Five years ago, YouTube ripper Yout.com sued the RIAA , asking a Connecticut district court to declare that the site does not violate the DMCA’s anti-circumvention provision.

The music group had previously used DMCA takedown notices to remove many of Yout’s links from Google’s search results. This had a significant impact on Yout’s advertising revenues, according to operator Johnathan Nader, who always believed he wasn’t breaking any laws.

In 2022, the district court concluded that Yout had failed to show that it doesn’t circumvent YouTube’s technological protection measures. That rendered Yout’s defamation and business disparagement claims moot, but the legal battle was far from over.

Yout.com Appeals

Yout’s operator did not give up. In 2023, Nader appealed in the belief that YouTube rippers do not violate the DMCA. The argument received backing from the EFF and GitHub in their supporting amicus briefs.

The RIAA disagreed, countering that Yout is an “illicit stream-ripping service” that effectively allows people to “bypass YouTube’s technological restrictions” that prevent downloading of works streamed through YouTube. As such, the service violates the DMCA, a position supported by the Copyright Alliance.

One of the key issues in this dispute is whether YouTube’s “rolling cipher” is a technological measure designed to control access to or copying of copyrighted works. The difference between access and copying has become a key point of contention in a new AI twist.

AI Relevance: Access Controls vs. Copy Controls

Last month, AI music companies Suno and Udio filed an amicus brief at the Court of Appeals, alerting it to an alleged error the Connecticut district court made in its original ruling against Yout.

Suno and Udio, who were both sued by music companies, argued that the lower court’s ruling failed to recognize the difference between “access controls” and “copy controls”. This is crucial, they noted, as Congress explicitly separated these two copyright controls to enable fair use.

Congress recognized that to claim fair use, people have to copy something first. If the law were to prohibit the circumvention of copying restrictions, fair use would be effectively outlawed as well.

– Circumventing access controls is prohibited under 17 U.S.C. § 1201

– Circumventing copy controls is NOT explicitly prohibited under 17 U.S.C. § 1201.

For AI companies like Suno and Udio, the legal distinction between access controls and copy controls is not just a technicality. It’s the difference between having a viable fair use defense and being automatically liable for massive damages.

If the court rules that YouTube’s “rolling cipher” is an access control, Suno and Udio effectively lose their ability to argue fair use for the data they’ve scraped by accessing YouTube.

Yout Cites New Paywall Defense

Last week, Yout’s legal team told the Court of Appeals that they wholeheartedly agree with Suno and Udio. In a response brief, they note that the AI companies have it precisely right.

Yout’s lawyer, Evan Fray-Witzer, once again stresses that YouTube doesn’t have any access controls, as it is obvious that anyone with a web browser can watch videos on the platform.

“The District Court’s opinion ignores the simple fact […] that the videos displayed on YouTube are freely available to ‘anyone who requests them’ without a paywall, encryption, password, or decryption,” Yout’s response reads.

To back this up, Yout points to a very recent ruling: the July 2025 decision in a lawsuit between Emmerich Newspapers and the news aggregator Particle Media, better known as NewsBreak.

In that case, a court ruled that the news aggregator didn’t violate the DMCA when its bots stripped “paywall code” from the newspaper’s website. The judge concluded that, because the newspaper’s server voluntarily sent the full article text to the bot (including the paywall code), the bot didn’t “break in” to an access-controlled area. Instead, it simply “used” the data it was given in a way the publisher disliked.

Yout stresses that the same logic applies to its interaction with YouTube. Because YouTube sends audio and video data to anyone who visits the site without requiring a password, Yout argues the “gates are up,” making it legally impossible to “circumvent” an access control.

RIAA: You Can Watch, But You Can’t Touch

The RIAA also filed a brief in response to Suno and Udio, urging the Court of Appeals to reject the arguments from these AI companies.

RIAA’s central argument is that YouTube’s “rolling cipher” is designed to distinguish between two different things: access to a performance (the stream) and access to the work (the fixed digital file).

The RIAA agrees that YouTube allows people to view the stream, but they argue that the rolling cipher is designed to control access to the underlying fixed file.

“Amici’s argument conflates access to a ‘performance’ of a work with access to the ‘work’ itself,” the RIAA writes. In bypassing the cipher to download the file, stream-rippers such as Yout can access something YouTube never intended to give: a permanent digital copy.

While YouTube allows the public to view the performances without restriction, it uses the “rolling cipher” to restrict direct access to the underlying file. By modifying this cipher, Yout bypasses a valid access control, the RIAA notes.

The YouTube Whisperers

Both sides clearly have an opinion on how and why YouTube implemented its rolling cipher code. However, YouTube itself is not a party to the lawsuit, nor has it filed an amicus brief to explain its technology.

Yout’s lawyer previously argued that there is a legal vacuum where the court has to guess YouTube’s intentions, instead of moving the case forward so YouTube itself can be heard.

“There is a question as to what YouTube intended with these measures. We don’t know because YouTube isn’t here,” Yout’s lawyer argued in a previous hearing .

The RIAA, however, argues that YouTube’s intent is irrelevant. The music group maintains that the DMCA only cares about whether a measure “effectively controls access” in its ordinary operation, not what the engineers were thinking when they wrote the code.

