The Pirate Bay has been around for nearly two decades, which is quite an achievement considering the immense legal pressure it has faced over the years.

Swedish police tried to shut the site down , twice, raiding dozens of servers. This ultimate goal failed but local authorities did prosecute the site’s three co-founders, who all served time in prison for their involvement.

The notorious torrent site stood tall in the midst of this turmoil and continues to operate from thepiratebay.org until this day. While it is no longer the largest piracy site online, anti-piracy forces haven’t forgotten about it.

Pirate Bay Targeted in New Subpoena Wave

This week, we spotted yet another attempt to uncover the current operators. Through the Motion Picture Association, the Alliance for Creativity and Entertainment (ACE) requested a DMCA subpoena at the U.S. District Court for the Central District of California.

These subpoenas are not uncommon and are typically directed at third-party intermediaries, Cloudflare in this case. The Pirate Bay is a Cloudflare customer and through the court, ACE requests all useful information the California company has on its illustrious client.

“The subpoena requires that you provide information concerning the individuals offering infringing material described in the attached notice,” ACE informs Cloudflare.

“[Y]ou are required to disclose […] information sufficient to identify the infringers. This would include the individuals’ names, physical addresses, IP addresses, telephone numbers, e-mail addresses, payment information, account updates and account history.”

These DMCA subpoenas don’t require any judicial oversight. In most cases, they are swiftly signed off by a court clerk. The legal paperwork is then sent to Cloudflare, which typically replies with all relevant information it has on file.

Actionable Intel?

Whether this will result in any useful information for ACE is hard to tell. The Pirate Bay knows all too well that these subpoenas exist so likely anticipated this request. After all, ACE targeted the site with a similar request three years ago.

In addition to The Pirate Bay, ACE subpoenas target a variety of other domain names as well. These include thesoap2day.com, cuevana2.biz, seriesflix.is, and more than a dozen others.

The domain tor.cat appears to be an odd entry, as that’s merely a redirect to a .onion domain on the dark web. The .onion domain belongs to DonTorrent, which previously taunted ACE by listing the anti-piracy coalition’s boss Jan Van Voorn as the site’s owner.

Van Voorn and his team hope that their new subpoena requests will help to pinpoint the owners of the listed sites. While results are not guaranteed, this strategy has proven to be effective in the past, at least in some cases.

“Disclosure requests have been a very effective way for ACE to expand its investigations,” Van Voorn previously told us.

“Through these processes we target all relevant intermediaries that have customer information that can help us identify the operator of a pirate site or service, including hosting providers, payment processors, advertising networks, etcetera.”

Fabricated Data

The information in Cloudflare’s administration isn’t always useful. Many operators of pirate sites and services use fabricated or inaccurate details to sign up, but ACE says that it often gets something useful out of it.

“While the information obtained does not always instantly identify the individual running a pirate operation, there are almost always leads we can follow that either give us investigative insights or that help confirm prior suspicions.”

Even if the information turns out to be useless for direct enforcement purposes, it can still prove helpful. After all, it can help ACE to argue that online intermediaries should have stricter Know Your Business Customer (KYBC) requirements.

—

Copies of the subpoena requests filed this week are available here ( 1 , 2 , 3 , 4 , 5 , 6 ). A full list of all the mentioned domain names is available below.

– thesoap2day.com
– tor.cat
– thepiratebay.org
– cuevana2.biz
– cuevana3.ai
– cuevana3.mu
– compucalitv.com
– seriesflix.is
– filmisub.com
– filmi7.com
– fmoviesfree.to
– topflix.fm
– filmeshdtorrent.com
– photocall.tv
– multicanais.vc
– megacamais.com
– furiaflix.net
– moviehdapkdownload.com
– download.teatvapkdownload.com
– tv.tvzon.tv

From: TF , for the latest news on copyright battles, piracy and more.

Website blocking has become an increasingly common anti-piracy tool. ISPs in dozens of countries have been ordered by courts to block pirate sites.

More recently, these blocking requests have expanded to DNS providers as well. In Germany, for example, a court ordered DNS resolver Quad9 to prevent users from accessing the music piracy site Canna.to.

Court Ordered Cloudflare to Block Torrent Sites

As one of the larger DNS resolvers, Cloudflare is also under fire. In Italy, several music companies, including Sony Music, Warner Music, and Universal, took Cloudflare to court, demanding the blocking of three torrent sites on the company’s freely available 1.1.1.1 resolver.

