Cloudflare a observé une très forte progression du trafic Internet à travers Starlink, le service d'accès à Internet de SpaceX, pour l'année 2022. [Lire la suite]

Abonnez-vous aux newsletters Numerama pour recevoir l’essentiel de l’actualité https://www.numerama.com/newsletter/

Competition is almost inevitable in business and as a key driver of innovation, that’s mostly a good thing. Unfair competition, on the other hand, is rarely considered a plus.

In a complaint filed in a California court this week, adult entertainment company TIR Consulting LLC says that it faces unfair and illegal competition from pirate sites. It’s a familiar story for rightsholders everywhere but this lawsuit is far from ordinary.

TIR’s Enforcement Efforts Fail

Since 2015, TIR has made its specialist content available via the website mistressharley.com (NSFW) and through authorized third parties under licensing agreements.

In parallel, websites that sell pirated copies of TIR’s copyrighted videos compete in the same market by targeting TIR’s customers. Some use confusingly similar domains that are designed to mislead potential customers, TIR says.

The complaint notes that at least two of these pirate sites use privacy services provided by the named defendants – Cloudflare and domain company NameSilo.

TIR claims that enforcing its rights is all but impossible due to these privacy services. As a result, Cloudflare and NameSilo must be held liable for the infringements of their customers, along with Does 1-100 who are also liable in some way or another.

65 Videos in Total

The complaint lists 65 URLs (“infringing links”) on the alleged pirate site mistress-harley.com. These same 65 URLs are said to “backlink” to manyvips.com but specific URLs are not listed in the complaint. The listed URLs appear to reference video content, but TIR uses trademark terminology instead.

“Each of the 65 Infringing Links reflects the registered family of trademarks for
‘Mistress Harley’ all of which are owned exclusively by TIR,” the complaint reads.

TIR further blends copyright and trademark law by claiming that Cloudflare “admitted that the accepted 65 URL(s) for the DMCA report on mistress-harley.com” includes the 65 “infringing links” referenced earlier under trademark law.

The adult company later states that while its complaint covers 65 videos “made, paid for, produced and owned by TIR,” just four have been registered with the US Copyright Office.

“No Interference with Anonymity”

TIR says that pirate sites pay Cloudflare for “housing services” and a “guarantee that CloudFlare will do nothing to interfere with their anonymity and their cyber-theft.”

According to the complaint, Cloudflare provides services to mistress-harley.com.

TIR says that pirates are able to sell copies of its videos on “domain sites” hosted by companies that sell and host domains, while “guaranteeing the anonymity of domain owners.” In this case, NameSilo is called out for offering a “free WHOIS privacy” service, which is used by mistress-harley.com and a second unlicensed platform, manyvips.com.

“There is no question that this is not just an attractive service, but a necessary
service for a pirate that wants to set up a site with illegal downloads,” the complaint notes.

“Cloudflare – A Favored Tool For Infringers”

After a rundown of services provided by Cloudflare, the complaint highlights the company’s privacy pledge: “[A]ny personal information you provide to us is just that: personal and private.”

Cloudflare’s claim that it has never modified the intended destination of DNS responses “at the request of law enforcement or another third party” is also mentioned.

The natural consequence of the above, TIR concludes, is that “CloudFlare is a safe holding space for website owners who are offering illegal content, and both sides know exactly what is being bought and sold.”

TIR, Cloudflare and the ‘Mon Cheri’ Decision

While bold, TIR’s allegations are nothing new. In 2018, Mon Cherie Bridals sued Cloudflare for failing to terminate customers identified as repeat infringers. The case was a pretty big deal and after three years of litigation, Cloudflare took the win and an important ruling on liability.

The Mon Cherie decision is referenced in TIR’s complaint, but not in recognition of Cloudflare’s win. Instead, a statement made by Judge Chhabria in the earlier case (italics, below) is framed as undermining Cloudflare’s position.

