virtual private networks (VPNs), overseas credit cards, and cryptocurrencies were also used in an effort to avoid being tracked down by investigators.

To obtain content from legal webtoon platforms, Person A reportedly obtained official accounts from an unspecified number of people before posting illegal copies online. A diagram supplied by the Ministry of Culture, Sports and Tourism provides an overview of the operation.

“Copyright crimes not only infringe on the copyright holder’s ability to generate revenue, but also discourage creative desire, ultimately hindering cultural development,” Judge Koh continued.

“In addition, the defendant admitted his wrongdoing, and his criminal record was taken into consideration when determining the sentence.”

For the illegal distribution of hundreds of thousands of copyrighted videos and webtoons via NunuTV, TVWiki, and OKTOON, the former pirate site operator was ordered to serve three years in prison and pay a fine of 700 million won (US$512K)

Odds of Evasion: Slim

Reports claim that NunuTV’s operator was “meticulous” in his efforts to remain anonymous but when local government and law enforcement agencies team up with international partners, that may not be enough. Person A was the target of a joint investigation by the Copyright Crime Scientific Investigation Unit of the Ministry of Culture, Sports and Tourism, and the International Criminal Police Organization, better known as INTERPOL.

In January 2025, INTERPOL announced the signing of a memorandum of understanding and launch of the second phase of INTERPOL-Stop Online Piracy (I-SOP), an international collaborative anti-piracy project to crack down on illegal online distribution platforms.

The initiative receives funding from the Korean Ministry of Culture, Sports and Tourism (MCST) (2.8 million euros) with support from the Korean National Police Agency.

In addition to the dismantling of NunuTV, successes during the first phase include the arrest of individuals behind P2P release group EVO.

From: TF , for the latest news on copyright battles, piracy and more.

In recent years, the European Commission has proposed and adopted various legislative changes to help combat online piracy.

The Copyright Directive and the Digital Services Act both envisioned tighter copyright takedown rules for online service providers.

Many rightsholder groups felt that the new rules were insufficient to target live streaming piracy, sports content in particular. They wanted more incentives for online service providers to act faster and more diligently, as suspensions are useless after a live broadcast ends.

The EU Commission heard these calls and published a targeted recommendation ‘on combating online piracy of sports and other live events’, encouraging member states to introduce measures to facilitate prompt takedowns of live streams. At the same time, service providers and rightsholders were encouraged to collaborate, to tackle the challenge together.

Over two years later, the European Commission recently launched a call for evidence, asking stakeholders to share their views on the recommendation. Based on its assessment, the Commission will evaluate whether further EU-level measures are needed to tackle the issue.

MPA: Site Blocking is Key

Last week, the Motion Picture Association (MPA) submitted its comments on the effectiveness of the 2023 recommendation. Representing prominent movie industry players including Netflix, Disney, and Warner Bros. Discovery, it has a significant stake in the matter.

Overall, the MPA is positive about the EU legal framework, noting that it provides valuable tools such as site blocking injunctions. However, implementation of these measures across EU member states is inconsistent and in some countries, cumbersome or completely absent.

Site blocking measures have been available under EU law for more than two decades, but not all EU countries implemented them correctly, MPA says, mentioning Germany, Poland, and Bulgaria as examples.

“Despite the Commission’s Recommendation, Europe is missing effective and appropriate implementation of these provisions across all Member States. Germany has not correctly implemented Article 8(3) InfoSoc nor Article 11 IPRED, whereas Poland and Bulgaria have not implemented these provisions at all,” MPA writes.

In Germany, for example, copyright holders must take steps to identify the operator of piracy sites before they can request blocking measures. In some cases, this requires pursuing legal action against hosting companies.

This is a barrier that makes site blocking unnecessarily complicated or costly, MPA says. That’s counterproductive in an environment where pirate sites and services are quick to adapt their strategies.

“Swift action is needed to limit the dissemination and damage of copyright infringement,” MPA stresses.

Automated Real-Time Blocking

Automated solutions already exist in some countries. The MPA is particularly interested in site blocking schemes that allow rightsholders to automatically add new piracy domains in realtime.

This is especially important for live broadcasts, including sports events, as these have a small blocking window. The MPA says that these broadcasts require dynamic siteblocking and fast-track legal procedures in order to be protected.

