Android-based set-top devices have saturated the market in recent years, and it’s not uncommon for households to have several; downstairs, upstairs, and probably at least one in a drawer.

These devices, including the ubiquitous Amazon Firestick, are mostly content agnostic and equally capable of streaming video from legal sources such as Netflix or BBC iPlayer, or from unlicensed IPTV platforms.

The problem for rightsholders and governments hoping to curtail consumption of pirated content, is that the devices themselves are overwhelmingly legal. It’s the presence of piracy software installed on devices and the nature of the content consumed that tips the scale one way or the other. As a result, no realistic blanket banning solution exists, although Brazil has come up with a partial solution.

Devices Illegal By Default

The set-top device situation in Brazil is relatively straightforward. Unless telecoms regulator Anatel (Agência Nacional de Telecomunicações) authorizes a device type for importation, distribution, and sale, that device cannot be used legally in Brazil.

Anatel says its conformity assessment ensures that consumers only have access to products (typically electronic devices such as cell phones, tablets, set-top boxes, routers, etc) that have been tested for quality and safety.

Set-top boxes without a Technical Conformity Certificate are illegal regardless of the content consumed. That eliminates a lot of red tape when Anatel decides to seize well over a million devices to curtail piracy, because all seizures are carried out on straightforward health and safety grounds.

For devices that enter the local market without certification, Anatel regularly reports various actions to remove them. In 2023, Anatel revealed its new anti-piracy lab, where intelligence meets site-blocking measures to disrupt supply and consumption of pirated content.

The Anatel Anti-Piracy Lab (Image credit: Anatel )

Most famously, the regulator said it had blocked 80% of all pirate set-top boxes in Brazil during October 2023. To this background of ongoing success, Anatel is now promoting a competition where hackers can test their skills to determine who has the best non-certified pirate set-top box blocking skills in Brazil.

Anatel Teams Up With Hackathon Brasil

If any cynics out there think that the real point of the hackathon is to shore up IPTV blocking measures in Brazil with fresh ideas and techniques, Anatel isn’t even trying to hide it.

“The National Telecommunications Agency (Anatel) and the Hackathon Brasil Community will hold the first TV Box Hackathon focused on developing innovative solutions for blocking irregular [non-certified] TV Boxes,” an announcement on the government’s website reads.

“The developer marathon will take place on September 28 and 29 and represents an important project for the industry, regulated sector and academia, highlighting Anatel’s role in the state of the art of technological innovation.”

A dedicated information page on Hackathon Brazil begins by outlining the prevalence of IoT devices and growing concerns over security.

Noting that devices without certification “pose risks to consumers and to Brazil’s telecommunications infrastructure,” more specific concerns include operating system vulnerabilities, malware, spyware (hidden screenshot capture and screenshare actions), plus the ability to execute code on other devices within a LAN.

The Mission, Should You Choose to Accept It

Whether those who choose to sign up will receive more detailed instruction is unclear, but the main goal isn’t difficult to understand.

So the challenge is this: by understanding how these non-approved devices work, you must develop an approach that is capable of interrupting the exchange of data that occurs between the devices and their users.

Given the difficulties Anatel faces in tackling millions of these devices, mostly located inside people’s homes, the winners of the hackathon are unlikely to find success by physically attacking a device with wire, solder, or a modified ROM. Any solution must scale but before that, there’s the question of how to gain mass access to devices.

The masters of access at scale are those who manage to build botnets using malware that users often willingly (although unknowingly) install themselves because they believe the software does something else. Coincidentally or not, for many years Brazil has been heavily targeted by botnets running on cheap, compromised Android set-top boxes.

According to a report from cybersecurity firm ESET, malware that disproportionately targets Brazil regularly arrives disguised as legitimate or illegitimate streaming apps.

Further research shows that the dangers cited by Anatel relate directly to this type of malware , including the ability to infect other devices in a network, typically cheap IoT devices with poor security. Cybersecurity companies charge millions of dollars to solve problems smaller than this.

Winners’ Rewards

Anyone interested in registering has until September 20th to fill in their details on the official Hackathon Brasil site and for those who come out on top at the end of the event, prizes are as follows:

When converted to United States dollars, the winners receive ~US$1200, second place ~US$530, and third place ~US$350, and after reading the small print and the event regulations ( pdf ) , a few things deserve to be highlighted.

This is a team event and the minimum team size is four. So if a four-person team wins by solving what appears to be a critical problem faced by Brazil on the security side, and national and international rightsholders on the other, all members stand to pocket $300 each. Come third with a six-person team and each member will receive just under $60.00, or $30 for each day’s work.

Intellectual Property Protection

Of course, everything doesn’t always have to be about money, why can’t we all just have fun for a couple of days and just enjoy ourselves? The answer lies in a concept known as ‘intellectual property’ and the value of that property to those who create it. While the odds are stacked against, the aim here is for the winners to create an extremely valuable piece of intellectual property.

The rules for the event state that all who register for Hackathon TV Box authorize the ‘ORGANIZING COMMITTEE’ (COMISSÃO ORGANIZADORA) to “ use, edit, publish, reproduce and disclose, through newspapers, magazines, television, cinema, radio and internet, VHS and CD-ROM, or in any other means of communication, free of charge and without prior or additional authorization, their names, voices, images, projects or companies, both nationally and internationally, for a period of 10 (ten) years. ”

The committee is defined as “members and directors of the Hackathon Brasil Community and ANATEL” with a note that “the safeguarding of intellectual property rights, the ideas, arrangements and methods will be the responsibility of the project’s own design team.”

Legal statements exist for a reason and the above seems to grant permission to “use” “free of charge” “the project” “nationally and internationally” “for a period of 10 (ten) years.”

It’s probably just a reference to image/publicity rights; definitely so if the project fails to deliver. In the event a miracle plays out, who knows?

From: TF , for the latest news on copyright battles, piracy and more.

Next Thursday, September 19, 2024, will mark the one-year anniversary of the raids on French datacenters that brought down file-hosting platform Uptobox.

