Yesterday the Digital Citizens Alliance released a new report that looks into the business models of “shadowy” file-storage sites.

Titled “Behind The Cyberlocker Door: A Report How Shadowy Cyberlockers Use Credit Card Companies to Make Millions,” the report attempts to detail the activities of some of the world’s most-visited hosting sites.

While it’s certainly an interesting read, the NetNames study provides a few surprises, not least the decision to include New Zealand-based cloud storage site Mega.co.nz. There can be no doubt that there are domains of dubious standing detailed in the report, but the inclusion of Mega stands out as especially odd.

Mega was without doubt the most-scrutinized file-hosting startup in history and as a result has had to comply fully with every detail of the law. And, unlike some of the other sites listed in the report, Mega isn’t hiding away behind shell companies and other obfuscation methods. It also complies fully with all takedown requests, to the point that it even took down its founder’s music, albeit following an erroneous request.

With these thoughts in mind, TorrentFreak alerted Mega to the report and asked how its inclusion amid the terminology used has been received at the company.

Grossly untrue and highly defamatory

“We consider the report grossly untrue and highly defamatory of Mega,” says Mega CEO Graham Gaylard.

“Mega is a privacy company that provides end-to-end encrypted cloud storage controlled by the customer. Mega totally refutes that it is a cyberlocker business as that term is defined and discussed in the report prepared by NetNames for the Digital Citizens Alliance.”

Gaylard also strongly refutes the implication in the report that as a “cyberlocker”, Mega is engaged in activities often associated with such sites.

“Mega is not a haven for piracy, does not distribute malware, and definitely does not engage in illegal activities,” Gaylard says. “Mega is running a legitimate business alongside other cloud storage providers in a highly competitive market.”

The Mega CEO told us that one of the perplexing things about the report is that none of the criteria set out by the report for “shadowy” sites is satisfied by Mega, yet the decision was still taken to include it.

Infringing content and best practices

One of the key issues is, of course, the existence of infringing content. All user-uploaded sites suffer from that problem, from YouTube to Facebook to Mega and thousands of sites in between. But, as Gaylard points out, it’s the way those sites handle the issue that counts.

“We are vigorous in complying with best practice legal take-down policies and do so very quickly. The reality though is that we receive a very low number of take-down requests because our aim is to have people use our services for privacy and security, not for sharing infringing content,” he explains.

“Mega acts very quickly to process any take-down requests in accordance with its Terms of Service and consistent with the requirements of the USA Digital Millennium Copyright Act (DMCA) process, the European Union Directive 2000/31/EC and New Zealand’s Copyright Act process. Mega operates with a very low rate of take-down requests; less than 0.1% of all files Mega stores.”

Affiliate schemes that encourage piracy

One of the other “rogue site” characteristics as outlined in the report is the existence of affiliate schemes designed to incentivize the uploading and sharing of infringing content. In respect of Mega, Gaylard rejects that assertion entirely.

“Mega’s affiliate program does not reward uploaders. There is no revenue sharing or credit for downloads or Pro purchases made by downloaders. The affiliate code cannot be embedded in a download link. It is designed to reward genuine referrers and the developers of apps who make our cloud storage platform more attractive,” he notes.

The PayPal factor

As detailed in many earlier reports (1,2,3), over the past few years PayPal has worked hard to seriously cut down on the business it conducts with companies in the file-sharing space.

Companies, Mega included, now have to obtain pre-approval from the payment processor in order to use its services. The suggestion in the report is that large “shadowy” sites aren’t able to use PayPal due to its strict acceptance criteria. Mega, however, has a good relationship with PayPal.

“Mega has been accepted by PayPal because we were able to show that we are a legitimate cloud storage site. Mega has a productive and respected relationship with PayPal, demonstrating the validity of Mega’s business,” Gaylard says.

Public apology and retraction – or else

Gaylard says that these are just some of the points that Mega finds unacceptable in the report. The CEO adds that at no point was the company contacted by NetNames or Digital Citizens Alliance for its input.

“It is unacceptable and disappointing that supposedly reputable organizations such as Digital Citizens and NetNames should see fit to attack Mega when it provides the user end to end encryption, security and privacy. They should be promoting efforts to make the Internet a safer and more trusted place. Protecting people’s privacy. That is Mega’s mission,” Gaylard says.

