Under U.S. law, rightsholders have an option to identify alleged copyright infringers, without directly having to file a lawsuit.

Instead, they can request a DMCA subpoena. These documents are typically signed by a court clerk and don’t require any judicial oversight. Specifically, they allow rightsholders to obtain the personal details of anonymous alleged infringers through third-party service providers.

Foreign companies are also aware of this discovery ‘shortcut’. For example, Korean game publisher Nexon previously used it to identify people who allegedly shared pirated content, including the games MapleStory and Sudden Attack, through Discord, .

Nexon Targets Discord with DMCA Subpoenas

When Nexon obtained a DMCA subpoena last October, Discord initially objected, deeming it “overbroad and unduly burdensome.” After the parties got together, an agreement was reached to confidentially disclose basic subscriber information related to 64 Discord User IDs.

Discord was clearly hesitant to cooperate but, faced with a motion to compel, it eventually chose to do so. However, the company did not envision that Nexon would return to court with similar requests a few months later.

In May, Nexon obtained a new DMCA subpoena, which again requires Discord to share the personal details of alleged copyright infringers. This time, the legal paperwork targets roughly two dozen users who allegedly shared copyrighted material related to the MapleStory game.

When the subpoena was issued, Discord had yet to send over the user details from the first request, which it eventually shared mid-June. However, going forward, the company doesn’t intend to adopt the role of anti-piracy data provider.

Discord Draws a Line

In July, Discord sent a letter to Nexon, informing the game company that it has no intention of cooperating with the latest request, describing it as improper.

“Now, you appear to be demanding additional information for yet more User IDs, which you allege infringe one of the same copyrights you have already asserted. You are attempting to renegotiate a deal that has already been struck and fulfilled. Your actions are improper,” Discord’s attorney wrote.

The letter outlined a broad list of objections and makes it clear that Discord doesn’t plan to invest substantial resources to help Nexon catch online pirates.

“Discord is committed to fulfilling its obligations under the law, but acting as your copyright assertion partner is not one of them. Your firm continues to make improper and overly burdensome demands […] including immediate threats of motion practice in non-existent legal matters.”

Prepared to Fight

The messaging platform wrote that it is prepared to file a motion to quash the subpoena, if needed. It further urged Nexon to withdraw their demands, and cease sending any similar ‘defective’ subpoenas going forward.

To support its stance, Discord made a list of twenty-two general objections and reservations. Among other things, the company wants to protect user privacy and their first amendment right to anonymous speech.

“Discord objects to the Requests as infringing its users’ decisions to remain anonymous, an aspect of their freedom of speech protected by the First Amendment. The Requests improperly seek to unmask anonymous speakers and consequently compel disclosure of material protected by the First Amendment,” it reads.

This strongly-worded letter didn’t have the desired result, however. Instead of backing off, Nexon doubled down, filing a motion to compel at a Texas federal court late last week.

The game company refutes Discord’s objections and asks the court to enter an order requiring Discord to produce the requested user data. Nexon says that it needs this information to protect its copyrights.

“Discord’s failure to cooperate discovery has impeded Nexon’s ability to discover relevant, non-privileged information that will support its potential claims against the users who have provided access to the infringing material,” Nexon writes.

While the court has yet to rule on the matter, Discord is expected to file a formal motion to quash the subpoena in response, as indicated in its earlier communications.

The dispute is yet another classic example of the clash between copyrights and user privacy, with online service providers in the middle. The fact that Discord’s compliance requires operational (time and money) resources, makes it even more complex.

This isn’t just an isolated issue that affects these two companies. The outcome of this brewing legal dispute could have a direct impact on similar DMCA subpoena efforts in the future.

—

A copy of the motion to compel, filed at the Texas federal court by Nexon Korea Corporation, is available here (pdf)

From: TF, for the latest news on copyright battles, piracy and more.