Founded in 2011, Uptobox was a very popular site with over 34 million visits per month, a third of which were generated by French users. After being blocked by ISPs in mid-2023, enforcement action became more likely than not.

Around 20 police officers participated in the raids on cloud service providers Scaleway, OpCore, and OVH. Members of the Alliance for Creativity and Entertainment, including Columbia, Paramount, StudioCanal, Warner Bros, Disney, Apple, and Amazon, later confirmed that their complaint triggered the raids and the subsequent seizure of Uptobox servers.

Fighting Back

Unlike some other platforms accused of piracy, Uptobox has thus far bucked the trend of disappearing in response to a lawsuit, with Dubai-based owner Genius Servers Tech FZE (Genius) fully engaged in the legal process.

In April 2024, Uptobox attempted to have the entire case thrown out, arguing it wasn’t the piracy haven the plaintiffs were describing.

In a setback for Uptobox, the attempt ultimately failed, but owner Genius still hoped to have various seizure orders, that had granted the removal of its servers back in 2023, lifted by the court.

The company argued on various grounds, including that the seizures weren’t warranted due to the activities of Genius, and were a “manifestly disproportionate measure” that caused damage to Genius and users of the Uptobox service.

The plaintiffs presented a laundry list of objections, all of which are detailed in the order of the Paris court linked below. Ultimately, however, the appeal would run out of steam for reasons unrelated to the merits of the case.

Time Waits For No One

The decision handed down by the Paris judicial court on Thursday was first reported by Marc Rees at l’Informé; as he explains , Genius Servers’ efforts failed after the court ruled its requests inadmissible.

In a nutshell, demands by Genius to lift the seizure order and restore the servers were declared “time-barred” because they were simply filed too late.

The seizures were authorized in eight separate orders which targeted the headquarters and premises of Scaleway, Op Core and OVH. The only timely request by Genius concerned the seizures carried out at Scaleway. Subsequent requests in February 2024 encompassed Op Core and OVH, but the deadline had long since passed, having expired in October 2023.

The failed process is an expensive one for Genius. The court instructed the Dubai-based company to pay 8,000 euros in legal costs to each of the rightsholder claimants, to a total of 70,000 euros. The main case, whatever that may hold moving forward, will now continue.

The order of the Paris judicial court is available here (pdf)

From: TF , for the latest news on copyright battles, piracy and more.

A few weeks before the U.S. Department of Justice announced the criminal prosecution of two alleged Z-Library operators in 2022, the French Publishers Union (SNE) had already targeted the site indirectly.

In August that year, SNE obtained an order at a Paris Court, requiring French ISPs to block more than 200 domain names .

By November 2022, the order was largely moot. U.S. authorities didn’t just call for the arrest of two people connected to the site in Argentina, the feds also seized the majority of the shadow library’s domain names.

In theory, this chain of events shouldn’t be a problem for the publishers but it ended up working against them as Z-Library didn’t fold. The site registered dozens of new domain names and continued operations after a short hiatus.

As a result, the earlier blocking victory turned out to be short-lived. The new domain names rendered the hard-fought Z-Library blockades useless and French readers continued to flock to the site.

Legally, there was no easy solution to add new domains, so SNE eventually had to go back to court, which it did this spring. Armed with a list of nearly a hundred new domain names, supported by the earlier win, there was little doubt that the Paris Court would rule in favor of an expansion.

Court Grants New Z-Library Blockades

Yesterday, Marc Rees at L’informé reported that the Tribunal Judiciaire de Paris signed a new blocking order on SNE’s request. The action targets 98 domain names in total, which were found to be predominantly copyright infringing.

As is often the case in these blocking procedures, the rightsholders supplied the necessary evidence. In this case, they presented analyses from anti-piracy outfit LeakID, which found that in a sample of 500 works listed on Z-Library, 83% were from SNE publishers.

“SNE established in a sufficiently convincing manner that the disputed site, which is aimed at a French-speaking audience, allows Internet users […] to download protected works from links without having the authorization of the rights holders, which constitutes copyright infringement,” the court concluded.

Bittersweet

The publishers will be pleased that the court granted their extended Z-Library blocking request. However, this is yet another bittersweet victory; perhaps more bitter than sweet.

Firstly, Z-Library can circumvent the blocking measures without much effort by registering new domain names. The court recognized the ‘dynamic’ nature of the problem but the order doesn’t allow the publishers to add new domains on their own accord.

If SNE wants to block additional domain names in the future, it must go back to court. This update process can take weeks, if not months, after which the same cycle can start all over again.

Blocking Seized Domains

The second ‘bittersweet’ element is related to this blocking lag. SNE submitted its recent blocking request on May 21st this year, just a few days before the FBI carried out its latest round of Z-Library domain seizures .

As a result, the majority of the Z-Library domain names listed in the latest court order no longer pose a threat. Put differently, French ISPs have been ordered to block dozens of domain names that have a prominent seizure banner, and are no longer controlled by Z-Library.

These seized domains include go-to-zlibrary.se, singlelogin.se, booksc.eu, zlibrary-fr.se, zlibrary-redirect.se, z-library.se, go-to-zlibrary.se and many others (full list here ).

Other ‘blocked’ domain names have expired in recent months and become available for registration again. That applies to frenchbooks.se, greek-books.se, korean-books.se, and many more. A few other domains appear to be parked.

This means that, of the 98 domain names targeted in the latest court order, only nine are still active today. The others haven’t been available for weeks and Z-Library has put up several replacement domains, which are not covered by the blocking order.

It’s not difficult to see how this whole process must be a massive source of frustration for the publishers. If they go back to court, this will likely serve as an example of why more ‘flexible’ blocking measures are needed.

At the same time, it begs the question of why the Paris court grants a new blocking order for domain names that no longer link to any infringing material, as well as domains that have expired.

