The Supreme Court case between several major record labels and Internet provider Cox Communications is one of the landmark copyright battles of this decade.

The outcome will determine how Internet providers should deal with pirating subscribers on their networks.

The Supreme Court must decide whether an ISP can be held liable for failing to disconnect repeat copyright infringers. In addition, it must determine if this ‘inaction’ amounts to willful copyright infringement, even if the ISP wasn’t aware that its specific conduct was illegal.

Supreme Court Hearing

Yesterday, the Supreme Court heard oral arguments in the case, grappling with these questions for nearly two hours. The justices critically questioned all sides in their effort to form a final opinion.

Cox’s attorney, E. Joshua Rosenkranz, began by arguing that it would be a dangerous expansion of the law to hold an ISP liable for the actions of its subscribers.

He argued that under the “purpose” standard, liability should only apply if an Internet provider takes “affirmative steps” to facilitate copyright infringement. For example, by advertising piracy services.

Rosenkranz added that, under the record labels’ theory, Cox would be liable for failing to take action against alleged crimes. That would essentially turn ISPs into the “Internet police” with devastating consequences.

“[T]he consequences of Plaintiffs’ position are cataclysmic,” Rosenkranz said, noting that universities, hospitals, and entire towns would risk being disconnected from the Internet.

“Turning Internet providers into Internet police for all torts perpetrated on the Internet will wreak havoc with the essential medium through which [the] modern public engages in commerce and speech,” Rosenkranz added.

The “Gun Dealer” Analogy

At the hearing, several justices seemed skeptical of Cox’s claim that inaction is fine. Justice Sonia Sotomayor was particularly aggressive, stressing that Cox could know exactly which subscriber accounts were infringing but simply opts to do nothing.

To illustrate her point, Justice Sotomayor challenged Rosenkranz with a vivid analogy.

“If I’m a gun dealer and I’m selling to someone who says to me, ‘I’m going to kill my wife with this gun,’ I think the common law would say you knew what he was going to do with the gun; you joined in. Why isn’t your continuing to provide Internet service the same?”

Cox’s attorney responded by noting that, unlike a murder weapon, an internet connection has substantial legal uses. However, the challenges were not over yet.

Justice Ketanji Brown Jackson continued to test Cox’s theory that “inaction” does not create liability. She presented an even more extreme hypothetical scenario featuring an addicted infringer.

“Suppose I come to you and I want to buy your services. I tell you that I as a customer am addicted to infringing on the Internet. I’ve been sued before. I know what I’m doing is illegal, but I just keep doing it. And not only that, Cox, based on where I live, is my only option.”

Rosenkranz replied that even in that extreme scenario, selling internet access would not create liability for Cox, adding that the music companies or other rightsholders could sue this hypothetical piracy addict instead.

The “Meaningless” Safe Harbor

Representing the record labels, attorney Paul Clement stressed that Cox was not an innocent bystander but a “willfully blind” party that profited from piracy. He pointed to Cox’s internal communication, in which employees expressed contempt for the law, including a now-infamous “f*** the DMCA” email.

The attorney, backed by Justice Kagan, argued that Cox’s legal theory is fatally flawed. If an ISP can never be liable without taking affirmative steps to encourage piracy, then the DMCA’s “safe harbor” would be unnecessary.

“Why would anybody care about getting into the safe harbor if there’s no liability in the first place?” Justice Kagan asked. And after follow-up questioning, Cox’s attorney agreed that the safe harbor is not doing anything under their suggested liability rule.

“Mass Evictions” & “BitTorrent Throttling”

While Cox was grilled on the ‘inaction’ vs. ‘intent’ issue, the record labels faced tough questions over the requested Internet disconnections. Justices Alito and Gorsuch appeared concerned that the record labels’ liability standard would force ISPs to disconnect thousands of innocent people.

Justice Alito specifically asked attorney Clement how an ISP is supposed to respond to repeated piracy notices if their customer is a university with 50,000 students.

Clement argued that ISPs and rights holders could simply “have a conversation” to resolve such issues, a suggestion Cox’s attorney later dismissed as a “terrible answer” for a company facing “crushing liabilities”.

Since it is impractical for a university to be disconnected from the Internet, or for a university to disconnect thousands of students, the record labels’ attorney suggested that bandwidth throttling could also be a viable anti-piracy measure.

“I don’t think it would be the end of the world if universities provided service at a speed that was sufficient for most other purposes but didn’t allow the students to take full advantage of BitTorrent. I could live in that world,” Clement answered.

U.S. Government Backs Cox

The U.S. Government appeared as an amicus curiae and largely supported Cox’s legal interpretation. Deputy Solicitor General Malcolm Stewart urged the Court to adopt a strict “purpose” requirement, arguing that unless an ISP provides “targeted assistance” specifically to pirates, it shouldn’t be liable for the actions of subscribers.

Stewart warned the Justices that expanding liability beyond this “purpose” test would be dangerous. He argued that forcing ISPs to disconnect allegedly pirating subscribers would clash with the essential role the internet plays in society.

“The approach of terminating all access to the Internet based on infringement… seems extremely overbroad given the centrality of the Internet to modern life and given the First Amendment,” Stewart told the Court.

What’s Next?

