When governments prohibit, outlaw, or otherwise restrict certain activities or access to products, some believe that can make the forbidden even more interesting.

Coincidentally, perhaps, forbidden is a theme the adult industry has always found quite lucrative, ironically in countries where there are few restrictions.

In Vietnam, making, possessing and distributing pornographic material is illegal, so the underground market today is fueled by sites offering pirated porn from which third parties profit. Running these types of sites is not without risk, however.

Two Men Prosecuted

In an announcement on Wednesday, police provided an outline of crimes allegedly committed by two men said to operate hundreds of sites.

The Investigation Police Agency at Tuyen Quang Provincial Police first announced the prosecution of Thái Nguyên province resident Vũ Văn Thìn. Born in 1988, he allegedly launched the first of his sites in 2018.

Stocked with “pornographic and depraved” content, the sites reportedly attracted a large, but unspecified number of visitors. Since many porn pirates prefer not to pay, especially in a country where explicit adult material is illegal, the sites offered free content to generate revenue from advertising.

Easy Money

Vũ Văn Thìn’s successes reportedly led to others wanting to work with him, including Đinh Mạnh Dũng (born 1989), a resident of Thanh Hóa province. Working as partners and independently, Thìn and Dũng are said to have expanded their site portfolios when generating revenue came easily.

As the government source explains:

Realizing that making money is easy, the subjects multiplied the number of websites; using high-tech technical means with sophisticated tricks to commit criminal acts, in order to increase profits and evade the censorship of telecommunications service providers in Vietnam.

At the time of his arrest, Vũ Văn Thìn had reportedly “created, managed and operated” 287 websites to which he’d posted 21,000 videos.

Đinh Mạnh Dũng reportedly created and operated more than 100 similar sites offering similar content, although he personally uploaded fewer videos, around 1,000 according to police.

Very Serious Crimes

While prosecutions of regular pirate site operators in Vietnam fall well short of Western rightsholders’ expectations, the distribution of prohibited content is described by police as a very serious crime that “infringes on fine customs and social ethics.”

Whether the alleged volume of sites will have any bearing on the prosecution’s case is unknown. Site names have not been released for obvious reasons, but in practical terms, it seems unlikely that the defendants operated 400 distinct sites.

Circumvention of Government Blocking

A more likely scenario would see hundreds of domains linked to a very limited number of sites, for the purpose of circumventing ISP blocking measures, among other things. Having become ubiquitous in the broader streaming piracy landscape, large pirate sites with strong connections to Vietnam use similar tactics to avoid blocking in multiple jurisdictions.

Deployed at local ISPs either owned by the state or operated by those closely connected to the Vietnamese government, blocking is supposed to prevent access to prohibited content of various types, which in practice can be broadly defined .

Circumvention of blocking measures ordered by the state, for the purpose of distributing content banned by the state, has the potential to prove costly. The revenue generated through ads may also factor into the equation but depending on the nature of the ads, the cost may be felt more acutely by users.

From: TF , for the latest news on copyright battles, piracy and more.

In 2021, German Internet providers agreed to voluntarily block the most egregious pirate sites.

The ISPs teamed up with rightsholders groups and launched the “Clearing Body for Copyright on the Internet” ( CUII ), which was in charge of handing down blocking ‘decisions’.

Notably, the CUII did not rely on court judgments. Instead, the private organization issued their own recommendations after an internal review process, which assess whether a reported domain is indeed linked to a website that structurally infringes copyrights.

As an extra precaution, the Federal Network Agency (Bundesnetzagentur) reviewed all of CUII’s blocking decisions before they were implemented.

This extrajudicial blocking regime has resulted in 25 blocking orders since it launched, targeting hundreds of domains operated by sites such as Kinox, Filmfans, Sci-Hub, Lib-Gen, Romslab, and Totalsportek. This significantly reduced the traffic to these domain names and reportedly worked well. Nonetheless, Heise reports that a major change just taken place.

Judicial Oversight Is Now Required

Last month, the participants of the blocking agreement amended their code of conduct, which fundamentally changes how CUII operates. Going forward, all blocking action will take place after a court orders at least one Internet provider to block a website.

“The CUII no longer reviews blocking claims, but instead coordinates the initiation and conduct of proceedings, the implementation of court blocking decisions, and the unblocking of domains that are no longer infringing,” CUII writes.

Under the amended agreement, other ISPs will follow court-ordered blockades, even if they are not directly targeted themselves. This is similar to the blocking regime that is currently operational in the Netherlands .

The move away from privatized blocking orders is notable, but is not directly linked to accuracy concerns. According to CUII, the main reason is that the Federal Network Agency could no longer efficiently review CUII’s orders, as it has limited resources and other priorities.

“[T]he Federal Network Agency could no longer guarantee the continued fast and effective process with the usual level of quality. Therefore, it has asked the CUII to have the review conducted by the courts in the future,” CUII writes.

Key Changes

Under the updated agreement, rightsholders will report potential blocking targets to CUII, which will then pick one Internet provider to be sued in court. If the rights holder is successful in court, they will inform the clearing house of the outcome, which will then ask other ISPs to block the targeted domains as well.