Six years ago when attention was focused elsewhere, the MPA warned that lacking legislation and rising broadband penetration would eventually transform Vietnam into a major online headache for rightsholders.

Yet perhaps not even the MPA expected sites like FMovies and Aniwatch to attract hundreds of millions of visitors every month. Coupled with a complex and politically sensitive environment in Vietnam, where established anti-piracy principles seemed to carry little to no weight, at times Hollywood’s prospects of countering this unique threat seemed uncharacteristically hopeless.

Then seemingly out of nowhere, after FMovies and sister sites Bflix, Soap2day, and Sflix had switched to another set of fresh domains, technical issues at FMovies led to its disappearance mid-July. Sites linked to FMovies shut down just a few weeks after.

Historic Win For MPA/ACE, Familiar Morning After Headache

With seemingly relevant information pointing to MPA/ACE involvement, official confirmation arrived late August.

Shutting down the world’s biggest movie and TV show sites in such difficult circumstances was undoubtedly a big win for the studios; yet in some respects, they’d been here before.

Most likely operated by the same group in Vietnam, 123movies shut down in 2018 only to reappear stronger than ever. Another example involved anime giant Aniwatch; ostensibly shut down by ACE while operating as Zoro in 2023, it simply rebranded to Aniwatch and casually pulled in record-breaking traffic.

Track Record of Deviating From Agreements

Whether anything similar is happening now in respect of FMovies and the other brands is difficult to say with complete certainty. However, with a few hundred million visits per month instantly available, it’s safe to say that sites with similar branding to those recently shut down are fighting for a share.

Some domains quickly scooped up millions of extra visits but keeping track of so many moving targets, especially those involving domain switches and/or rebranding, can be extremely challenging. Luckily, the MPA employs people to do the heavily lifting.

Threats Revealed in Site-Blocking Actions

Not long after Fmovies, Bflix, Soap2day, Sflix, and other connected sites switched domains late May, the MPA moved to have domains blocked by ISPs in the UK.

Around 100 of those domains seem potentially relevant to events in Vietnam due to the nature of the sites and familiar naming conventions. A further 100 potentially relevant domains were blocked in July, and after a break in August, 33 domains were blocked in September and a further 84 thus far in October.

The scale of the problem is illustrated below, although not every domain requested for blocking appears here.

Some domains blocked by the MPA

The majority feature well-known branding, either directly linked to the shuttered domains (FMovies, Bflix, Soap2day, etc), historically linked (such as 123movies/movies123 and gomovies), or linked by single/mixed branding also used by other sites operating in the same niche.

To make the list manageable, domains with low traffic, no obvious link to events in Vietnam, or operating in a different niche, were removed in advance. Those that remain must be operating as full pirate sites since that’s a requirement for blocking in the UK.

While FMovies was the most popular single site ever seen in the movie and TV show streaming sector, it appears that isn’t enough to detract from the popularity of 123movies/movies123 branding which takes the top slot at considerable distance.

Another surprise is an apparent lack of interest in Bflix, at least in respect of domains that become popular enough to be considered a blocking threat. It’s worth pointing out that while Bflix may seem insignificant here, more than 300 domains are currently listed as registered, with the majority still unexpired.

For Fmovies the number of domains previously registered rises to 1,400 and for 123movies/movies123 variants, around 3,500 seems like a reasonable estimate.

From: TF, for the latest news on copyright battles, piracy and more.

Popular Internet infrastructure service Cloudflare has come under pressure from copyright holders in recent years.

The company offers its services to millions of customers including multinationals, governments, but also some of the world’s leading pirate sites.

These pirate sites have proven to be quite a headache for Cloudflare. For example, rightsholders continue to complain that the company helps pirates conceal their hosting locations and identities, as was made clear again in recent submissions to the European Commission.

In some countries, rightsholders are using the legal system to address their gripes. This resulted in site blocking orders in Japan, Italy, and Germany. At the same time, Cloudflare has also been sued directly for its association with pirate sites.