The Supreme Court now has to decide whether the $1 billion verdict will stand, or if the case will get a do-over at the lower court.

If the court sides with the record labels, ISPs across the United States will continue to need strict “repeat infringer” termination policies to avoid legal liability. If Cox wins, rightsholders will have a hard time holding ISPs liable for pirating subscribers.

The justices are expected to cast their preliminary votes in a private conference later this week, but a final written opinion is not expected before the summer of 2026.

—

A copy of the oral arguments hearing transcript and the audio is available at the Supreme Court’s website .

From: TF , for the latest news on copyright battles, piracy and more.

After years of uncontrolled piracy, in 2019 authorities in Brazil teamed up with ICE and the US Department of Justice to launch Operation 404.

Described as a “milestone” for Brazil’s momentum in the fight against piracy, it was revealed that with assistance from overseas, 136 websites and 100 apps had been put out of action, either by domain suspension or site blocking measures.

Local agencies and anti-piracy groups including ANCINE (National Film Agency) and the National Council for the Fight Against Piracy (CNCP), were pleased with their work, although it was far from done.

Operation 404.1 Was Only the Beginning

Named after the well-known HTTP error indicating a currently unavailable website, Operation 404 would need to build on its early momentum. To understand the scale of the challenge, one only has to look at one of the earliest targets, Futemax, which remains active today despite years of blocks.

For the past six years, authorities and rightsholders in Brazil have continued to add Futemax-branded domains to Brazil’s secretive blocklist.

Whether Futemax, FutemaxHD, FutemaxBR or FutemaxTV variants, the domain-blocking Whac-A-Mole has seen commitment from both sides. At the time of writing, over 360 of these domains appear on the list, presumably at least some in connection with subsequent waves of Operation 404, which have generally taken place on an annual basis since 2019.

Ministry of Justice Announces 404.8

Brazil’s Ministry of Justice and Public Security (MJSP) announced that phase Operation 404.8 was ‘carried out’ November 27, without clarifying that only a relatively small number of events and achievements presented to the media actually took place on that day. This approach to presentation has persisted from 404.1 to the present day but the volume of work as reported only really makes sense as part of a longer timeline.

In common with 404.5 (March 2023), 404.6 (November 2023) and 404.7 (September 2024), this year the Ministry reported an international effort in which local authorities collaborated with partners from Argentina, Ecuador, Paraguay, Peru, and the United Kingdom.

This was Ecuador’s first direct appearance within Operation 404 but for the United States government, which has provided significant support right from the very beginning, there was no direct involvement.

The Ministry says that along with representatives from Mexico, the role of the U.S. Department of Justice and Department of Commerce was to observe, in order to “learn about the methodology used in combating digital piracy.”

Much to Observe

The MJSP said a total of 44 search and seizure warrants were executed, which includes four preventive arrest warrants and three arrests in flagrante delicto in various Brazilian states. The Ministry says the aim was to identify and hold accountable the operators and various individuals behind an unspecified number of “pirate platforms.”

“Audio and video content, such as games and music, were removed,” the Ministry continued. “There was also the blocking and suspension of 535 websites and one illegal streaming application, in addition to the removal of thousands of pirated materials from repositories and social networks. In this phase, the focus broadened to reach the financing and monetization structures of these illegal services.”

In common with previous phases, the Ministry reported collaboration with local federal agencies. They include the National Telecommunications Agency (Anatel) and the National Film Agency (Ancine), both of which are actively involved in having pirate websites blocked by local ISPs.

That raises questions over Brazil’s broader site-blocking regime that receives very little attention.

Operation 404 Blocking is a Fraction of Overall Blocking

On face value, the number of pirate domains blocked under Operation 404 is publicly reported. Given tendencies seen in the past, that include conflating the number of sites blocked with the number of domains, the overall figures may or may not provide a reasonable account of events on the ground.

Refusal to reveal exactly which platforms have been targeted are compounded by the secrecy surrounding Brazil’s primary blocklist, which is restricted and certainly not open for scrutiny. The same applies to the many orders handed down by judges that provide it with constant fuel.

The table below covering Operation 404.1 to 404.8 inclusive, suggests that since 2019, just over 3,000 ‘pirate’ domains have been blocked on copyright grounds as part of Operation 404.

Yet the country’s master blocklist currently contains over 30,000 entries. Since it also contains gambling site domains, the full list can’t be attributed purely to pirate sites.

Nevertheless, the number of sites/domains publicly declared as blocked is clearly just a drop in the ocean. Or, rather, it appears to be; for the last six years no domains have been mentioned in connection with Operation 404 blocking, which effectively rules out fact checking.

Even access to the list of blocked domains is quickly of limited use. Without all-important context, it’s ultimately just a big list of domains.

