Having covered hundreds of arrests and dozens of convictions for piracy-related offenses over the years, news of another person going to prison is nothing out of the ordinary. See enough of these reports and in theory the impact will start to diminish.

In the media, the one-size-fits-all portrayal of those convicted can at times blur any number of cases into one. Often depicted as hard-nosed experienced criminals, torn from the same despicable cloth, nothing of importance is mentioned to separate them. A name, age, a list of crimes, and a figure indicating the damage caused, lead to the most important detail of all; how many months or years they will deservedly spend behind bars and why nobody should waste a moment’s sympathy.

For the most persistent, hardcore pirates, who understand the risks and take them anyway, prosecution is an occupational hazard and those cases are taken for what they are. Yet the same can’t always be said about those who seem to drift gradually into activities now viewed as serious crime, often on a part-time basis, alongside their otherwise productive, responsible, law-abiding lives.

When prosecutions end up in court, no matter who committed them, the alleged crimes tend to look almost the same, regardless of the specific law underpinning the prosecution. The people behind them are not, however. The prosecution of former headmaster Paul Merrell stands out as a prime example.

The Gateway Drug: Facebook

The background to Merrell’s conviction is as non-typical as these cases go. While working as a deputy headteacher at a school in Coventry, a school an hour’s drive away was sending out distress signals. In dire need of a headmaster but unable to afford one, Merrell took the job on for a £13,000 reduction in salary and started to turn the school’s fortunes around. For this he deservedly received universal praise.

In parallel, Merrell had reportedly learned about IPTV on Facebook. As a new customer, subsequently purchased a subscription from a then relatively unknown provider called Flawless TV. Had a crystal ball been available back in 2017, Merrell would’ve observed the operators of Flawless being sent to prison in 2023 for more than 30 years.

Media Maverick

Without the benefit of such foresight, Merrell continued to run a school during the day and began reselling Flawless subscriptions on the side. By now operating under the name Media Maverick on social media, customers hoping to watch Sky TV and BT Sport were in plentiful supply. And at just £10 per month, presumably more than happy with the 90% discount versus official packages.

Whether the success of the business proved too intoxicating, or extra money became too useful, is unclear. But instead of jumping off the runaway train on track for disaster, Merrell strapped in and began declaring around £25,000 in profits to HMRC each year under the heading “educational resources and online support.”

Those declarations were clearly dishonest; or maybe, given his otherwise excellent character, that was Merrell’s way of ensuring he paid at least some tax as a small token of his underlying honesty. Even in the event that was true, to rightsholders, investigators, and the police, that means absolutely nothing.

The Beginning of the End

In April 2020, an investigator made a test purchase from Media Maverick, paying £10 through PayPal to an account operated by Merrell. Three days later the investigator logged into the Media Maverick service and accessed multiple commercial channels, including streams belonging to Sky and BT Sport. Merrell suspected nothing, and when the investigator bought another subscription in November 2020, that didn’t change.

Late January, 2021, a warrant was executed at Merrell’s home, and five electronic devices were seized. In a subsequent interview Merrell admitted that he’d serviced 1,000 customers since 2017, a figure later revised to 2,000 by 2021.

An analysis of the seized devices revealed that Merrell’s revenue was more than the £25,000 declared annually to HMRC. In total, Media Maverick had generated over £400,000 in subscription payments.

On October 27, 2023, at Birmingham Crown Court, Merrell changed his plea to guilty on charges of possessing, selling, or distributing a device designed to circumvent technical measures, and for providing, promoting, advertising, or marketing a service for that purpose.

In a sea of similar prosecutions for serious criminal fraud, a prosecution for ‘circumventing technical measures’ lacks the same sinister tone, despite being directly linked to the same underlying acts. At sentencing in February, the punishment was 12 months’ imprisonment on each count, to run concurrently.

Request for Sentence to Be Suspended

Merrell’s request to reduce the custodial sentence to 12 months suspended led the Court to examine various aspects of the offending and to consider whether the original sentence was appropriate.

From the beginning, the odds are stacked against those convicted of these types of crimes. Since this type of offending can be difficult to detect and investigate, a relatively rare conviction can be seen as an opportunity for the court to hand down a deterrent sentence, unless other aspects of the case indicate otherwise.

Too Long, Too Much

In this case the duration of the offending spanned four years and didn’t end until the search warrant was executed. During that four-year period, significant profits were made causing financial damage to broadcasters, the court said. The exact amount proved impossible to determine, but an estimate by the judge indicated that over the four years, between £2 million and £3 million in revenue was diverted away from the broadcasters.

While mindful of significant personal mitigation in Merrell’s case, the offending was not considered amateur, minor, or short-lived. That was another factor in favor of a custodial sentence, on top of the alleged damage to broadcasters.