While this sounds straightforward, obtaining a pirate site blocking order in Germany is more complicated than elsewhere. Previously, courts have ruled that blocking measures should only be used as a last resort , which means that action against hosting providers can be required beforehand.

Just a few weeks ago, rightsholders complained about these strict requirements at the European Commission, noting that they prevent swift and effective enforcement. The complaining parties include the MPA, BVMI, GAME, and DFL, who are all part of CUII.

“[T]he overextended application of the subsidiarity principle places undue burdens on rights holders, who are often required to take prior legal action against EU-based hosting providers before obtaining blocking orders,” the rightsholders wrote.

When a court order is obtained and implemented by all participating ISPs, CUII will be responsible for reviewing new domains and mirrors to be added to the blocklist. If permitted by the underlying order, a new court procedure is not required.

Rightsholders will remain in charge of monitoring that the blocking conditions still apply. When a domain name no longer links to infringing content, they will alert CUII so the associated blocking order can be lifted.

Transparency?

The decision to add judicial oversight will help to ensure a proper review of all blocking requests. That said, CUII’s blocking decisions were generally quite thorough; most problems in Germany can be traced back to a lack of transparency.

In Germany, there is no public overview of blocked domain names, which makes public scrutiny much more difficult. It took a then-17-year-old developer to start an independent monitoring site , after which several erroneously blocked domains were identified and reported.

The now-18-year-old Lina writes in a blog post that she exposed dozens of wrong and outdated blocks since the site was started. This often involved domain names that were no longer active but remained blocked.

While many CUII critics, including Lina, are happy to see blocking powers in the hands of the judicial system, this change doesn’t make the blockades more transparent.

Aside from inadvertent leaks and an unofficial monitoring portal, there’s no official overview of blocked domains. As in the older version, the new agreement stipulates that “details” about the site will be published, but that doesn’t include a full list of domains.

From: TF , for the latest news on copyright battles, piracy and more.

Originally known as Switch-xci , NSW2U has been a thorn in the side of Nintendo for over half a decade.

The site was initially active on several platforms, including YouTube. Later on, its primary focus was providing a linking portal for pirated games.

The main NSW2U domain had more than two million monthly visits, according to Similarweb, which was enough to warrant a mention on the USTR’s latest list of notorious pirate sites. Following a presumed referral from rightsholders, it also attracted the attention of the FBI.

Last Thursday, we reported that the FBI had seized the NSW2U.com domain plus several others linked to gaming piracy sites. This action was confirmed in a press release issued by the FBI’s Atlanta Field Office, which said that it dismantled the infrastructure of these websites.

The FBI further stated that unspecified records indicate that the most popular domain is linked to 3.2 million illegal downloads, resulting in a loss of $170 million.

FBI Domain Error

The press release lists seven domain names in total: nsw2u.com, nswdl.com, game-2u.com, bigngame.com, ps4pkg.com, ps4pkg.net, and mgnetu.com. While most of these were indeed linked to pirated games, ps4pkg.net stands out as a currently unregistered domain that wasn’t active earlier in the year either.

When we asked the FBI about this peculiarity, a spokesperson informed us that the domain name was listed in error in the June 10th press release, which is still online today. Instead of ps4pkg.net, the target domain should have been ps5pkg.net.

This confusion went unnoticed by most news publications that picked up the press release but was spotted elsewhere, including by popular YouTuber SomeOrdinaryGamers .

Broader Infrastructure

Unfortunately, the FBI was not at liberty to share further details on the follow-up plans for the case, as it’s part of an ongoing investigation. However, the official communication suggests that the enforcement action might not be limited to domain names, but also the broader “infrastructure”.

Servers may have been targeted as well, for example. That could explain the involvement of the Dutch fiscal police, FIOD, as the Netherlands is a popular hosting location for many pirate sites and services. Public information shows that NSW2U used Dutch servers in the past.

FIOD informed us that it took action in response to a request for mutual legal assistance. No further details could be shared, but FIOD is known to investigate and take action at local hosting providers in criminal cases.

There is currently no information indicating any arrests and to our knowledge, there hasn’t been a publicly announced indictment either.

New NSW2U Domains

The erroneous domain listed in the FBI press release is not the only source of confusion in the wake of events last week. As is often the case when pirate sites are shut down, opportunists have stepped in to take advantage.

There are several NSW2U-branded domains still online today that claim to be alternatives or mirrors of the original. This includes NSW2U[.]games (caution!) which was registered a few hours after the FBI seized the original domains.

This domain redirects to a NSW2U-branded site that doesn’t look like the original, but it is clearly targeted at disoriented users. The .games domain redirects to another unofficial NSW2U-branded domain, which then links users to yet another domain displaying a third-party download site within an iframe.

Some of these domains are listed by security vendors as malicious. The iframe in question loads external and unknown JavaScript files from a recently registered domain, presumably to display ‘advertisements.’ However, we can’t rule out other risks.

In fact, the site itself admits potential trouble. It explicitly recommends an ad blocker and antivirus to avoid malicious ads or redirects. Of course, staying away from these sites completely, for various reasons, is the safest choice.