Suno & Udio Settle: Yout Continues

Interestingly, both Suno and Udio settled their legal disputes with several major music labels recently, opting for licensing deals instead.

Udio settled its copyright dispute with Universal Music Group in October, followed by a similar agreement with Warner Music Group in November. Earlier this week, Suno followed suit, announcing a “landmark” partnership with Warner Music Group.

These settlements were agreed upon after Suno and Udio submitted their amicus brief in the legal battle between Yout and the RIAA. This means that their critique and the responses from both Yout and the RIAA still stand. Whether the Court of Appeals agrees remains to be seen.

—

A copy of Yout’s response to the brief of Suno and Udio is available here (pdf) . RIAA’s response can be found here (pdf) .

From: TF , for the latest news on copyright battles, piracy and more.

Founded in 2019, pirate streaming service aggregator OnionPlay has been around for half a decade already.

While the site had to switch domain names occasionally, OnionPlay maintained its core identity while its user base continued to grow.

Discord Deletes OnionPlay Channel

At a time when pirate streaming sites are under heavy pressure from the MPA and its anti-piracy branch ACE, staying online can be quite a feat. This pressure also affected OnionPlay to some degree, as it suddenly lost its main Discord channel at the end of October.

OnionPlay’s owner and operator, who uses the online handle “TexasHomie,” was told that the channel was shut down after copyright-infringing links were posted in violation of Discord’s rules.

As a result, two years of community-building work disappeared overnight but TexasHomie didn’t throw in the towel. Inside two weeks, a new Discord channel was active.

At the same time, OnionPlay traded in its .mx domain name for a new .bz variant. While business seemed to continue as usual, a new filing at federal court in California would soon reveal who was behind the Discord shutdown.

MPA/ACE Demanded the Discord Shutdown

On November 14, the Motion Picture Association (MPA) requested a DMCA subpoena on behalf of its member studio Warner Bros. These subpoenas can be signed off by a court clerk, provided that the requester has sent a DMCA notice to the intermediary involved.

In this case, the MPA seeks information from Discord, and their legal request includes a copy of a DMCA notice in which ACE complains about links that were posted in OnionPlay’s old Discord channel.

The DMCA notice was sent late October, shortly before the OnionPlay channel was taken down by Discord. As shown above, the email came with an exhibit mentioning “OnionPlay” by name and urged Discord to take the channel offline.

“We request Discord’s assistance to (i) remove or otherwise disable access to the channels and servers identified above; and (ii) take steps to address Piracy Contents on the Discord platform,” the takedown notice, signed by MPA’s Larissa Knapp, informed Discord.

Discord complied with the takedown notice, but that was not the end of the matter. With the recent DMCA subpoena, the movie industry group now hopes to unmask the owner and operator of the site.

Discord Subpoenaed to Unmask TexasHomie

The legal paperwork includes two examples of infringing links that were allegedly posted by a Discord user. One links to a pirated copy of the season 2 finale of “Peacemaker” and the other links to a pirated stream of the movie Weapons.

The MPA specifically requests Discord to identify the user behind ID ‘417142124228771850,’ which it had previously linked to “TexasHomie”.

“Warner Bros. (via the Motion Picture Association, Inc.) is requesting issuance of the attached proposed subpoena that would order Discord, Inc. to disclose the identities, including the names, physical addresses, IP addresses, telephone numbers, and e-mail addresses, of the individual(s) that operate the Discord account with the following User ID: 417142124228771850”

The request notes that information obtained through the subpoena will only be used to identify the alleged infringer so that Warner Bros. can protect its rights. This was sufficient for the court clerk, who signed off on the subpoena on November 17.

As shown above, Discord has until November 28 (tomorrow) to comply with the subpoena and hand over the information to the MPA.

TexasHomie Remains Calm and Collected

The DMCA subpoena is a useful tool for the MPA, but whether it will result in actionable information has yet to be seen. The MPA and ACE have tried to get information on OnionPlay’s operator before, with subpoenas targeting Cloudflare and the .to registry , presumably without effect.

TexasHomie informs TorrentFreak that he was not aware that the MPA was behind the shutdown of the Discord channel. Nor has he been informed that Discord was asked to disclose his personal information.

OnionPlay’s operator doesn’t appear to be particularly worried either and notes that he keeps his online and offline identities separate.

“I’ve always operated behind VPNs, privacy layers, separate identities—the usual precautions when you spend enough years around the internet and IT infrastructure. It’s not about being shady; it’s about minimizing noise and keeping my real life cleanly separated from my online projects,” TexasHomie notes.

“I’ve dealt with plenty of takedown notices and all the usual headaches, but when you work with the right hosting providers and understand how the infrastructure works, you learn how to manage things calmly and professionally.”

TexasHomie takes pride in the fact that he has managed to keep OnionPlay going in a rather competitive streaming landscape. Community input is taken seriously, he notes, adding that OnionPlay is mainly an old-school “passion project” that requires quite a bit of manual work.

Needless to say, this is a high-stakes passion project that can have criminal repercussions if the operator’s identity is unveiled. These are life-altering risks, making this Discord subpoena all the more important.

—

A copy of the subpoena issued by the U.S. District Court for the Northern District of California on November 17 is available here (pdf)

From: TF , for the latest news on copyright battles, piracy and more.