If Cloudflare’s provision of these services made it more difficult for a third party to report incidents of infringement to the web host as part of an effort to get the underlying content taken down, perhaps it could be liable for contributory infringement

While TIR notes that the above is “precisely the basis for the claims” in this complaint, in Mon Cherie the Judge said that Cloudflare’s actions did not incur liability.

Cloudflare Disclosure Led Back to NameSilo

Since Cloudflare forwards DMCA notices to site hosts and informs complainants of the identity of the host, Judge Chhabria concluded in Mon Cherie that Cloudflare doesn’t make it harder to go after pirate sites.

Indeed, the TIR complaint acknowledges that Cloudflare identified mistress-harley.com’s hosting provider (SECUNET, BG) and provided an abuse contact email address (abuse@cryptoservers.biz).

When TIR sent a trademark/copyright complaint to the host but received no response, the adult company did a WHOIS lookup for cryptoservers.biz. It revealed NameSilo as the domain registrar and PrivacyGuardian.org protecting the registrant’s details.

In response to a formal complaint, NameSilo’s abuse team reminded TIR that “..we are only the domain name registrar and cannot validate or control the content posted on the site.” PrivacyGuard’s policy advised TIR that in the event of a copyright or trademark dispute, “you should direct your complaint to the respective web site host for the domain.”

‘Pirate’ Mistress-Harley Still Active

With Cloudflare reportedly offering similar advice to target the host itself, TIR appears to have lost patience and filed this complaint.

“As a result of the piracy and infringement, TIR has suffered consistent lost profits and decreased sales, and has calculated this lost amount to be in the tens of thousands of dollars and growing exponentially every day,” the company notes.

“This case raises the problem of service providers who continue to do commerce with pirate sites even after receipt of actual knowledge of repetitive acts of infringement on such sites. These Defendants profit by supporting and providing critical services to pirate sites despite being on notice that these customers are repeat infringers.”

TIR says that Cloudflare and NameSilo “systematically failed to implement or enforce a repeat infringer policy” in the knowledge that many “lawful copyright and trademark holders” can’t afford to fight legal battles.

“This undermines the entire purpose of DMCA,” the company adds.

Causes of Action

Since Cloudflare and NameSilo will undoubtedly respond to these claims in some detail, we’ll cover their responses in due course. In the meantime, the brief list below is included for reference, including links to law exactly as cited in the complaint.

1- Contributory Trademark Infringement – 15 U.S.C. § 1114 Cloudflare/NameSilo
2- Direct Trademark Infringement – (U.S.C. Not listed) Cloudflare, NameSilo, Does 1-100
3- Not listed/absent from the complaint
4- Contributory Copyright Infringement – 15 U.S.C. § 1125(a) Cloudflare/NameSilo
5- Vicarious Copyright Infringement – 15 U.S.C. § 1125(a) Cloudflare/NameSilo
6- Direct Copyright Infringement – 15 U.S.C. § 1125(a) Cloudflare/NameSilo/Does 1-100
7- Unfair Competition – ( link ) Cloudflare/NameSilo

At the time of writing, Cloudflare does not ‘protect’ mistress-harley.com’s server in any way.

TIR’s complaint against Cloudflare, NameSilo & Does 1-100 ( pdf )

From: TF , for the latest news on copyright battles, piracy and more.

Legal action filed last week by two Arizona-based companies aims to prevent pirate sites distributing their content. That’s not unusual in itself but the case is far from ordinary.

Founded in 2005, CP Productions, Inc. produces adult entertainment media and uses its own website for distribution. Fornix Holdings, Inc. handles intellectual property matters for CP Productions and to date has registered 157 videos at the U.S. Copyright Office.

Both companies are owned by Arizona resident David Graves who appears to manage everything from production to his companies’ anti-piracy efforts.

At a district court in Arizona on November 15, Fornix Holdings and CP Productions filed an ex parte application for a temporary restraining order (tro) and preliminary injunction. The goal was to quickly end infringement on several pirate websites where CP Productions’ videos were offered illegally for free.