Surely, a positive could be found in Merrell’s otherwise good character, his work at the school where he took a significant pay cut, perhaps? The Court of Appeal did consider his role as headmaster; by questioning whether the offending was compatible with the running of a school.

Risk vs. Reward vs. The Unknown

Overall, the Court found that the seriousness of the offending outweighed the arguments in favor of a suspended sentence. Only immediate custody would ensure appropriate punishment for the crimes committed.

With that the appeal was denied, but was that the right decision? Through the prism of his dedication to teaching, investment in family, a previously clean record, and the unlikely prospect of any type of future offending, probably not. From the side of the prosecution, absolutely.

News of another arrest next week or next month, of someone who knew exactly what they were doing, may not move the needle. The arrest of someone who thought they knew what they were doing, and risked a lifetime of hard work, personal achievement, and family life, before everything went wrong, isn’t a hard luck story. It’s a tragedy.

From: TF , for the latest news on copyright battles, piracy and more.

With war still raging in Ukraine, writing about the collateral damage to Russia’s cinema industry seems vanishingly unimportant.

When Disney, Warner Bros., Sony Pictures, Paramount, and Universal left the Russian market, some celebrated their exit as a positive for local cinema. Opportunities for local filmmakers would appear in greater numbers than ever before, some assured, and the entire ecosystem would only thrive without unwanted Western influence.

Market Forces Unite, Demand Hollywood Movies

Having given the cinema and film industries few reasons for optimism in a post-covid and now wartime environment, official advice included increased collaboration with counterparts in ‘friendly’ countries. Full potential could be realized relatively soon; perhaps in as little as five years, but probably not much longer than a decade.

By the end of 2022, amid a lack of Hollywood premieres, the revenues of the largest Russian cinema chains had fallen by almost half, with losses quickly reaching several billion rubles. Fortunately, collaborating with colleagues in neighboring countries turned out to be great advice. Working with friendly entrepreneurs in Kazakhstan and other CIS countries, Hollywood movies destined for those regions also premiered on big screens in Russia, in all their unlicensed glory.

With a nod and a wink, a few cinemas had previously been offering private screenings of pirated movies. In July 2022, an estimated 16 cinemas took part; a week later it was 128 .

A later refinement involved ‘pre-screening’ services; people who bought a ticket to watch a short local movie found that a Hollywood movie, unavailable to watch legally in Russia, was included in the price. Avatar: The Way of Water , Top Gun: Maverick, and Dune: Part Two performed so well in Russia they appeared in box office rankings.

By the end of 2023, analysts claimed that Hollywood movies made available via ‘shadow distribution’ accounted for 20% of all box office revenues ; others believed it could’ve been as much as a third .

Pirated Content Blamed For Undermining Legal Market

Over the last two years, various politicians have sought to link movie piracy to the war in Ukraine. Former Russian President Dimitry Medvedev was more blunt than most when proclaiming that after a change in the law, all intellectual property owned by U.S. companies should be considered fair game.

Screening unlicensed or pirated movies without rightsholders’ permission is illegal in Russia. It’s also illegal to distribute movies that have not received state certification. Hollywood movies are no exception; no certificate from the Ministry of Culture, no distribution allowed.

During a strategic session on the development of domestic cinema, held early October by Prime Minister Mikhail, the activities of regional cinema chains were discussed. Specifically, cinemas that screen uncertified Hollywood films in the ‘pre-screening’ format.

Whether promises will provoke any physical action is unclear, but according to an RBC source, the next stage will see authorities carrying out “intensified checks” at cinemas “in the near future.”

Exactly how far in the future is unknown but arguably anytime now might be a good fit.

Box Office Results for H1 2024 – Depressing and Catastrophic

• Total cinema tickets sold in Russia H1 2024: 73.1 million (4.2 million screenings)

• Total cinema tickets sold in Russia H1 2019: 113.1 million (5.0+ million screenings)

Quoted by VC.ru , Pavel Ponikarovsky, board member at the Association of Cinema Owners (ACO), described the first six months of 2024 as “depressing” and the lack of quality content, “catastrophic.”

Olga Zinyakova, head of the Karo cinema chain, bemoaned the lack of quality content before inadvertently confirming that whether pirated or not, Russians will pay money to watch American films, even at the expense of legal Russian content.

“Pirate screenings take viewers away from official distribution, and until this issue is resolved, legal content will lose at the box office,” Zinyakova said.

For comparison, the bloc to the west of Russia has a thriving cinema industry. It not only pays the going rate for movies but also demonstrates impressive growth while doing so.

According to the Innovation and the Big Screen report 2024 ( pdf ) published in April by the International Union of Cinemas, box office revenues increased 25% in 2023.

