As one of the leading CDN and DDoS protection services, Cloudflare is used by millions of websites across the globe. This includes many pirate sites.

In recent years many copyright holders have complained about Cloudflare’s involvement with these platforms.

Thus far the U.S. company has refused to take any action without a court order. In various legal proceedings, Cloudflare argued that it’s a neutral third-party service that merely caches content. Even when Cloudflare disconnects customers, their associated sites remain operational.

This week Cloudflare published its latest transparency report which makes this stance clear. For example, the company stresses that it doesn’t respond to DMCA notices by removing cached content. Instead, it forwards the notices to the respective customers.

According to Cloudflare, it received only three DMCA notices in 2019 that identified permanently stored content. These were dealt with appropriately. The rest of the notices were passed on to clients.

While this policy isn’t new, the transparency report also highlights a new phenomenon. According to Cloudflare, the company has started to block visitors from Italy accessing 22 domain names, following a local court order.

Cloudflare reports that an Italian court ordered the company to block access to the domains of several copyright-infringing websites. This took place last summer but as far as we know the case remains unreported in the media.

“Pending further litigation, Cloudflare took steps in July 2019 to disable access to those websites to the extent that they used Cloudflare’s services to respond to requests from Italy or used Cloudflare equipment in Italy,” Cloudflare writes.

“The court order included requests related to 131 domains and 15 accounts. Cloudflare took action to geoblock 22 domains that were using our service at the time the order was issued,” the company adds.

The domains in question are not blocked outside of Italy, but which domains are affected by the geo-blocking efforts is unknown. Cloudflare didn’t respond to our request for further details.

We also asked several legal representatives of copyright holders in Italy, but they couldn’t point us to the underlying order either.

There is a related Cloudflare case in Italy which we previously reported on. In a ruling in favor of Italian broadcaster RTI, handed down by the Commercial Court of Rome last June, Cloudflare was ordered to immediately terminate the accounts of several pirate sites. There was, however, no mention of geo-blocking or blocking in general.

TorrentFreak spoke to RTI’s attorney Alessandro La Rosa who says that the pirate sites involved in the RTI case still use the services and infrastructure provided by Cloudflare. He is not aware of any blocking efforts either.

If more details become available on the geoblocking targets we will update this article accordingly.

Italy is not the only country where Cloudflare is taking action against pirate sites. The transparency report also confirms that it reached an agreement with several large manga publishers in Japan, as we reported last month.

“As part of the resolution of a lawsuit in Japan, Cloudflare has come to an agreement with certain Japanese publishers to clear existing cached content and cease caching in Japan for certain websites determined by the Tokyo District Court to be infringing copyright,” Cloudflare writes.

The above shows that while Cloudflare may indeed be a neutral service provider, it can and does take steps to curb copyright infringement on occasion. It remains to be seen whether the two legal issues detailed above are just the start and whether new demands will appear moving forward.

Drom: TF, for the latest news on copyright battles, torrent sites and more. We also have an annual VPN review.

Reddit user Darkspliver, a member of the Jehovah’s Witness community, was recently targeted by the Watchtower Bible and Tract Society with claims that his postings infringed their copyrights.

The case drew the attention of the EFF which mounted a defense on the user’s behalf, claiming that the subpoena against Reddit was invalid since Darkspliver’s use of Jehovah’s Witness material were covered under fair use. The court agreed.

“Our client shared comments and concerns about the Watch Tower organization — something they have every right to do,” said EFF Staff Attorney Alex Moss this week. “We are glad that Darkspilver is safe from unmasking, and that a judge saw the important free speech and fair use issues at play here.”

While the identity of Darkspliver is now safe, the religious organization now has a fresh target. According to documents obtained by TorrentFreak, the Watch Tower Bible and Tract Society of Pennsylvania has obtained a DMCA subpoena that requires Google to reveal the personal details of a YouTube user who uploaded Jehovah’s Witness sermons to the video platform.

The subpoena targets an account called ‘JW Apostate’ which advertised itself as a place for “leaking Watch Tower videos”.