In October 2019, an international police operation brought an abrupt end to Share-Online.biz, the largest file-hosting platform in Germany at the time.

The raids , which targeted data centers in the Netherlands and France as well as residential addresses in Germany, resulted in the seizure of many servers and the shutdown of a platform that served more than a million registered users.

Files stored on Share-Online were typically promoted through third-party sites such as DDL-Warez, Boerse, Movie-Blog, and MyGully. As a host/cyberlocker, Share-Online did not actively promote pirated content to the public.

Suspended Prison Sentence for ‘Neutral’ Host

That seemingly neutral stance did not prevent a criminal investigation or the subsequent prosecution of the site’s operator. This week, the Aachen Regional Court sentenced the defendant to a two-year suspended prison term.

While the suspended sentence means the unnamed defendant will not serve prison time, the legal precedent is significant. Historically, cyberlockers have operated in somewhat of a legal gray area, claiming they are neutral service providers who merely offer storage space.

The Aachen court rejected this defense, FAZ reports , concluding that the operator facilitated copyright infringement with a profit-motive.

Details on the ruling are scarce, and we have yet to see a copy of the verdict. However, according to the Alliance for Creativity and Entertainment (ACE), which supported the anti-piracy action, it is a key victory.

“This ruling makes clear that operators of ostensibly neutral platforms cannot rely on liability privileges or professed ignorance. For a platform like Share-Online, it is not sufficient to merely acknowledge abuse notifications from rights holders,” says Geerart Bourlon, MPA’s Vice President of Content Protection and Legal Counsel.

“Anyone whose business model promotes or supports copyright-infringing acts is not only liable for injunctive relief and damages but also commits a criminal offense,” Bourlon adds.

What Happened to the €50 Million?

The MPA/ACE press release specifically credits Gregory Skavron, the prosecutor at the Nordrhein-Westfalen Cybercrime Unit ( ZAC NRW ). However, there is no mention of the now-bankrupt German anti-piracy outfit GVU, which carried out the investigation of Share-Online.

Similarly, while the press release prominently features the €50 million revenue figure to illustrate the scale of the piracy operation, what happened to this money isn’t made clear. Were any of these funds actually recovered? And if so, were rightsholders compensated?

The absence of any mention concerning damages suggests that, while the “revenue” was massive, the actual recoverable assets may have been much lower or hidden from law enforcement.

The “User” Threat Evaporates

Finally, it is worth mentioning that a spokesperson of the cybercrime police previously suggested that Share-Online users were also at risk, with high-volume uploaders as the prime target.

“If identification is possible, subsequent investigations against the uploaders and possibly also against downloaders are realistic scenarios. For reasons of capacity, we will certainly proceed in a layered manner in the investigations and, in due course, may initially focus on the top uploaders,” the spokesperson said in 2020.

This threat never materialized, as far as we know. This may be in part due to the complex investigation that spanned many terabytes of files. If it takes six years to convict the operator, going after uploaders may have turned out to be too much.

Ultimately, the Share-Online outcome is somewhat of a mixed bag for rightsholders. The movie industry secured a major legal victory and defeated the “neutral host” defense. However, the fact that the site’s operator, who presumably earned millions, can avoid a prison sentence must be seen as a disappointment.

From: TF , for the latest news on copyright battles, piracy and more.

A new legal framework to tackle online infringement in Greece went live just a couple of months ago, and reports of prosecutions are already coming in.

Early September, it was reported that a man from Sparta faces prosecution and a fine of up to 6,000 euros for two IPTV piracy offenses.

The suspect, reportedly a café owner, was targeted at his workplace on a Saturday, allegedly in front of customers. One told local media that they believed that complaints of the café engaging in “unfair competition” preceded the untimely visit.

New Operation Much Larger in Scale

The Cybercrime Prosecution Directorate launched their operation in the early hours of November 19. The Athens-based unit targeted a network that sold illicit access to premium pay-TV via IPTV subscriptions.

The raid, conducted on Santorini, one of the Cyclades islands, resulted in the arrest of a 48-year-old, who, from police reports, appears to be a reseller for a larger network. Customers were reportedly charged €50 for 3 months subscription or €100 for 6 months. Sales and management were handled by the 48-year-old via an online platform known as a ‘panel’, while remote and in-person support were available as part of the service.

The impact of the raid was visible on the islands, locals said. According to a local report , hundreds of users in hotels, cafes, and residences on Santorini and beyond, found themselves suddenly without access to cheap TV. Apparently few areas were untouched by the disruption, such was local reliance on illegal streams.

Arrest and Seizure of Evidence

The identity of the main suspect has not been released but as the focus of an early prominent case, facing charges of commercial exploitation of illegal IPTV subscriptions, the outcome is unlikely to be especially pleasant.

During a search of the suspect’s home, police seized a modified IPTV device configured to illegally receive subscription channels from at least two unnamed companies, a laptop computer, a mobile phone, and €4,820 in cash. The seized digital evidence has been sent to the Criminal Investigations Directorate for laboratory analysis.

End Users Face an Uncertain Wait

The most significant tactical aspect of the operation may have been the choice of target and in particular, their customer base. If the reports are true, many may have operated from various commercial premises, such as hotels and cafes. This means they too could face significant fines of up to 5,000 euros, way above the 750 euro penalties reserved for individual users.