—————–

Operation 404 receives cooperation from the following agencies, organizations, rightsholders, and anti-piracy partners:

[UK] City of London Police – Police Intellectual Property Crime Unit (PIPCU)
[UK] Intellectual Property Office (IPO),
[USA] U.S. Department of Justice
[USA] Department of Commerce
[Peru] National Institute for the Defense of Competition and the Protection of Intellectual Property (INDECOPI)
[UK] English Premier League
[Spain] LaLiga
[International] Alliance for Creativity and Entertainment (ACE)
[Brazil] Brazilian Association of Pay Television (ABTA)
[LATAM] Alliance against Audiovisual Piracy (ALIANZA)
[Brazil] National Council to Combat Piracy (CNCP)
[Brazil] Association for the Protection of Intellectual and Phonographic Rights (APDIF)
[International] International Federation of the Phonographic Industry (IFPI)
[International] Entertainment Software Association (ESA)
[USA] Motion Picture Association (MPA)
[Paraguay] National Directorate of Intellectual Property (DINAPI)
[Japan] Content Overseas Distribution Association (CODA)
[S.Korea] Copyright Overseas Promotion Association (COA)
[Ecuador] National Intellectual Rights Service (SENDI)
[Ecuador] National Police
[Argentina] Specialized Fiscal Unit for Cybercrime Investigation (UFEIC)
[Argentina] Federal Police of Argentina (PFA)
[Paraguay] Specialized Unit for Punishable Acts Against Intellectual Property
[EU] European Union Intellectual Property Office (EUIPO)

From: TF , for the latest news on copyright battles, piracy and more.

With an estimated 85 million visits per month, Nhentai is one of the most trafficked websites online today.

The site serves adult-oriented anime and manga, also known as hentai. These spicy Japanese comics are popular worldwide, but not everyone is happy with with the content Nhentai has to offer. Some rightsholders consider the site a deviant pirate operation.

In the summer of 2024, California-based rightsholder PCR Distributing (PCR), which operates under brands including J18 and JAST USA, took legal action against Nhentai , describing the site as a significant threat to its business.

Nhentai Owner Unmasked

PCR initially requested a DMCA subpoena asking Cloudflare to unmask the people behind the site. However, when Nhentai filed an objection, PCR swiftly dropped the subpoena request and launched a full lawsuit against the site’s owner at a California federal court.

In January, Nhentai asked the court to dismiss the lawsuit in its entirety. Among other things, the site’s attorneys argued that a representative of PCR’s brands previously granted written permission for the use of their content while exploring the option to run paid ads on the site.

Besides a dismissal, the site’s operator/owner requested a protective order to proceed in the case anonymously, at least in the early stages. Keeping personal details out of public filings would shield them from potential retribution, they argued.

In April, California District Court Judge Cynthia Valenzuela denied both Nhentai’s motion to dismiss and the motion for a protective order . This meant that the lawsuit would continue, with Delaware company X Separator LLC stepping forward as Nhentai’s owner/operator.

Nhentai Owner Denies Wrongdoing

Last week, X Separator filed a formal answer to PCR’s complaint. The company admits that it owns and operates Nhentai.net with the intention of making it available in the United States while earning revenue there as well.

In the same filing, the company denies that it engages in copyright infringement or piracy activities, and further denies any connections to or involvement with Nhentai.to.

Denials such as these are typical under the circumstances. Together with a list of affirmative defenses, they make up the formal answer that a defendant must submit once a federal lawsuit moves forward.

However, Nhentai’s filing doesn’t stop there. In addition to the mandatory response, X Separator is countersuing PCR for fraud and negligent misrepresentation.

Copyrights And Permission

The countersuit centers on PCR’s copyright registrations and the permission that was allegedly given to Nhentai. It argues that PCR Distributing didn’t just tolerate the site; the rightsholder actively approached Nhentai for promotions, partnerships, and advertisements.

The legal paperwork includes the examples above, as well as many others where representatives of PCR brands suggest deals or partnerships while their content remains on the site. These offers run counter to the copyright allegations in the complaint.

In addition, Nhentai’s countersuit points out that these works were not initially registered at the U.S. Copyright Office.

“From at least October 29, 2020 through April 21, 2022 – the timeframe in which the above-referenced emails were sent – Plaintiff/Counter-Defendant knew it had not filed or registered any U.S. copyrights,” X Separator’s filing reads.

In March 2023, PCR Distributing reportedly began registering its works at the Copyright Office but never rescinded the permission previously given to Nhentai. PCR went on to sue Nhentai for copyright infringement in 2024.

Nhentai Countersues for Fraud

The emails where PCR Distributing allegedly approved the use of its works on Nhentai form the basis of the fraud and misrepresentation counterclaims.

For example, the counterclaim notes that PCR CEO Dave Adams submitted a declaration where he, “under penalty of perjury,” claimed to have personal knowledge of “countless instances” where PCR’s works were posted on nHentai.net without authorization.

X Separator argues that these statements are demonstrably false. The company alleges that PCR’s executives knew about the “permission” emails but chose to mislead the court to secure a DMCA subpoena and file the lawsuit.

$500k in Damages

The countersuit formally lists claims for Fraud/Intentional Misrepresentation and Negligent Misrepresentation .

Because of the alleged deception, Nhentai’s parent company claims to have suffered significant harm so is requesting compensatory damages “which currently exceeds $500,000.00”.

In addition, the company seeks punitive damages, arguing that the rightsholder acted “willfully, fraudulently, maliciously, and oppressively” with the specific intent to injure the site’s owner.

PCR Distributing has yet to respond to allegations. Meanwhile, the case will move forward to an eventual trial, if it gets that far. For now, Nhentai remains online.