“MPA is therefore supportive of automated effective siteblocking mechanisms that can be updated in realtime with appropriate safeguards to address emerging infringing streams. In Italy, Greece, Portugal and Brazil automated dynamic systems are available to rightsholders allowing effective real-time blocks.”

Automated blocking measures also help to combat circumvention. Pirate site operators are generally quick to circumvent blocking measures with new domain names. Their users can typically find new pirate sites though search engines and social media.

“When a pirate service is blocked, pirate infringing operators register and activate a new domain—often with a similar name—allowing users to regain access, therefore circumventing the initial blocking order,” MPA writes.

CDNs, VPNs and other Intermediaries

Collaboration between Internet providers and copyright holders is essential to implement effective blocking mechanisms, MPA says. However, other intermediaries should also be brought into the fold.

MPA suggests a more active role for reverse proxy providers, content delivery networks (CDNs) hosting providers, VPNs and search engines. These were also highlighted in the EU Commission’s 2023 recommendation.

The group notes that cooperation with CDNs (e.g. Cloudflare) is key to properly enforcing dynamic blocking.

“Intermediaries such as CDNs also have the technical capability to implement targeted blocking at the infrastructure level, which can be a highly effective complement to traditional siteblocking, especially where operators rely on CDN services to deliver pirated content at scale.”

“Their engagement tends to be necessary to make targeted and technically feasible siteblocking possible. Failing to involve these actors undermines the effectiveness of dynamic injunctions, as pirates increasingly rely on them to obscure their infrastructure and evade enforcement.”

Identifying Pirates

In addition to helping on the blocking side, MPA also sees a role for these intermediaries when it comes to identifying pirate site operators. To achieve this, rightsholders should be able to use “Right of Information” requests to swiftly identify potential targets.

These information requests should be made available under EU law and, just as importantly, the EU should expand Know Your Business Customer (KYBC) requirements to online intermediaries. At the moment, KYBC rules only apply to online marketplaces.

“To effectively allow the identification of the source and repeated misuse of their services, intermediaries need to ensure that they obtain accurate and complete customer information,” MPA writes, adding that KYBC requirements are an “ideal tool” with “minimal burdens” for the intermediaries involved.

All in all, the MPA believes that Europe is largely on the right track with its anti-piracy efforts and policies, but with the suggested improvements, ideally formalized in legislation, the process can be further improved.

Rightsholders United

The MPA is not the only stakeholder making these types of demands. A wide variety of other rightsholder organizations, representing various sectors of the creative industries, echoed the call for more robust anti-piracy measures with legislative backing across the European Union.

For example, MFE-MEDIAFOREUROPE, which controls major broadcasters like Mediaset, stressed that hosting providers, CDN providers, and payment services need to take more decisive action.

Meanwhile, DAZN described the DSA as a missed opportunity to specifically target entities like VPN providers, dedicated server hosts, and CDN services that play a role in facilitating online piracy. Both DAZN and MFE joined the MPA in calling for KYBC obligations to be extended to more intermediaries.

Ultimately, these submissions paint a picture of rightsholders acknowledging the EU’s efforts, while highlighting a clear need for further, stronger action at the EU level. The European Commission will typically take its time to evaluate this feedback, while also keeping an eye on those that are more critical of recent anti-piracy efforts.

—

A copy of the Motion Picture Association submission in response the EU Commission’s assessment of the May 2023 Commission Recommendation to combating online piracy of sports and other live events is available here (pdf) .

From: TF , for the latest news on copyright battles, piracy and more.

BREIN has just published its latest annual report, providing insights into the priorities of the organization and the progress being made.

This was BREIN’s first year under new leadership. After Tim Kuik retired in 2024, Bastiaan van Ramshorst became the new director flanked by Birre Büller, the new head of legal affairs.

BREIN’s 2024 Annual Report

Last week, the group published its 2024 annual report which shows that anti-piracy activities continue undeterred. BREIN completed 339 cases last year, of which 179 were marked as extensive investigations. As a result, 40 settlements were reached, including 7 “knock & talks”.

In addition to these dedicated investigations, BREIN also continued its regular operations. This includes updating the pirate site blocklist used by local ISPs, to which 525 unique domains were added last year. At the end of 2024, 574 domains were blocked, up from 208 at the start of the year.