Legal Streaming Platforms Surge in First Half of 2024

At the same meeting in early October, further discussion concerned the need to strengthen the fight against piracy of Russian films and TV series, such as those currently available from Russia’s legal streaming services.

Unlike their bricks and mortar equivalent, Russia’s online streaming platforms showed impressive gains in the first half of 2024. According to data published by TelecomDaily , earnings were reportedly up by more than 42% when compared to the same period last year.

Market leaders Kinopoisk, Ivi, Wink, Okko, Kion, Start, and Premier, account for more than 97% of the market in monetary terms. However, what really catches the eye are the revenue increases when compared to the first half of 2023.

Additional growth during the next few years doesn’t seem unlikely, but the bigger question relates to Hollywood movies. When they eventually return to Russia, whether that takes 5, 10, or 15 years, it will be interesting to see the effect on the online cinema market. In theory the theatrical market too, but it could already be too late.

From: TF , for the latest news on copyright battles, piracy and more.

Manga and anime have become increasingly popular in recent years. These formats originate in Japan but are now popular all over the world .

Available in static and animated form, ‘hentai’ describes the adult versions of the above, which also has growing audience of many millions of fans.

As with any type of media, not all consumers are paying for access. Many people prefer ‘free’ websites instead, such as nHentai.net, which had nearly 80 million visits in June this year.

Target: nHentai

Rightsholders are not happy with these free platforms and many have classified nHentai as a brazen pirate site that shouldn’t be allowed to operate.

This summer, California company PCR Distributing, which operates under various brands, including J18 and JAST USA, took action. The company tried to obtain a DMCA subpoena requiring Cloudflare to hand over all identifying information it has on the site’s operators.

DMCA subpoenas have proven to be an effective legal tool to gather information. In this case, however, nHentai’s operators decided to intervene, asking the court to quash the subpoena . While that could have been an interesting legal battle, PCR voluntarily dismissed the matter and decided to file a full-fledged lawsuit instead.

PCR Sues nHentai

In a complaint filed at a California federal court in August , PCR described nHentai as a popular ‘pirate’ site with dozens of millions of visitors. The site shares copyrighted material without obtaining permission from rightsholders, the company informed the court.

“[Nhentai] hosts a vast collection of hentai works, including commercially produced content, much of which, based on information and belief, is shared without proper authorization from the owners,” the complaint reads.

PCR further argues that nHentai can’t rely on a DMCA safe harbor as the operators allegedly uploaded the infringing content directly and then failed to respond to takedown requests.

Early Discovery

PCR didn’t waste any time renewing its earlier efforts to unmask the operators of nHentai. The rightsholder filed a motion for early discovery, requesting subpoenas to obtain information from NameCheap, Cloudflare, and Lanoto Solutions.

The requested information includes names, addresses, login information, billing records, server logs, IP addresses, email exchanges, and IP login information related to the NHentai.net accounts.

“Plaintiff seeks the identities of Defendants, the owners and operators of nHentai, who have taken measures to conceal their identity,” PCR wrote, noting that the subpoenas would help to establish relevant detail.

nHentai Opposes

Nhentai swiftly opposed this request, citing serious privacy concerns. The site doesn’t want its login information and financial records, including complete credit card numbers, to be exposed.

As a further precaution, the site also asked the court for a protective order, to ensure that if early discovery is granted, none of the identifying information will end up in public.

While this response was expected from the site, nHentai’s memorandum adds new information that puts the copyright infringement complaint in a new light. According to the defense, PCR previously gave the site permission to use its content.

Permission Granted?

Nhentai’s attorney says that a representative of plaintiff’s brands gave written permission via email to use J18 Publishing’s content. In the same email, it also inquired about running paid ads on the site.

“Plaintiff has repeatedly given Nhentai.net permission, in writing, to use Plaintiff’s content. Plaintiff expressed on multiple occasions that it does not want Nhentai.net to stop using its content,” nHentai informed the court.

“In fact, Plaintiff wants Nhentai.net to use it so that Plaintiff can amass even more money from the sexually explicit materials Plaintiff sells. Plaintiff has even offered to pay Nhentai.net to run ads on its website to accomplish this goal.”

One of the emails in question, posted below, clarifies that “this isn’t a takedown request or a DMCA”, offering a collaboration instead.

In another email, also cited in the legal paperwork, PCR’s representative sent a spreadsheet of over 3,300 links, which nHentai was ‘permitted’ to share. In yet another email, the company indicated that it was considering paying nHentai for banner ads.

PCR Responds

This week, PCR responded to nHentai’s opposition and the newly revealed details. According to the rightsholders, there’s nothing that should prevent the court from granting the subpoenas.