Piracy is a common issue in the U.S. affecting thousands of content-producing companies. What stands out in this case are the far-reaching demands on extremely short notice. That the court authorized strict anti-piracy measures in a matter of days is noteworthy too, especially given some of the unusual features of the case.

Declaration in Support of TRO

The core of the TRO application is straightforward. As laid out in David Graves’ declaration, the website DaftSex.com links to 1,734 pirated copies of CP Productions videos. Two other domains, daftsex.tv and daftsex.porn, redirect to DaftSex.com.

A second website, Pornwild.com, began offering CP Productions’ videos around May 2022, again without permission. Graves says the site links to 1,339 infringing videos while two other websites, Pornwild.to and Pornwild-to.nicepornproxy.com, redirect to Pornwild.com.

Through content-monitoring companies, Graves sent over 1,700 takedown notices to DaftSex.com, to an email address that used to appear on the site but no longer does. The 1,600 takedowns sent to Pornwild.com were sent to a withheldforprivacy.com address listed in the domain’s WHOIS records. Graves says no responses from the sites were ever received.

Application for TRO/Preliminary Injunction

In their preliminary statement, Fornix and CP note that since the operators of DaftSex.com and Pornwild.com concealed their identities, they are listed as Doe #1 and Doe #2 in their application. There’s no reference in the application but PornHub owner MindGeek actually made Doe #1’s identity public in September.

To overcome their identification problems, the applicants named EasyDNS, Namecheap and Cloudflare as defendants in the case. And since it “provides a search service that returns Defendant John Does’ sites” in response to certain searches, Google was also named as a defendant.

At this point readers will recall that MG Premium, a subsidiary of Pornhub-owner MindGeek, won a $32 million judgment against the operator of Daftsex.com on November 7, 2022.

Fornix and CP’s application for a temporary restraining order against DaftSex and Pornwild was filed on November 15. That’s more than a week after MG Premium won its own case against DaftSex and an injunction requiring Verisign to hand over the DaftSex.com domain to MG Premium.

Already under new ownership, DaftSex.com now redirects to RedTube, another platform owned by MindGeek.

Applicants Demand Everything – and More

To prevent the operators of DaftSex and PornWild from knowing about the case, Fornix and CP requested an ex parte restraining order in the face of “willful and ongoing infringing conduct.” Their demands included the following:

• Deactivate and cancel the DaftSex and Pornwild domains and prevent re-registration
• Deactivate the websites at daftsex.com, daftsex.tv, daftsex.porn, pornwild.com, pornwild.to, pornwild-to.nicepornproxy.com and delete all copies of infringing works
• Delete all copies of plaintiffs’ works uploaded by DaftSex and Pornwild to third-party sites
• Cease provision of all internet services to DaftSex and PornWild including domain name registration, hosting, security, content delivery, and reverse proxy services
• Compel Google to remove all DaftSex and Pornwild websites from search results

After the application was filed on November 15, Judge Diane J Humetewa responded by ordering a telephone hearing on November 17. In the meantime, summons were reportedly issued to Cloudflare EasyDNS, Google, and NameCheap. What happened during the telephone hearing isn’t revealed in the docket but it was subsequently reset for November 21.

Google Appears, Dismissals Begin

An entry dated November 18 shows that Fornix and CP Productions voluntarily dismissed their case against EasyDNS. Hoping to learn more about this fast moving case, TorrentFreak contacted EasyDNS with some questions. CEO Mark Jeftovic told us that he knew nothing about it.

“We have never been served any papers regarding this case. Your email was the first I’ve ever heard about any of this,” Jeftovic informed TF.

After consulting their systems, EasyDNS did manage to find some related information. One ticket related to a copyright removal request forwarded to a customer and later confirmed as complete by the complainant. Another contained a notice from Verisign advising that a domain was being moved onto the EuroDNS registrar tag to comply with the MG/DaftSex injunction. That left one more.