—

The court order, as published by L’informé, lists the following 98 domain names that ISPs are required to block:

– go-to-zlibrary.se (seized)
– singlelogin.se (seized)
– booksc.eu (seized)
– cn1lib.is (not loading)
– zlibrary-africa.se (parked)
– zlibrary-es.se (seized)
– afrikaans-books.se (expired)
– arabic-books.se (expired)
– azerbaijani-books.sk
– bengali-books.se (expired)
– bulgarian-books.se (expired)
– catalan-books.se (expired)
– croatian-books.se (expired)
– frenchbooks.se (expired)
– german-books.se (expired)
– go-to-zlibrary.se (seized)
– greek-books.se (expired)
– hebrew-books.se (expired)
– hindi-books.se (expired)
– hungarian-books.se (expired)
– indonesian-books.se (expired)
– italian-books.se (expired)
– japanese-books.se (expired)
– kazakh-books.sk
– korean-books.se (expired)
– latin-books.sk
– latvian-books.se (expired)
– portuguese-books.se (expired)
– russian-books.se (expired)
– serbian-books.se (expired)
– singlelogin.re
– slovak-books.sk
– spanish-books.se (expired)
– swedish-books.se (expired)
– turkish-books.se (expired)
– ukrainian-books.se (expired)
– urdu-books.sk
– z-library.se (seized)
– zlibrary-ae.se (seized)
– zlibrary-ar.se (seized)
– zlibrary-sg.se (seized)
– zlibrary-sk.se (seized)
– zlibrary-sng.se (seized)
– zlibrary-th.se (seized)
– zlibrary-tr.se (seized)
– zlibrary-tw.se (seized)
– zlibrary-ua.se (seized)
– zlibrary-vn.se (seized)
– zlibrary-za.se (seized)
– lithuanian-books.se (expired
– malayalam-books.sk
– pashto-books.sk
– polish-books.se (expired)
– zlibrary-asia.se
– zlibrary-at.se (seized)
– zlibrary-au.se (seized)
– zlibrary-be.se (seized)
– zlibrary-bg.se (seized)
– zlibrary-bl.se (seized)
– zlibrary-br.se (seized)
– zlibrary-by.se (seized)
– zlibrary-ca.se (seized)
– zlibrary-ch.se (seized)
– zlibrary-china.se (parked)
– zlibrary-cl.se (seized)
– zlibrary-cz.se (seized)
– zlibrary-de.se (seized)
– zlibrary-east.se (parked)
– zlibrary-eg.se (seized)
– zlibrary-es.se (seized)
– zlibrary-et.se (seized)
– zlibrary-fr.se (seized)
– zlibrary-fr.se (seized)
– zlibrary-global.se (seized)
– zlibrary-gr.se (seized)
– zlibrary-hk.se (seized)
– zlibrary-hu.se (seized)
– zlibrary-id.se (seized)
– zlibrary-in.se (seized)
– zlibrary-ir.se(seized)
– zlibrary-it.se (seized)
– zlibrary-jp.se (seized)
– zlibrary-kp.se (seized)
– zlibrary-kr.se (seized)
– zlibrary-lk.se (seized)
– zlibrary-ma.se (seized)
– zlibrary-my.se (seized)
– zlibrary-ng.se (seized)
– zlibrary-nl.se (seized)
– zlibrary-nz.se (seized)
– zlibrary-pb.se (seized)
– zlibrary-ph.se (seized)
– zlibrary-pk.se (seized)
– zlibrary-pl.se (seized)
– zlibrary-pt.se (seized)
– zlibrary-redirect.se (seized)
– zlibrary-ru.se (seized)
– zlibrary-sa.se (seized)

From: TF , for the latest news on copyright battles, piracy and more.

Supported by almost constant life-or-death messaging, one has to wonder whether Serie A’s seemingly endless financial problems really are insurmountable.

Yet for reasons that aren’t easily understood, let alone explained, every week matches go ahead as planned. With decaying stadiums at some clubs and billions of euros in persistent overall debt, companies in other industries would’ve stopped spending beyond their means long ago, or at least succumbed to financial pressure while refusing to do so.

Serie A clubs have done neither, nor has the position changed on how to get finances back on track. In a recent interview with Serie A CEO Luigi De Siervo published by Il Mattino (paywall), most of the league’s problems have a habit of circling back to the usual suspect; rampant IPTV piracy.

Cops and Robbers

Conflicting statements can have a tendency to unnerve creditors and if the launch of the Piracy Shield system earlier this year is any example, here’s another big one. After months of heaping praise on what was billed as the savior of Italian football, today the goal posts of opinion appear to have shifted.

“It’s like in ‘Cops and Robbers,’ we are always chasing,” said De Siervo per Il Mattino’s report. “As soon as we catch them, they move to another server.”

What that means in practical terms is unclear but after less than eight months of constantly tampering with Italy’s DNS servers, current data reveals that 5,018 IP addresses and 16,523 domain names have already been blocked with no obviously positive results.

The true scale of blocking in Italy is significantly higher. When the system began breaking down and agreed limits were exceeded recently, an unknown number of IP addresses and/or domains were removed from the system so that new ones could be added at the start of the new season. At the same time, De Siervo could be found defending the cost of season tickets, describing the price as appropriate for such a high quality product.

Take People’s Money or Pirates Will

In the UK, meanwhile, Serie A fans were unable to buy whole season passes to watch Serie A on streaming platform ‘ One Football .’ Four games into the season, they still can’t.

They currently face the prospect of paying £5 for each match rather than an up-front £100 commitment for the whole season. Some pirate services, meanwhile, will accept £3 right now for an entire month of every conceivable channel, and in the time it takes to read this article, Serie A matches will be open for viewing.

Instances like these may not be typical or overly numerous, but they are more damaging than some might expect. While hardcore pirates have no qualms about resorting to piracy, the same isn’t true of those who ordinarily pay for content.

Forbidden Fruit, Not Even Once

Failing to supply legal content can provide justification for piracy and if that persists long enough for former customers to hand over a relatively small sum for an annual pirate subscription, they’re gone for at least a year.