“Plaintiff is not seeking information about end users, their credit card numbers or any of the parade of horribles cited by Defendant. All of the information sought is limited to information about the operators of this website,” PCR notes.

The response doesn’t dispute that the cited emails are legitimate but even if they are, that doesn’t establish a license or consent to use PCR’s copyrighted content.

“Here, to support their non-exclusive license, Defendants merely cite invitations to bargain and prior negotiations. Under California law, an invitation to bargain is not an offer.”

In addition, PCR points out that after the ‘unauthenticated’ emails, it sent several DMCA takedown notices that were ignored. This is why PCR decided to go to court, hoping to identify the operators.

“Plaintiff’s brief also […] ignores the fact that before this case was filed Plaintiff sent multiple DMCA takedown notices and recently served a DMCA subpoena on in an attempt to identify Defendant, thus dispensing with the notion there was some sort of ‘permission’,” PCR writes.

The court has yet to rule on the motion for early discovery, but the details released so far suggest that this case may present some intriguing twists and turns as it progresses toward trial.

—

A copy of nHentai’s motion for a protective order, citing the emails mentioned in this article ,is available here (pdf) . PCR’s response can be accessed here (pdf) .

From: TF , for the latest news on copyright battles, piracy and more.

More than twelve years after an unprecedented law enforcement operation shut down file-sharing giant Megaupload, founder Kim Dotcom remains in New Zealand.

The battle to avoid extradition to the United States has been fought tooth and nail, year in and year out, in various New Zealand courts.

With no stone left unturned, no expense spared, and no point of leverage too microscopic to test to destruction, no person alive can claim the process wasn’t thorough.

Start to finish, less time was spent constructing Burj Khalifa, the world’s tallest building in Dubai, but suddenly in August, the Dotcom saga was suddenly declared over. New Zealand Justice Minister Paul Goldsmith put pen to paper and authorized Dotcom’s removal to the country he blames for almost everything .

Celebrations Start Early in the U.S.

If Dotcom’s request for judicial review means he stays a few more months in New Zealand, the entire calendar from arrest to extradition will span a Prohibition-beating 13+ years. But whatever happens, corks are already popping across the Atlantic.

At CreativeFuture, a coalition of more than 500 companies and organizations on a mission to eliminate piracy through the promotion of creativity and legitimate content, the last few gallons of moonshine clearly haven’t gone to waste.

“In August 2024, we learned that one of the internet era’s leading jackasses will be, at long last, extradited from New Zealand to the United States,” a delighted CreativeFuture begins.

“Once here, Kim Dotcom will FINALLY face trial on charges of copyright infringement, racketeering, money laundering, and wire fraud. Dotcom is WAY overdue for a reckoning.”

Celebrating Extradition Through The Sharing of Knowledge

The theme of the CreativeFuture celebrations is clear from the image above; a decade of frustration transformed into a festival of information sharing/testing, possibly hosted by Ellen DeGeneres.

“It has been over TWELVE YEARS since Dotcom, owner of the notorious piracy site Megaupload, was indicted. Do you recall how flagrantly he stole from creatives? Are images of his mansion and luxury cars seared into your brain? They might be! They are certainly seared into ours!”

Presented in the familiar multiple choice format of The Price Is Right, the full quiz is available on the CreativeFuture website .

Everyone is invited to join in but remember: it will only be possible to win if answers conflate the allegations in the indictment with established fact. Good luck!

From: TF , for the latest news on copyright battles, piracy and more.

In August, Cox Communications filed a petition at the U.S. Supreme Court, requesting a review of the Fourth Circuit ruling that held the company contributorily liable for pirating subscribers.

The Internet provider ultimately challenged the $1 billion jury verdict from 2019, which went in favor of the major record labels.

Labels Petition Supreme Court over Piracy Profits

As Cox petitioned the Supreme Court, the music companies filed their own petition, hoping to strengthen the verdict. Specifically, they argued that the ISP should also be held liable for vicarious copyright infringement.

In this case, and similar ones filed against Bright House and Grande, courts previously rejected the vicarious infringement claims, holding that there is no causal link between the pirating activities and the financial benefits.

The major record labels, including Sony and Universal, want the Supreme Court to take a closer look at the “profit motive”. They asked the Court to consider whether an ISP must profit directly from the infringement itself, or if profiting from the overall operation in which the infringement occurs is enough.

Repeat Infringers vs. Dance Halls

The music companies argued that Cox profited from subscription revenue it would not have otherwise obtained if it had terminated the accounts of customers who were repeat infringers. Between February 2013 and December 2016, Cox received $208 million in revenue from subscribers who received three or more piracy notices.

To support this argument, the music companies cited the dance hall cases , in which courts have held that the owners of venues can be held liable for copyright infringement committed by performers they hire.