Almost 70 targets is significant too, a number exceeded only in Italy, where people are fined by the state before their details are shared with DAZN and Serie A who request damages on top.

From: TF , for the latest news on copyright battles, piracy and more.

The long-running legal battle between News-Service Europe ( NSE ) and anti-piracy group BREIN has quietly come to an end.

NSE was once one of the largest Usenet providers, but its legal troubles started in 2009, when BREIN took legal action on behalf of the movie and music industries.

In an early verdict in 2011, the Court of Amsterdam concluded that NSE willingly facilitated online piracy through its services. As a result, the company was ordered to remove all pirated content and filter future posts for possible copyright infringements.

According to the Usenet provider, this filtering requirement would’ve been too costly to implement, so it shut down its service while it appealed the case.

Supreme Court Win for NSE

After several more years of litigation, the Amsterdam appeals court ruled that NSE wasn’t liable for users’ pirating activities after all, but NSE was required to offer a responsive and effective notice and takedown procedure, possibly with additional measures.

Unhappy with the outcome, BREIN decided to take the matter to the Dutch Supreme Court. While NSE was no longer a threat, the case could prove crucial for many other Usenet providers.

In 2023, the Supreme Court confirmed that the Usenet provider shouldn’t be held liable for pirating users. The fact that NSE had a decent takedown procedure and no apparent knowledge of infringement weighed in its favor.

The Court also confirmed that NSE didn’t curate any content, nor did it specifically promote copyright infringement.

NSE Seeks Millions in Damages

The Supreme Court ordered BREIN to pay the legal costs. For NSE, however, the victory was bittersweet, as the company had already thrown in the towel well over a decade earlier.

In a final effort to recoup some of its claimed losses, NSE sued BREIN for damages last December . Exact details were not revealed, but the claim could’ve easily reached millions of euros.

While NSE shut down voluntarily, the company says that it saw no other option at the time due to BREIN’s legal pressure. As a result, the entire NSE team lost their jobs.

In its initial response, BREIN looked forward to the new legal battle with confidence. BREIN director Bastiaan van Ramshorst said that NSE willingly decided to shut down its service in 2011, instead of engaging in court-mandated negotiations.

NSE and BREIN Settle

This latest lawsuit could’ve easily added a few more years to the legal battle. However, it won’t come to that, as NSE and BREIN have decided to settle their differences once and for all.

Last Friday, the parties issued the same brief press release. This effectively confirms the end of the 16-year legal battle without adding any further detail.

“Last week the parties reached a settlement, which allowed them to avoid further escalating litigation costs. Both sides are pleased with the outcome and have agreed not to disclose the details of the arrangement,” NSE and BREIN announced.

This type of tight-lipped announcement suggests that the parties reached a compromise. Since NSE is a defunct entity with no operational future, financial compensation seems the only logical incentive for them to drop the multi-million euro claim.

NSE had little to lose at this point, but, for BREIN, the settlement means that it no longer has to face a claim for ‘millions’ in damages. The details of this agreement will remain secret, which underscores that it remains a sensitive issue after all these years.

From: TF , for the latest news on copyright battles, piracy and more.

For years, powerful rightsholders and media groups have demanded urgent and decisive action from the European Commission to tackle IPTV piracy of live sports and events.

From the MPA, to the Premier League, Sky, LaLiga and Serie A, the message couldn’t have been clearer or more consistent. It didn’t change after the EC’s rejection of their call for urgent legislative measures in 2022, and remained intact following a consultation and advice early 2023 on a ‘toolbox’ of existing measures .

EC Publishes Assessment of the Effects of Recommendation

In May 2023, the European Commission (EC) issued a Recommendation aimed at tackling online piracy of sports and other live events. It encouraged measures concerning the processing of takedown notices, dynamic injunctions, cooperation between stakeholders, and increasing the availability of legal alternatives.

Aiming to build upon existing legal frameworks such as the InfoSoc Directive, IPRED, and the Digital Services Act (DSA), it was detailed and comprehensive, without being especially urgent.

Some two-and-a-half years later, an assessment of the effects of the Recommendation were published by the EC last week. The report evaluates the progress made by Member States, national authorities, and stakeholders in implementing the various measures outlined in May 2023. Monitoring was carried out by the EUIPO Observatory using Key Performance Indicators (KPIs) concerning piracy volume, processing of takedown notices, use of blocking injunctions, and availability of legal offers.

Ensuring Prompt Execution of Takedown Notices

Recommendation: Hosting services should process takedown notices sent by rightsholders as quickly as possible, to help protect vulnerable live events which have most of their value built into the event itself.

Assessment: Only limited progress was reported. ‘Online platforms’ including social media, online marketplaces, and search engines, were generally more responsive due to their obligations under the DSA. Responses from other intermediaries such as Dedicated Server Providers (DSPs) and Content Delivery Networks (CDNs) were much slower, highlighting a significant gap in response times when compared to online platforms.

Further Action: According to the report, there’s a need for increased cooperation with intermediaries, including working towards technical solutions to automate processing of takedown notices. The Commission says it will examine the role of intermediaries within the DSA Board discussions.