Serie A’s strategy for converting pirates into customers seems unwavering. With assistance from the government and its prosecutors, Serie A believes that legal action is the only option, despite the inherent risks of treating all pirates the same, regardless of the circumstances.

“There is a thread of Ariadne that connects the hacker [IPTV service] with the client’s terminal: now we have to trace the end user and sanction him. The rules are there,” De Siervo said.

“A true fan does not watch a pirated match, because then he causes damage to his club. But it is a cultural issue, not linked to the price of season tickets.”

Unwavering on Piracy, Unmovable on the Solution

The statement above is likely to have zero effect on hardcore pirates; they’re regularly told they’re going to prison for their habit and not even that moves the needle of deterrence. The big question is how those with a more sensitive disposition might react, along with those currently on the fence, considering their return to legal services.

Pretending that the attraction of pirate IPTV services is always about better service would be a mistake. People who can afford to subscribe to legal services use them, just as much as those who cannot. Perhaps the former aren’t true fans while the latter desperately want to be fans but have been priced out by a sport that can’t even manage its own money. But here we are and money has to come from somewhere.

“Modern football is maintained by selling matches. We are also attacking search engines that in some ways are complicit,” De Siervo continued.

“There are, I repeat, 300 million euros of lost revenue, or 30 percent of the value of TV rights [lost to piracy]. Football is being killed like this, because there are no longer the patrons of the past who lose money, what comes in is spent.”

Serie A seems determined to reclaim this revenue by force and in many ways, targeting those who undermine a business at such scale should expect a significant response, especially if they don’t jump to a new server quickly enough, or so the reporting goes.

“We have the football we deserve and this parasitic system that doesn’t pay to watch matches must be blown up,” De Siervo insists. “Otherwise football will blow up. It’s either them or us.”

‘Us’ has to mean more than Serie A and its clubs. If this war pans out as suggested, fighting on one front while starting a war with fans on another will not end well. Fans need to played onside, like yesterday.

From: TF , for the latest news on copyright battles, piracy and more.

In recent years, rightsholders have repeatedly teamed up with Egyptian law enforcement to tackle several large pirate sites and services.

The Alliance for Creativity and Entertainment ( ACE ) booked several successes, shutting down domains related to popular piracy rings , streaming portals such as Egybest, MyCima , Movizland , and, more recently, Cimaclub and Cima4U.

Laroza Shuts Down

This week, anti-piracy alliance ACE reports that it helped to dismantle Laroza, which it describes as, the largest piracy site in the Middle East and North Africa. This movie and TV streaming piracy portal was taken down by the police and the Egyptian Ministry of Internal Affairs.

The announcement doesn’t come as a complete surprise, as dozens of Laroza domains were effectively taken out last month. More than two dozen domains were affected. Before shutting down, Laroza offered access to roughly 29,000 pirated movies and TV series.

According to ACE, the sites logged more than 52 million monthly visits in the past six months. While that’s notable, internationally there are pirate sites that generate more visits than that with a single domain.

Operators Arrested

The takedown operation involved 26 police officers and six local investigators. This resulted in the arrest of two of the sites’ alleged operators. During raids, which took place in August, the authorities confiscated hardware, financial records, and $81,000 in cash.

Egyptian authorities previously posted a message on Facebook with images of the raid, noting that the operation involved 71 domains. ACE’s more recent number, 25 domain names, is more modest.

Financial records obtained in the investigation further revealed transactions of $515,000 and $90,000 in cryptocurrency from various sources. The purpose, direction, or nature of these transactions remains unmentioned.

Ongoing Battle

Commenting on the action, MPA Senior Executive Vice President Karyn Temple thanks the Egyptian Ministry of the Interior and other local authorities for their valuable cooperation. Without it, Laroza and other sites would still be online today.

“The Laroza takedown represents a victory for intellectual property rights and creators around the world. Piracy is a crime that stifles creativity and harms consumers and global economies. We will continue working closely with authorities in Egypt and other MENA countries to protect the creative marketplace,” Temple adds.

As is typical for operations where ACE is involved, the Laroza domains now redirect to the ACE Watch Legally site, serving a warning to former users and other operators. How effective this message is, has yet to be seen.

At the time of writing, several other “Laroza” branded sites remain online and are indirectly benefiting from the shutdown. The same also applies to other “Egyptian” piracy portals, including several popular ‘Egybest’ clones, despite the site’s shutdown five years ago.

Meanwhile in South Africa…

In addition to the North African action, rightsholders in South Africa have also been very active on the anti-piracy front. MultiChoice, owner of the broadcaster DStv , announced several arrests in collaboration with local police recently.

The arrests are reportedly linked to the pirate IPTV service Waka TV. Frikkie Jonker, anti-piracy director at MultiChoice subsidiary Irdeto, said that it’s not over yet as more actions are underway. Even people who watch the streams are, presumably, not safe.

“We are actively tracking additional targets connected to Waka TV, and the message is clear: those participating in this illegal network will be brought to justice,” Jonker told Techcentral , commenting on the most recent arrest.

Thus far, these enforcement efforts seem to be limited to resellers of the Waka TV service. The popular pirate streaming operation itself remains online and continues to be accessible today.

From: TF , for the latest news on copyright battles, piracy and more.

Supported by Hollywood and other content industries, Dutch anti-piracy group BREIN has a long and well-established track record.

The group celebrated its 25th anniversary on Monday, with now-retired director Tim Kuik receiving a royal decoration as Officer in the Order of Orange-Nassau for his achievements.

While Kuik undeniably proved to be a major player in the anti-piracy field in recent decades, BREIN’s work continues without him. BREIN’s recommendations for the EU’s upcoming Counterfeit and Piracy Watch List were made public a few days ago and include several notable developments.

We’ve recently highlighted how the MPA and Sky called out various pirate sites and services, as well as intermediaries who reportedly could do more to combat piracy. BREIN’s submission continues down the same path with, again, a strong focus on intermediaries.

“All stakeholders in the internet ecosystem, including hosting providers, DNS providers, cloud services, advertising networks, payment processors, social media platforms, and search engines, should proactively work towards reducing support for well-known infringing sites,” BREIN writes in its submission.