The petition further cited the Supreme Court’s holding in Herbert v. Shanley Co. that a hotel could be held liable for the infringing performance of an orchestra it employed. The Court concluded that the hotel profited from the performance, even though visitors only paid for their meal, not the music.

Cox Opposes Petition

In an opposition brief filed this week, Cox asks the Supreme Court to deny the petition. According to the Internet provider, the plaintiffs present a “radical new theory” that would make service providers liable, simply because they offer Internet access.

“Under this theory, the plaintiff need not prove that the ISP is in the least bit culpable, that it knew about the infringement, or that it made a single extra penny because of the infringing activity,” Cox informs the Court.

“In other words, because Cox, like any ISP, has a financial interest in offering internet service to customers, it is liable for anything those customers do online. To state the argument is to refute it. There is no such form of liability—not in copyright law or anywhere else.”

Responding to the ‘hotel orchestra’ argument, Cox notes that in that case the infringing performance acted as a ‘draw’ for potential customers. There’s no such draw in this case, as pirated content is available though all ISPs, this reasoning suggests.

Cox stresses that the Fourth Circuit correctly rejected the vicarious copyright infringement allegations. It sees no reason for the Supreme Court to consider the case, arguing, among other things, that there is no real disagreement in lower courts on this matter.

As further support, ISP cites the Supreme Court’s holding in Grokster, which stated that vicarious liability requires proof that the defendant profited directly from the infringement. That’s not the case here, it notes.

Draconian Internet Police

In recent filings, Cox has put a lot of emphasis on the broader societal impact this case may have. If the labels have their way, it could mean that ISPs are ‘forced’ to terminate accounts of many thousands of subscribers, solely based on rightsholders complaints.

“ISPs would not only be required to execute mass internet evictions at the slightest allegation of copyright infringement, but they would need to police the internet and terminate users upon any hint or accusation of misconduct practices as invasive as they are draconian.

“That would imperil the livelihoods, safety, and social connections of a massive universe of downstream users who rely on internet connections to run businesses, pay bills, apply to jobs, read the news, connect with friends and family, petition their representatives, and attend school.”

A verdict that goes against Cox will also mean significant financial consequences for the ISP, hence the decision to fight the matter up to the Supreme Court.

If the Supreme Court decides to take on this case, it will undoubtedly result in a landmark decision; for Cox, for rightsholders, and for the public at large. The same is true for Cox’s petition , which is still under review.

—

A copy of Cox Communications’ opposition brief, filed Monday at the Supreme Court, is available here (pdf)

From: TF , for the latest news on copyright battles, piracy and more.

Last year, the NFL asked the U.S. Government’s Patent and Trademark Office to help tackle live-streaming piracy.

Together with the NBA and UFC, the football league asked the government to make DMCA takedown requests more effective.

NFL argued that when it comes to live sports streaming, long delays render takedown requests practically useless, as most of the value of live sports content lies in its real-time nature.

NFL vs. Pirates

Ideally, online services should be required by law to remove infringing content “instantaneously or near-instantaneously”, the sports companies argued. This includes social media platforms, where pirate streams are often openly advertised.

“Pirates have shown increasing sophistication in terms of the quality of their livestreams and now display livestreams in a way that often renders the final product indistinguishable from the legitimate feed,” NFL, NBA, and UFC explained.

“To garner maximum viewership of the pirated content, enterprising pirates will post ‘advertisements’ on major social media platforms that drive traffic to off-platform sites where people can watch unlawful livestreams of live sports event content without paying a dime.”

The sports leagues stressed that widespread piracy hurts their revenues. This impacts everyone involved in the sport, including the highest-paid athletes. However, that doesn’t mean that these players are unanimously rallying against piracy.

NFL Player Tunes in to Methstreams

Even some of the sport’s biggest stars, including LeBron James , have reportedly used pirate streaming sites. And this weekend, another player was added to the list after the injured Seattle Seahawks cornerback Tariq Woolen apparently tuned in to Methstreams to watch his own team play.

This was revealed in an Instagram story where Woolen shared an image clearly displaying the streaming site’s URL.

It’s not every day that we see professional players publicly tune into pirate streaming sites. After being picked up by ᴅᴏxx on X , the image was further shared by Tanner , through which it eventually reached the feed of reputable NFL news aggregator Dov Kleiman .

“Seahawks CB Tariq Woolen was using MethStreams to watch today’s NFL games. He makes over $1 million a year,” Kleiman wrote.

‘It’s Free’

The news eventually made it back to the Seahawks cornerback, who didn’t seem all that concerned. Whether NFL bosses share his casual attitude towards piracy is questionable, however.