The new target domain names were also reported to Google, which voluntarily removed these 525 domains from its search results. That comes in addition to the 166,945 individual Google search results BREIN asked the company to remove.

IPTV Action Intensifies

The voluntary cooperation of Google is noteworthy and doesn’t stop at delisting blocked domains. The company also helped to prevent the promotion of pirate IPTV services through its advertising business. This led to the drastic decision where Google updated its policy to no longer allow ads for the search term “IPTV”.

As a result of this policy change, BREIN reported fewer IPTV advertisements last year. According to BREIN, action by Google was in part taken in response to complaints from the Dutch anti-piracy group.

These restrictions are part of a broader theme in which IPTV is increasingly recognized as a major piracy threat. According to BREIN, IPTV is now considered the biggest threat to the audiovisual content industry.

“The Dutch fiscal police (FIOD) officially designated IPTV as a phenomenon in 2024. This means higher priority and more budget for combating illegal IPTV. As a result, there is more room for investigation and ultimately more criminal cases,” BREIN writes

“Illegal IPTV also has the full attention of Europol, Eurojust and the EUIPO. Among other things, this regularly leads to criminal actions in the Netherlands at the request of foreign investigative agencies. Where possible, BREIN and foreign sister organizations of BREIN contribute to this.”

Criminal Action and Boots on the Ground

The added attention to the IPTV problem has resulted in several new criminal referrals by BREIN last year. The group expects that this will lead to new arrests and potential prosecutions in 2025, but as these investigations are ongoing, further details are currently unavailable.

“These cases are expected to result in arrests in 2025. Because of ongoing criminal investigations, BREIN can only make announcements about them after arrests have been made,” BREIN writes.

These IPTV actions are not limited to online operations; they also extend to offline marketplaces. Since the Beverwijk Bazaar is seen as a hotspot for this activity in the Netherlands, BREIN has signed an agreement with the market to tackle the problem.

If stalls are caught selling illegal IPTV services and devices, in the first instance they receive a warning. If the activity continues, they can be fined, and if that does not solve the issue, tenants can lose their lease.

“Two tenants had their lease terminated in 2024 based on the agreements made,” BREIN writes, adding that “repeated checks and purchases at the Beverwijk Bazaar remain necessary to identify and deal with IPTV traders.”

AI, NL and More

In addition to the strong focus on IPTV, artificial intelligence is also flagged as a major threat. The group has identified several Dutch datasets that partly consist of copyright-infringing material and successfully shut these down .

“BREIN conducted extensive investigations into infringing datasets on which Generative AI models are trained and turned into unlawful AI models and was able to successfully complete the first AI investigations,” BREIN writes.

Another series of Dutch-focused achievements came after the registry for .NL domains updated its policy to no longer allow intermediaries to register domain names. The EURid registry (.eu) has a similar policy which enabled BREIN to make 16 .NL and 7 .EU domains inaccessible .

These changes are part of broader efforts to involve more intermediaries in the anti-piracy fight. For example, BREIN says it signed a confidential agreement with several Dutch hosting providers who will enforce a proper know-your-customer policy. That could lead to more enforcement action in the future.

All in all, it’s been a productive year for BREIN. The full annual report with more detail on specific actions and an overview of the key numbers, as summarized by BREIN, is available below.

—

• 339 files closed
• 179 investigations completed
• 155 illegal sites/services/platforms stopped
• 11 platforms, 9 IP addresses and 525 unique domains dynamically blocked at DNS level
• 525 illegal websites completely removed from search results by Google iv
• 160 proxies/mirrors stopped
• 46 illegal traders IPTV/VOD subscriptions stopped
• 14 IPTV ads removed by Google
• 47 streaming sites taken offline
• 3 major uploaders, administrators and/or scripters investigated and stopped
• 166,945 Google search results removed
• 3,677 interventions involving removal of online ads for illegal copies
• 40 settlements, including 7 ‘knock & talks’
• 3 judicial ex parte orders obtained
• 10 online cases involving physical media were handled
• 14 checks conducted at record fairs
• 16 .nl and 7 .eu domain names taken offline

From: TF , for the latest news on copyright battles, piracy and more.