Cloudflare’s Moldovan Piracy Lawsuit

In Moldova, for example, book authors Eugeniu and Radu Turuta, sued Cloudflare and several of its customers, including the anonymous operators of file hosting platform doku.pub. The authors accused these services of sharing pirated copies of their book “5000 Integrated Circuits Power Audio Amplifiers”.

When the authors sent Cloudflare a takedown notice, the company responded that it doesn’t host any content for doku.pub, clarifying that it operates as a ‘pass-though’ CDN provider. Instead of taking any direct action, Cloudflare said that it would inform its customers about the allegations.

This response is typical for Cloudflare. The company generally forwards DMCA takedown notices and only takes direct action if it permanently hosts the allegedly infringing material.

However, in the Moldovan case, the authors argued that Cloudflare had the technical capacity to block access to the infringing content on doku.pub, but failed to do so despite being notified. This inaction, they claimed, made Cloudflare complicit and directly contributed to their financial losses.

In 2022, the Chisinau Court dismissed the authors’ claim. The court held that Cloudflare, as a CDN provider, merely acted as an intermediary and was not directly involved in hosting or distributing the pirated content.

This ruling was appealed, with the higher court taking a different stance, emphasizing the responsibility of CDNs to actively combat copyright infringement within their networks.

$1.4 Million Piracy Judgment

The Court of Appeal’s ruling puts Cloudflare on equal footing with other Internet providers. Essentially, it concluded that it doesn’t matter whether Cloudflare merely passes on traffic or if it hosts content as well.

“The company Cloudflare Inc does not provide data transmission services over the internet to the https://doku.pub website, but it does provide data transmission services between the https://doku.pub website and the end users, and this fact is confirmed by Cloudflare Inc., which claims to be a pass-through network.

“[T]he court finds that, by reproducing the content of the works (books) in dispute, without the consent of the authors, there has been a violation of the patrimonial copyright of the plaintiffs,” the Court of Appeals added.

Based on these conclusions, the Court held that Cloudflare is liable for copyright infringement, ordering the company to pay €1.27 million (approximately $1.4 million) in damages to the authors.

Authors Ask U.S. Court to Enforce Judgment

The judgment was undoubtedly a major setback for Cloudflare. In particular, it conflicts with the different types of safe harbors for Internet providers in the United States, where pass-through services are treated differently from hosting platforms.

Despite the court of appeal’s order, the issue isn’t fully resolved yet. According to the authors, Cloudflare has yet to pay any damages. To ensure that this will happen, they took the matter to the U.S. legal system.

At a U.S. federal court in California, the rightsholders point out that the judgment from the Chisinau court of appeal is final, adding that Cloudflare has yet to pay. They therefore ask the court to recognize this foreign order as a valid judgment, so the damages can be collected.

The case was initially filed at the Superior Court of the State of California but was transferred to the federal court this summer, where it’s still pending. Cloudflare has yet to file a detailed response, but it will likely point to the safe harbor protection U.S. copyright law provides.

In theory, the outcome of this case could have far-reaching implications for copyright holders and CDNs worldwide. If the US court recognizes and enforces the Moldovan judgment, it could inspire other copyright holders to pursue similar legal actions against CDNs.

However, enforcing foreign judgments in the U.S. is complex and certainly not guaranteed. The U.S. court will consider various factors, including whether the Moldovan court had jurisdiction and whether the judgment violates U.S. public policy.

In addition to the liability and jurisdiction questions, Cloudflare will likely protest the scale of the damages award as well. In the United States, the maximum statutory damages for a single copyrighted work is $150,000, which is a fraction of the Moldovan award.

—

A copy of the legal paperwork, which is currently pending at the U.S. District Court for the Northern District of California, is available here (pdf)

From: TF, for the latest news on copyright battles, piracy and more.

Prosecutions of those involved in the sale of pirate IPTV subscriptions appear to be on the rise, not just in the UK, but also in the EU and beyond.