—

A copy of X Separator LLC’s first amended answer to the amended copyright infringement complaint, including the counterclaims, is available here (pdf)

From: TF , for the latest news on copyright battles, piracy and more.

Described by the MPA, Premier League and other rightsholders as a priority piracy threat, a set-top box available to buy right now on popular markets, initially sounds like an attractive buy.

Manufactured in China, EVPAD TV boxes look fairly unremarkable, and with an Android 7.0 operating system under the hood, they are. When purchased with a cheap ‘lifetime’ subscription, with installable apps providing access to all the content most people will ever need, looks become less important.

However, a look under the hood reveals that the trade-off between content and privacy cannot be ignored.

Researchers Investigate EVPAD

Android-based EVPAD devices provide access to a huge library of infringing movies, TV shows, and live TV, sourced from countries including Canada, Taiwan, the UK, and the United States, among others. As a result, major rightsholders have regularly reported EVPAD and similar devices to the USTR’s Notorious Markets review.

A team of researchers at Korea University took an interest in the EVPAD ‘3p’ and ’10p’ devices when considering what type of anti-piracy measures might be effective against device-specific apps, operating within closed, subscription-based networks.

In this case, the EVPAD website advises buyers of the ‘3p’ device to download two apps from a third party website. ‘StarLive’ and ‘StarVod’ provide access to live TV broadcasts and VOD content, respectively. For the ’10p’ device, a single app called ‘StarV10’ is sufficient and in all cases, installation is simplicity itself.

“Interestingly, during the installation process from such unknown sources, the service applications are installed seamlessly without requiring any additional user interaction or explicit permissions,” the researchers report.

“Upon further inspection, we found that the global system setting for package installation from non-market sources (install_non_market_apps) was set to 1, indicating that side-loading from unknown sources is universally permitted on this Android 7-based device.”

For regular buyers, zero control over permissions should’ve been an immediate red flag. For the researchers, the secrets of obfuscated source code were still to be discovered.

“Streaming is Safer Than Torrents”

Since regular streaming is a process of consumption and the law tends to view supply more seriously, the theory that streaming is safer than torrents usually finds solid ground.

That doesn’t necessarily mean that streaming pirated content is legal, but in a client/server streaming scenario, obtaining evidence of downloading meets technical challenges that aren’t easily overcome. In contrast, BitTorrent users upload by default, which makes evidence of a more serious offense comparatively easy to obtain.

When people buy an EVPAD TV box, many will expect to ‘stream’ pirated content to the device. While that may be a part of the process, the reality is less straightforward.

A Hybrid Network

The researchers at Korea University found that EVPAD devices initially communicate with centralized servers, which manage authentication, various updates, and the all-important content lists. Once obtained, EVPAD devices use that information to join a BitTorrent-like peer-to-peer (P2P) network , in which unwitting downloaders become simultaneous uploaders, or as they say in court, unlicensed distributors of infringing content .

StarLive uses the ‘ libtvcore ‘ library to establish connections with other EVPAD devices, enabling real-time data sharing among peers, including the distribution of live TV broadcasts.

When a user of StarVod selects a video to watch, the system identifies a corresponding .torrent file and HTTP file server. Encrypted using XOR, the .torrent file is decrypted by the libp2ptrans library then used to perform standard BitTorrent functions, with a tracker providing a list of available peers.

“Simultaneously, the user engages in both P2P communication with other peers and HTTP communication with the file server delivering the selected VoD title. This dual approach ensures both downloading and streaming, but in practice, HTTP streaming via a dedicated file server significantly enhances service availability and playback speed, often playing a major role in video streaming,” the researchers note.

Hybrid Network Complicates Blocking

This hybrid approach to networking complicates blocking efforts. While blocking certain domains would prevent service updates, that may not necessarily disrupt the P2P network.

In the event that the source of content becomes unavailable, the researchers say that data broadcasting nodes in the P2P network provide a fallback mechanism by acting as servers within the ‘swarm’. For video-on-demand (VoD) content, the system utilizes P2P but when necessary, HTTP is used to reach servers operating as Content Delivery Networks.

“[These servers] distribute torrent files and video content, and the presence of multiple similar domains suggests that they are designed to quickly circumvent domain blocks. Additionally, there are domains and IP addresses for Trackers to facilitate torrent-based communication,” the researchers add.

After manipulating IDs used to identify content categories, the researchers obtained all VOD lists from the servers above, which together identified 24,934 pieces of video content. That included 1,052 movies and TV shows in the ‘Nflix’ category alone.

Building Resilience Introduced Weakness

No system is completely bulletproof, and this one is no exception. In theory, the decentralized nature of the P2P network makes the system more difficult to shut down. In practice, it also introduces vulnerabilities that can be exploited to disrupt the service.

The researchers discovered two vulnerabilities. Using the Android emulator NoxPlayer to mimic an authenticated EVPAD device, the first allowed them to bypass authentication. This enabled content to be viewed from around the world, without a subscription, with the potential for “unlimited replication.”

While the first vulnerability granted access to the network, the second vulnerability instantly denied it.

“Given the critical nature of this vulnerability, we determined that even a single, carefully crafted TCP packet is sufficient for an individual to trigger service termination on a remote peer device. This drastically lowers the bar for potential abuse, as no significant bandwidth or coordinated effort is required,” the team note.