Rightsholders’ Use of Blocking Injunctions in Member States

Recommendation: Authorized under Article 8(3) of the InfoSoc Directive and Article 11 of IPRED, Members States should facilitate use of dynamic/live blocking injunctions, with appropriate safeguards, against infringers and intermediaries whose services are used to infringe copyrights.

Assessment: The Commission notes that while injunctions are useful, implementation across Member States shows significant variation. At the extremes, some countries have very robust systems in place while others have no system at all. The Commission says there’s not only a need for much broader adoption across the EU, but also more consistent application.

Further Recommendation on Injunctions: Member States are ‘encouraged’ to provide for injunctions against intermediaries, who, regardless of their lack of liability, offer services that are misused for illegal streaming of live sports.

Assessment: Noting efforts in France and Belgium that have blocked CDNs , VPNs and DNS providers , and work in Italy to facilitate the same, the EC also highlights LaLiga’s work in Spain “ against ISPs and CDNs “. Under the DSA, some intermediaries may be exempted from liability, the EC adds, but the DSA does not preclude them from being blocked regardless.

Since these are recent developments, “there is not yet sufficient data to assess the efficiency of dynamic injunctions addressed to those intermediaries,” the report concedes, adding that “a number of end-users, have complained about a few instances of over-blocking.”

The Recommendation appears to have prompted some Member States to reassess their legal frameworks or engage in policy discussions to strengthen enforcement measures. Some Member States have clarified legal standing for sports event organizers, allowing them to pursue injunctions in their own right. Some rightsholders are demanding that blocking injunctions are recognized across borders.

Discussions about the possible introduction of dynamic injunctions have been discussed in a few Member States, but not have not yet materialized. In others, there are no developments to report “prompting concerns” from certain stakeholders, the EC reports.

Further action: The Commission will consider whether new measures are needed to ensure a wider and more consistent use of dynamic injunctions across Member States.

Cooperation between Rightsholders and Intermediaries / Public Authorities

Recommendation: Encourage cooperation between rightsholders and intermediaries to identify the source of unauthorized retransmissions and take measures to prevent repeat misuse.

Assessment: Cooperation agreements to fight piracy exist across Member States, some concluded directly between the parties and others with assistance from public authorities. Agreements between rightsholders and ISPs on blocking measures and issues related to content blocking/removal appear to be most common.

In 2024, participating rightsholders reported 49 voluntary cooperation agreements with intermediaries, rising to 62 in 2025. Cooperation with Dedicated Server Providers (DSPs) account for around two-thirds of agreements (42), with online platforms (18) quite a distance behind. Perhaps unsurprisingly, agreements to identify the source of infringement are far less common; just two were reported.

In general, cooperation has improved, with voluntary agreements becoming more common. The majority of infringement notices resulting in suspension of access to infringing streams were issued in the context of cooperation agreements, with 55% of those proving successful. However, some rightsholders complained that most cooperation agreements still rely on manual processing of infringement notices, which limits effectiveness when applied to live sports.

The Recommendation encourages Member States to actively engage in the exchange of information when sites and services are blocked as part of an injunction. Under the DSA, orders issued by authorities to act against illegal content must be shared by a Member State’s Digital Services Coordinator (DSC) with their counterparts in other Member States.

This system is considered directly relevant to tackling piracy of live events but is not yet fully operational. However, the network is described as a “crucial initiative” through which valuable information is exchanged between participating authorities.

Raising Awareness and Improving Availability of Legal Offers

Recommendation: Increase users’ awareness of legal content, increase the availability, affordability, and attractiveness of live event commercial offers.

Assessment: The report notes that submissions focused solely on live sports events. Several rightholders and sports event organizers have reportedly made efforts to make their offers more accessible, including “setting up a website which allows users to obtain information on where a specific sporting competition is available.”

Yet in noting the following, it seems that readily available information proved elusive enough to prevent an assessment.

“[T]he data submitted by sports event organisers and rightholders to the EUIPO does not allow to fully assess the progress made in terms of the availability of sports events or the affordability and attractiveness of commercial offers,” the report notes.

“Consumers responding to the call for evidence consider that this remains an area of concern, arguing that the availability of affordable legal offers remains low and legal offers are fragmented,” the report notes.

Some national authorities identified pricing of legal offers, fragmentation, and territorial availability, as “possible obstacles” faced by users attempting to access legal live content, “which often requires users to obtain multiple paid subscriptions.”

Overall Conclusions

The European Commission’s assessment concludes that while the Recommendation has encouraged positive developments, its overall impact is limited.

Despite signs of increased awareness and cooperation, piracy by volume has not reduced and remains a problem. While online platforms are seen as effective when processing takedown notices, DSPs reportedly lag far behind when it comes to suspension of pirate streams. Notices sent to CDNs and reverse proxies are increasing but are not effective.

“In addition, an increasing number of notices are being addressed to other intermediaries, including CDNs and reverse proxies, which are not subject to the DSA rules on notices. In this context, the assessment underlines that cooperation agreements have led to a better and quicker response by the relevant intermediaries.”

The assessment also highlights tension between protection from liability for intermediaries and the demand for more effective responses to piracy. Intermediaries are not required by law to proactively police illegal content, but the assessment nevertheless implies that even within existing legal frameworks, going beyond current obligations would make a significant difference.

From: TF , for the latest news on copyright battles, piracy and more.

