Traditional site-blocking measures that require local ISPs to block subscriber access to popular pirate sites are in common use around the world.

The aim is to deter piracy by making sites more difficult to find, but these measures are only partially effective.

More recently, site-blocking requests have begun to target other intermediaries. This includes DNS providers, such as Google and Cloudflare, which were ordered to block sites in France, Italy, and elsewhere.

A few months ago DNS blocking arrived in Belgium, where several orders required both ISPs and DNS resolvers to restrict access to pirate sites. This prompted significant pushback, most notably Cisco’s OpenDNS ceasing operations in the country.

Broad Blocking Order Targets Internet Archive’s ‘Open Library’

A new order, issued by the Brussels Business Court in mid-July, targets an even broader set of intermediaries and stands out for other reasons as well.

Requested by various publishing and author organizations, the order aims to block access to known pirate libraries including Anna’s Archive, LibGen, OceanofPDF, and Z-Library. In addition, it also targets the Internet Archive’s Open Library project.

Open Library was created by the late Aaron Swartz and Internet Archive’s founder Brewster Kahle, among others. As an open library its goal is to archive all published books, allowing patrons to borrow copies of them online.

The library aims to operate similarly to other libraries, loaning only one copy per book at a time. Instead of licensing digital copies, however, it has an in-house scanning operation to create and archive its own copies.

The Open Library project was previously sued by publishers in the United States, where the Internet Archive ultimately losing the case. As a result, over 500,000 books were made unavailable.

However, many other books remain available to patrons. The authors and publishers in Belgium argue that, since this is done without permission, the site should be blocked alongside Anna’s Archive, LibGen and Z-Library.

Clear and Significant Infringement

The rightsholders describe Open Library as a website where registered members of the public can easily access and download their books. This includes 1,542 works from the publisher Dupuis, over 5,000 works from the publisher Casterman, and many others.

According to the publishers, the operators of the Open Library are not easily identified, while legally required information is allegedly missing from the site, which they see as an indication that the site is meant to operate illegally.

This description seems at odds with the fact that Open Library is part of the Internet Archive, which is a U.S.-registered 501(c)(3) non-profit.

The publishers also reference a U.S. court order in favor of other publishers, which allegedly confirms the unlawful nature of Open Library.

The Brussels court, after reviewing these arguments and the submitted evidence, concluded that there was a prima facie case of “clear and significant infringement,” which justified granting a provisional blocking order against Open Library and the other targeted sites.

Broad Blocking Order Targets ISPs, Search, Payments, and More

Internet Archive was not heard in this case, as the blocking order was issued ex parte , without its knowledge. This is remarkable, as the organization is a legal entity in the United States, which receives support from many American libraries.

The broad nature of the order doesn’t stop there either. In addition to requiring ISPs, including Elon Musk’s Starlink, to block the library’s domain names, it also directs a broad range of other intermediaries to take action.

This includes search engines, DNS resolvers, advertisers, domain name services, CDNs, and hosting companies. An abbreviated overview of the requested measures is as follows;

—

Search Engines

Google must remove the target sites from search results, deactivate related Google Ads, remove an infringing app from the Google Play Store, and block DNS requests for the associated domains.

Microsoft is ordered to remove the target sites from the “Bing” search engine and block related DNS queries.

Hosting, DNS, CDNs, and Domain Name Services

The following companies must terminate hosting, and deactivate or suspend the domain names of the target sites: Hostinger, GoDaddy, Amazon Web Services, SEDO, Cloudflare, Unmanaged Ltd, AlexHost, and Internet Archive.

Payment Intermediaries

These companies are ordered to suspend all payment services benefiting the target sites: Alipay (Europe), Cash App and Squareup Europe, and PayPal (Europe).

ISPs including Starlink

The following ISPs, active in Belgium, are required to implement DNS blocking measures: Telenet, Proximus, Mobile Vikings, Orange Belgium, Voo, DIGI Communications, Cybernet, EDPnet, CENTREA, Yoin, Tchamba Refinder, IPTelecom, United Mobile, SkyDSL Europe, Starlink Internet Services.

—

Given the broad nature of the order, pushback from some of the intermediaries is expected. The Internet Archive’s Open Library won’t be pleased either, as the order effectively blocks their service in Belgium, including all access to public domain content.

—

A copy of the order from the Business Court in Brussels (in Dutch) is available here (pdf)

From: TF , for the latest news on copyright battles, piracy and more.

After a decade of focusing efforts overseas, the push for website blocking has landed back on American shores.

Earlier this year, U.S. Rep. Zoe Lofgren introduced a new pirate site blocking bill, titled the Foreign Anti-Digital Piracy Act ( FADPA ).

This week, a similar proposal was introduced by Senators Tillis, Coons, Blackburn, and Schiff. The bipartisan bill, titled Block Bad Electronic Art and Recording Distributors (Block BEARD), aims to introduce a legal mechanism for rightsholders to request site blocking orders.

Block BEARD

The site-blocking proposal seeks to amend U.S. copyright law, enabling rightsholders to request federal courts to designate online locations as a “foreign digital piracy site”. If that succeeds, courts can subsequently order U.S. service providers to block access to these sites.