For now, all signs suggest that the FBI action effectively took the real NSW2U operation offline and, absent the copycats, there is no indication that it will make a comeback anytime soon.

From: TF , for the latest news on copyright battles, piracy and more.

Internet service providers BT, Virgin Media, Sky, TalkTalk, EE, and Plusnet account for the majority of the UK’s residential internet market and as a result, blocking injunctions previously obtained at the High Court often list these companies as respondents.

These so-called “no fault’ injunctions stopped being adversarial a long time ago; ISPs indicate in advance they won’t contest a blocking order against various pirate sites, and typically that’s good enough for the Court to issue an order with which they subsequently comply.

For more than 15 years, this has led to blocking being carried out as close to users as possible, with ISPs’ individual blocking measures doing the heavy lifting. A new wave of blocking targeting around 200 pirate site domains came into force yesterday but with the unexpected involvement of a significant new player.

Cloudflare Blocks Pirate Sites “For Legal Reasons”

If piracy is rampant, in the UK pirate site blocking must qualify as rampant too. In the latest wave of blocking that seems to have come into force yesterday, close to 200 pirate domains requested by the Motion Picture Association were added to one of the longest pirate site blocking lists in the world.

The big change is the unexpected involvement of Cloudflare, which for some users attempting to access the domains added yesterday, displays the following notice:

As stated in the notice, Error 451 is returned when a domain is blocked for legal reasons, in this case reasons specific to the UK.

In response to a legal order, Cloudflare has taken steps to limit access to this website through Cloudflare’s pass-through security and CDN services within the United Kingdom.

Background: Cloudflare’s Blocking Policy

Before we take a look at the ‘legal order’ that prompted Cloudflare to take this action, Cloudflare’s blocking policy for copyright claims concerning its CDN and security services provides useful background information.

Because Cloudflare cannot remove content it does not host, other service providers are better positioned to address these issues. Among other things, any blocking by Cloudflare is of limited effectiveness, as a website will be accessible if it stops using Cloudflare’s network. Cloudflare therefore regularly pushes back against attempts to seek blocking orders.

Cloudflare notes that it may take steps to comply with valid orders if, among other things, “principles relating to proportionality, due process, and transparency” are upheld.

Whether Cloudflare pushed back here isn’t clear, but the information made available falls well short of that promised in the Error 451 notice.

Semi-Transparent and Still Lacking

With no central repository of blocking orders and no legal requirement to share details of injunctions with the public, transparency in the UK is mostly left to chance. Some orders make their way online, but there is no guarantee.

For those interested in finding out more about the order affecting Cloudflare, the company provides a link which promises to reveal “the party that requested it, and the authority that issued it.” The link directs to the Lumen Database , which publishes information effectively donated by companies such as Google and Cloudflare, for the purpose of improving transparency.

In this case there’s no indication of who requested the blocking order, or the authority that issued it. However, from experience we know that the request was made by the studios of the Motion Picture Association and for the same reason the High Court in London was the issuing authority.

To the general public, the information is just a short list of domains. If it wasn’t for the efforts of Lumen, Google and Cloudflare, the situation would be significantly less clear than that.

Look more closely and further issues become apparent. According to the sender of the original notice (a law firm representing the studios), an explanation of the court order can be found in “paragraph 1, paragraph 2, and Schedule 1 of the Order” but where that can be found isn’t made any more clear than the name of the issuing court.

Then there’s the date of the notice – February 22, 2024, well over a year ago – for blocking that we believe started just yesterday.

Dynamic Blocking=Limited Transparency

The list of 14 domains probably relates to a High Court blocking injunction obtained by the MPA pre-February 2024, but exactly when is more difficult to say.

The issue lies with dynamic injunctions; while a list of domains will appear in the original order (which may or may not be made available), when the MPA concludes that other domains that appear subsequently are linked to the same order, those can be blocked too, but the details are only rarely made public.

From information obtained independently, one candidate is an original order obtained in December 2022 which requested blocking of domains with well known pirate brands including 123movies, fmovies, soap2day, hurawatch, sflix, and onionplay. This leads directly to another unusual issue.

The notice linked from Cloudflare doesn’t directly concern Cloudflare. The studios sent the notice to Google after Google agreed to voluntarily remove those domains from its search indexes, if it was provided with a copy of relevant court orders. Notices like these were supplied and the domains were deindexed, and the practice has continued ever since.

That raises questions about the nature of Cloudflare’s involvement here and why it links to the order sent to Google; notices sent to Cloudflare are usually submitted to Lumen by Cloudflare itself. That doesn’t appear to be the case here.

Partially Effective at Blocking VPNs

When blocking measures are required, Cloudflare digs in when requests concern its public DNS resolver (1.1.1.1). To achieve a similar effect, Cloudflare uses another technique instead.

“In countries with laws that provide for blocking access to online content, Cloudflare may geoblock websites to limit access in the relevant jurisdiction to those websites through Cloudflare’s pass-through security and CDN services.”