Blocking Measures Disrupt the EVPAD Network

When combined, these vulnerabilities form the basis of a theoretical anti-piracy strategy. Once a node is deployed in every available TV channel, the data normally used to connect peers can be leveraged for a different purpose. It allows an attacker to identify specific users and hit them with a TCP packet, causing an instant disconnection.

There’s n o suggestion that such an attack has ever been used outside a lab environment. However, the researchers mention an injunction obtained in India by the Premier League that granted authority to block certain domains, which caused network disruptions lasting four days.

While service was restored, the researchers say that would’ve been more difficult if additional capability had been deployed alongside.

Implications For End Users

Beyond the inherent risks of sharing copyrighted content, the implications for users of EVPAD devices are significant. Often distributed in a pre-rooted state with no package installation restrictions, EVPAD devices are highly vulnerable to abuse. The researchers found that the device update process lacks any mechanism to verify integrity or authenticity.

The device also operates with SELinux in permissive mode , where policy violations occur without enforcement. These factors and others lead to the conclusion that attackers could secure a global network of “zombie” devices through which they could execute further attacks by remote control.

“At its peak, [the Mirai botnet] generated about 1TB of attack traffic using 145,000 devices,” the researchers note, adding that 17,000 compromised EVPAD devices could “potentially generate up to 0.12TB of malicious traffic at peak.”

The study identified 131,175 devices across 116 countries and 78 operational servers located in the United States, Japan, Singapore, Hong Kong, and other countries

“Even if malicious intent is not the primary motive, the lack of commitment to user security by such illegal operators places users in a vulnerable position, making them susceptible to attacks.”

Watch Out Your TV Box: Reversing and Blocking a P2P-based Illegal Streaming Ecosystem, is available here ( pdf )

From: TF , for the latest news on copyright battles, piracy and more.

Five years ago, YouTube ripper Yout.com sued the RIAA , asking a Connecticut district court to declare that the site does not violate the DMCA’s anti-circumvention provision.

The music group had previously used DMCA takedown notices to remove many of Yout’s links from Google’s search results. This had a significant impact on Yout’s advertising revenues, according to operator Johnathan Nader, who always believed he wasn’t breaking any laws.

In 2022, the district court concluded that Yout had failed to show that it doesn’t circumvent YouTube’s technological protection measures. That rendered Yout’s defamation and business disparagement claims moot, but the legal battle was far from over.

Yout.com Appeals

Yout’s operator did not give up. In 2023, Nader appealed in the belief that YouTube rippers do not violate the DMCA. The argument received backing from the EFF and GitHub in their supporting amicus briefs.

The RIAA disagreed, countering that Yout is an “illicit stream-ripping service” that effectively allows people to “bypass YouTube’s technological restrictions” that prevent downloading of works streamed through YouTube. As such, the service violates the DMCA, a position supported by the Copyright Alliance.

One of the key issues in this dispute is whether YouTube’s “rolling cipher” is a technological measure designed to control access to or copying of copyrighted works. The difference between access and copying has become a key point of contention in a new AI twist.

AI Relevance: Access Controls vs. Copy Controls

Last month, AI music companies Suno and Udio filed an amicus brief at the Court of Appeals, alerting it to an alleged error the Connecticut district court made in its original ruling against Yout.

Suno and Udio, who were both sued by music companies, argued that the lower court’s ruling failed to recognize the difference between “access controls” and “copy controls”. This is crucial, they noted, as Congress explicitly separated these two copyright controls to enable fair use.

Congress recognized that to claim fair use, people have to copy something first. If the law were to prohibit the circumvention of copying restrictions, fair use would be effectively outlawed as well.

– Circumventing access controls is prohibited under 17 U.S.C. § 1201

– Circumventing copy controls is NOT explicitly prohibited under 17 U.S.C. § 1201.

For AI companies like Suno and Udio, the legal distinction between access controls and copy controls is not just a technicality. It’s the difference between having a viable fair use defense and being automatically liable for massive damages.

If the court rules that YouTube’s “rolling cipher” is an access control, Suno and Udio effectively lose their ability to argue fair use for the data they’ve scraped by accessing YouTube.

Yout Cites New Paywall Defense

Last week, Yout’s legal team told the Court of Appeals that they wholeheartedly agree with Suno and Udio. In a response brief, they note that the AI companies have it precisely right.

Yout’s lawyer, Evan Fray-Witzer, once again stresses that YouTube doesn’t have any access controls, as it is obvious that anyone with a web browser can watch videos on the platform.

“The District Court’s opinion ignores the simple fact […] that the videos displayed on YouTube are freely available to ‘anyone who requests them’ without a paywall, encryption, password, or decryption,” Yout’s response reads.

To back this up, Yout points to a very recent ruling: the July 2025 decision in a lawsuit between Emmerich Newspapers and the news aggregator Particle Media, better known as NewsBreak.

In that case, a court ruled that the news aggregator didn’t violate the DMCA when its bots stripped “paywall code” from the newspaper’s website. The judge concluded that, because the newspaper’s server voluntarily sent the full article text to the bot (including the paywall code), the bot didn’t “break in” to an access-controlled area. Instead, it simply “used” the data it was given in a way the publisher disliked.