Pirate site designation would be dependent on rightsholders showing that they are harmed by a site’s activities, that reasonable efforts had been made to notify the site’s operator, and that a reasonable investigation confirms the operator is not located within the United States.

Additionally, rightsholders must show that the site is primarily designed for piracy, has limited commercial purpose, or is intentionally marketed by its operator to promote copyright-infringing activities.

If the court classifies a website as a foreign pirate site, rightsholders can go back to court to request a blocking order. At this stage, the court will determine whether it is technically and practically feasible for ISPs to block the site, and consider any potential harm to the public interest.

The granted orders would stay in place for a year with the option to extend if necessary. If blocked sites switch to new locations, the court can also amend blocking orders to include new IP addresses and domain names.

Blocking Through Service Providers

The Block BEARD bill broadly applies to service providers as defined in section 512(k)(1)(A) of the DMCA. This is a broad definition that applies to residential ISPs, but also to search engines, social media platforms, and DNS resolvers.

Service providers with fewer than 50,000 subscribers are explicitly excluded, and the same applies to venues such as coffee shops, libraries, and universities that offer internet access to visitors.

Unlike the FADPA bill introduced by Representative Lofgren earlier this year, the Senate bill does not specifically mention DNS resolvers. Block BEARD does not mention VPNs, but its broad definition of “service provider” could be interpreted to include them.

The proposal states that providers have the option to contest their inclusion in a blocking order. Once an order is issued, they would have the freedom to choose their own blocking techniques. There are no transparency requirements mentioned in the bill, so if and how the public is informed is unclear.

Companion Bill with MPA and RIAA Support

The Senate’s Block BEARD bill is substantially similar to the House version, FADPA, and could be considered a companion bill. Since legislation has to pass both the House and the Senate, a combination of both proposals may ultimately lead to the final blocking legislation.

Commenting on the introduction, Senator Tillis hinted at this cooperation, mentioning that collaboration between the Senate and the House is already ongoing.

“I’m proud to lead this bipartisan discussion to protect our creative economy and digital security and I look forward to continuing to work with my colleagues in the House to address this important matter,” Sen. Tillis said .

Rightsholder groups have also responded positively to the bill. Mitch Glazier, CEO of the music industry’s RIAA, thanked the Senators for their efforts to protect consumers and rightsholders.

“Similar tools have been proven effective around the world over the last ten years with no harm to speech, Internet infrastructure or security, or participation online, and we strongly support this effort to create a simple, effective, judicial remedy with due process in the U.S,” Glazier said.

Motion Picture Association CEO Charles Rivkin is equally pleased.

“With bold leadership from Senators Tillis, Coons, Blackburn, and Schiff, the Block BEARD Act will equip our nation with a tool that’s worked in dozens of countries worldwide: a narrow, targeted means to fight the worst forms of foreign piracy while protecting free speech and the rule of law,” Rivkin said.

Notably, the press release did not include any comments from service providers. However, they are likely to chime in as the bill makes its way through the legislative process.

—

A copy of the “Block Bad Electronic Art and Recording Distributors Act of 2025” (Block BEARD) is available here (pdf)

From: TF , for the latest news on copyright battles, piracy and more.

With more ways to stream online video than ever before, protecting content continues to be a key issue for copyright holders.

This is often achieved through Digital Rights Management (DRM) anti-piracy tools that dictate where and when digital content can be accessed.

PlayReady DRM is one of the leading players in the field. The Microsoft-owned technology is used by many of the largest streaming services including Disney+, Netflix, Prime Video, and others. As such, keeping it secure is vital.

Unfortunately for rightsholders, most protection measures have their weak spots. That also applies to PlayReady, as pirates have repeatedly shown that not all implementations are perfectly watertight.

Certificates Leaked on GitHub

A few weeks ago, an account named ‘ Widevineleak ‘ published a list of both SL2000 and SL3000 certificates on GitHub. The SL2000 variant is commonly referred to as software DRM while the higher SL3000 provides more advanced hardware-based security.

The leak of SL3000 certificates is particularly problematic because SL3000 is intended to protect the highest quality content, including 4K and UHD releases. With these certificates, pirates could potentially decrypt and re-distribute high-resolution video streams, effectively bypassing the protections.

The prospect of mass piracy is clearly problematic for rightsholders, streaming platforms, and PlayReady itself, which relies on trust and security. It therefore comes as no surprise that Microsoft took immediate action.

Microsoft Issues Takedown Notice

Microsoft’s response included a takedown notice sent to its subsidiary, GitHub, asking it to remove the leaked SL3000 certificates. This confirms that the leaked information was the real deal and at risk of being exploited.

“The hosted materials are part of our PlayReady product and allow bad actors to pirate PlayReady protected content,” the notice reads, adding that “the entire repository is infringing” so should be completely removed.

GitHub complied with the takedown notice and removed the content in question, as well as two forks of the repository. Visitors who check out the link today will see a removal notice instead.