Cloudflare appears to be using geo-blocking in the UK, as some VPN users will soon find out. In normal circumstances a VPN using a server in the UK will bypass ISP blocking no differently than a server located anywhere else in the world. Users attempting to gain access to domains currently blocked by Cloudflare, using a VPN server in the UK, will be greeted by Cloudflare’s Error 451 blocking notice instead.

Scale of Blocking Potentially Significant

Checking through the new domains blocked yesterday, something else becomes apparent; they appear in multiple blocking orders, not just the one highlighted above. We’re unable to check ~200 domains immediately but at least potentially, hundreds or even thousands of domains could be involved. And that may actually be a very good thing.

Domains blocked by Sky, BPI and others, don’t appear to be affected, at least as far as we can determine. All relate to sites targeted by the MPA, and the majority if not all trigger malware warnings of a very serious kind, either immediately upon visiting the sites, or shortly after.

At least in the short term, if Cloudflare is blocking a domain in the UK, moving on is strongly advised.

From: TF , for the latest news on copyright battles, piracy and more.

In late 2023, a group of nearly 50 music labels, including Warner Records and Sony Music, filed a ‘mass-infringement’ lawsuit against Altice.

These music companies, all members of the RIAA, alleged that the ISP failed to take action against repeat infringers on the “Optimum” network, making it potentially liable for copyright infringement.

“Despite Altice’s stated policies and despite receiving tens of thousands of infringement notices concerning Plaintiffs’ works […] Altice knowingly permitted repeat infringers to continue to use its services to infringe,” the complaint read.

Labels Seek Summary Judgment

Both parties have gathered evidence to support their case and last week the music labels filed a motion for summary judgment. The labels ask the court to rule that Altice is not entitled to a safe harbor defense under the DMCA.

Safe harbor protection is important for ISPs, as it provides them with immunity from monetary damages related to subscribers’ piracy activities carried out through their services.

To enjoy safe harbor protection, U.S. law requires ISPs to “adopt and reasonably implement” a repeat infringer policy that provides for subscriber account terminations “in appropriate circumstances.” The details of this requirement are not spelled out, but the labels argue that Altice’s interpretation falls severely short.

‘A Safe Haven for Pirates’

Last week’s filing by the labels is heavily redacted, which makes it difficult to report on in detail. However, it is clear that the music companies see Altice’s repeat infringer policy as highly ineffective, or even counterproductive.

“First and foremost, the design and implementation of Altice’s policy are the antithesis of reasonable, making a farce of the DMCA’s repeat infringer termination policy requirement,” the labels write.

The details explaining how and why Altice’s implementation of the repeat infringer policy was lacking are largely blacked out, as shown below.

The implementation of this policy wasn’t reasonable either, the labels argue. They allege that subscriber accounts were not terminated resulting in a permanent loss of internet access, but were suspended and eventually reactivated.

That doesn’t square with the idea of a reasonably implemented repeat infringer policy, the labels argue. Instead, they counter that Altice offered a safe haven for pirates.

“The result of Altice’s actions, both by design and effect, was to provide its users with a safe haven to infringe,” the labels write.

“Ultimately, [a]n ISP cannot claim the protections of the DMCA safe harbor provisions merely by terminating customers as a symbolic gesture before indiscriminately reactivating them within a short timeframe.”

Reactivations & Commercial Subscribers?

The motion insists that these arguments are sufficient to rule that Altice is ineligible for safe harbor protection. If the court disagrees, the labels mention specific circumstances for which this would certainly be the case.

The two categories are redacted in the motion, but, based on the arguments and citations, we can speculate that commercial subscribers and reactivated subscribers are likely candidates.

The motion notes that commercial subscribers represented roughly 7.5-8% of the Altice subscriber base between 2020 and 2023. For these subscribers, which include third-party businesses, Altice purportedly had no repeat infringer policy.

In a similar vein, the unredacted context suggests that Altice should not be entitled to rely on a safe harbor defense for customers who continued to infringe after their accounts were terminated and then reactivated.

Clarity from the Supreme Court?

In addition to this motion for summary judgment, the labels also moved for summary judgment on their ownership of the works in suit. This appears to be a response to a completely sealed motion filed by Altice which concerned the number of statutory damages awards the labels are eligible for.

Without further details, it is nearly impossible to accurately report on these filings, but we expect that the eventual court order will fill in many of the blanks.

Looking more broadly, there’s also a forthcoming Supreme Court matter that will have repercussions for this case. Earlier this month, the Supreme Court granted Cox’s appeal in a similar subscriber liability case, which is expected to provide more clarity on ISPs’ legal obligations regarding repeat infringer policies.

—

A copy of the music labels’ heavily redacted motion for summary judgment on Altice’s safe harbor defense, filed at the U.S. District Court for the Eastern District of Texas, is available here (pdf) .

Shortly after the motion was filed, several replies also appeared in the docket, but these are all sealed and inaccessible.

From: TF , for the latest news on copyright battles, piracy and more.

As the Kodi ‘addon’ boom scooped up millions of new recruits and Amazon’s ‘Fire TV Stick’ sold out as a result, in 2015, a new wave of casual ‘living room’ pirates were ready for the next big thing.