“[The third ticket] was an email thread amongst several lawyers asking if we will participate in some hearing five days ago, received the day of the hearing. Our agent responded ‘What is our involvement with this case?’ and we never heard back,” Jeftovic explained.

Jeftovic then offered a theory on EasyDNS’ dismissal from the case. “My guess is one of Google, Namecheap or Cloudflare did attend the hearing, pointed to Section 230 or other safe harbour provisions, and got all of the ISPs dropped from the defendants,” he said.

Coincidence or probably not, an appearance was made on behalf of Google on November 18. The very next day, Namecheap, Cloudflare, and Google were voluntarily dismissed too.

Temporary Restraining Order Granted

Following a telephone hearing this Monday, Judge Humetewa granted the plaintiffs’ request for a temporary restraining order, minimal details as follows:

“Plaintiffs are not required to post a bond. Defendants are to disable infringing domain names, suspend service to those infringing domain names, and prevent transfer,” the entry reads, adding:

“Google shall, to the extent necessary, remove the infringing domain names from search results.”

The preliminary injunction will be handled separately.

Related documents can be found here ( 1 , 2 , 3 , 4 , 5 , pdf)

From: TF , for the latest news on copyright battles, piracy and more.

Website blocking has become an increasingly common anti-piracy tool around the globe.

In dozens of countries, ISPs have been ordered by courts to block pirate sites, usually on copyright grounds. More recently, neutral DNS providers have been targeted as well.

Earlier this year, an Italian court ordered Cloudflare to block three torrent sites on its public 1.1.1.1 DNS resolver. The order applies to kickasstorrents.to, limetorrents.pro, and ilcorsaronero.pro, three domains that are already blocked by ISPs in Italy following an order from local regulator AGCOM.

Cloudflare Appeals DNS Blocking Order

Disappointed by the ruling, Cloudflare filed an appeal at the Court of Milan. The internet infrastructure company doesn’t object to blocking requests that target its customers’ websites but believes that interfering with its DNS resolver is problematic , as those measures are not easy to restrict geographically.

“Because such a block would apply globally to all users of the resolver, regardless of where they are located, it would affect end users outside of the blocking government’s jurisdiction,” Cloudflare recently said.

“We therefore evaluate any government requests or court orders to block content through a globally available public recursive resolver as requests or orders to block content globally.”

At the court of appeal, Cloudflare argued that DNS blocking is an ineffective measure that can be easily bypassed, with a VPN for example. In addition, it contested that it is subject to the jurisdiction of an Italian court.

Court Dismisses Appeal

Cloudflare’s defenses failed to gain traction in court and its appeal was dismissed. DNS blocking may not be a perfect solution, but that doesn’t mean that Cloudflare can’t be compelled to intervene.

The dismissal is a win for Sony Music, Warner Music, and Universal, the companies behind the complaint. It’s also seen as a clear victory by Enzo Mazza, CEO of the Italian music industry group FIMI.

“This is an important decision for Italy and beyond. Cloudflare, as well as other intermediaries providing similar services, should step up their efforts in preventing users access to illegal websites which were ordered to be blocked,” Mazza says.

Global music industry group IFPI agrees . According to Chief Executive Frances Moore, the order sets an important precedent.

“By upholding the original order against CloudFlare, the Court of Milan has set an important precedent that online intermediaries can be required to take effective action if their services are used for music piracy,” Moore notes.

A Precedent

This is the first time that Cloudflare has been ordered to make pirate sites unavailable through its public DNS resolver 1.1.1.1. This is an important expansion since many Italians switched to public DNS resolvers to bypass ISP blocking measures. With the court order, rightsholders can remove this shortcut.

While this type of order is new in Italy, a similar blocking injunction was requested in Germany last year. A local court ordered DNS provider Quad9 to block a pirate site but the decision is still under appeal.

Cloudflare believes that these types of orders set a dangerous precedent. The company previously said that it hadn’t actually blocked content through the 1.1.1.1 Public DNS Resolver. Instead, it implemented an “alternative remedy” to comply with the Italian court order.