Yout stresses that the same logic applies to its interaction with YouTube. Because YouTube sends audio and video data to anyone who visits the site without requiring a password, Yout argues the “gates are up,” making it legally impossible to “circumvent” an access control.

RIAA: You Can Watch, But You Can’t Touch

The RIAA also filed a brief in response to Suno and Udio, urging the Court of Appeals to reject the arguments from these AI companies.

RIAA’s central argument is that YouTube’s “rolling cipher” is designed to distinguish between two different things: access to a performance (the stream) and access to the work (the fixed digital file).

The RIAA agrees that YouTube allows people to view the stream, but they argue that the rolling cipher is designed to control access to the underlying fixed file.

“Amici’s argument conflates access to a ‘performance’ of a work with access to the ‘work’ itself,” the RIAA writes. In bypassing the cipher to download the file, stream-rippers such as Yout can access something YouTube never intended to give: a permanent digital copy.

While YouTube allows the public to view the performances without restriction, it uses the “rolling cipher” to restrict direct access to the underlying file. By modifying this cipher, Yout bypasses a valid access control, the RIAA notes.

The YouTube Whisperers

Both sides clearly have an opinion on how and why YouTube implemented its rolling cipher code. However, YouTube itself is not a party to the lawsuit, nor has it filed an amicus brief to explain its technology.

Yout’s lawyer previously argued that there is a legal vacuum where the court has to guess YouTube’s intentions, instead of moving the case forward so YouTube itself can be heard.

“There is a question as to what YouTube intended with these measures. We don’t know because YouTube isn’t here,” Yout’s lawyer argued in a previous hearing .

The RIAA, however, argues that YouTube’s intent is irrelevant. The music group maintains that the DMCA only cares about whether a measure “effectively controls access” in its ordinary operation, not what the engineers were thinking when they wrote the code.

Suno & Udio Settle: Yout Continues

Interestingly, both Suno and Udio settled their legal disputes with several major music labels recently, opting for licensing deals instead.

Udio settled its copyright dispute with Universal Music Group in October, followed by a similar agreement with Warner Music Group in November. Earlier this week, Suno followed suit, announcing a “landmark” partnership with Warner Music Group.

These settlements were agreed upon after Suno and Udio submitted their amicus brief in the legal battle between Yout and the RIAA. This means that their critique and the responses from both Yout and the RIAA still stand. Whether the Court of Appeals agrees remains to be seen.

—

A copy of Yout’s response to the brief of Suno and Udio is available here (pdf) . RIAA’s response can be found here (pdf) .

From: TF , for the latest news on copyright battles, piracy and more.

Founded in 2019, pirate streaming service aggregator OnionPlay has been around for half a decade already.

While the site had to switch domain names occasionally, OnionPlay maintained its core identity while its user base continued to grow.

Discord Deletes OnionPlay Channel

At a time when pirate streaming sites are under heavy pressure from the MPA and its anti-piracy branch ACE, staying online can be quite a feat. This pressure also affected OnionPlay to some degree, as it suddenly lost its main Discord channel at the end of October.

OnionPlay’s owner and operator, who uses the online handle “TexasHomie,” was told that the channel was shut down after copyright-infringing links were posted in violation of Discord’s rules.

As a result, two years of community-building work disappeared overnight but TexasHomie didn’t throw in the towel. Inside two weeks, a new Discord channel was active.

At the same time, OnionPlay traded in its .mx domain name for a new .bz variant. While business seemed to continue as usual, a new filing at federal court in California would soon reveal who was behind the Discord shutdown.

MPA/ACE Demanded the Discord Shutdown

On November 14, the Motion Picture Association (MPA) requested a DMCA subpoena on behalf of its member studio Warner Bros. These subpoenas can be signed off by a court clerk, provided that the requester has sent a DMCA notice to the intermediary involved.

In this case, the MPA seeks information from Discord, and their legal request includes a copy of a DMCA notice in which ACE complains about links that were posted in OnionPlay’s old Discord channel.

The DMCA notice was sent late October, shortly before the OnionPlay channel was taken down by Discord. As shown above, the email came with an exhibit mentioning “OnionPlay” by name and urged Discord to take the channel offline.

“We request Discord’s assistance to (i) remove or otherwise disable access to the channels and servers identified above; and (ii) take steps to address Piracy Contents on the Discord platform,” the takedown notice, signed by MPA’s Larissa Knapp, informed Discord.

Discord complied with the takedown notice, but that was not the end of the matter. With the recent DMCA subpoena, the movie industry group now hopes to unmask the owner and operator of the site.

Discord Subpoenaed to Unmask TexasHomie

The legal paperwork includes two examples of infringing links that were allegedly posted by a Discord user. One links to a pirated copy of the season 2 finale of “Peacemaker” and the other links to a pirated stream of the movie Weapons.

The MPA specifically requests Discord to identify the user behind ID ‘417142124228771850,’ which it had previously linked to “TexasHomie”.