The leap from free but oftentimes unreliable web-based streaming, to cheap and much more reliable illegal IPTV services, was smaller than ever and suppliers were ready to make the transition go as smoothly as possible.

A Gap Appears in the Market

There’s no doubt that small fortunes were being made around 2016 to 2018. Some pirate IPTV suppliers were clearly making very large fortunes, only to lose those fortunes even more dramatically.

After quickly becoming the largest pirate IPTV provider in the UK, May 22, 2018, marked the beginning of the end for the now infamous Flawless TV. Following the initial raids and eventual sentencing of the group in 2023, prison sentences of more than 30 years put millions in alleged profits into sharp perspective, at least in hindsight.

While Flawless wasn’t quite finished, there was gap in the market for a UK supplier and plenty of unmet demand. In the weeks and potentially just days prior to May 22, a new service called Helix Hosting was being prepared. Operating initially from HelixHosting.ninja and later HelixHosting.xyz, the opening offer was just £5 per month.

On one hand, 3PM kick-off Premier League matches are a guaranteed crowd-pleasing money-spinner. On the other, they’re also the best way to attract a criminal investigation by the Premier League, broadcaster Sky, the Federation Against Copyright Theft, and ultimately the police.

Busted – November 2019

In an announcement on Friday, the Police Intellectual Property Crime Unit (PIPCU) provides a detailed explanation for the sudden disappearance of Helix Hosting several years ago, and the fate of now 36-year-old Helix owner Stephen Woodward of Thirsk, North Yorkshire.

PIPCU’s background includes details of two other services operated by Woodward; Black and White TV and another called IPTV Hosting. PIPCU reports that the latter advertised itself as the first IPTV provider with more than 4,500 channels, including Sky Sports and BT Sports, with subscriptions sold direct to viewers and via resellers.

An investigation revealed that Woodward operated 13 PayPal accounts, with received funds converted into cryptocurrency, then converted back into fiat currency, before being deposited across 23 bank accounts to disguise the source.

“Officers from PIPCU arrested Stephen in November 2019 and searched his home address. They seized a computer, hard drive and nine phones, as well as £4,760 in cash found in a desk drawer in his living room,” PIPCU reports.

“Around 100 envelopes, each containing a SIM card with a name written on it, were also seized. Stephen used the SIM cards to help open PayPal and bank accounts using false identities he had bought online.”

Released Under Investigation

After Stephen Woodward was released under investigation following his arrest in November 2019, in connection with IPTV Hosting, police uncovered conversations with Stephen’s younger brother, Christopher, now 34.

“In his messages to Christopher, Stephen said that he was making £100,000 a month through illegal streaming. Stephen used the funds to buy designer jewelry and clothes, holidays and a Jaguar F-Type V8 coupe worth £91,000,” PIPCU reports.

At this point the police timeline seems to clash with public records. While the fact remains that Woodward was clearly behind the illegal sites, the details of how that played out may cause confusion. The suggestion is that Helix was launched after Stephen’s arrest in November 2019 in connection with IPTV Hosting, a service that until now hadn’t appeared on our radar.

“In 2020, while the investigation into IPTV Hosting was underway, officers were alerted by the Federation Against Copyright Theft (FACT) that Stephen had started running two further illegal streaming websites, Black and White TV and Helix Hosting. The websites provided illegal access to watch Premier League matches, as well as over 6,500 channels from around the world,” the statement reads.

Helix actually launched mid to late May 2018, with the first public announcement made by Woodward recorded as June 2, 2018; it appears on the same page as the June 18 screenshot shown above and again in a June 11, 2018, archive capture available here .

The details concerning Black and White TV are less clear; however, at the time the service was advertised as a replacement or stand-in service for Helix, with no obvious attempt to hide common ownership.

After Stephen was arrested in November 2019, a month later a notice appeared on the Helix website claiming that the service had been hacked . Since Helix had reportedly failed to pay a ransom, the notice continued, the personal details of customers and resellers, plus an owner’s name, address and phone number, would be leaked online.

Whether those details were actually leaked remains unconfirmed.

Arrested Again….and Again

“Officers from PIPCU arrested Stephen for the second time and searched his home address in July 2020,” PIPCU reports.

“He told officers that ‘the cash is in the same place as last time’, referring to the desk drawer in his living room, from which around £28,600 in cash was seized. He was released under investigation,” PIPCU adds.

In November 2020, Stephen was arrested yet again, this time by British Transport Police (BTP). Before boarding a train from his hometown of Thirsk to Kings Cross station in London, a member of station staff reportedly saw Stephen place a carrier bag behind a grit bin.

“The staff member checked the contents of the bag and, upon finding it contained £20,000, alerted BTP. BTP officers searched Stephen’s address later that day and seized an envelope containing £1,770 in cash hidden in the loft. They seized a further £380 from Stephen.”

Stephen traveled on the train to London and was arrested at Kings Cross on suspicion of money laundering. Two years later in October 2022, he was detained by Border Force Officers at Gatwick airport while attempting to board a flight to Vancouver. Almost £11,000 in cash was seized from his luggage.