“We are requesting that Digital Citizens Alliance withdraw Mega from that report entirely and issue a public apology. If they do not then we will take further action,” he concludes.

TorrentFreak asked NetNames to comment on Mega’s displeasure and asked the company if it stands by its assertion that Mega is a “shadowy” cyberlocker. We received a response (although not directly to our questions) from David Price, NetNames’ head of piracy analysis.

“The NetNames report into cyberlocker operation is based on information taken from the websites of the thirty cyberlockers used for the research and our own investigation of this area, based on more than a decade of experience producing respected analysis exploring digital piracy and online distribution,” Price said.

That doesn’t sound like a retraction or an apology, so this developing dispute may have a way to go.

Source: TorrentFreak, for the latest info on copyright, file-sharing and anonymous VPN services.

The Popcorn Time phenomenon is one of the biggest piracy stories of the year thus far.

The software amassed millions of users by offering BitTorrent-powered streaming in an easy-to-use Netflix-style interface.

The original app was shut down by the developers after a few weeks, but the project was quickly picked up by others. This resulted in several popular forks that have each developed their own features, with most releasing their source code in public.

In recent months there has been some competition between the various forks. Several spin-offs have claimed the name “Popcorn Time” but thus far that hasn’t resulted in any serious issues.

Recently, however, one developer made a move to formalize his claim on the Popcorn Time brand. An application for the trademark was filed with the U.S. Patent and Trademark Office and this week the case was assigned to an examiner.

The proposed trademark describes Popcorn Time as follows: “Downloadable computer software used for streaming multimedia content images, videos and audio from peer to peer.”

The trademark application lists the Canadian developer David Lemarier who filed his application through Legalforce. While some are worried about the development, it appears that Lemarier doesn’t have any nefarious plans.

A source at the main fork Popcorntime.io familiar with the reasoning behind the trademark application told TF that it was filed as a defensive move.

“We strongly believe in the open contributions to the Popcorn Time project and the filing of the trademark wasn’t designed to hinder or prohibit the further development of the official Popcorn Time or any other related forks,” the source says.

“It’s wise to attempt to protect the trademark from ‘giants’ who might come along, sweep up the name, and then bully contributors into non-existence.”

The nature of the ‘giants’ the Popcorntime.io team are concerned about is left open.

Time4Popcorn, one of the popular forks, is not happy with the trademark application. They describes it as “rude” and stress that the Popcorn Time name doesn’t belong to anyone.

“This is news to us and we’re still figuring out how to respond to this, but this is rude and it is something we take very seriously,” the Time4Popcorn team notes.

“We assure you that we will never ever do something like this, and we will not let this happen that someone else will claim that it is their trademark. Never. An open source project is for everyone. It does not belong to us or to anyone else!”

Then again, even if someone with bad intentions did obtain the trademark, not much will change. Given the nature of the Popcorn Time application it is unlikely that any of the popular forks will shut down over a trademark dispute.

Source: TorrentFreak, for the latest info on copyright, file-sharing and anonymous VPN services.

The most popular file-hosting sites, also known as cyberlockers, have millions of visitors per day.

In recent years many of these sites have gotten a bad reputation as they are frequently used to share copyrighted files.

Today the Digital Citizens Alliance released a new report (pdf) that looks into the profitability of these sites and services. Titled “Behind The Cyberlocker Door: A Report How Shadowy Cyberlockers Use Credit Card Companies to Make Millions,” it offers insight into the money streams that end up at these alleged pirate sites.

The study, carried out by NetNames and backed by the entertainment industry, uses information from the busted Megaupload service to estimate the earnings of various other sites. Based on these and other assumptions it concludes that the top cyberlockers generate an average $3.2 million per site per year.

“Overall, total annual revenue across the thirty cyberlockers equated to $96.2 million or $3.2 million per site. One site gathered $17.6m per year in revenue,” the report notes, adding that it’s a conservative estimate.

Estimated revenue and profit per direct download cyberlocker

The report brands these sites as piracy havens based on a sample of the files they host. All the sites that are listed are used predominantly for copyright infringement, they claim.

“The overwhelming use of cyberlockers is for content theft. Analysis of a sampling of the files on the thirty cyberlocker sites found that the vast majority of files were clearly infringing,” the report reads.

“At least 78.6 percent of files on direct download cyberlockers and 83.7 percent of files on streaming cyberlockers infringed copyright,” it adds.