Evolving Hosting Challenge

BREIN highlights the importance of the “Know Your Customer” (KYC) principle, arguing that intermediaries should properly identify their customers. They believe this principle should legally apply to all intermediaries. This would help enforcement efforts, as pirate sites and services often operate anonymously.

The evolving hosting landscape is one of the challenges highlighted by BREIN. Large Dutch hosting providers are increasingly positioning themselves as “mere conduit” services. They provide content neutral services to resellers, who ultimately serve the pirate customers. Without KYC requirements, however, it’s often difficult to identify the ultimate targets.

“These resellers are often however not cooperative or not even responsive. And even if they are responsive and willing to provide information, the information is usually not verified.”

BREIN nominates several hosting companies for the EU’s piracy watchlist, including Amarutu Technology, Private Layer, Alexhost, Virtual Systems, SERVERS TECH, and Packet Exchange. These companies can be characterized as ‘not responsive’ or ‘not cooperative’, the group writes.

Namecheap Doesn’t Cooperate

In addition to hosting providers, BREIN also mentions several domain name services, including Sarek Oy and 1337 Services. The latter is best known under the name Njalla, the privacy-focused domain registration intermediary founded by Pirate Bay co-founder Peter Sunde.

These companies reportedly fail to respond to BREIN’s requests. This critique is not new, however, as other rightsholder groups have lodged similar complaints in the past.

A more surprising entry comes in the form of domain registrar Namecheap. The U.S. company is a large player internationally and typically adheres to the law. However, BREIN claims that Namecheap has proven ‘uncooperative’ when it comes to voluntarily blocking pirate sites.

BREIN says that it reached out to Namecheap multiple times over the past years. Among other things, the company was asked to take action against domain names that Dutch ISPs have to block in the Netherlands.

Presumably, BREIN hoped that Namecheap would voluntarily block these sites as Google does in the Netherlands. However, Namecheap doesn’t want to take action in response to a foreign court order, where the company is not listed as a party, and says it will only share customer details when presented with a U.S. court order.

“BREIN has requested Namecheap in several instances to cease providing their services to these evidently illegal websites that are now blocked in the Netherlands, as well as to provide BREIN with the customer details,” BREIN writes.

“Namecheap has never complied with these requests and always insists on a US court order and is therefore willfully uncooperative as these cases clearly concern evidently illegal websites.”

Namecheap and other companies called out in submissions are not explicitly accused of breaking any laws. However, it’s clear that BREIN and other rightsholders are frustrated by the lack of voluntary cooperation from these intermediaries.

Blocking Works

BREIN’s submission has a heavy focus on intermediaries but also reports that Dutch pirate site blocking efforts are paying off. These blockades target The Pirate Bay, 1337x, EZTV, KickassTorrents, YTS, Flixtor, Lookmovie, Anna’s Archive and Library Genesis.

In addition to the platforms’ main domains, the dynamic Dutch blocking orders allow BREIN to add new proxies and mirrors to the list as soon as they appear.

One might expect that the total list of blocked domains would grow over time, as new alternative domains appear on the scene. However, BREIN’s data shows that this is not the case. The number of blocking targets is relatively stable, with many proxies and mirrors disappearing off the radar.

The chart above shows, for example, that the number of blocked Pirate Bay domains dropped from more than 200 in 2018, to around ‘just’ 50 today.

“It is also striking that over time the average number of proxies and mirror websites per platform decreases so that the total number of blocked sites has not increased. Apparently, many proxy sites give up if they are blocked long enough,” BREIN writes.

Emerging Threats: AI and Vinyl

In addition to traditional pirate sites, the submission also lists several more recent “trends”. This includes IPTV services, which continue to gain traction. Interestingly, vinyl is also listed in this section as a popular counterfeiting target.

“The revival of vinyl simultaneously causes a rise in the manufacturing and selling of unauthorized vinyl in the form of counterfeit and bootleg albums originating within and outside of the EU,” BREIN writes.

While phonograph records are by no means a new technology, as they date back more than a century, it is easier to manufacture and sell counterfeits today. And with more music fans buying vinyl records than CDs, BREIN sees it as a trending threat.

At the other end of the spectrum, BREIN mentions artificial intelligence. The group has previously gone after ‘illegally’ compiled datasets that consist of copyrighted works, such as books. It wants to make sure that the EU keeps a close eye on developments and notes that the arrival of the European AI Act is a positive step.

In conclusion, BREIN’s recommendations highlight the complex and ever-evolving landscape of online piracy. While site blocking has reportedly proven to be an effective tool, the group stresses the need for greater cooperation from intermediaries and heightened vigilance in addressing new threats.

—

A copy of BREIN’s full submission to the European Commission is available here (pdf)

From: TF , for the latest news on copyright battles, piracy and more.

In an article published yesterday , we featured the Motion Picture Association’s submission to the European Commission (EC) for its next Counterfeit and Piracy Watch List .

While still calling out familiar targets, such as torrent sites, streaming portals, and piracy apps, the MPA clearly wants to draw attention to the role of third-party intermediaries in the piracy ecosystem. UK broadcaster Sky’s submission to the EC adopts an identical strategy.

Sky starts from the now-familiar position that large-scale commercial piracy isn’t just a problem for rightsholders. Organized crime has negative consequences for consumers and society as a whole, Sky says, including significant losses in tax revenues for EU Member States.

Non-Responsive & Infringing Hosting Providers (Outside EU)

Sky begins by calling out several particularly problematic hosting providers. Not only do these operations have no qualms about doing business with pirate IPTV providers, requests to remove infringing content quickly aren’t processed speedily enough to be of practical use to the broadcaster; if they’re processed at all.

In common with the MPA’s submission, Sky says that some hosts do business with anonymity in mind, including anonymous registrations, payment via cryptocurrency, and offshore hosting.