PIPCU investigators secured an “all-assets restraint order” targeting £1.1 million in 15 bank accounts and 21 cryptocurrency wallets, while £144,121 in previously-seized cash was frozen.

Brothers Plead Guilty

On February 21, 2025, Stephen pleaded guilty to distributing articles infringing copyright plus four money laundering offenses in connection with £1 million generated by his services. On the same day his brother Christopher pleaded guilty to money laundering after receiving £126,000.

At York Crown Court last Friday (July 11, 2025), Stephen was sentenced to three years and one month in prison. Christopher was sentenced to 15 months in prison, suspended for 12 months. He must also complete 240 hours of unpaid work.

“Stephen was brazen in running his illegal streaming websites. Despite being the subject of a criminal investigation, he had clearly not learned his lesson and yet again attempted to gain financially from his illegal activity,” says Detective Constable Daryl Fryatt at PIPCU.

“His sentencing and upcoming confiscation proceedings should send a message that there are significant consequences for criminals who enable illegal access to copyrighted content.”

Kieron Sharp at the Federation Against Copyright Theft welcomed the sentences.

“This investigation and the outcome underline that illegal streaming is not a victimless crime. It harms the creative economy and funds criminality. FACT commends the work of PIPCU in bringing this long-running case to justice,” he said.

From: TF , for the latest news on copyright battles, piracy and more.

Adult entertainment is big business on the internet and several of the largest brands in this niche are owned by the Aylo conglomerate.

Formerly known as Mindgeek, Aylo is the driving force behind free ‘tube’ sites such as Pornhub, YouPorn, and RedTube. It also owns many adult brands, including Brazzers and Reality Kings, that charge for subscriptions.

Over the years, the company has built an impressive library of more than 40,000 registered copyright works. The company’s enforcement arm Aylo Premium protects this content by various means. It has sent many millions of takedown requests and also targets pirate sites in court, hoping to shut these down.

Aylo previously went after Goodporn and Daftsex in U.S. courts, which largely ruled in favor of the adult entertainment company. However, permanently taking these sites offline has proven to be quite a challenge, at a time when additional problematic sites continue to appear on the company’s radar.

Aylo Sues PornXP

The latest legal battle pits Aylo against PornXP, an adult website offering access to adult videos while operating from over a dozen domain names. These videos allegedly include content owned by Aylo and posted without permission.

In a complaint filed at a federal court in Washington, Aylo writes that 2,040 of its works are shared across 71,400 individual web pages. Since PornXP doesn’t have a visible upload functionality, the site’s ‘anonymous’ operators stand accused of uploading them.

With its most popular domain receiving over 7 million monthly visitors, PornXP poses a significant threat. Aylo notes that roughly 18% of the site’s visitors come from the U.S. while the site uses itselff U.S.-based advertisers and other services.

To an effort to end the alleged infringement, Aylo sent more than 680,000 DMCA-compliant takedown notices to the website’s email address. Aylo says that none of these takedown requests were honored, and the copyright infringing content remained online.

“Defendants did not remove any content identified in the takedown notices or respond to any of Plaintiff’s DMCA takedown notices,” the complaint reads.

In addition to contacting the site directly, Aylo also sent over 2.1 million DMCA notices to Google, asking the company to remove these URLs from its search results. While Google responded, PornXP claims that the company took no notable action.

Unmasking the Operators

Despite the detailed description of the site and its alleged wrongdoings, Aylo knows little about the people who operate the domains. The defendants are listed as “John Does” instead, with the site’s domain names the only clear identifiers.

To unmask the operators, Aylo requested an ex parte motion for early discovery, targeted at domain registrars and several associated privacy services. These third-party services include Porkbun, NameSilo, Spaceship, GoDaddy, the Public Interest Registry, Privacy Protect, PrivacyGuardian.org, and Private by Design.

Last week, District Court Judge Benjamin H. Settle granted this discovery request, allowing Aylo to subpoena these services asking for the personal details of the domain registrants, including names, emails, and IP-addresses.

“This includes but is not limited to names, addresses, login information, billing and transaction records, account information, server logs and IP addresses, email exchanges, and IP login information related to the accounts for the PornXP domain names,” Judge Settle ruled last week.

Damages, Domain Transfers and Site blocking

Whether the subpoenas will return any usable information has yet to be seen. Ultimately, however, Aylo hopes to win a judgment in its favor, including a substantial damages award compensating it for the alleged copyright infringement.

Enforcing a potentially favorable order is not always straightforward, especially against operators who might be outside U.S. jurisdiction. Therefore, the complaint includes a request for a broad injunction that requests registrars to transfer the PornXP domain names over to Aylo’s possession.

In an attempt to cover all bases, the injunction request also includes a broad blocking request that orders ISPs, hosting companies, search engines and other intermediaries to block the PornXP domains and IP-addresses in the United States.

Specifically, it wants these third-party intermediaries to:

“Block or attempt to block access by United States users of PornXP websites by blocking or attempting to block access to all domains, subdomains, URLs, and/or IP Addresses that has as its sole or predominant purpose to enable to facilitate access to PornXP domains”

At the time of writing, the PornXP defendants have not yet been served and Aylo has until October to do so. For now, all PornXP domains remain operational. However, given the substantial effort that has already been expended on the case, Aylo is determined to do all it can to change the status quo.