Curiously, the leaked SL2000 certificates were not mentioned in the takedown notice and remain online at the time of writing. While the immediate focus was on the higher-security SL3000 certificates, the omission raises questions about Microsoft’s broader strategy for addressing such leaks across different security tiers.

Microsoft did not immediately respond to a request for comment on the leak and the takedown notice. That said, it doesn’t appear to be the only company to notice the leak.

Amazon Bans Users over Leaked Certificates

Amazon Prime, which uses PlayReady DRM among other protections, takes action against accounts that use these leaked certificates. An email seen by TF indicates an account suspension due to a violation of Prime Video’s terms of use.

“We have indefinitely suspended this account pursuant to Section 6.a. of the Prime Video Terms of Use because we have found you to be in violation of the said Terms,” the email reads.

The email adds that Section 4.k of the terms specifically prohibits attempts to disable, bypass, modify, defeat, or otherwise circumvent any DRM or other content protection systems. That would apply to those who use leaked credentials.

Account suspensions are not isolated to these leaked certificates. Users of other DRM circumvention tools, including VineTrimmer PlayReady , also had their accounts banned recently.

Amazon did not respond to our request for comment, but it is clear that these types of DRM circumvention efforts can be monitored and are taken seriously.

Ultimately, the integrity of DRM systems like PlayReady hinges on the trust placed in them by content owners. These leaks not only undermine trust but also serve as a stark reminder that the fight for content protection is an ongoing, adaptive battle, with pirates constantly looking for the next exploit.

From: TF , for the latest news on copyright battles, piracy and more.

Whether by court order, administrative process, or even on a semi-voluntary basis, on paper there are dozens of countries that now have some kind of mechanism requiring local ISPs to block pirate sites.

Previously, measures were implemented within specific regions by local ISPs. Now, rightsholders are venturing beyond local infrastructure into the wider internet, to compel global DNS resolvers to render sites inaccessible.

Commissioned by Cloudflare and prepared by Analysys Mason , a new report titled The Economic Cost of Network Blocking examines the repercussions of escalating global efforts to restrict access to content online.

A Patchwork of Blocking Measures

The report provides a detailed overview of how blocking is supposed to work and what can go wrong when things break down. Examples include blunders concerning Italy’s Piracy Shield and LaLiga’s campaign that intermittently wiped out thousands of innocent sites because pirate sites shared the same IP addresses at the time. While all of these events have been reported here in detail, the cumulative effect of blocking on the wider internet is of particular interest.

The report notes that the success of the internet has been made possible by technical standards, infrastructure, and practices applied on a global scale, developed without government intervention at the technical level. Now that governments are attempting to exert more control over content accessible within their countries, the use of blocking measures may come at a cost to the internet itself.

“By intervening at the technical layer, governments risk fragmenting the Internet’s technical fabric. Recent examples show a patchwork of approaches to restricting access to illegitimate content, leading to diverging national regulations and increasing technical fragmentation.”

Undermining the Internet Undermines Confidence

The report warns that the most common methods used, IP address and DNS blocking, impact the wider internet and can lead to collateral damage, impacting both legitimate services and their users. Despite having no connection to the illegitimate content being targeted, those affected suffer immediate economic damage, but the long-term effects are potentially even more serious.

A lack of transparency means that when content is rendered unavailable, intentionally or otherwise, users typically receive no explanation, leading to confusion and erosion of trust in online services. Blocking measures such as DNS poisoning, which effectively lie in response to queries about IP addresses, risk damaging trust built up over decades concerning the reliability of the underlying functions of the internet itself.

Due to a “siloed approach” and a patchwork of blocking measures deployed by various countries, the internet’s success – which was built on a consistent global user experience – risks a descent into disruption, inconsistency, and declining confidence.

None of this, the authors suggest, is good for the wider internet; regional complications undermine global collaboration, with negative consequences for security, resilience, even general fault-finding.

Bad for Users, Bad For the Internet, Bad For Business

While rightsholders point out that piracy hurts their bottom lines, the report submits that the chosen remedy has negative effects on businesses that have no connection to the problem or its purported solution.

“Network blocking can also discourage investments and increase compliance costs for businesses, particularly small and medium-sized enterprises – potentially leading to a situation where only large businesses can manage the complexity of varying national regulations,” the report warns.

“Network blocking may also threaten the openness and economies of scale that have allowed businesses to be created, expand, and flourish through a common shared infrastructure. This environment may give way to hard ‘digital borders’ for online services, with limitations to the global collaboration that has underpinned Internet security and resilience, while threatening investment in new services and infrastructure.”

Additional Risk and Costs For Service Providers

In May 2024, when a French court ordered Google, Cloudflare and OpenDNS to block access to pirated content at the behest of Canal+, the immediate fallout made international headlines.

Rather than build the systems necessary to ensure compliance with the legal requirement, Cisco withdrew its OpenDNS service from the entire country. When a court in Belgium issued a similar ruling earlier this year with a €100,000 daily penalty for failure to comply, OpenDNS exited that country too.

“Most global public DNS resolvers provide their services for free. If the only way to offer such a service is to build and maintain complex software to geolocate and apply distinct blocking requirements for a multitude of countries around the world, companies are likely to simply stop offering the public service, to the detriment of Internet users around the world,” the report notes.