Poor adoption of Know Your Business Customer (KYBC) processes among these hosts presents difficulties for rightsholders in the event they want to track pirates down. The options don’t improve with other hosts, some of which simply refuse to disclose any information.

The ‘top infringing host’ according to Sky is ‘RESERVED, ZZ'[AS27161]. Previously known as Litnics, Sky recorded a total of 284,454 unique ‘infringing incidents’ between January 1, 2024, and July 29, 2024.

DNS records reveal no shortage of pirate IPTV entities using this host, which Sky says is located in the United States, as opposed to the Middle East, Hong Kong or Macau like some of the others in the list. While AS27161 is clearly operational, whether it should be is up for debate .

Cloudflare: “One of the Top Infringing Hosts”

When Cloudflare was nominated for the EC’s Watch List a few years ago, the company wasn’t impressed with its characterization as an infringer ( pdf ) . The EC should focus on “Commission-verified allegations of illegal behavior,” Cloudflare said, not companies that have simply declined to take voluntary action.

Yet after a short absence, those same descriptions are back on the agenda. Sky says that it categorized Cloudflare as an infringing host in a 2022 list and according to data, Cloudflare remains “one of the top infringing hosts” today.

The broadcaster notes that in the same seven-month period this year, 107,307 unique ‘infringing incidents’ were identified at Cloudflare. Noting that Cloudflare is believed to provide DNS services to more than 15 per cent of all known global websites, Sky says that Cloudflare services are “easily exploited” by pirates to conceal their true hosts. But Sky goes further still.

“Many pirate services are believed to use Cloudflare. This was demonstrated in the 2019 Milan Court Order involving ‘EnergyIPTV’ and ‘IPTVTheBest’, with both services using Cloudflare’s infrastructure to distribute infringing content, without Cloudflare taking adequate steps to prevent infringement,” the broadcaster informs the EC.

Cloudflare hasn’t responded to Sky as part of the public process, but the company’s own submission to the EC may solve at least some of Sky’s problems. The company explains that rightsholder members of Cloudflare’s Trusted Reporter Program are granted access to pirate site IP addresses, which counters the “easily exploited” features.

Unfortunately, Sky’s alleged problems pertaining to legitimate United States-based companies don’t end with Cloudlare.

Facebook Marketplace & Google

Sky’s criticism of Facebook Marketplace contains some remarkable data for the six-month period between February and July 2024.

The company says that it identified and reported a total of 16,500 listings for piracy-enabling devices (including pre-loaded Amazon Firesticks), a figure that represents 96% of all Firestick listings identified across all online platforms in this period.

“Meta states that it has proactive measures in place to identify and remove piracy enabling devices as well as IPTV services from Marketplace, but the continued volume of these listings suggests that the measures are largely ineffective,” Sky’s submission reads.

“The relevant policies on Facebook Marketplace need to be updated and improved. While Meta is willing to engage, to date any countermeasures have not resolved the significant challenges faced.”

The statement that Meta is willing to engage seems unusual in the context of a piracy watchlist submission. Nevertheless, Sky says that Meta should implement “significant proactive measures” to stop infringing listings being uploaded while ensuring that users banned from the platform are unable to sign back up. That seems to suggest that deploying an effective repeat infringer policy may still fall short of requirements.

Google Has Done a Lot, But Not Enough

Google’s alleged role in assisting consumers to find infringing content is something that never seems to go away. Sky highlights organic search results and sponsored adverts as problematic but criticizes the search giant for not going above and beyond when requests are received to remove content.

“While Google will respond to take-down notices against specific infringing URLs, it will not take action against whole domains, meaning that illegal streaming sites can be the subject of numerous individual page takedown requests without any clear delisting impact against the overall site,” the broadcaster’s submission reads.

“Google will not accept delisting requests for pages/sites encouraging copyright infringement, such as sites that openly encourage the use of VPN technology to circumvent pay TV offerings. Google also fails to provide rights holders with functioning APIs for delisting, meaning that the process of submitting delisting requests is manual and time consuming.”

Like Cloudflare, Google offers advanced takedown tools as part of its Trusted Copyright Removal Program ( TCRP ), which allows “high-volume submitters that send high-quality notices” to bulk submit copyright removal requests on Google Search.

Why TCRP is not being used here is unclear but if the targets are sites “encouraging” infringement or championing the use of VPNs to circumvent geo-blocks, the DMCA is already the wrong tool, regardless of the submitting mechanism.

Other platforms in the Sky submission operate in the file-hosting/cyberlocker, live-streaming, and mobile app markets. All are listed below for convenience but covered in much more detail in the report linked below.

Sky’s submission to the European Commission is available here (pdf). The problematic sites and services by category are as follows:

Hosting Providers

ISTQSERVERSES (Jordan)
HHXYTC haoxiangyun (Hong Kong)
HBING (Great Britain)
YURTEH-AS (Ukraine)
VIRTUAL SYSTEMS (Ukraine)
NETSOLUTIONS (Macao)
RESERVED, ZZ (United States per report, possible BOGON )
CLOUDFLARENET (United States)
CLOUDFLARESPECTRUM (United States)

Marketplaces and Search Engines

Facebook Marketplace
Alibaba
Google

File-Hosting Sites (Cyberlockers)

chomikuj.pl
ddl.to
dood.so
doodstream.com
mixdrop.co
mixdrop.sx
mixdrop.to
nitroflare.com
orvidcloud.co
rapidgator.net
rapidrar.com
streamtape.com
voe.sx

File-Hosting Sites Live Streaming)

srv93221.tservone.lol
iptvtree.net
mteve.online
sansat.net
myvipmedia.com
www.sportp2p.com
azdouiptv.com
vodkom.net
tv.pro-ott.com
aziz.social

Apps (Official/Unofficial Stores, Premium / Advertising)

RepelisPlus Pelis Stream
Scarica film | VC
PTV Sports: Live Cricket TV
YACINE TV Store
Football Livestreaming HD TV
Live Cricket TV 2024
MovieFlex
Salama TV – Angalia Mpira Live
Magis – Peliculas y Series
Hotlflix

Social Media

Telegram

From: TF , for the latest news on copyright battles, piracy and more.