Last year, an Italian court sided with the music companies . Through an interim order, the court ordered the blocking of kickasstorrents.to, limetorrents.pro, and ilcorsaronero.pro, three domains that are already blocked by ISPs in Italy following an order from local regulator AGCOM.

Cloudflare was unhappy with the court’s decision and immediately protested the injunction. The challenge failed last November when the court upheld its initial ruling , discarding Cloudflare’s objections.

Among other things, the court held that the blocking order doesn’t require the DNS resolver to surveil user activity, as Cloudflare challenged. A general monitoring obligation for online intermediaries would violate EU law, but the court determined that wasn’t relevant in this case.

“Cloudflare’s obligation to intervene to prevent the resolution of names does not derive from a general duty of surveillance but arises with the reporting of the specific illegal activity carried out through the public DNS service,” the court held.

Court Confirms DNS Blocking Requirement

The ruling was a setback for Cloudflare, but that wasn’t its only challenge. The American company filed an additional application where it requested clarification on the technical implementation of the blocking order. According to Cloudflare, blocking measures severely interrupt its DNS service, also in relation to competitors.

In a new ruling last week, the Court of Milan dismissed these arguments as well. According to the court, the original order already confirmed that blocking the site is technically feasible. Any issues regarding the technical efficiency of the measures are outside of the scope of the injunction proceedings.

The Court of Milan further highlighted that Cloudflare already blocks content on its DNS servers. For example, on its DNS resolver for families .

“The evidence on record seems to suggest that the appellant itself sets up general preventive verification systems on the content of the sites it serves, with regard to the monitoring of content unsuitable for minors or for crimes related to pedophilia,” the court noted.

Rightsholders Prepare Follow-Up Requests

The music companies are pleased with the court’s confirmation. According to music industry group IFPI, it sets an important precedent, confirming that online intermediaries, including DNS resolvers, can be required to take anti-piracy measures.

While the present order only applies to three sites, local telecoms regulator AGCOM has already ordered local ISPs to block thousands of piracy-related domains. This means that Cloudflare could also be subjected to follow-up requests.

Enzo Mazza, CEO of Italian music industry group FIMI , informs TorrentFreak that the music industry does indeed have plans to request additional blockades. Not just from Cloudflare, but also from other online intermediaries.

“We will continue our strategy based on blocking orders issued by AGCOM. This will involve new requests to Cloudflare and potentially other similar platforms not complying with the AGCOM blocking orders,” Mazza says.

Cloudflare Vowed to Fight

TorrentFreak reached out to Cloudflare for a comment on the dismissal, but we received no immediate response. The company previously said that it would do everything it could to protest DNS blocking orders, as these could affect other countries as well.

“Because such a block would apply globally to all users of the resolver, regardless of where they are located, it would affect end users outside of the blocking government’s jurisdiction,” Cloudflare noted .

Last September, the company said that it hadn’t blocked content through the 1.1.1.1 Public DNS Resolver yet. Instead, it relies on an “alternative remedy” to comply with the Italian court order.

Following the most recent court order, Cloudflare’s options to appeal against the interim injunctions are exhausted. The company could still file a lawsuit to challenge the merits of the blocking requirements, however.

From: TF , for the latest news on copyright battles, piracy and more.

The InterPlanetary File System, more broadly known as IPFS , has been around for a few years now.

While the name may sound a little alien to the public at large, the peer-to-peer file storage network has a growing user base among the tech-savvy.

In short, IPFS is a decentralized network where users make files available to each other. A website using IPFS is served by a “swarm” of users in much the same way BitTorrent users share content with each other.

Completely Decentralized

The advantage of this system is that websites can become completely decentralized. If a website or other resource is hosted on IPFS, it remains accessible as long as the computer of one user who “pinned” it remains online.

The advantages of IPFS are clear. It allows archivists, content creators, researchers, and many others to distribute large volumes of data over the Internet. It’s censorship resistant and not vulnerable to regular hosting outages.

IPFS is also a perfect match for ‘pirate’ sites. Due to its decentralized nature, IPFS sites are virtually impossible to shut down. This aspect was already highlighted by Pirate Bay co-founder Peter Sunde back in 2016 . More recently, IPFS was promoted by Z-Library after its domain names were seized .

Cloudflare’s IPFS Gateway

IPFS has also been embraced by many legal services. Most notably, Cloudflare gave it a boost by launching its own IPFS gateway , allowing the public to access IPFS resources without having to install specialized software.

Cloudflare’s IPFS gateway has been running for a few years now. Technically, the internet infrastructure company has no control over any of the content being made available, but that doesn’t mean there are no complaints.