“Warner Bros. (via the Motion Picture Association, Inc.) is requesting issuance of the attached proposed subpoena that would order Discord, Inc. to disclose the identities, including the names, physical addresses, IP addresses, telephone numbers, and e-mail addresses, of the individual(s) that operate the Discord account with the following User ID: 417142124228771850”

The request notes that information obtained through the subpoena will only be used to identify the alleged infringer so that Warner Bros. can protect its rights. This was sufficient for the court clerk, who signed off on the subpoena on November 17.

As shown above, Discord has until November 28 (tomorrow) to comply with the subpoena and hand over the information to the MPA.

TexasHomie Remains Calm and Collected

The DMCA subpoena is a useful tool for the MPA, but whether it will result in actionable information has yet to be seen. The MPA and ACE have tried to get information on OnionPlay’s operator before, with subpoenas targeting Cloudflare and the .to registry , presumably without effect.

TexasHomie informs TorrentFreak that he was not aware that the MPA was behind the shutdown of the Discord channel. Nor has he been informed that Discord was asked to disclose his personal information.

OnionPlay’s operator doesn’t appear to be particularly worried either and notes that he keeps his online and offline identities separate.

“I’ve always operated behind VPNs, privacy layers, separate identities—the usual precautions when you spend enough years around the internet and IT infrastructure. It’s not about being shady; it’s about minimizing noise and keeping my real life cleanly separated from my online projects,” TexasHomie notes.

“I’ve dealt with plenty of takedown notices and all the usual headaches, but when you work with the right hosting providers and understand how the infrastructure works, you learn how to manage things calmly and professionally.”

TexasHomie takes pride in the fact that he has managed to keep OnionPlay going in a rather competitive streaming landscape. Community input is taken seriously, he notes, adding that OnionPlay is mainly an old-school “passion project” that requires quite a bit of manual work.

Needless to say, this is a high-stakes passion project that can have criminal repercussions if the operator’s identity is unveiled. These are life-altering risks, making this Discord subpoena all the more important.

—

A copy of the subpoena issued by the U.S. District Court for the Northern District of California on November 17 is available here (pdf)

From: TF , for the latest news on copyright battles, piracy and more.

In October 2019, an international police operation brought an abrupt end to Share-Online.biz, the largest file-hosting platform in Germany at the time.

The raids , which targeted data centers in the Netherlands and France as well as residential addresses in Germany, resulted in the seizure of many servers and the shutdown of a platform that served more than a million registered users.

Files stored on Share-Online were typically promoted through third-party sites such as DDL-Warez, Boerse, Movie-Blog, and MyGully. As a host/cyberlocker, Share-Online did not actively promote pirated content to the public.

Suspended Prison Sentence for ‘Neutral’ Host

That seemingly neutral stance did not prevent a criminal investigation or the subsequent prosecution of the site’s operator. This week, the Aachen Regional Court sentenced the defendant to a two-year suspended prison term.

While the suspended sentence means the unnamed defendant will not serve prison time, the legal precedent is significant. Historically, cyberlockers have operated in somewhat of a legal gray area, claiming they are neutral service providers who merely offer storage space.

The Aachen court rejected this defense, FAZ reports , concluding that the operator facilitated copyright infringement with a profit-motive.

Details on the ruling are scarce, and we have yet to see a copy of the verdict. However, according to the Alliance for Creativity and Entertainment (ACE), which supported the anti-piracy action, it is a key victory.

“This ruling makes clear that operators of ostensibly neutral platforms cannot rely on liability privileges or professed ignorance. For a platform like Share-Online, it is not sufficient to merely acknowledge abuse notifications from rights holders,” says Geerart Bourlon, MPA’s Vice President of Content Protection and Legal Counsel.

“Anyone whose business model promotes or supports copyright-infringing acts is not only liable for injunctive relief and damages but also commits a criminal offense,” Bourlon adds.

What Happened to the €50 Million?

The MPA/ACE press release specifically credits Gregory Skavron, the prosecutor at the Nordrhein-Westfalen Cybercrime Unit ( ZAC NRW ). However, there is no mention of the now-bankrupt German anti-piracy outfit GVU, which carried out the investigation of Share-Online.

Similarly, while the press release prominently features the €50 million revenue figure to illustrate the scale of the piracy operation, what happened to this money isn’t made clear. Were any of these funds actually recovered? And if so, were rightsholders compensated?

The absence of any mention concerning damages suggests that, while the “revenue” was massive, the actual recoverable assets may have been much lower or hidden from law enforcement.

The “User” Threat Evaporates

Finally, it is worth mentioning that a spokesperson of the cybercrime police previously suggested that Share-Online users were also at risk, with high-volume uploaders as the prime target.

“If identification is possible, subsequent investigations against the uploaders and possibly also against downloaders are realistic scenarios. For reasons of capacity, we will certainly proceed in a layered manner in the investigations and, in due course, may initially focus on the top uploaders,” the spokesperson said in 2020.

This threat never materialized, as far as we know. This may be in part due to the complex investigation that spanned many terabytes of files. If it takes six years to convict the operator, going after uploaders may have turned out to be too much.

Ultimately, the Share-Online outcome is somewhat of a mixed bag for rightsholders. The movie industry secured a major legal victory and defeated the “neutral host” defense. However, the fact that the site’s operator, who presumably earned millions, can avoid a prison sentence must be seen as a disappointment.