—

A copy of the complaint filed by Aylo at the United States District Court for the Western District of Washington at Tacoma is available here (pdf) . A copy of District Court Judge Benjamin H. Settle’s order on the discovery request is available here (pdf)

From: TF , for the latest news on copyright battles, piracy and more.

In a lawsuit filed at a New York court in June 2024, publishers including Cengage Learning, Macmillan Learning, Elsevier, and McGraw Hill, bemoaned Google’s ‘systemic and pervasive advertising’ of infringing copies of their copyrighted textbooks.

The complaint alleged that Google Shopping ads placed by third parties used unauthorized images of the publishers’ genuine textbooks to promote sales of pirated copies; a ‘bait-and-switch’ by Google, the publishers said.

Further allegations of infringement concerned Google search results that allegedly returned piracy-heavy results in response to searches for the publishers’ products, rendering the original content more difficult to find. The publishers also claimed that takedown notices sent to Google had little effect. Notifications identifying alleged repeat infringers didn’t result in account suspensions either.

Dismissal of Vicarious Liability Claim

In a recent motion to dismiss, Google successfully argued that the publishers’ vicarious liability claim should be dismissed due to the absence of two key elements; the right and ability to supervise the infringing conduct and a direct financial interest in the same.

Since the infringing conduct took place on third party sites, the court found that Google lacked the required ability to supervise or control, so couldn’t be held vicariously liable. The publishers’ contributory copyright infringement claim wasn’t part of Google’s motion to dismiss so that remained outstanding.

Answer to First Amended Complaint

On July 2, Google filed a comprehensive answer to the publishers’ First Amended Complaint. Addressing the contributory infringement claim, Google accepts that the plaintiffs sent notices identifying URLs that they claimed infringed their copyrights in digital works.

However, Google notes that its Shopping platform is primarily used for legal purposes, and it takes substantial steps to combat infringement, including enforcing its Terms of Service and providing the means for rightsholders to report infringing content.

The system may not be perfect but, according to Google, perfection isn’t the required standard when combating infringement. Equally, mere knowledge of abuse does not render Google a contributory infringer or liable for the actions of a minority of users who abuse Google’s products for nefarious purposes.

“Were it otherwise, countless internet platforms and product manufacturers would essentially be held strictly liable simply for offering their products to users,” Google notes.

“The facts in this case will ultimately demonstrate that Plaintiffs’ claims are meritless.”

Motion for Stay, Pending Supreme Court Decision

In a letter to the court dated July 10, counsel for Google requests a stay in the current case.

“We respectfully request that the Court stay this case pending the U.S. Supreme Court’s decision in Cox Communications, Inc. v. Sony Music Entertainment….which will consider the standards for (i) contributory copyright infringement and (ii) willfulness under 17 U.S.C. § 504(c),” the letter reads.

As reported last month, Cox Communications successfully petitioned the Supreme Court to review a Fourth Circuit ruling that held the ISP contributorily liable for the actions of subscribers who engaged in piracy.

Labels, including Sony and Universal, had previously secured a $1 billion verdict from a jury in Virginia. This verdict was based on Cox’s knowledge of infringement, material contribution, and a $150,000 maximum statutory damages award per work for ‘willful infringement.

Given the clear similarities to the Cox case pending at the Supreme Court, Google notes that a stay in the publishers’ lawsuit is appropriate.

Core Claims of Willful Contributory Copyright Infringement

Google believes that the Supreme Court’s decision will not only have an impact on the publishers’ lawsuit, it could potentially determine the outcome.

“The core of Plaintiffs’ case is their claim that Google is a willful contributory copyright infringer,” the motion for stay continues.

“Given the centrality of the contributory infringement claim and Plaintiffs’ intent to seek enhanced willfulness damages, the Supreme Court’s decision in Cox will have a significant, and potentially dispositive, impact on the course of this litigation.”

Identical Theory of Liability

Google goes on to cite a petition by the U.S. Solicitor General which overwhelmingly sided with Cox while urging the Supreme Court to take on the case. Google says the theory of liability in Cox is identical to the theory presented by the publishers.

“Plaintiffs’ theory of Google’s liability is identical to the plaintiffs’ theory in Cox: Plaintiffs say Google is liable for willful contributory copyright infringement because it continued to provide merchants with access to Google’s Shopping platform after receiving notices of infringement,” counsel for Google notes.

“If the Supreme Court ultimately agrees with the United States and rejects the Fourth Circuit’s rule on these issues, that would undermine—likely fatally—Plaintiffs’ theories of contributory liability and willfulness here. But regardless of what happens, the Supreme Court’s eventual decision will shape the key issues presented in this case, including questions related to the scope of relevant fact and expert discovery.”

Google believes that oral argument in the Cox matter “could be heard as early as the November sitting, with a possible decision a few months later.”

Describing a few months delay as a modest postponement that could even offer “significant economies” in the current case, Google says that the plaintiffs will not face “any meaningful prejudice” from a short delay.