Apparently, some people or organizations have complained about the content that can be accessed through Cloudflare’s IPFS gateway.

While the accessed content is in no way controlled by Cloudflare, the San Francisco company takes these complaints rather seriously. The same also applies to the Ethereum gateway, which offers easy read-and-write access to the Ethereum network.

Cloudflare Disables IPFS Access

In its most recent transparency report , Cloudflare explains that it will respond to valid abuse requests by disabling access. This includes spam reports as well as copyright infringement complaints.

“Although Cloudflare does not have the ability to remove content on IPFS or Ethereum, Cloudflare may disable access through Cloudflare-operated gateways to certain content on IPFS and the Ethereum network in response to abuse reports, including reports of copyright, technical, and other abuse.”

“This action does not prevent access to that content through other gateways, which Cloudflare does not control,” Cloudflare clarifies.

In the first quarter of 2022, Cloudflare reports that this policy resulted in 1,073 IPFS actions. Presumably, this means that the company disabled access the same number of items on the IPFS network. No such actions were taken for the Ethereum gateway.

Cloudflare’s actions are notable for a couple of reasons. For one, it shows that decentralized and censorship-free networks lose their key feature when they are accessed through centralized gateways.

IPFS vs. DNS vs. CDN

What also stands out is that Cloudflare disables content in response to copyright complaints. The policy for its CDN service is different; it only forwards complaints to the affected users.

For example, when rightsholders send a complaint about The Pirate Bay, which uses Cloudflare, the company takes no action aside from forwarding the notification to The Pirate Bay team.

We asked Cloudflare about its motivation to take action in response to copyright complaints for its IPFS gateway, but the company didn’t immediately respond. If we had to take a non-informed guess, we expect that the lack of forwarding options for IPFS content might have something to do with it.

Cloudflare has no option to forward any complaints for IPFS content because it does not know who controls it.

That said, this raises the question of how the IPFS gateway is different from Cloudflare’s DNS resolver, which essentially operates as a gateway to the regular Internet. Cloudflare previously said that it will fight copyright-related DNS blockades , even if they’re backed up by a court order.

Apparently, that’s not the case for IPFS.

From: TF , for the latest news on copyright battles, piracy and more.

Human beings have a tendency to want things they can’t have. A modest interest in a particular item or activity can inexplicably soar when it’s recognized as rare or unavailable. When strictly forbidden, even regular fruit can prove irresistible.

Spotify offers 100 million tracks to hear right now, including the vast majority of the greatest pieces of music ever written. Yet for some, the lure of an unreleased track can outweigh every single one of them; unattainable, forbidden and rare is a potent mix and may explain why pirates are paying silly money for leaked, pirated music.

Dozens of Avicii Leaks

When producer Tim Bergling passed away in 2018, the prospect of never hearing a new Avicii track was suddenly very real. Two albums and various tracks were eventually released, but then – PAB happened.

In 2022 the Public Avicii Buy Server (PAB) channel on Discord became a hot location for unreleased Avicii tracks. Faced with having to pay for them, fans worked to ‘groupbuy’ a long list of Avicii tracks including ‘Let’s Roll’ and ‘Lethal Drug V2’ which featured Chris Martin & SZA.

Sources Unknown But Some Files Were Apparently Stolen

How the music was obtained isn’t clear; some believed the PAB seller bought the tracks and then sold them to fellow Avicii fans at cost price. Others spoke of hacked accounts and big profits. Late 2022, after another ‘PAB’ release (‘Island’) appeared online , a Reddit user jumped in to comment

“Hey guys! My name is Jonas Wallin and my alias is The High,” the music producer posted on Reddit.

“I wrote Island and it’s coming out soon in fact. The leaked vocals are mine, my vocal stems. It’s the same with Loving Feeling. I would recommend you to not pay someone for these files since they were stolen from me. Thanks.”

RIAA Investigates Unreleased Sounds

According to various sources, the track made its way to PAB via a private leak site called Unreleased Sounds. It’s unclear whether the RIAA’s member labels have any interests in the dozens of Avicii tracks leaked so far, but they do want to know who runs the 15/16 month-old site.

Citing three previously leaked tracks – ‘Hot Saturn’ by Lil Nas X, ‘Rockstar Status’ by Juice WRLD, and PnB Rock’s ‘I Know They Mad’ — on March 13 the RIAA filed an application for a DMCA subpoena at a district court in Columbia, Washington.