Services offered by U.S tech giant Cloudflare improve the performance and security of millions of websites, amounting to a significant contribution towards the health of today’s internet.

Those hoping to benefit from Cloudflare’s services find few, if any, barriers to entry. Typically a working email address is sufficient to gain access, meaning new users can protect their websites in a matter of minutes.

Cloudflare Held Liable For Anonymous Users

Frictionless onboarding is popular with users and good for Cloudflare’s overall business. For Japanese manga publishers Shueisha, Kodansha, Kadokawa, and Shogakukan, the absence of identity verification is a gift to pirate site operators. Not only are they allowed to remain personally anonymous, their websites’ IP addresses can be hidden and exchanged for Cloudflare’s, making enforcement more difficult.

A decision handed down this week by Judge Aya Takahashi at the Tokyo District Court, holding Cloudflare liable for infringement carried out by its customers, concerns a lawsuit filed by the publishers in 2022.

The companies said that the anonymity afforded by Cloudflare to site operators and their websites, provides an attractive environment for piracy of their content to thrive. When the publishers’ repeatedly complained, Cloudflare should’ve taken the strongest of action against such abuse, including terminating the accounts of known pirate sites.

Liability and Future Growth

Judge Takahashi agreed that the lack of identity verification was a piracy-enabling factor but Cloudflare’s inaction amounted to a failure to acknowledge responsibility.

“(Cloudflare) failed in its duty to stop providing the service,” Judge Takahashi said.

Liability in this instance led to a damages award against Cloudflare of 500 million yen, around US$3.2 million. In the bigger picture, the money is less important to Cloudflare than new liability and what that might mean for the growth of its business.

In this instance, the court did not issue an injunction to restrain Cloudflare moving forward. However, the finding of liability is unacceptable to Cloudflare so it intends to file an appeal and continue the fight.

“We appreciate the efforts of the Tokyo District Court, which spent a great deal of time and effort reviewing and ruling on this complex case. While we respectfully disagree with the court’s decision, we also express our dissent,” the company said in a statement sent to legal news outlet Bengo4 .

Cloudflare maintains its long-held position that as a CDN, it delivers data and doesn’t host anything. Since the pirated content is hosted elsewhere, that’s where it will remain, regardless of any action at Cloudflare.

Cloudflare Ups the Stakes, Warns of Global Implications

Cloudflare’s pursuit of a decision aligned with its own interests, will see the publishers defend their hard-won position with similar determination. For the former, the decision in Japan isn’t just a local storm, it’s a threat to intermediaries and sets a global precedent with far-reaching implications.

“Holding CDNs like Cloudflare legally liable for content they do not host removes the limitations on liability that have underpinned the growth of the global internet. This ruling is the first of its kind in the world and could have serious implications for the efficiency, security, and reliability of the internet not only in Japan but around the world,” the company says.

While a robust defense of its position is to be expected, Cloudflare seems to be especially vocal – and critical – not just of the decision, but how it will hurt Japan’s progress moving forward.

Describing the ruling as “undermining transparency, fairness and due process,” Cloudflare said the trial questioned whether Japan’s judicial system supports its aspirations for growth in tech.

“This ruling is contrary to the legislative intent of promoting Japan’s technological growth and risks stifling technological innovation among Japan’s emerging technology companies,” Cloudflare added.

If the decision stands, to avoid liability Cloudflare says it would need to terminate CDN services based on takedown notices, rather than under the formal instructions of a competent court.

The Publishers’ View the Decision in a Different Light

Yuki Hirai is an attorney at Sakurazaka Law Office, where he leads the case on behalf of the publishers.

In recent comments to the USTR, Cloudflare suggested that a negative outcome against the publishers would “necessitate U.S. CDN providers to limit the provision of global services.”

In comments to TorrentFreak, Attorney Hirai disputes that, noting that Cloudflare’s argument “distorts the essence” of the case.

“This ruling concerns responsibility for providing high anonymity and ignoring infringement notices, not the provision of the service itself nor other CDN service provider,” he explains.

“Cloudflare also argues that to avoid their legal liability, it would need to suspend CDN services for a website based on a notice rather than a formal order from an independent court, significantly increasing the potential for abuse. However, this judgment states, citing several reasons, that our infringement notice properly shows the URLs to the infringing content, and that upon viewing those URLs, it was immediately obvious they were pirate sites.”

Attorney Hirai says Cloudflare’s arguments are “highly self-defensive and contain numerous errors.” The publishers true aims are actually quite straightforward.

A Decision That Aligns With Cloudflare Policy

“What we are demanding is a very general act of ceasing to aid such crimes. Restricting the provision of global services is not the solution we seek, nor is it aligned to this judgement,” Hirai explains.

“What we are seeking is for Cloudflare to promptly cease providing services once the sites are notified as pirate sites, and to implement appropriate measures such as identity verification to prevent repeat infringers.

“These requests from us also align with Cloudflare’s policy in its statement to media outlets, of ‘not hesitating to cooperate in combating piracy’”

From: TF , for the latest news on copyright battles, piracy and more.

For many pirate sites and apps, ad revenue is the only viable lifeline. This is why the advertising industry is an important ally in the fight against piracy.

Over the years, several ad-focused anti-piracy initiatives and partnerships have tried to prevent branded ads from appearing on these sites.