Resources made available for these cases are in limited supply but by carefully selecting those with the best chance of success, there appears to be a high rate of conviction, despite attitudes to infringement differing in various regions.

A persistent difficulty when attempting to compare similar cases, is whether aggravating or mitigating factors played a significant role in sentencing. Whether a sentence is too harsh, not harsh enough, or simply par for the course, becomes almost impossible to determine when this relevant information is excluded.

Husband and Wife Team Sentenced

On Friday, the Federation Against Copyright Theft (FACT) reported on the sentencing of a man and woman from County Londonderry for IPTV-related offenses. Cormac McGuckin (38) and Maura McGuckin (34), a married couple from Bellaghy, had appeared on FACT’s radar before the anti-piracy group referred the matter to the police. That led to a “lengthy and complex investigation” by detectives which FACT says concerned the sale of subscriptions “with more than £700,000 involved.”

FACT’s report notes that on June 4, 2024, Cormac McGuckin pled guilty to charges including participating in a fraudulent business between January 1, 2016 and June 18, 2020. “He also admitted possessing articles for use in fraud on June 18, 2020. He also pled guilty to charges of converting criminal property, possessing criminal property and transferring criminal property,” FACT notes.

At Omagh Crown Court on Friday, Cormac McGuckin received a four-year sentence, two years to be served in prison with the remaining two years spent on license.

On the same day, Maura McGuckin pled guilty to “converting criminal property on holiday-related expenses and car payments, and possessing criminal property,” FACT reports. For these offenses, committed between April 21, 2017 and June 18, 2020, the 34-year-old received a 12-month prison sentence, suspended for two years.

Too Long, Too Short, Or About Right?

In IPTV piracy cases, how much the offenders “made” is often interpreted as profit by the media but usually relates to the total amount customers paid, with no costs taken into consideration.

In this case, FACT’s comment of “more than £700,000 involved” is a reference to the total sum of money involved in all of the charges to which the defendants pled guilty. Our best estimates suggest the following;

• ~£737,000 was transferred into and out of a joint PayPal account (total amount)
• ~£684,000 of total relates to charges of ‘transferring criminal property’ (five counts)
• ~£367,000 of total relates to charge of ‘possessing criminal property’
• ~£30,000 in seized cash relates to charge of ‘possessing criminal property’
• -Seized laptops/mobile phones relate to a charge of ‘possessing items for use in fraud’

The charges of converting criminal property against Maura McGuckin (and Cormac) initially reported by FACT concerns around £45,000 in finance payments for high-end cars and around £26,700 spent on holidays. When combined, that’s over £70,000 spent on obvious luxuries. The Court didn’t buy the claim that McGuckin failed to grasp her husband’s line of business but with an otherwise clean record, 12 months’ prison suspended for two years isn’t especially surprising.

The same can’t be said about a laundry list of aggravating factors relevant to the sentencing of her husband.

IPTV Offenses Occurred Shortly After Release From Prison

The investigation into McGuckin’s activities led detectives to the El Paso Burrito Bar in Dungannon, a takeaway/delivery restaurant owned by McGuckin at that time. When police eventually swooped, searches took place at both the takeaway and at McGuckin’s home.

Evidence seized included electronic devices and information that showed IPTV sales to around 2,000 subscribers. If 2,000 customers paid £7.50 per month and subscribed every month for four years, that’s £15,000 for 48 months, to a grand total of £720,000. Of that amount, it’s estimated that £475,000 represented profit. In broad terms, the figures sound about right.

Less easily consumed is the fact that McGuckin’s pirate IPTV-related offenses began soon after he’d been released from prison after serving eight months, while still on license for a fraud offense the court described as “shocking.”

In 2012, McGuckin had been working at a company selling wine. There he befriended a customer, a 71-year-old pensioner suffering with Alzheimer’s. Through abuse of the customer’s account at the wine company and writing out fraudulent checks to himself or his soon-to-be wife, the pensioner was conned out of at least £17,000. He only found out when the bank called about a £10,000 overdraft he knew nothing about.