“The purpose for which this subpoena is sought is to obtain the identities of the individuals assigned to these websites who have reproduced and have offered for distribution our members’ copyrighted sound recordings without their authorization,” the application reads.

In a letter to Cloudflare, the service targeted in the subpoena, the RIAA requests several pieces of information.

“As is stated in the attached subpoena, you are required to disclose to the RIAA information sufficient to identify the infringers. This would include the individuals’ names, physical addresses, IP addresses, telephone numbers, e-mail addresses, payment information, account updates and account history, as available.”

The DMCA subpoena, which also references two additional platforms (NoTube.net and Aonode.com), has now been issued so it’s likely Cloudflare will hand over the information in the coming days, if it hasn’t already.

Unreleased Sounds

It’s not difficult to find reports of unreleased tracks being leaked by Unreleased Sounds. Operating from at least two domains – unreleasedsounds.gg and unreleased.gg – the platform became a members-only service last October, meaning that today’s prospective members need an invite code to sign up.

“Our website is now a closed/invite only marketplace,” the site’s operator wrote.

The screenshot above reveals Kanye West and Avicii as featured artists on Unreleased Sounds. While that doesn’t provide hard evidence that the platform was the source of previous Avicii leaks, comments from the site’s operator suggest that if fans have the money, more Avicii music is indeed available.

The DMCA subpoena also covers Aonode.com and NoTube.net, a stream-ripping platform with tens of millions of monthly visits.

DMCA Subpoenas and Links to Infringing Content

The RIAA previously sent DMCA takedown notices to Cloudflare asking for the allegedly infringing content to be removed. How Cloudflare responded to those notices is unclear but in one case, it may have been difficult to know exactly what to take down.

Unlike the URLs for the other sites, the three Unreleased Sounds links appear to be artist categories rather than links to specific content. Given the overall nature of the platform, that’s not particularly unreasonable, but it does raise the question of why the direct links were left out.

One possibility is that the links were external and carried the domain of a far less interesting hosting site. Another is that artist page URLs are much easier to guess from outside once the general format is known. But whatever the reason, RIAA subpoenas are relatively rare and being featured in one rarely ends well.

The RIAA’s DMCA subpoena application can be found here ( 1 , 2 , 3 , 4 , pdf)

From: TF , for the latest news on copyright battles, piracy and more.

After thriving in what was once a localized traditional market, Japanese comics known as ‘manga’ took the world by storm. Publishers and authors could only watch as their work fueled a huge but unlicensed black market.

By offering free localization and distribution services in what was once a chronically underserved overseas market, hobbyist translators and pirate sites made manga more accessible in every way. The problem for manga creators and publishers today is that pirates offer their copyrighted content for free in the same global market.

A new breed of highly-commercialized pirate entities, many of which seem to love money more than manga, only add to what is already a complex problem. And when Japanese rightsholders seek to mitigate infringement in overseas legal processes, new challenges appear around every corner.

Publishers Seek Help From U.S.

In August 2022, Japanese manga publisher Shueisha filed an ex parte application at a California district court seeking information for use in a foreign proceeding – a lawsuit in Vietnam or Japan targeting pirate site operators.

Hoping to identify the operators of pirate manga sites including gokumanga.com and doki1001.com, Shueisha sought permission from a court to obtain information from U.S. companies including Cloudflare, PayPal, Visa, Mastercard, and Google.

Even at this early stage, some of the pirate sites had moved to new domains. At least one site had been targeted in a DMCA subpoena obtained a year earlier and may have switched domains around that time too.

New Request For Information

On February 10, 2023, Shueisha teamed up with major publishers Shogakukan, Kadokawa, and Kodansha in another ex parte application ( 1 ) and proposed order ( 2 ), filed this time at a district court in Delaware.

Once again, the companies requested access to information held by U.S. internet companies to support a potential lawsuit in Vietnam or Japan.

GoDaddy and eNom customers had registered domains for two pirate manga sites, and the rightsholders were keen to receive any information that might help their investigation. Those domains – gokumanga.com and doki1001.com – were also among the targets in the ex parte application filed last August.

More than six months later, the first process is still ongoing, and according to the recent application, no pirates have been identified. The domains they used have long since been replaced, but in the past, redirected to other domains listed in the same application. It’s complex and messy, almost certainly by design. In this space, domain names may redirect, hibernate or even die, but the underlying sites prefer reincarnation.