TorrentFreak reached out to Cloudflare for a comment on the dismissal but we received no immediate response.

—

A copy of the court of appeal’s decision is available here

From: TF , for the latest news on copyright battles, piracy and more.

Le DNS via HTTPS (DoH) est un protocole apparu en 2018, que les principaux navigateurs web proposent désormais. Il s'agit de protéger les requêtes DNS avec une couche de chiffrement (HTTPS). [Lire la suite]

Abonnez-vous aux newsletters Numerama pour recevoir l’essentiel de l’actualité https://www.numerama.com/newsletter/

Read 5 remaining paragraphs | Comments

In June, the US Copyright Claims Board was launched.

Through this venue, hosted at the US Copyright Office, rightsholders can try to recoup alleged damages outside the federal court system.

More than one hundred and fifty cases have been filed thus far. Some of these have been dismissed for administrative reasons or opt-outs, but the board has yet to issue its first verdict.

A few days ago a new case was added to the growing pile of claims. It features popular reading app AnyStories , which allows independent authors to share their writings in public and earn revenue from them, going up against Cloudflare.

Like any type of content that’s published online, AnyStories’ content is easily copied. This is a thorn in the side of the app’s creators, Singapore company READ ASAP LTD, which has taken action in response.

From Google to Cloudflare

The company sent DMCA takedown notices to Google which removed hundreds of infringing links from its search results in response. The pirate sites themselves typically remained online, so further action was needed.

Hoping for a breakthrough, AnyStories also sent DMCA notices to Cloudflare, calling out Infobagh.com as a pirate site. While Cloudflare provides CDN services for that site, it’s not the hosting company. This means that Cloudflare generally doesn’t intervene.

Instead, Cloudflare shared the name and contact information of the site’s hosting company (24xservice) and asked ‘READ ASAP’ to follow the issue up with them.

AnyStories tried, but says that the email address provided for the hosting company didn’t work. The company wasn’t pleased with Cloudflare’s handling of the case and, on several occasions, asked the company to do more.

“As a network service provider, you have the obligation to provide us with information to help us defend our rights. You have not provided us with valid information. Our infringement is ongoing and if you do not take any action now, we will take action to protect our rights.”

Copyright Claims Board Threats

The app’s creators asked Cloudflare to contact the host on its behalf to ensure the infringing content was removed.

“Pls deal with this matter immediately, pls contact the hosting provider immediately and ask them to remove the infringing web!!!!” READ ASAP wrote.

“If you do not deal with this matter now, based on the DMCA, we have informed you several times, but you did not do your duty of care, we will directly file a claim against you at Copyright Claims Board.”

Cloudflare has no legal obligation under the DMCA to contact its customers’ hosting companies but it does forward takedown notices. However, that wasn’t enough for AnyStories, which followed up on its threats by filing a complaint at the Copyright Claims Board.

Apology Please

The claim lists one infobagh.com URL where a copy of a story titled “The Silver Hope” by David Travilla Tacadena is made available. However, READ ASAP stresses that infringements are causing a decline in revenues for other authors too.

With its complaint the company hopes to stop the piracy. In addition, an apology would be appreciated as well.

“We hope that the pirated websites will apologize to us and immediately remove our exclusive works. We tried many ways to leave messages often without contacting the infringing website. Finally, we tried to find the service provider, but they cannot give the invalid message and don’t deal with it,” the claim reads.

Interestingly, there is no request for monetary damages. Also, the literary work that’s listed is not yet registered at the U.S. Copyright Office, which is required before the Copyright Claims Board can take on the case.

The above means that AnyStories still has some work to do before the case can continue and Cloudflare can still choose to opt out of the proceeding. If that’s the case, the app’s creators will need to hire an attorney and go to federal court to pursue their claim.

From: TF , for the latest news on copyright battles, piracy and more.