This includes a European Union-led Memorandum of Understanding (MoU) in which several leading advertising companies, including Google, signed up to play their part. The origins of this agreement date back to 2016, and the EU Intellectual Property Office ( EUIPO ) has monitored progress ever since.

The latest report on the state of the pirate advertising landscape was published this week . As in previous years, the EUIPO commissioned UK-based research firm White Bullet to provide a detailed overview of what types of ads appeared on pirate sites throughout 2024.

The report looked at advertisements on 7,250 websites and 398 mobile applications across 18 EU member states. All ‘pirate’ sites and apps provided access to copyright-infringing content and were classified as either “illegal” or “high-risk”.

White Bullet compiled a similar advertising report for EUIPO in 2021, which makes it possible to measure progress over the past four years.

Major Brand Ads Surge 567% on Pirate Sites

The headline figures reported by EUIPO this week suggest that advertising volume on piracy sites grew rapidly throughout last year. Globally (EU+UK+US), the monitored websites generated 28.3 billion ad impressions over the year, with a 92% increase in impressions from the first to the fourth quarter.

More concerning, perhaps, is that adverts run by major brands are still common on pirate sites. No names are mentioned in the report, but EUIPO notes that advertising impressions from major brands increased 567% between 2021 and 2024.

Overall, branded advertising accounted for 61% of ad impressions on monitored websites and 96% on the monitored apps. This includes ads for both major and less-well known brands.

The EUIPO highlights this significant increase in its “main conclusions” alongside some other concerning developments.

The report explicitly links this resurgence of major brand ads to a breakdown in industry cooperation, noting that education campaigns for advertisers were halted right before the spike occurred.

“The massive growth in Major Brand advertising on IPR-infringing websites may be correlated with the 2023 termination of several coordinated outreach programmes focused on educating brands that had been placing advertising on IPR-infringing websites,” EUIPO’s report reads.

It’s all Relative

While the headline numbers reported by EUIPO are correct, they deserve some nuance. The number of ad impressions on pirate sites by major brands did not increase 567%; not by a long shot.

What the report found is that major brand ads went from just 3% of all ad impressions on websites in 2021, to 20% of all ad impressions in 2024. While that technically represents a 567% increase in market share, the number of displayed ads tanked at the same time.

Across all monitored countries, ad impressions on pirate sites crashed from 146.1 billion in 2021 to 28.3 billion in 2024. So, the total number of ads on these sites fell by roughly 80%.

While the “567% increase” statistic is technically accurate when looking at relative market share, the increase is largely driven by the collapse of low-quality, non-brand ads. In real terms, the number of major brand ads served increased by roughly 30%.

Fraud & Malware Increase/Decrease

The same logic applies to a reported surge in fraud and malware advertising, which was also highlighted in the EUIPO’s main conclusions.

“The report also notes a 250% increase in fraud and malware advertising from 2021 to 2024, showing that infringing websites not only exploit brand reputations but also expose users and advertisers to broader digital risks,” EUIPO writes.

Again, this 250% increase is relative. Looking at the absolute numbers, fraud and malware ads actually decreased by roughly 1.8 billion impressions from 2021 to 2024. That’s roughly a ~31% reduction in malicious ads.

The above makes it clear that absolute and relative comparisons can show an entirely different picture. This is largely attributable to a key change that took place over the past few years, which, strangely enough, is not mentioned in EUIPO’s main conclusions.

EU: Pirate Ad-Impressions & Revenue Plunged

The fact that the EUIPO report found an unprecedented 80% drop in pirate site ads receives very little attention. Yet, the numbers clearly show that, in the 18 monitored EU Member States, pirate site ad impressions also plunged: from 70.3 billion in 2021 to 14.4 billion in 2024 .

The report links this drastic decline to an increasingly fragmented landscape of pirate sites, leading to lower traffic numbers overall. That sounds like a welcome result, but in the report the finding receives no obvious emphasis.

The same applies to the associated decrease in advertising revenue for pirate sites. The report notes that the advertising revenues from the monitored countries dropped 78%, from €102.5 million in 2021 to €22 million last year .

The Missing Number: €8.29 per day

While the EUIPO focuses mostly on the relative increases of major brand ads and fraud advertisements, one key number was not highlighted. That is, the average estimated revenue these 7,250 sites generate per day from visitors in the 18 monitored EU countries.

That number is not reported, but if we crunch the numbers, we see that the average pirate site generates roughly €8.29 per day from these EU users.

The EUIPO report puts the global revenue of these sites at ~€91 per day. This leads to the logical conclusion that the EU advertising traffic only represents a fraction of the total income of these sites. That’s worth calling out, we think.

—

The full report, which includes many more data points and intriguing statistics, is available here (pdf) .

From: TF , for the latest news on copyright battles, piracy and more.

Offering a wide range of services useful for the majority of websites, including many provided completely free of charge, Cloudflare continues on an upward trajectory.

While its popularity isn’t in question, Cloudflare’s stance on copyright issues has placed it at odds with copyright holders who believe that the company should do more to fight against piracy.

For its part, Cloudflare counters that its policies are in line or exceed legal requirements, including those established in the United States where, under appropriate circumstances, the company cannot be held liable for infringement carried out by its customers.