Rightsholders Test Every Possible Option

Manga publishers, anti-piracy groups, the recording industry (RIAJ), movie and TV show companies (JIMCA and the MPA), trade organizations, tech companies players, search engines, and Japan’s government, are engaged in almost constant communication over potential anti-piracy tools and the issues they raise.

Overseas legal procedures are considered burdensome, expensive, and a strain on both time and resources, says manga publisher Shogakukan. Plans to partner with overseas entities to create a more effective international legal network could help, but that will also take time.

In the short term, rightsholders will continue to request subpoenas, hoping that information held by U.S. service providers will help them to identify pirates. At the same time, every possible enforcement idea is considered worthy of exploration.

Liability, Pressure on Intermediaries

Other options under discussion include increased liability for intermediaries and requirements for ISPs and OSPs to obtain and retain more detailed customer information. Along those same lines, the MPA and its Japanese partners have drawn attention to U.S. Executive Order 13984 .

The order is supposed to deter foreign malicious cyber actors’ use of US-based Infrastructure as a Service (IaaS) platforms. Hollywood’s goal is to ensure that every domain name company, DNS provider, CDN, web hosting service, reverse proxy provider, advertising company and payment processor are bound by the same rules, so that pirates can be more easily identified.

Site Blocking and CDN Providers

Large international rightsholders are broadly in favor of site-blocking measures, but the topic is controversial in Japan. Proposals to restrict access to information would almost certainly face challenges under Japan’s constitution.

At least as things stand, site-blocking proposals seem to lack momentum: freedom of expression, the protection of confidentiality of communications, and the prohibition of censorship, carry significant weight in Japan. These red lines may never be overcome but more immediate issues already have universal support.

One of the most discussed issues concerns CDN providers, Cloudflare in particular. Despite various angles and mounting criticism, Cloudflare has thus far refused to give any ground. If rightsholders in Japan want content taken down, they should focus on hosting companies. These are the entities that can actually remove content; removing Cloudflare leaves infringing content online, the company says.

Suggestions that Cloudflare faces liability for pirate sites are directed to the Mon Cheri v. Cloudflare lawsuit in the U.S., from which the CDN company emerged with a clear win.

Claims that Cloudflare ‘hides’ the IP addresses of pirate sites are met with the usual response: if a site is infringing, any complaints will be forwarded to the site’s host. If personal information is required, rightsholders should present a court order.

The reasons are unknown, but discussions with Cloudflare on this topic are sometimes marked ‘undisclosed’ or confidential in reports that openly discuss other companies’ input.

In broad terms, few of those who express an opinion are happy with Cloudflare’s position. Paraphrasing comments made over the last few months, the general sentiment is that if Cloudflare has a primary goal of protecting sites from abuse on the internet, why is it the primary protector of pirate sites that are abusive in themselves?

Since Cloudflare’s position is both clear and consistent across markets, the end result is a circular argument from which there are no obvious means of escape.

Search Engines

Google appears to be taking the same position in Japan as it does elsewhere . If a court rules that a site is illegal and should be blocked in its entirety, Google is likely to deindex its domain so it never appears in Japan’s search results.

One of Yahoo! Japan’s anti-piracy contributions is more immediately visible. When users search for the term ‘海賊版’ (English: pirated version/pirate copy) Yahoo! returns an unmissable promotion for the STOP! anti-piracy campaign run by Authorized Books of Japan (ABJ) to protect manga and similar content.

Other suggestions receiving support include educational or ‘enlightenment’ campaigns to guide casual pirates back on the right track. The music industry hopes to ensure that anti-piracy education reaches Japan’s children, preferably during the early years of school.

Advertising, Domains, Security Software, Web Browsers

The Japan Network Information Center (JPNIC) is Japan’s internet registry with responsibilities that include the allocation of IP addresses and AS numbers. JPNIC has reported discussions with ICANN relating to anti-piracy issues, noting that the Japanese government’s “continuous efforts at ICANN are paying off.”

Exactly what that means is unclear, but there does appear to be some pressure on ICANN to ensure that domain registries and registrars remain in compliance with the terms of their contracts. Those terms require customers to provide identifying information but by various means, that’s usually not the case.

Overall, and in common with rightsholders elsewhere, there’s a general sentiment that pirate sites abuse domain names. People who abuse domain names in the trademark arena tend to lose them; some feel that should be the case with pirates too.

On the understanding that advertising fuels many pirate sites, disruption in this area is seen as a priority. A music industry group says that identifying and obtaining contact information for advertising companies placing ads on sites should be a short-term priority. Longer term, technical measures to prevent adverts ever appearing on pirate sites should be the goal.