“In the short term, these effects mean it can be more desirable to withdraw the service from the jurisdiction requesting the block than to continue to offer it with a specific set of rules.”

For remaining service providers, Cloudflare and Google, compliance through their global resolvers meant the introduction of different processes and procedures in different jurisdictions. And with that, additional compliance costs, for which they pick up the bill. Ultimately, however, these increased costs are often passed on, meaning consumers of legitimate content and services pay for site blocking.

Who Benefits From Site-Blocking?

When sites are blocked on copyright grounds, any benefits are primarily enjoyed by a relatively small number of private stakeholders, the report notes. Service providers, on the other hand, face increased burdens of compliance, extreme financial penalties, a risk of internet fragmentation, and associated complications directly affecting their businesses.

“These risks and harms should be assessed vis-a-vis the benefits that blocking is intending to create (and may or may not be effective in bringing about). Where network blocking is prompted by copyright infringement, the benefits of the blocking action are attributed only to individual copyright holders,” the authors write.

Alluding to blocking orders obtained to protect live broadcasts taking place at a specific time, the report notes that the benefits of blocking “are accrued very narrowly” if the measure is effective “and not at all if avoidance mechanisms can be effectively deployed.”

Given that the premium copyrighted content in question is only consumed legally by the limited audience who choose to pay for it, “the wider public benefits of such actions are very limited,” the report adds.

The report also highlights a lack of recourse when blocking measures go wrong, and a lack of redress due to the absence of a mechanism that would provide compensation for additional costs, loss of trade, or reputational damage.

“Without mechanisms for appeal or accountability for copyright holders, there are few deterrents against procedural abuse. The lack of legal remedies can also discourage foreign investment, as it signals weak regulatory transparency and insufficient due process,” the report adds.

Cost vs. Benefits

In addition to balancing the benefits of blocking against potential risk, the report repeatedly recommends that removing content at the source should always be the primary course of action. That makes complete sense since it would remove any need for blocking and with that eliminate any and all risk.

“Removal of content from the origin server can be achieved by instructing the operator of the origin server or content creator to remove the content. This instruction can be issued directly by the authority seeking to restrict access to the content, or facilitated by another value chain actor, such as the ISP or CDN.”

This overly optimistic solution sounds feasible but appears to be of little interest to increasingly impatient rightsholders, who now want live streams taken down in a matter of minutes. Italy’s Piracy Shield currently blocks servers belonging to Amazon, which should be fairly responsive on the takedown front. The preference for blocking suggests that the takedown ship may have sailed long ago.

Other recommendations include greater transparency, keeping end users better informed, and implementing mechanisms for recourse and redress.

Finally, the authors highlight the UK system for blocking sites as “measured and targeted” and commend it for avoiding overblocking. Those claims do seem accurate, although our observations overall are somewhat more critical.

The UK offers only limited access to court orders in a timely fashion. Many have secret annexes that never see the light of day, and there’s zero transparency after a dynamic or live injunction is obtained, despite that period accounting for the lion’s share of all blocking. ISP messages to users provide only limited information about blocking, and in many cases, no messages at all. Nevertheless, it’s still better than most.

Coincidentally, the top commendation in the report goes to Australia, which we highlighted as a good system just a couple of weeks ago .

—

A copy of the report is available on the Analysys Mason website and here (pdf).

From: TF , for the latest news on copyright battles, piracy and more.

The anti-circumvention provisions of the Digital Millennium Copyright Act (DMCA) exist to deter circumvention of TPMs (technological protection measures) used to protect and prevent access to copyrighted works.

For example, it’s illegal to circumvent a TPM to enable copying of Nintendo Switch games. It’s also illegal to circumvent a TPM to modify a Switch to play pirated games, or indeed anything else.

The same also applies to people who prefer to repair broken electronic devices rather than buy new ones. The moment a work protected by copyright is made accessible after circumventing a TPM, an offense is committed under the DMCA, albeit with limited exceptions.

Exceptions to the Rules

To accommodate instances of circumvention for the promotion of public safety, security, or similarly beneficial activities, the DMCA has some exceptions built-in, applicable to schools, libraries, law enforcement, and encryption researchers, for example.

The Librarian of Congress also engages in a triennial rulemaking process to identify additional exceptions, part of a “fail‐safe mechanism” to protect the right to make non-infringing use of copyrighted works, under the fair use doctrine.

As part of the Eighth Triennial Rulemaking Proceeding ( pdf ) , in October 2021 the Librarian of Congress adopted the ‘Medical Device Exemption.’ An analysis of the statutory factors determined that maintenance and repair of medical devices constituted fair, non-infringing uses, that would be adversely affected by the DMCA’s anti-circumvention provision.

Exemption Challenged by Medical Device Manufacturers

The exemption was subsequently renewed in 2024, despite continued opposition from the trade associations Advanced Medical Technology Association (AdvaMed) and Medical Imaging & Technology Alliance (MITA) whose members manufacture medical devices and rely on TPMs to protect their intellectual property.