In recent years, music and movie companies have filed several lawsuits against U.S. Internet providers based on allegations that they failed to take action against pirating subscribers.

One of the main arguments is that the DMCA requires providers to terminate the accounts of repeat infringers in ‘appropriate circumstances’.

These lawsuits have resulted in multi-million dollar windfalls in favor of rightsholders. Most notable is the ‘$1 billion damages award a jury awarded in favor of several music companies. The matter is currently under appeal by Cox, which took the matter to the U.S. Supreme Court as well.

Music Companies Sue Verizon

This summer, dozens of record labels, assisted by the RIAA, filed a new copyright infringement lawsuit targeting Verizon . The complaint accuses the ISP of failing to take action in response to piracy notices.

“[I]t has intentionally chosen not to listen to complaints from copyright owners. Instead of taking action in response to those infringement notices as the law requires, Verizon ignored Plaintiffs’ notices and buried its head in the sand,” the labels wrote.

At a New York federal court, the music companies alleged that Verizon is contributorily and vicariously liable for the copyright infringements of its subscribers. As a result, the ISP faces damages of multiple millions of dollars.

Verizon: Yes, We Ignored Piracy Notices

This week, Verizon responded to the allegations with a motion to dismiss. The company vehemently disagrees that it’s liable for the actions of subscribers who allegedly pirated music.

“When people do bad things online, their internet service providers are not typically the ones to blame. This lawsuit claims otherwise,” Verizon begins.

The company notes that, instead of going after the alleged pirates directly, the music companies choose to target an Internet access provider whose network was used to carry out the alleged infringements.

Verizon admits that the labels sent hundreds of thousands of emails, alerting the company about the alleged infringements. However, it doesn’t believe that its choice not to disconnect subscribers makes it liable for the alleged infringements.

“For years, the Labels have sought to pin the alleged infringement on Verizon by sending Verizon more than 340,000 automated emails about it. Those emails demanded that Verizon find the infringers, and either make them stop or kick them off the internet.

“And in response to this barrage of emails, Verizon allegedly did nothing. Because Verizon did not obey these emailed demands to find and stop the infringers, the complaint alleges, Verizon is now secondarily liable for what they did,” the motion adds.

Verizon readily admits that it didn’t act in response to the barrage of piracy complaints. That may seem an odd element to highlight but, according to the ISP, that inaction ultimately works in its favor.

Piracy Liability Claims Fail, Should be Dismissed

The music companies accuse Verizon of contributory and vicarious copyright infringement. According to Verizon, both claims are deficient and, therefore, the entire complaint should be dismissed.

To properly argue contributory copyright infringement, a defendant should be aware of the wrongdoing and have contributed to it. While Verizon did indeed know about the alleged music piracy, it argues that it didn’t ‘contribute’ to it.

“Verizon’s mere failure to cut off subscribers’ internet access – no matter how many emails asked it to – did not materially contribute to their infringement,” the company writes.

The music companies argue that the ISP ‘actively’ continued to provide alleged pirates with internet access. However, Verizon stresses that it ignored the notices, as mentioned earlier, which clearly indicates ‘inaction’.

“[T]he Labels try to obscure that defect with wordplay, reframing Verizon’s conduct as actively ‘continuing to provide its service’ to infringing accounts. But their rhetoric cannot change that, by allegedly ignoring the Labels’ emails, Verizon simply did not act,” the motion reads.

Verizon finds support in a recent Twitter vs. Taamneh ruling, where the Supreme Court rejected the claim that Twitter aided-and-abetted terrorist activity because it didn’t “consciously and culpably” participate in the illegal activity.

According to Verizon, the same logic applies in its case, where the ISP was held liable for the piracy activities of subscribers, without taking any culpable action.

“Under the common law, a communication provider’s conscious refusal to eject wrongdoers from its service is ‘mere passive nonfeasance’ that does not culpably aid their wrongdoing. That holding is decisive here.”

In addition, Verizon argues that the vicarious copyright infringement claim fails because the company neither controlled nor profited from the allegedly pirating subscribers.

The Fourth Circuit recently rejected a similar claim against Cox, ruling that an ISPs interest in generating revenue does not automatically mean that it’s profiting from piracy. The same should hold here, Verizon concludes.

‘Time to End These Lucrative Piracy Lawsuits’

Thus far, the music companies and other rightsholders have often been on the winning side of these cases. However, Verizon believes that the Supreme Court’s recent ruling in the Twitter case has changed this playbook.

In recent years, the labels obtained a “lucrative” $1 billion judgment against Cox and extracted settlements from several others based on the premise that ignoring piracy notices triggers a culpable action. That was wrong, Verizon notes.

“[T]he decisions blessing those lawsuits were wrong then and are even less persuasive now. Indeed, they all rest on the same faulty common-law premise – one imputing culpable intent from passive inaction – that misreads copyright doctrine and conflicts with Twitter.

“As the first district court to consider the issue after Twitter, this Court now has the chance to reject the premise. It should do so. The complaint should be dismissed,” Verizon adds.

—

A copy of Verizon’s motion to dismiss, filed at the New York federal court, is available here (pdf)

From: TF , for the latest news on copyright battles, piracy and more.

Over the past two decades, online piracy has proven to be a massive challenge for the entertainment industries.

Governments around the world have recognized this challenge and, where possible, lend a helping hand to identify and address these threats.

The European Commission, for example, compiles a bi-annual ‘Counterfeit and Piracy Watch List’ following the example set by the United States. Like its U.S. equivalent, the EU watchlist relies on input from stakeholder groups, which nominate problematic sites and services for inclusion.

The most recent version of the report was published in 2022 and the EU is currently working on an updated edition. This will rely in part on comments from the Motion Picture Association ( MPA ), which represents several major Hollywood studios and Netflix.