From: TF , for the latest news on copyright battles, piracy and more.

A new legal framework to tackle online infringement in Greece went live just a couple of months ago, and reports of prosecutions are already coming in.

Early September, it was reported that a man from Sparta faces prosecution and a fine of up to 6,000 euros for two IPTV piracy offenses.

The suspect, reportedly a café owner, was targeted at his workplace on a Saturday, allegedly in front of customers. One told local media that they believed that complaints of the café engaging in “unfair competition” preceded the untimely visit.

New Operation Much Larger in Scale

The Cybercrime Prosecution Directorate launched their operation in the early hours of November 19. The Athens-based unit targeted a network that sold illicit access to premium pay-TV via IPTV subscriptions.

The raid, conducted on Santorini, one of the Cyclades islands, resulted in the arrest of a 48-year-old, who, from police reports, appears to be a reseller for a larger network. Customers were reportedly charged €50 for 3 months subscription or €100 for 6 months. Sales and management were handled by the 48-year-old via an online platform known as a ‘panel’, while remote and in-person support were available as part of the service.

The impact of the raid was visible on the islands, locals said. According to a local report , hundreds of users in hotels, cafes, and residences on Santorini and beyond, found themselves suddenly without access to cheap TV. Apparently few areas were untouched by the disruption, such was local reliance on illegal streams.

Arrest and Seizure of Evidence

The identity of the main suspect has not been released but as the focus of an early prominent case, facing charges of commercial exploitation of illegal IPTV subscriptions, the outcome is unlikely to be especially pleasant.

During a search of the suspect’s home, police seized a modified IPTV device configured to illegally receive subscription channels from at least two unnamed companies, a laptop computer, a mobile phone, and €4,820 in cash. The seized digital evidence has been sent to the Criminal Investigations Directorate for laboratory analysis.

End Users Face an Uncertain Wait

The most significant tactical aspect of the operation may have been the choice of target and in particular, their customer base. If the reports are true, many may have operated from various commercial premises, such as hotels and cafes. This means they too could face significant fines of up to 5,000 euros, way above the 750 euro penalties reserved for individual users.

Almost 70 targets is significant too, a number exceeded only in Italy, where people are fined by the state before their details are shared with DAZN and Serie A who request damages on top.

From: TF , for the latest news on copyright battles, piracy and more.

The long-running legal battle between News-Service Europe ( NSE ) and anti-piracy group BREIN has quietly come to an end.

NSE was once one of the largest Usenet providers, but its legal troubles started in 2009, when BREIN took legal action on behalf of the movie and music industries.

In an early verdict in 2011, the Court of Amsterdam concluded that NSE willingly facilitated online piracy through its services. As a result, the company was ordered to remove all pirated content and filter future posts for possible copyright infringements.

According to the Usenet provider, this filtering requirement would’ve been too costly to implement, so it shut down its service while it appealed the case.

Supreme Court Win for NSE

After several more years of litigation, the Amsterdam appeals court ruled that NSE wasn’t liable for users’ pirating activities after all, but NSE was required to offer a responsive and effective notice and takedown procedure, possibly with additional measures.

Unhappy with the outcome, BREIN decided to take the matter to the Dutch Supreme Court. While NSE was no longer a threat, the case could prove crucial for many other Usenet providers.

In 2023, the Supreme Court confirmed that the Usenet provider shouldn’t be held liable for pirating users. The fact that NSE had a decent takedown procedure and no apparent knowledge of infringement weighed in its favor.

The Court also confirmed that NSE didn’t curate any content, nor did it specifically promote copyright infringement.

NSE Seeks Millions in Damages

The Supreme Court ordered BREIN to pay the legal costs. For NSE, however, the victory was bittersweet, as the company had already thrown in the towel well over a decade earlier.

In a final effort to recoup some of its claimed losses, NSE sued BREIN for damages last December . Exact details were not revealed, but the claim could’ve easily reached millions of euros.

While NSE shut down voluntarily, the company says that it saw no other option at the time due to BREIN’s legal pressure. As a result, the entire NSE team lost their jobs.

In its initial response, BREIN looked forward to the new legal battle with confidence. BREIN director Bastiaan van Ramshorst said that NSE willingly decided to shut down its service in 2011, instead of engaging in court-mandated negotiations.

NSE and BREIN Settle

This latest lawsuit could’ve easily added a few more years to the legal battle. However, it won’t come to that, as NSE and BREIN have decided to settle their differences once and for all.

Last Friday, the parties issued the same brief press release. This effectively confirms the end of the 16-year legal battle without adding any further detail.

“Last week the parties reached a settlement, which allowed them to avoid further escalating litigation costs. Both sides are pleased with the outcome and have agreed not to disclose the details of the arrangement,” NSE and BREIN announced.

This type of tight-lipped announcement suggests that the parties reached a compromise. Since NSE is a defunct entity with no operational future, financial compensation seems the only logical incentive for them to drop the multi-million euro claim.

NSE had little to lose at this point, but, for BREIN, the settlement means that it no longer has to face a claim for ‘millions’ in damages. The details of this agreement will remain secret, which underscores that it remains a sensitive issue after all these years.

From: TF , for the latest news on copyright battles, piracy and more.