Non-profit organization Virtual Rights suggested that companies behind web browsers (e.g. Google LLC, Mozilla Foundation, etc.) could provide assistance on this front.

What Can Be Done About Vietnam?

Pirate sites with connections to Vietnam are recognized as causing global problems for companies in publishing, movies, TV shows, music and beyond.

Manga publishers Kadokawa and Kodansha say that all overseas pirates cause problems, but the latter concedes that the Vietnam problem is “enormous.” Shogakukan says that when it comes to ‘malicious’ platforms with the most visitors, Vietnamese sites present the biggest problem.

Optimism that new legislation might ease the situation can be dampened relatively easily: Fmovies, BestBuyIPTV, Abyss.to, Fembed, 2embed.to – the list goes on and on.

Pirate sites have been shut down in Vietnam but as far as we can tell, mostly for displaying outlawed gambling advertising rather than piracy. Facing the same issues, the Alliance for Creativity and Entertainment wants to recruit new members inside Vietnam, hoping that will turn the tide.

Various reports from the United States, EU, and UK describe a complex IP enforcement system in Vietnam featuring multiple agencies and overlapping jurisdictions, a lack of coordination among those agencies, limited institutional capacity and stretched resources related to IP enforcement.

Or as one Japanese anti-piracy report put it: Vietnam’s Intellectual Property Office “has brains but no limbs.”

These issues and others elsewhere seem unlikely to deter this systematic anti-piracy drive. At what point it will produce repeatable and sustainable results is unknown, but they will come, there’s little doubt about that.

Sources/image credits: ( 1 ) Ministry of Internal Affairs and Communications, ( 2 ) Agency of Cultural Affairs( 3 ) Japan Institute of Law and Information Systems, ( 4 ) Japan Internet Governance Forum, ( 5 ) Taylor Vick/Unsplash

From: TF , for the latest news on copyright battles, piracy and more.

La société de services d'hébergement Cloudflare a fait face à la plus importante attaque DDoS jamais enregistrée. Les pirates ciblaient plusieurs sites de crypto-monnaies, des sociétés de jeux-vidéos ainsi que des fournisseurs cloud. [Lire la suite]

Abonnez-vous aux newsletters Numerama pour recevoir l’essentiel de l’actualité https://www.numerama.com/newsletter/

Popular Internet infrastructure service Cloudflare has come under a lot of pressure from copyright holders in recent years.

The company offers its services to millions of sites. This includes multinationals, governments, but also some of the world’s leading pirate sites.

These sites have proven to be quite a headache for the San Francisco-based tech company. Ideally, however, the company prefers not to be the arbiter of what content is allowed and what is not.

The Curation Conundrum

The company reiterated its position a few months ago. To shield itself from escalating removal demands, including plain censorship, Cloudflare said it would no longer terminate customers without a court order.

Just days after taking this hardened approach, Cloudflare reversed its position. Citing an immediate threat to human life, CEO Matthew Prince justified blocking access to the controversial Kiwi Farms site.

There’s no question that death threats are in a league of their own, but copyright holders would also like to see more cooperation from Cloudflare. This call is backed by a recent report from brand protection company Corsearch.

Corsearch is no stranger to copyright issues. The company works with several of the largest rightsholders and its subsidiary Incopro has produced a wealth of piracy research , some in collaboration with governments. In this case, the research focuses on Cloudflare.

Whirepaper: Cloudflare & Pirate Sites

The overall tenor of the whitepaper is that when compared to other intermediaries, Cloudflare appears to be linked to a relatively high percentage of torrent sites. Of all the sites flagged by Corsearch, which are all demoted by Google as well, half use Cloudflare’s CDN service.

“Cloudflare is not the host of these websites. However, the host is not readily identifiable and Cloudflare is most closely associated with 49% of websites notified for delisting by Corsearch,” the report notes.

There’s no denying that Cloudflare stands out but it should be noted that the company is not a hosting provider, like the others on the list. In addition to Cloudflare, these pirate sites may use Amazon or Google’s services as well, even though that’s not immediately visible.

Besides pirate sites, the report also links Cloudflare to trademarking. Again, it is the most common online intermediary for these outlets.

Technically, Cloudflare can’t take these sites offline, as they are hosted elsewhere. However, Corsearch believes that the company could and should do more to tackle the piracy problem. And it has some ideas on where to start.

“Cloudflare is uniquely positioned to do more to protect rights holders and substantially to suppress the scourge of online piracy and counterfeiting,” the report reads.