Complaint and Settlement (2018/2019)

Disappointed by Cloudflare’s stance in response to their allegations concerning several manga piracy sites, in 2018 major publishers Shueisha, Kodansha, Kadokawa, and Shogakukan filed a motion at the Tokyo District Court.

They argued that since Cloudflare was in a position to curtail infringement, the company should stop providing services to the pirate sites. Caching and replicating the sites’ content was described as especially problematic, with the publishers arguing that this amounted to Cloudflare delivering infringing content to the public.

A 2019 settlement with Cloudflare wasn’t revealed until 2020 but the premise was fairly straightforward. If the Tokyo District Court ruled that the sites in question were illegal, Cloudflare would “stop the replication of the sites to Cloudflare’s servers in Japan,” the publishers said .

Publishers File a Copyright Lawsuit in Tokyo

Late January 2022, it was reported that the same publishers were again preparing to sue Cloudflare in Japan over its provision of services to known pirate sites.

The publishers said that they requested Cloudflare to bring the infringements to a halt and Cloudflare advised that they had “taken the necessary measures.” When technical analysis revealed that the pirate sites were still using Cloudflare’s services and cache, legal action was inevitable.

Within days the publishers revealed a “partial claim” against Cloudflare, concerning just four copyrighted works, one for each of the manga publishers. Their claim for damages was a relatively modest US$4m but arguably more important was the request for an injunction. That would not only restrain the company in the current action, it would also establish ground rules for similar disputes moving forward.

“With regard to the infringing content illegally stored on the sites, we asked Cloudflare to stop the temporary reproduction (cache) on the company’s servers in Japan [and] terminate their contracts with pirate sites that are clearly illegal,” the companies said.

Cloudflare said that it had gone “above and beyond its obligations” to assist rightsholders in Japan, including by adopting an abuse process to connect rightsholders with hosting providers “actually able to remove infringing content from the Internet.”

Tokyo Court Declares Cloudflare Liable

After a wait of more than three and a half years, the Tokyo District Court rendered its decision this morning. In a statement provided to TorrentFreak by the publishers, they declare “Victory Against Cloudflare” after the Court determined that Cloudflare is indeed liable for the pirate sites’ activities.

In a statement provided to TorrentFreak, the publishers explain that they alerted Cloudflare to the massive scale of the infringement, involving over 4,000 works and 300 million monthly visits, but their requests to stop distribution were ignored.

“We requested that the company take measures such as stopping the distribution of pirated content from servers under its management. However, Cloudflare continued to provide services to the manga piracy sites even after receiving notices from the plaintiffs,” the group says.

The publishers add that Cloudflare continued to provide services even after receiving information disclosure orders from U.S. courts, leaving them with “no choice but to file this lawsuit.”

Factors Considered in Determining Liability

Decisions in favor of Cloudflare in the United States have proven valuable over the past several years. Yet while the Tokyo District Court considered many of the same key issues, various factors led to a finding of liability instead, the publishers note.

“The judgment recognized that Cloudflare’s failure to take timely and appropriate action despite receiving infringement notices from the plaintiffs, and its negligent continuation of pirated content distribution, constituted aiding and abetting copyright infringement, and that Cloudflare bears liability for damages to the plaintiffs,” they write.

“The judgment, in that regard, attached importance to the fact that Cloudflare, without conducting any identity verification procedures, had enabled a massive manga piracy site to operate ‘under circumstances where strong anonymity was secured,’ as a basis for recognizing the company’s liability.”

The publishers confirm that the litigation involved one protected work per company and that the overall damages recognized in the judgment total approximately 3.6 billion yen (US$24 million). However, since their claim sought to recover less than the damages suffered, the judgment against Cloudflare of 500 million yen, around US$3.2 million, isn’t as punishing as it could’ve been.

Moving Forward

The publishers believe that the judgment clarifies the conditions under which a company such as Cloudflare incurs liability for copyright infringement. Failure to carry out identity verification appears at the top of the publishers’ list, followed by a lack of timely and appropriate action in response to infringement notices sent by rightsholders.

“We believe this is an important decision given the current situation where piracy site operators often hide their identities and repeatedly conduct large-scale distribution using CDN services from overseas. We hope that this judgment will be a step toward ensuring proper use of CDN services. We will continue our efforts to protect the rights of works, creators, and related parties, while aiming for further expansion of legitimate content,” the publishers conclude.

Cloudflare May Have Already Signaled its Response

According to Japanese media , Cloudflare plans to appeal the verdict, which was expected. In comments to the USTR last month, Cloudflare referred to a long-running dispute in Japan with the potential to negatively affect future business.

“One particular dispute reflects years of effort by Japan’s government and its publishing industry to impose additional obligations on intermediaries like CDNs,” the company’s submission reads ( pdf ) .

“A fully adjudicated ruling that finds CDNs liable for monetary damages for infringing material would set a dangerous global precedent and necessitate U.S. CDN providers to limit the provision of global services to avoid liability, severely restricting market growth and expansion into Asian Pacific markets.”

Whether that heralds Cloudflare’s exit from the region is unclear. The statement to the USTR seems to suggest that the company knew that a decision was coming and probably wouldn’t reflect the protections available to it in the United States.

From: TF , for the latest news on copyright battles, piracy and more.