MPA Reports Piracy Threats

As the driving force behind the Alliance for Creativity and Entertainment ( ACE ), the largest and most active anti-piracy group, MPA is well aware of the global piracy threats. And indeed, its submission lists dozens of problematic sites and services.

MPA’s overview includes many of the usual targets, including torrent sites such as The Pirate Bay and 1337x, streaming portals including Solarmovie, and various piracy apps and IPTV services.

The full list, available at the bottom of this article, also includes less obvious targets, such as the messaging app Telegram, Russian social media network VK, and various domain name registries. Those have been called out previously, though, so that’s no surprise either.

The MPA says that it does not intend to provide an exhaustive overview of the most severe threats. The mentioned sites and services mostly serve to illustrate the scope and nature of the anti-piracy challenges.

“The MPA’s contribution is not intended to be comprehensive but instead reflects an attempt to identify sites and services particularly illustrative of the nature and scope of online content theft,” it writes.

Intermediaries are KEY to enforcement

Needless to say, the MPA won’t expect the European Commission to magically make these piracy threats disappear overnight. The MPA itself is much better equipped to deal with these threats than the EU. However, the EU can help to shape legislative conditions that can make enforcement efforts more effective.

With this in mind, it’s no surprise that the ‘key enforcement points’ highlighted by the MPA don’t involve pirate sites directly. Instead, they are solely focused on ‘intermediaries’, which include hosting companies, CDN providers, advertisers, and domain registrars, among others.

These companies do business with pirate sites, willingly or not. Yet, the same organizations are not particularly proactive when it comes to enforcement or helping third-party enforcement efforts, MPA says.

In fact, all the “key enforcement points” in MPA’s submission are related to intermediaries. These companies should be more proactive to prevent infringement, terminate accounts when needed, and verify the identities of business customers.

“Intermediaries should take proactive measures to prevent the availability of infringing content”

“Intermediaries should have a clear obligation to verify the identity of all their business customers and to ensure that the contact details listed are up to date and accurate”

“Intermediaries should take adequate steps to ensure their services are not used to facilitate infringement by ceasing the provision of their services”

How the EU Can Help

Throughout the submission, MPA mentions that it asked European intermediaries to release information on the operators of piracy services. This information could help to expose anonymous operators, so they can be brought to justice.

These notes emphasize that European intermediaries could potentially have usable information. If that’s not the case, the EU might want to consider legislative action to make sure that this changes going forward.

While describing the problem, MPA also offers a solution: make Know Your Business Customer (KYBC) requirements mandatory for companies operating under EU law.

“Online enforcement efforts are frustrated when intermediaries fail to take adequate steps to ensure that their services are not being used to facilitate copyright infringement, a problem compounded by the fact that many website operators and intermediaries operate anonymously.

“This is an issue that needs to be addressed by the EU legislator urgently and we therefore strongly encourage the inclusion of due diligence ‘Know Your Business Customer’ verification obligations for these services within the Digital Services Act,” MPA adds.

This isn’t the first time these suggestions have been made. In recent years, the MPA and related organizations have lobbied for stricter verification checks for online intermediaries. Making these checks mandatory would be a game-changer, they repeatedly argued.

While the Digital Services Act already includes some KYBC requirements, the rules don’t apply to intermediaries and hosting platforms.

The MPA’s extensive overview of pirate sites and services serves as a backdrop to a call to reconsider the scope of KYBC requirements. The EU Commission can’t do much to target the pirate sites and platforms directly, but they can shape the conditions to boost enforcement, MPA indirectly suggests.

—

The Motion Picture Association’s full submission to the European Commission is available here (pdf) . Below is a list of all the sites and services highlighted in the report. Some of these were shut down in recent weeks.

Linking and streaming websites

– Fmovies
– Vegamovies
– rezka[.]ag
– Seasonvar[.]ru
– Dizigom
– Gimy[.]ai
– Goojara[.]to/levidia.ch/Supernova[.]to
– KatMovieHD[.]boo
– Tamilblasters[.]link
– Gnula.nu/[.]se
– Dytt8[.]net, Dytt89.com, Dy2018.net, Dy2018[.]com, Dydytt[.]net, and Ygdy8[.]com
– Rlsbb[.]ru
– Solarmovie[.]to
– Sockshare1[.]com
– Hianime (formerly Aniwatch[.]to and zoro[.]to)
– Cuevana[.]biz and Cuevana3[.]eu
– Braflix[.]video
– Cuevana3[.]ch
– Veronline[.]in (formerly veronline[.]sh and veronline[.]cc)

Illegal IPTV and streaming services

– MagisTV.net
– Tele-latino.com
– TVExpress.pro
– Theking365tv.site
– GenIPTV
– King-IPTV.net
– Globe IPTV
– Crystal OTT
– Gogo IPTV
– SVI Cloud
– Unblock Tech
– WHMCS Smarters

Cyberlockers and video hosting services

– Doodstream (doods[.]pro)
– Baidu Wangpan
– VK[.]com
– Uploaded.net
– Mixdrop[.]co
– Streamtape[.]com
– Netu[.]ac
– Hqq[.]to
– Waaw[.]to

Piracy Apps

– EVPAD
– EVPAD
– MagisTV.video
– Telegram

P2p and BitTorrent portals

– 1337x[.]to
– ThePirateBay[.]org
– Rutracker[.]org
– Rutor[.]info
– YggTorrent

Hosting providers

– Virtual Systems, V-Sys
– Squitter, ABC Consultancy, Peenq, ESTOXY, BestDC, SERDECH
– Private Layer, Swiss Global, and affiliated companies
– DDoS-Guard.net

Registries

– .CH Registry
– .CC Registry
– .IO Registry
– .ME Registry
– .RU Registry
– .TO Registry

Advertisers

– 1XBET

Piracy as a Service

– 2embed[.]cc
– Vidsrc[.]to
– Njal[.]la
– Collaps.org
– GDrivePlayer
– XFileSharing/XvideoSharing

TV Operators

– SatCon Africa
– Excaf Telecom
– Cross Connect

From: TF , for the latest news on copyright battles, piracy and more.