Google’s Motion for Stay Pending Supreme Court’s Decision in Cox, is available here (pdf)

From: TF , for the latest news on copyright battles, piracy and more.

Unlike the speed of light in a vacuum or the infinite journey into Pi, measures to enforce copyright are subject to constant change and perpetual expansion.

As the site-blocking debate revs up in anticipation of a green light in the United States, fifteen years of global site blocking experience is poised to hit the ground running. After that, calls for further improvement and expansion are only a question of time.

Australia: A Decade of Site Blocking

Last month marked the ten-year anniversary of amendments to Australia’s Copyright Act. The Copyright Amendment (Online Infringement) Act 2015 enabled rightsholders to obtain injunctions against ISPs to compel blocking of overseas pirate sites, the same entities now targeted in the FADPA and ACPA bills.

Unfortunately, the 2015 amendments weren’t quite good enough . In 2018, further amendments expanded the threshold test for site blocking orders and extended the provision to search engines; Google began deindexing pirate sites shortly after that, marking a likely world first for Australia and a signal for other countries to follow suit.

Local movie company Village Roadshow in partnership with the usual Hollywood studios, plus Netflix, Amazon, and Apple, are responsible for the majority of blocking applications filed at Australia’s Federal Court. Targeting up to 100 or more pirate sites each, the injunctions usually name in excess of 50 local ISPs as respondents. Not only are the ISPs required to prevent subscribers from accessing the domains on the initial list, but also those subsequently identified by rightsholders as proxies or mirrors.

New Order Handed Down This Week

This week the Federal Court handed down a new blocking order in favor of Village Roadshow, Disney, Paramount, Columbia, Universal, Warner Bros., Netflix, Apple, and Viacom.

The injunction targets 35 pirate streaming sites, many operating from multiple domains, often with significant levels of traffic. The application was filed early April, so turnaround time was roughly three months.

The order is dynamic, meaning it allows additional domains to be added later when reported by rightsholders. In addition to the usual parameters, dynamic blocking in this case encompasses sites using similar domain names, similar branding, or those linked by common ownership. Used regularly in the UK, this aspect of blocking was first deployed in Australia.

Given the nature of the first few sites in the latest injunction, ‘brand blocking’ will see extensive use once again. Several of the largest switch their domain names regularly, but the one constant across all sites is their use of Cloudflare.

If any unrelated sites decide to impersonate a blocked site to get traffic, ‘brand blocking’ won’t discriminate in any way; it can and probably will block everything within its scope.

An Example for the United States?

There are many blocking mechanisms around the world, mostly encouraged, assisted or influenced by major U.S. rightsholders, European sports leagues, and/or their broadcasting partners. Different approaches, strengths, weaknesses, and various quirks are to be expected, especially when countries don’t even share a common language.

Since Australia and the United States are rumored to understand each other perfectly, would the Aussie approach (which in no small part was driven by the demands of the U.S.) be of interest if site blocking gets underway in the United States?

In many ways Australia’s approach should receive more credit than it does. Attention to detail is evident everywhere, and the Court ensures that everyone’s rights are respected, regardless of which side of the piracy battle they’re on, including those not involved at all. While nothing can prevent every blunder, a system like this can only reduce the number. If there have been any blunders in the last decade, we’re aware of exactly none.

Less Haste, More Speed?

How Australia managed to build such a robust and relatively transparent system is the product of many moving parts, but there’s no doubt that paying attention to the rights of all internet users was of critical importance. These things naturally take time and as a result, Australia’s methodical system may absorb a little too much time for those determined to rush.

It takes around 90 days to obtain a blocking order and in the interim, a lot can happen. The “online location” HydraHD listed in the new court order had roughly 4.5 million visitors in April, but just 1.3 million at the beginning of June.

Depending on visitor location, Cloudflare currently prevents access to that domain following legal action by S.R.L. The 12th Player and DAZN in Belgium ( pdf ) . Meanwhile, the site’s alternative .cc domain is currently blocked by various vendors for allegedly spreading malware.

Moving Targets

Other things can happen too. The Australian injunction lists andyday.tv as a blocking target, which makes sense given the 12.7 million visitors the site received in April when the application was filed. Yet a month later, monthly traffic had fallen to just 1.87 million, followed by a further collapse to 653K in June.

Right now the domain doesn’t work at all, while potential replacement andyday.cc is likely to disappoint pirates. It was recently transferred to the Motion Picture Association, most likely following some type of action by the Alliance for Creativity and Entertainment.

New domains may improve a pirate site’s visibility for a while, but new domains can also be added to Australian blocking orders. Comments by the Court indicate that the process of adding new domains may take a week or two. On one hand that ensures fewer mistakes but on the other, rightsholders seem to have something quicker in mind for their automated, state-of-the-art blocking program in the U.S.

Or at least, that’s as far as we know. Those who actually know aren’t sharing the details right now.

The Federal Court order in Roadshow Films v Telstra [NSD190_2025] is available here (pdf)

From: TF , for the latest news on copyright battles, piracy and more.