“We are asking Cloudflare to do more to support rights owners by voluntarily implementing certain measures. These measures are reasonable, proportionate and if adopted by Cloudflare will have a significant impact.”

Recommendations

Corsearch doesn’t have just one, but a whole list of suggestions for the CDN provider. Most of these boil down to terminating services to sites that others deem to be infringing. Those include the following;

– Cloudflare should terminate accounts of sites that are demoted or deindexed by Google search.

– Cloudflare should withdraw services to any site that’s deemed unlawful by a recognized law enforcement body or the ‘ Infringing Website List ’ (IWL).

– Cloudflare should ban sites that are on the US Trade Representative’s annual notorious markets list .

– Cloudflare should stop working with sites that are added to the European Union’s Counterfeit and Piracy Watchlist .

What Can Go Wrong?

While it’s understandable that rightsholders want Cloudflare to do more, these suggestions are not without issues of their own. The IWL, for example, is private and can’t be scrutinized by the public. As reported recently , this includes domains of organizations such as GitHub, Blogspot, and a Portuguese University.

The USTR’s Notorious Market lists and the EU’s Piracy Watchlist also have various entries that deserve some nuance. These include the Chinese Wechat, which has over a billion users, as well as Russia’s largest social media platform VK.

Up until recently, USTR even listed Amazon’s foreign online stores as “notorious markets” . Does that mean that these shouldn’t be allowed to operate?

Given Cloudflare’s previous comments, it seems unlikely that the company will start banning accounts left and right. That being said, Corsearch also has some other suggestions that may be more realistic.

The report proposes a robust “Know-Your-Client” policy, for example. In addition, it calls for a comprehensive transparency report where Cloudflare would disclose which domain names are flagged by rightsholders and how often.

From: TF , for the latest news on copyright battles, piracy and more.

Cloudflare a observé une très forte progression du trafic Internet à travers Starlink, le service d'accès à Internet de SpaceX, pour l'année 2022. [Lire la suite]

Abonnez-vous aux newsletters Numerama pour recevoir l’essentiel de l’actualité https://www.numerama.com/newsletter/

Competition is almost inevitable in business and as a key driver of innovation, that’s mostly a good thing. Unfair competition, on the other hand, is rarely considered a plus.

In a complaint filed in a California court this week, adult entertainment company TIR Consulting LLC says that it faces unfair and illegal competition from pirate sites. It’s a familiar story for rightsholders everywhere but this lawsuit is far from ordinary.

TIR’s Enforcement Efforts Fail

Since 2015, TIR has made its specialist content available via the website mistressharley.com (NSFW) and through authorized third parties under licensing agreements.

In parallel, websites that sell pirated copies of TIR’s copyrighted videos compete in the same market by targeting TIR’s customers. Some use confusingly similar domains that are designed to mislead potential customers, TIR says.

The complaint notes that at least two of these pirate sites use privacy services provided by the named defendants – Cloudflare and domain company NameSilo.

TIR claims that enforcing its rights is all but impossible due to these privacy services. As a result, Cloudflare and NameSilo must be held liable for the infringements of their customers, along with Does 1-100 who are also liable in some way or another.

65 Videos in Total

The complaint lists 65 URLs (“infringing links”) on the alleged pirate site mistress-harley.com. These same 65 URLs are said to “backlink” to manyvips.com but specific URLs are not listed in the complaint. The listed URLs appear to reference video content, but TIR uses trademark terminology instead.

“Each of the 65 Infringing Links reflects the registered family of trademarks for
‘Mistress Harley’ all of which are owned exclusively by TIR,” the complaint reads.

TIR further blends copyright and trademark law by claiming that Cloudflare “admitted that the accepted 65 URL(s) for the DMCA report on mistress-harley.com” includes the 65 “infringing links” referenced earlier under trademark law.

The adult company later states that while its complaint covers 65 videos “made, paid for, produced and owned by TIR,” just four have been registered with the US Copyright Office.

“No Interference with Anonymity”

TIR says that pirate sites pay Cloudflare for “housing services” and a “guarantee that CloudFlare will do nothing to interfere with their anonymity and their cyber-theft.”

According to the complaint, Cloudflare provides services to mistress-harley.com.

TIR says that pirates are able to sell copies of its videos on “domain sites” hosted by companies that sell and host domains, while “guaranteeing the anonymity of domain owners.” In this case, NameSilo is called out for offering a “free WHOIS privacy” service, which is used by mistress-harley.com and a second unlicensed platform, manyvips.com.