Ironically, while Woolen was watching the game, NFLs anti-piracy partners were working hard to take pirate streams offline. Keeping an eye on Methstreams.com and other pirate sites with links to unauthorized broadcasts is par for the course.

Sunday’s game between the Seattle Seahawks and the Atlanta Falcons was no exception, as this takedown notice shows . Despite these efforts, some people still found their way to pirate sources.

—

From: TF , for the latest news on copyright battles, piracy and more.

After blocking Cloudflare in February, the reputation of Italy’s Piracy Shield IPTV blocking system found itself on life support; it wasn’t actually dead, though, at least not yet.

Acceptance by those responsible that things needed to improve, with an olive branch extended to the experts previously ignored, would’ve been viewed as a positive step. Instead, initial denial led to reluctant acceptance that something had indeed happened, but it was insignificant and if anything, Cloudflare was largely to blame. Then came the double down; followed by another, and then another.

After suing Cloudflare to compel its participation in Piracy Shield, Serie A lost the lawsuit yet still managed to come out on top. Legal amendments passed into law this month make Piracy Shield cooperation mandatory and for good measure, internet service providers now face a potential prison sentence for failing to report piracy. Italian citizens, meanwhile, were put on notice of automated piracy fines arriving in the mail.

Oppression Will Continue Until Morale Improves

When Google Drive was blocked in error on Saturday night, the mood among observers – some of whom belong to the ‘ignored’ group mentioned above – was one of disbelief. The most famous internet domain ever to exist had simply walked through every security check before blocking measures denied service to millions of innocent Google users.

On Sunday, to a background of lingering blocking still causing issues, a timely live discussion took place on YouTube. Hosted by corporate reputation expert Matteo Flora, participants included (left to right, full list here ) former AGCOM Commissioner Antonio Nicita, current AGCOM Commissioner Massimiliano Capitanio, and former member of parliament, IT expert, and founder of Rialto Venture Capital, Stefano Quintarelli.

For context, Quintarelli’s latest blog post is titled “#PiracyShield, 10.19.2024 the largest cyber attack in Italy.” Would Massimiliano Capitanio be able to say anything to assure those in attendance that everything is under control and there’s nothing to worry about?

Blocking Google Drive “Should Not Happen Again”

Capitanio acknowledged the seriousness of blocking Google Drive and said this should not happen again. He characterized the incident as a “distraction” and a “serious problem” but took no responsibility and stopped short of issuing an apology.

AGCOM’s commissioner went on to defend the regulatory framework and technical ability of the Piracy Shield platform. As for the blunder, that was put down to an “erroneous report” filed by a rightsholder, most likely part of a batch of legitimate reports that didn’t cause chaos.

Blocking Blunders Must Not Derail Piracy Fight

Capitanio repeatedly refused to say who was directly responsible but pointed in the general direction of Serie A, Sky, and DAZN, the three entities that currently account for most if not all live blocking in Italy. Pointing out that 600 domains and 200 IP addresses associated with pirate services were disabled on the same day without issues, Capitanio insisted that the blunder must not be allowed to detract from the mission in hand; combating illegal streaming services and the organized crime behind them.

Indeed, Capitanio’s own focus on blocking to protect football was absolute. There was no concern expressed towards Google or the millions of users affected by the extended blackout, only defense of the Piracy Shield system. Ultimately, however, Google was never likely to be considered a victim if there was any chance it could take some of the blame.

Once again, Capitanio criticized Google and Cloudflare for not registering with the Piracy Shield platform. If Google had done so, Capitanio said, the details of Google Drive’s infrastructure could’ve been put on the national “do not block” list in advance, thereby avoiding the negative effects of Saturday night’s blocking blunder.

AGCOM’s chief then went on to complain about Google’s refusal to delete Android apps already installed on users devices and other measures AGCOM regularly demands, none of which are required by law.

A Dire Warning From Stefano Quintarelli

Quintarelli believes that piracy needs to be combated but has little faith that the current reliance on blocking mechanisms through intermediaries is effective. Indeed, reliance on a solution like Piracy Shield is likely to be both ineffective and introduce new problems, such as the overblocking and collateral damage seen last weekend.

Of more concern is his belief that the inherent insecurity of the Piracy Shield platform introduces a “huge systemic vulnerability” that eclipses the fight against piracy. Italy now has a system in place designed to dramatically disrupt internet communications and since no system is entirely secure, what happens if a bad actor somehow gains control?

Quintarelli says that if the Piracy Shield platform were to be infiltrated and maliciously exploited, essential services like hospitals, transportation systems, government functions, and critical infrastructure would be exposed to catastrophic blocking. Stefano Zanero and host Matteo Flora both expressed concern that lives could be at risk if blocking targeted life-supporting services.