After being arrested and interviewed twice, on both occasions McGuckin claimed the money was a loan. He later admitted that part of the money was used to pay for his wife’s wedding dress and bridal accessories, a local news outlet reports.

Involved in Other Criminality?

Anti-piracy groups like FACT push specific messaging to the public through repetition, but mostly without practical examples that would serve to make those claims more credible. One key claim is that many of those involved in the sale of pirate IPTV are often involved in other criminality too.

Yet despite that clearly being the case here, with previous convictions mentioned in court as an aggravating factor, the above received no mention. The same applies to a one-month prison sentence (suspended for two years) in 2012 for one count of fraud and 13 of theft for using a former employer’s credit card to steal around £1,000.

Not even impersonating a police officer, in order to have his wife’s wedding tiara released from a shop, when the shop had refused to release it because of police inquiries into credit card transactions, made it as background. According to an Irish News report, McGuckin has 23 previous convictions for fraud and dishonesty, including the theft of £17,000 from the 71-year-old which the paper says was partly used to replace money stolen from his then fiancée, now wife.

Conclusion

That the IPTV-related offenses took place while on still on license following another conviction for fraud, is clearly problematic. The report claiming 23 previous convictions for fraud and other dishonesty-based crimes not only shows a prolific offender, but one that the courts could’ve stopped longed ago, but failed to do so.

To that background and the money sums involved, two years in prison seems unlikely to act as a deterrent and tends to make the justice system appear somewhat weak. A comment from Detective Sergeant Robinson thanked FACT for its support and reminded everyone that piracy is not a victimless crime. It also came with a warning, most impactful if read in isolation, less so in the context of the above.

“Users and subscribers of illegal services should also be aware that they too are committing an offense for which they can be identified and prosecuted,” Det Sgt Robinson said.

From: TF, for the latest news on copyright battles, piracy and more.

Piracy Shield’s first birthday is still several months away so the appearance of a study into its effectiveness came as a surprise but not an unwelcome one.

Commentary by Italian telecoms regulator AGCOM, mirrored by top-tier football league Serie A and streaming service DAZN, hasn’t been at all useful for those seeking answers to the two most important questions:

1) How effective is Piracy Shield at denying access to pirate live sports streams?
2) What is the effect (if any) on new subscriber uptake and customer churn?

Thus far, success has been expressed via the number of domains and IP addresses added to the system for blocking. With roughly 25,000 domains and IP addresses currently blocked, and huge numbers added week after week, the need for more blocking is just as easily framed as a measure of failure.

How Effective is Piracy Shield?

A study to measure how effective Piracy Shield is at blocking was recently conducted at the University of Padua. Graduate student Maffei Davide and Prof. Alessandro Galeazzi, with support from Dr. Giacomo Quadrio and Dr. Enrico Bassetti of the SPRITZ security group, opted for an analysis of network traffic via the university’s VSIX[g] node.

“The project was born from the need to collect information on the functioning of Piracy Shield, as well as on the evaluation of its effectiveness. Through the analysis of network flows, we want to be able to distinguish video flows from other types of traffic and identify the differences between ordinary and pirated traffic,” David Maffei explains.

Using traffic analysis, the researchers examined various characteristics such as communication protocols (TCP, UDP), network ports commonly associated with streaming services, stream duration and size, and packet flags signaling successful transmission and reception.

Through the analysis of these and other characteristics, the researchers aimed to isolate video streaming traffic from other network activity. The next task was to isolate likely legal streaming traffic, from traffic likely to be illegal.

Identifying Legal Streaming Traffic

To identify streaming traffic likely to be legal, the researchers needed to establish which companies hold the broadcast rights for the sporting events being analyzed. After identifying Sky and DAZN, the next step was to discover their Content Delivery Network (CDN) partners; in this case, both Sky and DAZN mainly use Akamai.