From the beginning they argued that the independent service organizations (ISOs) that petitioned in favor of the exemption were primarily commercial and in direct competition with the original manufacturers. Allowing circumvention, they added, would jeopardize both patient safety and privacy.

The associations followed up by filing a lawsuit against the Library of Congress and the Librarian of Congress at a federal district court in Washington, D.C. They argued that the Medical Device Exemption violated the Administrative Procedure Act ( APA ), describing it as describing it as arbitrary and capricious, and contrary to the APA given the Librarian’s failure to respond to critical comments.

The district court determined that the plaintiffs’ APA claims were barred by sovereign immunity because the Library of Congress was not an “agency” under that statute. On appeal the D.C. Circuit vacated that opinion, finding that the Copyright Act and DMCA provided for APA review of the Library of Congress’s rulemaking.

The case was referred back to the district court, the plaintiffs amended their lawsuit to include three claims under the APA, and both parties cross-moved for summary judgment.

Summary Judgment in Favor of the Defendants

District Judge Beryl A. Howell’s memorandum opinion published last week examines the Librarian’s determination that the exempted uses were non-infringing fair uses under 17 U.S.C. § 107. Judge Howell reviewed the Librarian’s application of the four statutory fair use factors and concluded as follows:

1. Purpose and Character of the Use

The Judge concludes that the diagnosis, maintenance, and repair work of independent service organizations (ISOs) is a transformative use, just as the Librarian observed. By restoring device functionality and not commercializing the protected software itself, that demonstrates a “novel function going beyond the original purpose” of the software.

“Contrary to plaintiffs’ hyperbolic characterization…..the Librarian did acknowledge the commercial nature of the exempted uses but rightly recognized that commercial use is not dispositive,” the Judge notes, adding that the commercial aspect was reasonably outweighed by the transformative use.

2. Nature of the Copyrighted Work

The Librarian’s analysis found that this factor also favors fair use. The plaintiffs had argued that software is “essentially a creative work” but the Librarian took the position that software and data in medical devices are used for their “functional and informational aspects” rather than their expressive qualities. The court agreed.

“The Librarian nonetheless reasonably concluded that in this case, the software code itself and the ancillary materials are informative, factual, and functional rather than expressive in nature, favoring fair use,” Judge Howell writes.

3. Amount and Substantiality of Portions Used

The Librarian concluded that this factor favored fair use but was given little weight. If necessary, entire copyrighted works can be used as long as the use was “reasonable” relative to the purpose of diagnosis, maintenance, or repair.

Judge Howell says the Librarian’s decision was well reasoned, noting that copying even large amounts can favor fair use when “tethered to valid, and transformative, purpose.”

4. Effect on the Market for or Value of Copyrighted Work

The Librarian’s analysis found that diagnosis, maintenance, and repair of devices is unlikely to harm the market for the software embedded inside them, because the software “has no independent value separate from being used with the equipment.”

Judge Howell agrees; third party repairers do not “usurp the market of the original work” or act as a substitute. There is no “chilling effect on innovation” as the plaintiffs insist, since they recoup their costs by selling devices while any other unauthorized uses remain prohibited.

The Judge also cited comment from the FDA which noted that both OEMs and ISOs “provide high quality, safe, and effective medical device servicing” and “that the continued availability of ISOs to service and repair medical devices is critical to the functioning of the healthcare system in the United States.”

Judge Howell’s Conclusion

According to the Judge, the anti-circumvention provision of the DMCA is intended to balance copyright holders’ right to prevent circumvention, with the right to access and use material for non-infringing purposes under the fair use doctrine. Not doing so would risk fair-users of information being “relegated to negotiating access on terms set by the monopoly rights-holders.”

The Exemption for medical devices and systems is consistent with copyright law and the DMCA and supported by the Librarian’s thorough and well-reasoned explanations from the Eighth and Ninth Triennial Rulemaking proceedings. The plaintiffs’ arguments to the contrary, challenging both the substance of the Librarian’s reasoning and her procedural thoroughness, were all unsuccessful.

Consequently, plaintiffs’ motion for summary judgment is denied, and defendants’ cross-motion is granted.

Judge Howell’s Memorandum Opinion is available here (pdf)

From: TF , for the latest news on copyright battles, piracy and more.

Similar to other social media platforms, Facebook has to battle a constant stream of copyrighted material, much of it posted by users who have no permission to do so.

To facilitate this process, the company has rolled out several anti-piracy initiatives in recent years.

Automated Piracy Takedowns

For example, Facebook uses its “Rights Manager” tool to automatically detect infringing material and allow owners to take down or monetize the content. In addition, Facebook also uses third-party tools and in-house technology to address the problem.

With these proactive tools, the social media giant hopes to help copyright holders protect their rights. At the same time, it also keeps the takedown notice volume low, which saves resources.

While automated removal algorithms can work well, they are not infallible. This applies to keyword blacklists in particular, since on Facebook they appear to ban links to all content that simply mention forbidden words.