That wouldn’t necessarily require a state actor with malicious intent, just someone with access to the current system untrained enough to consider the most popular domain in the world a legitimate target.

None of the rightsholders mentioned by Capitanio took part in the discussion. If any had attended, they could’ve explained why the commissioner’s enjoyment of an entirely legal stream provided by DAZN also faced interruption Saturday night due to the same blocking blunder.

From: TF , for the latest news on copyright battles, piracy and more.

Every year, the US Trade Representative (USTR) asks interested stakeholders to identify ‘notorious’ foreign piracy markets.

Responses typically list the Pirate Bays of this world, but they also mention websites and services that don’t see themselves as pirate markets.

Polish video-on-demand (VOD) platform CDA.pl falls in the latter category. The video platform has been flagged as a notorious pirate service by the MPA since 2018. While CDA has filed several rebuttals, the movie industry group continues to double down on its claims.

In the most recent recommendation, CDA was highlighted again , with the MPA describing it as “Poland’s most popular piracy website, with traffic levels eclipsing several legitimate video-on-demand services in the country.”

CDA Rebuts MPA’s Piracy Claims

CDA has repeatedly objected to these piracy claims , and it continues to do so. A few days ago, the Polish company sent a new rebuttal to the USTR, repeating much of what it has said before. The main gist is that CDA operates legally and transparently, while minding the interests of rightsholders.

“Cda.pl is not a piracy website, it operates in full accordance with the Polish and European legal regulations,” the rebuttal starts, adding that the company operates in the open and pays taxes, like any other business.

CDA believes that the pirate label is grossly inaccurate. The company is listed on the alternative NewConnect stock exchange, which means that, in addition to tax reporting obligations, it’s also subject to various EU stock exchanges and financial regulations.

Since the company operates a large subscription-based streaming platform, it views itself as a competitor to those offered by the MPA’s members. CDA believes that the piracy comments could therefore be seen as competitive pressure tool.

“MPA’s opinion re. CDA.pl presented to this Office cannot be treated as objective but rather as a means of pressure on competition,” the rebuttal reads.

Copyright Concerns

In addition to operating a VOD platform, CDA also has a section where users can upload content. That can include pirated content, which forms the basis of Hollywood’s complaints.

The company acknowledges that user-uploaded content may include copyright-infringing works but stresses that several anti-piracy mechanisms are in place to minimize abuse.

For example, the rebuttal mentions that the VOD platform has a fully functional notice and takedown system that allows rightsholders to remove infringing content. Some companies, including major Hollywood studios, are even permitted to remove content directly, without CDA getting in the way.

Furthermore, CDA has developed a “fingerprint” system to detect potentially infringing content, which is similar to YouTube’s Content ID system. That should help to further limit abuse.

‘MPA Didn’t Use Takedown Tool’

Interestingly, CDA’s attorney suggests that MPA doesn’t seem eager to remove content. The Hollywood group reportedly reached out in December 2022, mentioning examples of infringing content.

These allegations lacked specificity, but the MPA didn’t provide more concrete information on the alleged infringements when CDA asked for it. The organization didn’t use the direct takedown tool either, after it was granted access.

“[I]n order to meet the needs of MPA, my Client provided this organization with access to the direct takedown tool, creating and configuring an account that allows MPA to freely access content on the platform, search for copyright infringing content and delete it.

“Despite this and despite subsequent reminders, to date MPA has neither provided links to the infringing materials nor exercised the option to remove them on its own.”

False Statements

According to CDA, the MPA has removed some false statements that were included previously. However, it continues to misrepresent the company as a “piracy website” that uses Cloudflare to “mask the IP location” of its domain names.

This is nonsense, the rebuttal notes, as CDA doesn’t use Cloudflare to hide its IP-addresses. Instead, the company stresses that it uses Cloudflare as a cybersecurity provider to protect it against DDoS-attacks, among other things.

In fact, CDA says that the servers where the video files are stored are not behind Cloudflare, suggesting that the MPA could see the IP-addresses where this content is stored.

In conclusion, it’s clear that MPA and CDA have an entirely different opinion on the status of the Polish video streaming service. After years of reports and rebuttals, this isn’t going to change anytime soon.

What ultimately matters is what the USTR thinks of it all. That remains a mystery. What we do know is that MPA’s comments never made it into the Government’s final notorious markets overview, because CDA has never been included thus far.

—

A copy of the rebuttal, sent to the USTR by CDA’s law firm Konieczny Wierzbicki, is available here (pdf)

From: TF , for the latest news on copyright battles, piracy and more.

Italy has an administrative blocking mechanism and a technical blocking platform, Piracy Shield, operated by rightsholders in the private sector.

Up until now, AGCOM, Italy’s independent telecoms regulator, has been Piracy Shield’s greatest supporter, at least of those not already benefiting financially from the activities of football league Serie A, currently the only beneficiary of Piracy Shield blocking.