The next stage required the researchers to determine the IP addresses generating network traffic coinciding with football match broadcasts. The paper provides additional detail but in broad terms, the researchers considered i) average traffic rate (between 1 and 20Mbps), ii) consistent traffic patterns (to exclude addresses with high traffic peaks unrelated to streaming), and iii) significant difference in traffic during match time, when compared with the two-hour slots before and after a game.

After identifying the Content Delivery Network (in this case Akamai) used for legal broadcasts and finding the corresponding Autonomous System Numbers (ASN), the researchers were able to reconstruct the legal streaming traffic to generate a legal traffic baseline, as illustrated in the image below.

Legal traffic baseline (May 2024)

This baseline allowed the researchers to compare legal traffic with suspected illegal traffic.

Identifying Suspected Illegal Streaming Traffic

The researchers began by identifying the most-used network ports used during the match period; overwhelmingly ports 443 (https) and 80 (http) in the top 50.

The data generated by these high-traffic ports was analyzed to detect network flows with similar characteristics to those associated with video streaming, following the pattern of legal traffic established in the baseline. To facilitate identification, traffic graphs were generated for each port, with port 41122 producing a very similar profile to the legal baseline.

Among many checks carried out to ensure that traffic was actually illegal, the researchers compared this traffic with traffic generated by ASNs linked to websites previously blocked for copyright infringement. Again, the finer details are available in the full report.

Piracy Shield: Effective or Not?

When referencing Piracy Shield, the researchers appear to take the whole system into consideration, from the detection and identification of pirate streams by affected rightsholders, to the eventual blocking of domains and IP addresses by ISPs.

Key metrics the researchers wanted to consider but were forced to leave out, include detection rates, false positive rates, response times, and efficient management of IP addresses and availability. The researchers cite limited data availability and a general lack of transparency throughout the system as obstacles to more comprehensive research.

To evaluate the effectiveness of Piracy Shield, the researchers compared legal traffic with suspected illegal traffic. The image below shows data reconstructed from traffic generated by ASNs associated with IP addresses blocked by Piracy Shield (orange) and separately identified legal traffic (blue).

“The graph highlights that illegal traffic presents significant volume peaks at football match times, indicated by the vertical dotted lines. These peaks coincide temporally with the start an end of sports events, suggesting a strong correlation between presumed pirate traffic and the unauthorized transmission of sports content,” the report notes.

The paper notes difficulties in identifying specific patterns related to illegal video streaming (orange), although a clear pattern typical of streaming did emerge. On the other hand, legal traffic (blue) shows smaller fluctuations.

A more concerning finding for rightsholders is the volume of suspected illegal streaming, which at times overlaps with legal streaming traffic, further complicating the task of distinguishing legal from illegal traffic. More sophisticated algorithms and filtering techniques may be needed to improve identification accuracy.

Conclusion: “Some Effectiveness”

Overall, the results of the traffic analysis suggest that Piracy Shield demonstrated “some effectiveness” in reducing illegal traffic but the scale of the impact – and of course any effect on subscription uptake – is beyond the scope of the study.

The continued availability of pirate sites and the ability of users to circumvent blocking are cited as key concerns, along with strong negatives concerning the platform itself.

Rightsholders’ ability to implement blocking without supervision, meets a lack of transparency and scrutiny in general, and the suggestion of unaccountability. Implications for net neutrality are also raised as a concern.

Whether “some effectiveness” justifies the imposition of the many negatives on everyone except Italian football, will remain a lively topic of debate. There seems little here to inspire confidence that it’s all been worthwhile, but that may be challenged once the first comprehensive rightsholder-funded research sees the light of day.

Evaluation of the Effects of Piracy Shield Through Video Stream Analysis and Its Operation (pdf)

From: TF, for the latest news on copyright battles, piracy and more.