“There is no question that this is not just an attractive service, but a necessary
service for a pirate that wants to set up a site with illegal downloads,” the complaint notes.

“Cloudflare – A Favored Tool For Infringers”

After a rundown of services provided by Cloudflare, the complaint highlights the company’s privacy pledge: “[A]ny personal information you provide to us is just that: personal and private.”

Cloudflare’s claim that it has never modified the intended destination of DNS responses “at the request of law enforcement or another third party” is also mentioned.

The natural consequence of the above, TIR concludes, is that “CloudFlare is a safe holding space for website owners who are offering illegal content, and both sides know exactly what is being bought and sold.”

TIR, Cloudflare and the ‘Mon Cheri’ Decision

While bold, TIR’s allegations are nothing new. In 2018, Mon Cherie Bridals sued Cloudflare for failing to terminate customers identified as repeat infringers. The case was a pretty big deal and after three years of litigation, Cloudflare took the win and an important ruling on liability.

The Mon Cherie decision is referenced in TIR’s complaint, but not in recognition of Cloudflare’s win. Instead, a statement made by Judge Chhabria in the earlier case (italics, below) is framed as undermining Cloudflare’s position.

If Cloudflare’s provision of these services made it more difficult for a third party to report incidents of infringement to the web host as part of an effort to get the underlying content taken down, perhaps it could be liable for contributory infringement

While TIR notes that the above is “precisely the basis for the claims” in this complaint, in Mon Cherie the Judge said that Cloudflare’s actions did not incur liability.

Cloudflare Disclosure Led Back to NameSilo

Since Cloudflare forwards DMCA notices to site hosts and informs complainants of the identity of the host, Judge Chhabria concluded in Mon Cherie that Cloudflare doesn’t make it harder to go after pirate sites.

Indeed, the TIR complaint acknowledges that Cloudflare identified mistress-harley.com’s hosting provider (SECUNET, BG) and provided an abuse contact email address (abuse@cryptoservers.biz).

When TIR sent a trademark/copyright complaint to the host but received no response, the adult company did a WHOIS lookup for cryptoservers.biz. It revealed NameSilo as the domain registrar and PrivacyGuardian.org protecting the registrant’s details.

In response to a formal complaint, NameSilo’s abuse team reminded TIR that “..we are only the domain name registrar and cannot validate or control the content posted on the site.” PrivacyGuard’s policy advised TIR that in the event of a copyright or trademark dispute, “you should direct your complaint to the respective web site host for the domain.”

‘Pirate’ Mistress-Harley Still Active

With Cloudflare reportedly offering similar advice to target the host itself, TIR appears to have lost patience and filed this complaint.

“As a result of the piracy and infringement, TIR has suffered consistent lost profits and decreased sales, and has calculated this lost amount to be in the tens of thousands of dollars and growing exponentially every day,” the company notes.

“This case raises the problem of service providers who continue to do commerce with pirate sites even after receipt of actual knowledge of repetitive acts of infringement on such sites. These Defendants profit by supporting and providing critical services to pirate sites despite being on notice that these customers are repeat infringers.”

TIR says that Cloudflare and NameSilo “systematically failed to implement or enforce a repeat infringer policy” in the knowledge that many “lawful copyright and trademark holders” can’t afford to fight legal battles.

“This undermines the entire purpose of DMCA,” the company adds.

Causes of Action

Since Cloudflare and NameSilo will undoubtedly respond to these claims in some detail, we’ll cover their responses in due course. In the meantime, the brief list below is included for reference, including links to law exactly as cited in the complaint.

1- Contributory Trademark Infringement – 15 U.S.C. § 1114 Cloudflare/NameSilo
2- Direct Trademark Infringement – (U.S.C. Not listed) Cloudflare, NameSilo, Does 1-100
3- Not listed/absent from the complaint
4- Contributory Copyright Infringement – 15 U.S.C. § 1125(a) Cloudflare/NameSilo
5- Vicarious Copyright Infringement – 15 U.S.C. § 1125(a) Cloudflare/NameSilo
6- Direct Copyright Infringement – 15 U.S.C. § 1125(a) Cloudflare/NameSilo/Does 1-100
7- Unfair Competition – ( link ) Cloudflare/NameSilo

At the time of writing, Cloudflare does not ‘protect’ mistress-harley.com’s server in any way.

TIR’s complaint against Cloudflare, NameSilo & Does 1-100 ( pdf )

From: TF , for the latest news on copyright battles, piracy and more.