To the extent there’s much of a ‘public’ component to Piracy Shield’s activities in Italy, the ‘private’ absolutely dominates. There’s almost zero transparency and any information of any use is routinely withheld from the public, even when that information relates directly to the public. People who demand access to information are routinely ignored, even punished. The only people never punished are those operating Piracy Shield, no matter how big the blunder or how many people are affected.

After blocking Cloudflare a few months ago, on Saturday night another vital online service was rendered inaccessible. The nature and circumstances of this event should be a signal for the Italian government to remove rightsholders’ ability to meddle in internet infrastructure before it’s too late. The details make for very uncomfortable reading.

Warnings Pile Up, All Ignored, Again and Again

When reporting on the Cloudflare debacle in February, we included commentary from Giorgio Bonfiglio, Principal Technical Account Manager at Amazon Web Services.

Bonfiglio’s expert advice was ignored before, during, and after last year’s introduction of new law to support blocking, despite predicting the Cloudflare problem before it actually became one. As far as we can determine, Bonfiglio was first to link Google Drive’s outage on Saturday evening with Piracy Shield blocking.

“Piracy Shield blocked a Google Drive domain,” Bonfiglio revealed on X, along with the AGCOM notice displayed on the blocked domain.

The domain/subdomain blocked in the image above is drive.usercontent.google.com ; not only does this URL clearly identify Google as its owner, the Google product it serves is on full display too. With no prompting a 10-year-old could identify google.com as important on the internet. So, three broad explanations for how it ended up on the system (ticket below) before causing chaos.

1. Domain was accidentally entered into the system, then evaded all subsequent checks
2. Domain was knowingly entered into the system, then evaded all subsequent checks
3. Domain was knowingly entered into the system, and then passed, regardless of risk

For good measure, the relevant Google IP address [142.250.180.129] was also entered into Piracy Shield to be blocked by local ISPs; this image shows how access to that IP degraded unlike an adjacent one.

Those hoping to access Google Drive were subject to domain hijacking instead, with requests diverted to a blocking page hosted at different IP addresses depending on the ISP involved; 195.162.95.240 [Sky] and 34.110.214.49 [TIM], for example.

Blocking in 30 Minutes, Unblocking…whenever

The domain/IP address block began to take effect a little time after 6pm and as the image below shows, three smaller ‘downtime peaks’ were followed by an almost total degradation of service around 9pm. This seems to show that blunders take at least three hours to fix, even a massive one like this. More tellingly, the constant claim of blocking internet resources within 30 mins is at best, very optimistic indeed.

We took a look at Google Trends data for Italy during the same period. The top five queries in Italy all relate to Google Drive (right) and on the left, the topic ‘Google Drive’ dominates by a very wide margin. Nevertheless, the results are sensitive enough to identify AGCOM and piracy as connected to the trending searches.

More data is needed to draw firm conclusions but under both columns, Google Drive competitor ‘One Drive’ gets a mention. It wouldn’t be unreasonable to conclude that faced with no access to their files on Google Drive, searching for a replacement would be a logical step. The hidden costs of overblocking are perhaps not quite so hidden here.

Full Unblocking Doesn’t Take 30 mins

A full twelve hours after the block was put in place, around 20% of the Italian population still had no access to their Google Drives due to the lingering IP address block that underpinned the domain-based blocking.

Had this disaster happened on a weekday, who knows the damage it could’ve caused. Luckily it didn’t, and everyone can be grateful for that, but the word ‘luck’ in a sentence to describe an event that should not have happened, period, understates the seriousness of the situation.

Whether there will be explanation of any kind on Monday is currently unknown, but there is no explaining this one away. Explanations for the Cloudflare block began with denial, slowly moved towards claims it was only a tiny, tiny block that didn’t last long, before Cloudflare was blamed for having a customer allegedly pirating football matches.

Drastic Action Required Immediately

Incompetence doesn’t qualify as an excuse, not when a Google domain is part of the equation. So if not incompetence, surely it must’ve been deliberate? Whatever the reason or excuse, the conclusion is the same; this cannot be allowed to continue, and the government must step in before the unthinkable happens.

Since users are about to be fined for piracy, an alternative would be to introduce heavy fines, directly linked to the potential damage to companies, infrastructure or government, plus compensation paid to citizens, for those who overblock.

Let’s say, a population of 59 million in Italy, a conservative 30 million Google users, one euro compensation each, leading to a 30 million euro fine. It won’t stop incompetence, but it should focus the mind during the 30-day ban on any additional blocking or until the fine is paid in full, whichever comes last.

From: TF , for the latest news on copyright battles, piracy and more.