Alleged “infringing” use per cyberlocker

Here’s where the researchers make a crucial mistake. The sample, where the percentage of allegedly infringing files is based on, is drawn from links that are posted publicly online. These are certainly not representative for the entire site, at least not in all cases.

For Mega the researchers looked at 500 files that were shared online. However, the overwhelming majority of Mega’s files, which number more than 500,000,000, are never shared in public.

Unlike some other sites in the report, Mega is a rather traditional cloud hosting provider that’s frequently used for personal backup, through its desktop client or mobile apps for example. The files that are shared in public are the exception here, probably less than one percent of the total.

There is no denying that there are shady and rogue sites that do profit heavily from piracy, but lumping all these sites together and branding them with a pirate label is flat-out wrong.

Aside from “exposing” the estimated profitability of the cyberlockers the report also has a secondary goal. It puts out a strong call to the credit card companies Visa and MasterCard, and hosting providers such as Cloudflare, urging them to cut their ties with these supposed pirate havens.

“They should take a hard look at the checkered history of their cyberlocker partners. Simply put, the businesses that simply exploit and expropriate the creative efforts of others do not occupy a legitimate place in the Internet ecosystem,” the report notes.

“Content theft is a cancer on the Internet. It introduces viruses and malware to computers, robs creators who rely on the Internet to sell their products, damages brands by associating them with illegal and inappropriate content and provides seed money for criminals to engage in other illegal activities,” it adds.

Hopefully future reports will have more nuance. At minimum they should make sure to have all the facts right, as that’s generally more convincing.

Source: TorrentFreak, for the latest info on copyright, file-sharing and anonymous VPN services.

The imprisonment of former Pirate Bay spokesman Peter Sunde has been going on since late May 2014, provoking a number of reports on the conditions under which he is being held.

Despite being accused of non-violent crimes, Peter is being held in a high-security unit and without concern for his dietary needs. As a result he’s literally wasting away.

Following the tragic death of his father who recently succumbed to a long-standing set of illnesses, the week delivered yet more bad news. Although the prison would allow him to attend the funeral, Peter was told he could expect to carry his father’s coffin wearing handcuffs.

Understandably the news provoked much outrage. Why would a non-violent and now-frail man with with just a few days left on his sentence try to escape from not one but two prison guards? As that improbable situation was discussed among supporters online, a much less traditional support group were asking the same questions.

Hollywood director Lexi Alexander has been a vocal supporter of Peter and earlier this year broke with the usual Tinseltown position by calling for his release.

While her outspoken approach is uncharacteristic of a Hollywood worker, it may come as a surprise that she is definitely not on her own. During recent weeks the director and actress, who has several movies under her belt, called for other like-minded individuals in Hollywood to make themselves known.

The result was the publication a few minutes ago of a video dedicated to the uncuffing, release and support of Peter Sunde.

“We created this video in solidarity with Peter as he attends his father’s funeral today,” Alexander told TorrentFreak.

“Originally I had planned to do this over the next few weeks, but when I heard about Peter’s father’s death yesterday, we scrambled and got it together within a few hours.”

While a few of the people in the video have understandably chosen to remain anonymous, others have been very happy to show their faces. With the famous Hollywood sign in the background, first up, Julie Bush.

“Julie Bush was pro-piracy before I even knew what file-sharing meant,” Alexander told TF. “She used to be a writer on the show Sons of Anarchy and now she’s writing a major property for Universal Studios: Robert Ludlum’s The Sigma Protocol.”

Bush has written on a number of occasions about Hollywood’s “dumb” approach to piracy.

“Many showrunners and executives I know not only pirate stuff all the time but also privately endorse the idea that piracy is good for the industry, a great way to advertise, and essential to building a healthy audience,” she explained last year.

The gentleman holding up the sign calling for the un-cuffing of Peter is actor Ross McCall. He appeared in Band of Brothers, Alexander’s movies Green Street and Green Street 2, before moving on to star in TV series including Crash, White Collar and Luther.

“The pretty blonde [0m 53s] is producer Catrin Cooper. Very outspoken about her opposition to criminalizing file-sharing,” Alexander continues. Cooper has worked in several roles on movies including Casino Royale, Harry Potter and the Prisoner of Azkaban, and Batman Begins.