Facebook Bans MagisTV Mentions

A few days ago, Jonathan Bailey of Plagiarism Today informed us that Facebook flagged a post linking to one of his articles as potentially copyright infringing. The article in question is a news roundup that linked to a recent article we published on the popular piracy app MagisTV.

Neither of the articles linked to any problematic material. On the contrary, it showed how the piracy app failed to secure a trademark while facing severe malware allegations.

To rule out the possibility this was some kind of outlier, we posted the Plagiarism Today article and the original TorrentFreak article on Facebook ourselves, which resulted in near-instant removals.

“We removed your content,” Facebook writes in a short message, adding that “it may contain something that’s not allowed for copyright reasons,” which goes against its intellectual property Terms of Service.

Facebook Removes News from Anti-Piracy Coalition ACE

These tests suggest that Facebook has an issue with mere mentions of the term ‘MagisTV’. But would Facebook flag news articles authored by the Alliance for Creativity and Entertainment, a global anti-piracy coalition under the Motion Picture Association, that continuously works to shut MagisTV down?

This question was swiftly answered when we posted an ACE press release mentioning MagisTV convictions on Facebook. Just a few minutes after it was published, the post was removed for copyright reasons.

Apparently, simply mentioning MagisTV is a violation of Facebook’s Terms of Service. This is clearly an automated removal error, as none of the links or articles violate Facebook’s terms.

Banned for Posting News

Facebook’s automated removal rules are obviously not working perfectly. However, the platform allows affected accounts to appeal decisions, which is exactly what we did when the first post was removed last Wednesday.

After five days, we still hadn’t heard back, so we decided to post a more recent article on MagisTV raids and arrests to see if these errors persist. And indeed they did; the article was swiftly taken down again.

In hindsight, that was a step too far, as the account we used was suspended with a threat to permanently disable it. We don’t feel the urgent need to appeal, but it’s not difficult to see how this could cause a lot of trouble for those heavily reliant on Facebook.

From: TF , for the latest news on copyright battles, piracy and more.

For pirate sites trying to stay online in the face of expanding site blocking measures, a supply of effective domains and an operational DNS are absolutely critical.

No surprise then that both are considered priority anti-piracy targets to be blocked, tampered with, seized by law enforcement, or sacrificed when anti-piracy groups get a little too close.

Courts are also known to transfer ownership of domains in copyright lawsuits, or if the parties remain on speaking terms, a private agreement can have a similar effect. The Alliance for Creativity and Entertainment and the Motion Picture Association have amassed more domains previously used for piracy than any other group in history.

ACE: Domain Hunters

Pirate domains are ‘seized’ through various legal means to ensure they aren’t used for the same purpose again. They’re ultimately transferred to the Motion Picture Association, which still has decades-old examples such as isoHunt.com in its archives.

Relics like these are unlikely to see action anytime soon but have proven useful in the past.

The MPAA’s ‘You Can Click But You Can’t Hide’ campaign in 2003 saw pirate domains like LokiTorrent.com briefly converted into online PSA billboards. A similar concept is operational today but is substantially more sophisticated than its predecessors.

There are no veiled threats on the thousands of domains seized by ACE over the last few years; just a seizure notice followed by a redirect to the ACE portal, where visitors can discover more about ACE members and learn why consuming legal content is a better, safer choice than the alternative.

ACE/MPA Builds on a Solid Q1 2025

As reported in April , ACE domain seizures were numerous in the first quarter of 2025. Our count of around 80 domains is an estimate based on information from various sources since no official figures are made available. In Q2 2025, over 110 domains were commandeered by MPA/ACE, redirecting millions of unsuspecting visitors to its anti-piracy portal.

In many ways the seizure list for Q2 2025 paints a fairly typical yet dismal picture of how ISP domain blocking fuels endless hopping from domain to domain as sites deploy the most obvious countermeasure. Some domains are later handed over to ACE in bulk, marking the end of the site. For other platforms that simply means starting the process all over again, in preparation for the next time, and the time after that.

While ACE/MPA hasn’t shown particular interest in Italy-focused streaming brand Altadefinizione , its domains wouldn’t look out of place when compared to those of counterparts Calcio and Calciostreaming in the list above.

How many domains the site has burned through circumventing blocking measures in Italy is unclear but there are at least 900 domains with similar branding and with the addition of just a single character, at least 900 more become available – ad infinitum. In the near future, this could become standard practice for the majority of large sites.

A Messy Environment

In addition to reliance on data from third-party sources to determine seizures, there are several complications that could lead to more or less being counted in a period overall.

Some pirate operators appear to direct their domains towards the ACE portal seemingly voluntarily, with historical records showing a few domains attempting to use MPA DNS for short unexplained periods. Some domain extensions also present challenges when trying to determine links to a particular site and in a relatively small number of cases, that ultimately proves impossible.

Since pirates tend to register domains for the shortest time possible, MPA renewals of expiring domains that look very much like dozens of others it also controls (and dozens of newcomers it does not) can make the checking process a chore, even for a few outliers.

Once treated as prized possessions, domains are now considered consumables; register, rinse out, and then replace – often with a second-rate, confusingly similar copy, also to be dumped in the not-too-distant future.