Website blocking has become an increasingly common anti-piracy tool around the globe.

In dozens of countries, ISPs have been ordered by courts to block pirate sites. In some cases, these blocking efforts are part of voluntary agreements.

Cloudflare ‘Pirate’ Blocking Orders

In the United States, these types of injunctions are rare. However, since the Internet has no clear borders, the effects sometimes spill over. The American Internet infrastructure company Cloudflare, for example, has been ordered to block pirate sites in Germany and Italy .

This week, Cloudflare published its latest transparency report covering the second half of 2021. The company explains that after weighing the potential impact on freedom of expression, it generally complies with blocking orders that target websites operated by its CDN customers.

These blocking efforts are not global. Instead, Cloudflare only blocks access to the location from where an order originates. These sites include DDL-Music in Germany and nearly two dozen sites in Italy .

“If we determine that the order is valid and requires Cloudflare action, we may limit blocking of access to the content to those areas where it violates local law, a practice known as ‘geo-blocking’,” Cloudflare explains in its transparency report.

Target: DNS

The aforementioned blocking orders apply to the websites of Cloudflare customers. However, Cloudflare also operates a DNS revolver that is the target of a newer anti-piracy campaign.

DNS resolvers are the address books of the web. They link domain names to the correct IP addresses to make these accessible through a web browser. They are a key component of a well-functioning Internet.

Interestingly, these DNS servers are often used by ISPs to comply with site-blocking orders. By removing a domain from the address book, users are unable to load the site in question.

This is a relatively simple blocking method that’s easy to circumvent by using an external DNS resolver, such as the ones provided by Google, OpenDNS, Quad9, or Cloudflare. For this reason, DNS resolvers have become the target of blocking requests as well.

In Germany, Quad9 was previously ordered to block a pirate site through its DNS resolver following a complaint from Sony. Similarly, in Italy, a court ordered Cloudflare to block several pirate site domains on the DNS level.

Cloudflare Opposes 1.1.1.1 Blocking

In its transparency report, Cloudflare makes a clear distinction between blocking requests that target its customers’ websites and those that apply to DNS functionality. DNS blocks can target any website on the web and are not easy to restrict geographically, the company writes.

“Because such a block would apply globally to all users of the resolver, regardless of where they are located, it would affect end users outside of the blocking government’s jurisdiction.

“We therefore evaluate any government requests or court orders to block content through a globally available public recursive resolver as requests or orders to block content globally,” Cloudflare adds.

Cloudflare doesn’t want to meddle with its DNS resolver, which puts the company in a tough spot that requires a creative solution.

The company says that, thus far, it hasn’t actually blocked content through the 1.1.1.1 Public DNS Resolver. Instead, it relies on an “alternative remedy” to comply with the Italian court order.

“Given the broad extraterritorial effect, as well as the different global approaches to DNS-based blocking, Cloudflare has pursued legal remedies before complying with requests to block access to domains or content through the 1.1.1.1 Public DNS Resolver or identified alternate mechanisms to comply with relevant court orders.”

The above clearly shows that the company is determined to fight DNS blocking orders in court. And even if it loses, Cloudflare will seek alternative solutions. What these alternatives entail is not clear, but Cloudflare likely has the know-how to find a technical ‘circumvention’ mechanism.

—

A copy of Cloudflare’s H2 2021 Transparency Report is available here (pdf)

From: TF , for the latest news on copyright battles, piracy and more.

Cloudflare a bloqué l'accès à Kiwi Farms, un forum utilisé par des personnes malveillantes à des fins de harcèlement, de swatting et de doxxing. Cette semaine dans la newsletter #Règle30 éditée par Numerama, la journaliste Lucie Ronfaut montre qu'il n'y a pas que les réseaux sociaux qui doivent prendre leurs responsabilités envers les espaces qu'ils hébergent. [Lire la suite]

Abonnez-vous aux newsletters Numerama pour recevoir l’essentiel de l’actualité https://www.numerama.com/newsletter/