“The guy with ‘Free Peter Sunde’ on his shirt is a writer and actor named Edward DeRuiter, one of his movies was just released last month,” Alexander adds.

“Then there’s Brent Weichsel, who against my advice decided to put his name and union on the sign. He’s Local 600 Camera Assistant.”

It’s quite something and particularly brave for these individuals to put their name to the support of someone described by studio bosses as someone intent on the ruination of the industry. That said, and as clearly pointed out on one of the signs held up in the video, Hollywood workers are not only writers and directors, they’re also humans too.

The video, which features writers and authors, directors, producers, a screenwriter, a cinematographer, an engineer and a dialect coach, is embedded below and available on Lexi’s blog.

Source: TorrentFreak, for the latest info on copyright, file-sharing and anonymous VPN services.

Back in July a pretty much pristine copy of The Expendables 3 leaked online. It was a dramatic event for those behind the production as the movie’s premier on BitTorrent networks trumped its theatrical debut by several weeks.

Distributor Lionsgate was quick to react. Just days after the leak the entertainment company sued several file-sharing sites, which eventually resulted in the closure of file-hosting site Hulkfile. But more action was yet to come.

Doubling up on their efforts, Lionsgate also targeted hosting providers, domain registrars and seedboxes while at the same time sending thousands of DMCA takedown notices to have content and links to content removed.

However, a big question remained unanswered. Would the makers of The Expendables 3 start tracking down alleged file-sharers to force them into cash settlements as happened with previous iterations of the movie? It’s taken a few weeks but confirmation is now in.

Millennium Films, the production company behind The Expendables 3, is now shaking down individual Internet users they believe to have downloaded and shared the leaked movie without permission. What do they want? Hard cash, of course.

Interestingly, and at least for now, the company isn’t going through the courts filing subpoenas against ISPs to obtain downloaders’ personal details. In a switch of tactics the company is sending DMCA takedown notices to ISPs via CEG TEK International and requesting that the notices are forwarded to the customers in question instead. In addition to the usual cease and desist terminology, Millennium tag on cash settlements demands too.

As can be seen in the image above, the production company is giving notice recipients until October 5, 2014 to come up with the money – or else.

“If within the prescribed time period described above you fail to (i) respond or settle, or (ii) provide by email to support@cegtek.com written evidence of your having consent or permission from Millennium Films to use the Work in connection with Peer-to-Peer networks (note that fraudulent submissions may give rise to additional liabilities), the above matter may be referred to attorneys representing the Work’s owner for legal action,” the settlement offer reads.

Of course, whether people fill in CEG TEK’s settlement form or write to them with their personal details, the end result will be the same. The company will now have the person’s identity, something they didn’t previously have since at this stage ISPs have only forwarded the notices.

While the notices are real (CEG TEK have confirmed the action) little is known about how much money Millenium/CEG TEK are demanding to make a supposed lawsuit go away. However, TorrentFreak has learned that CEG TEK are simultaneously sending out settlement demands to alleged downloaders of The Expendables 2. A copy of the settlement page demand – $300 – is shown below.

While some people will no doubt be worrying about how to deal with these demands and whether Millenium will follow through on its implied threat to sue, at least some of these notices will be falling on deaf ears. LiquidVPN, an anonymity company listed in our 2014 report, received one such notice but as a no-log provider, could not forward it to its customer.

Compare that to the despair of a user posting on KickassTorrents who got caught after relying on IP address blocking software (typos etc corrected).

“I woke up to this alongside four other notices from my ISP. I stopped downloading six days ago, but I’m receiving old notices about movies that were downloaded a month ago and I basically can’t do nothing about it since its old. I use PeerBlock and it’s a bunch of bullshit. What should I do with this October 5 deadline on a settlement? Please help!” he wrote.

Finally, and as Lionsgate, Millennium Films and CEG TEK shake down sites, hosting services, domain registrars, seedbox providers and now end users, the big mystery surrounding the most important questions remain unanswered.

Who – at Lionsgate, Millennium or one of its partners – had full access to a clean DVD copy of the movie? Who then put that copy in a position of being placed online? The FBI, who can crack the most complex of terrorist crimes, are reportedly involved and must’ve asked these questions. Yet the culprit still hasn’t been found……

Could it be that studios become less cooperative when blame falls too close to home?

Source: TorrentFreak, for the latest info on copyright, file-sharing and anonymous VPN services.