Transparency

With domain seizures and site blocking measures on an upward trajectory, and transparency alluded to but rarely provided, tracking with any degree of accuracy is becoming more difficult. Eventually it will only be possible for those with access to the data and/or interested parties in a position to commit significant resources.

Finally, like most websites these days, visitors to the ACE portal are subject to tracking. In practical terms, that’s likely to be of limited concern compared to the undocumented extras available at whichever pirate site people were originally hoping to visit, or indeed, most search engines and shopping platforms available today. Nevertheless, it’s still valuable data.

Access to data is important, but currently extremely one-sided.

From: TF , for the latest news on copyright battles, piracy and more.

The link between online piracy and malware is far from new. More than two decades ago, LimeWire users were already plagued by malicious software masquerading as music downloads.

Today’s online landscape continues to face similar issues, if not worse . With more attack vectors and potential victims than ever before, security risks are front and center.

Even if operators of pirate sites and services are not actively looking for trouble, the third-party ads on their sites can easily cause havoc. This makes online pirates a key target for cyber threats.

Report: Pirate Sites & Cyber Threats

A new report released this week, commissioned by the Motion Picture Association’s anti-piracy arm ACE, quantifies the risk for users of popular pirate sites in Southeast Asia. Written by Dr. Paul Watters of Macquarie University, it examines cyber threat detections on websites in Malaysia, Indonesia, Thailand, Vietnam, and Singapore.

Consumer Risk from Piracy in Southeast Asia ( pdf ) is part of a series, which previously covered other countries such as the Philippines and Poland.

The report looks at the 30 most popular sites in each country, split into various content categories such as P2P, IPTV, streaming and anime sites. It also includes piracy-themed scam sites, which do not provide any content themselves but are designed to attract pirates, often for credit card scams.

The final sample includes 1,200 websites that were tested for problematic content using VirusTotal. The results were then compared to a control sample of legal streaming services in the same regions.

It shouldn’t come as a surprise that the ‘pirate’ sites were much riskier than legal streaming platforms. P2P sites performed the worst with an average total of 53.2 threat detections per 30 sites per country, followed by scam sites (44.8) and pirate streaming services (35.6).

Manga sites were the most ‘safe’ according to the report, with an average of 10.6 detections per 30 sites per country.

Key Findings Deserve Nuance

For its ‘Key Findings’ the report zooms in on the worst result combination of category and country, which explains the higher relative risks shown in the image below. The 65x multiplier for the P2P category, for example, refers to Indonesia.

We have no reason to doubt these results; our recent reporting has indicated several high-profile threats associated with pirate sites, some of which may not even be picked up by simple VirusTotal scans.

That said, the ‘relative risk’ terminology can be confusing. After all, most legal streaming sites have no malware threats, so what does it mean when P2P sites have a relative risk of 65 in Indonesia?

It basically means there were a total of 65 threat detections for the 30 sites in the P2P category in Indonesia. Similarly, there were 52 detections for the 30 pirate streaming sites in Malaysia, et cetera. This includes the sites with lower or no threats at all.

In theory, it could be that one site is responsible for all detections in a category, with the other 29 being clean. Those details are not specified, however.

The report notes that the “extraordinary” findings “dwarf the baseline,” which consists of legal streaming sites that often have zero threats. Instead of zero as a comparison base, the report uses a pseudo count of one, concluding that the risk is 65 times higher.

“When we normalize these findings against the Top 30 mainstream control sites to compute Relative Risk, the elevation is extraordinary: worst-case RRs for Streaming piracy (e.g. 52.00 in Malaysia), P2P (65.00 in Indonesia), and Scam (49.00 in Thailand) dwarf the control baseline,” the report reads.

For those who are still following along, the “relative risk” is essentially the same as the number of detections in pretty much all examples, as the baseline is 1. So people are 65 times more likely to…?

65 Times More Likely to be Infected by Malware?

We agree with the report in the sense that malware and other cyber threats are relatively prevalent on pirate sites. However, results like these should be interpreted by others with caution.

ACE, which commissioned the research, draws a conclusion that, while approved by the report’s author, may be a bit too broad based on what the study reports.

“[T]he study revealed that in the worst case, local consumers are up to 65 times more likely to be infected with malware when using piracy sites as compared to legitimate websites,” the group wrote (emphasis added).

ACE uses the “key finding” figure from the worst-case scenario in the most problematic category and country, P2P sites in Indonesia. The average number of threats for 30 sites across all countries and categories is closer to 28 detections.

More problematic is the “infected with malware” phrase. This isn’t a correct representation of the findings, as malware is only a subset of the detected cyber threats. These also include phishing, suspicious content, spam, and potentially unwanted software.

Needless to say, an unclassified popup advertisement is not the same as a malware infection. In fact, even when it comes to malware, the report only lists detected problems, not actual malware infections.

Unfortunately, however, the “infected by malware” headline was picked up broadly in the press .

Automated Blocking Recommended

This problem shouldn’t boil down to how many times more likely pirates are to be infected by malware. The details and severity of the threats are key. There is no doubt that a subset of pirate sites is posing a problem, and that may even be more severe than the report’s abstract figures suggest.

The bigger question is what to do with this information, and the report provides some pointers there as well.

On top of awareness campaigns and strengthened law enforcement, intelligence-driven site-blocking is offered as a solution. These automated blocking powers should be in addition to those authorized by various courts.

“Southeast Asian regulators should mandate that ISPs consume real-time feeds from national CERTs and aggregated threat-intelligence sources (e.g. VirusTotal) to automatically sinkhole or filter newly identified high-risk domains across Streaming piracy, Anime, Streaming Sports, P2P, IPTV, Manga and Scam categories.”

While many rights holders will support this suggestion, it may require some fine-tuning. After all, the report also detected several cyber threats on legitimate streaming platforms in Vietnam.

From: TF , for the latest news on copyright battles, piracy and more.

Over the past two years, rightsholders of all kinds have filed lawsuits against companies that develop AI models.

Most of these cases allege that copyrighted works are used to train models without authorization. This applies to text, but also to images and video.

A new lawsuit filed at a California federal court by two adult production companies focuses on a specific type of video downloaded from pirate sources.

Meta Sued for Massive Copyright Infringement

The complaint was filed by Strike 3 Holdings and Counterlife Media, which are known for popular adult brands including Vixen, Tushy, Blacked, and Deeper. Strike 3 is the most active copyright litigant in the United States, mostly targeting individual BitTorrent pirates.

The case against Meta also centers on unauthorized BitTorrent sharing but on a different scale. According to the adult companies, Meta downloaded at least 2,396 of their films since 2018, allegedly to aid their AI training.

“Defendant downloaded Plaintiffs’ Works from pirate sources for purposes of acquiring content to train its Meta Movie Gen, Large Language Model (“LLaMA”), as well as various other Meta AI Models that rely on video training content,” the complaint reads.

The adult producers fear that this training may ultimately result in AI models that can create similar “Hollywood grade” films at a lower cost.

“By training so specifically on Plaintiffs’ Works, Meta’s AI Movie Gen may very well soon produce full length films with Plaintiffs’ identical style and quality, which other real world adult studios cannot replicate”

Tit for Tat

Meta allegedly downloaded the copyrighted works without permission and also stands accused of uploading them to third parties, who participated in the same BitTorrent swarms. Plaintiffs allege this is backed up by data from their proprietary in-house tracking software VXN Scan.

BitTorrent transfers rely on a “tit for tat” algorithm where participants are rewarded for sharing content with others, as that significantly increases their download speeds. According to the complaint, Meta allegedly continued sharing pirated files for this purpose.

“Defendant was specifically aware of this issue and, discovery will likely show, is the reason why Defendant elected to continuously distribute Plaintiffs’ content as opposed to just purchasing a subscription or modifying its BitTorrent clients to download only,” the complaint notes.

“Meta made the deliberate choice to seed Plaintiffs’ motion pictures in order to capitalize on faster download speeds so it could infringe other content faster.”

Corporate IP Addresses and Hidden Datacenters

The adult producers discovered the alleged infringements after Meta’s BitTorrent activity was revealed in a lawsuit filed by several book authors . In that case, Meta admitted that it obtained content from pirate sources.

This prompted Strike 3 and Counterlife Media to search for Meta-linked IP addresses in their archive of collected BitTorrent data. This scan revealed that forty-seven IP addresses, identified as owned by Facebook, allegedly infringed their copyrighted works.

IP address ownership is linked through MaxMind’s database, and a list of thousands of alleged infringements from these addresses is provided as evidence.

The book authors lawsuit also revealed that Meta allegedly used “off-infra” IP addresses to conceal its BitTorrent activities. The adult producers argue that these stealth IPs were also used to pirate their works, identifying several they believe are linked to the activity.

Correlations between Meta IPs and third-party servers identify seven IP address ranges that show correlational activity. This includes similar download patterns as well as large-scale copyright infringement.

“These correlations also quantify that both the ‘off-infra’ as well as the Meta Corporate IP addresses act consistently in non-human patterns and that the acquisition of this content is for AI training data and not for personal use.”

Adding to these allegations, the complaint also identifies a Facebook employee who used a Comcast IP address to download content. This person, whose name is redacted, allegedly shared content via Meta corporate IPs and the stealth IP addresses.

Damages Up to $359 Million

Based on these allegations, Strike 3 Holdings and Counterlife Media accuse Meta of both direct and secondary copyright infringement, requesting a trial by jury.

The rightsholders seek statutory damages, which, for willful copyright infringement, could mean $150,000 per work. With 2,396 movies at stake, potential damages could reach $359 million.

Meta has yet to respond to the lawsuit, and all allegations have yet to be proven. This could potentially include a technical inspection of the VXN Scan tracking software, which is also used in many lawsuits against individual BitTorrent users.

Strike 3 has a history of settling copyright disputes out of court, so that’s a possible outcome here as well.

—

A copy of the complaint filed by Strike 3 Holdings and Counterlife Media at the U.S. District Court for the Northern District of California is available here (pdf)

From: TF , for the latest news on copyright battles, piracy and more.