At least initially, the channel had many videos listed for viewing but the DMCA subpoena application lists just five.

“Watch Tower conducted a good-faith fair use analysis of numerous infringing posts on the account at issue,” the application filed at a New York court reads. “This content infringes copyrights held by Watch Tower.”

Watch Tower informed the court that it had fulfilled all the requirements for obtaining a subpoena and its sole purpose is to “obtain the identity of an alleged infringer or infringers” so that copyrighted content can be protected.

The allegedly-infringing YouTube channel listed a Reddit account for correspondence so on discovering the application, TorrentFreak contacted the associated user for comment. Very shortly after, the Reddit account, YouTube channel and all of its videos were deleted, leaving nothing in their wake.

A day later, District Judge Cathy Seibel signed off on the Watch Tower request and ordered the clerk of the court to issue the subpoena against Google LLC.

“This matter comes before the Court upon the ex parte application of movant Watch Tower Bible and Tract Society of Pennsylvania along with the Declaration of Paul D. Polidoro, Esq. and supporting documents for the signing of a Subpoena directing Google, LLC to produce the identity of entities or persons believed to be infringing on the copyright of Watch Tower Bible and Tract Society of Pennsylvania,” the order reads.

“Having considered the Declaration and all documents submitted in support of the instant application, the Court finds good reason to issue an order directing the clerk to issue said subpoena.”

The Watchtower Bible and Tract Society is no stranger when it comes to DMCA subpoena applications or indeed Judge Seibel. The religious group has attempted to obtain several subpoenas in New York courts against Facebook and YouTube users, filing around 60 applications overall since June 2017.

Considering that the aim of most Christian-based religions is to spread the word as widely as possible around the world, it appears that those at the top of the Jehovah’s Witness group would prefer to control access to their information much more tightly.

The application, proposed DMCA subpoena, and order granting subpoena can be found here (1,2,3 pdf)

Image credit: Pixabay

Drom: TF, for the latest news on copyright battles, torrent sites and more. We also have an annual VPN review.

Anyone who creates creative content has the right to protect that work from unauthorized wholesale reproduction. It is their work, their investment, and they should be able to benefit from the toils of their labors, copyright law dictates.

The reality, of course, is that while people can claim their rights all day long, there are plenty of avenues to obtain that content online without paying for it. As a result, entertainment industry groups are relentless in their efforts to disrupt and discourage such behavior.

One of the tried-and-tested methods is the anti-piracy campaign. Often in the form of short videos, trailers and clips presented online, within physical media, and on TV, these presentations get around 30 seconds to make an impact on the public. That is not a long time and as a result, the creatives behind these projects have to get well….creative….for want of a better word.

In recent years, the many ‘creative’ approaches are now diverging into what appears to be a coordinated global effort to physically scare people away from piracy. All is fair and love and war, they say, but these campaigns take the truth and bend into another dimension. Take the headline message from the new anti-piracy campaign launched online and on TV by Creative Content Australia, for example.

“Accessing pirate sites to download movies and TV exposes your financial and medical details, passwords, photos and more to criminals. So not only is pirating illegal, you become a victim of your own crime. Is it really worth it, just for some free content?” the campaign material reads.

Here’s the accompanying TV advert for additional context;

<script src="https://player.vimeo.com/api/player.js">

The video appears to portray a member of the public seeking help from the ‘police’ after he got hacked and had his passwords and photos stolen. However, when the authorities find out he’d visited a pirate site they basically said: “Screw you, it’s your own fault, you’re on your own.”

Thirty seconds isn’t a long time to get your message over but claiming that “pirate sites expose you to hackers” simply can’t be the experience of the majority of people who use them. If this was indeed the case, people wouldn’t be flocking to them every day in their millions.

The fact that a succession of campaigns are declaring pirate sites as unsafe havens filled with hackers is a clear indicator that someone feels the message just isn’t getting through to pirates. Which, when you think about it, is pretty strange.

No campaign on planet earth will ever be able to drive the message home more effectively than actually being hacked and having your personal details stolen. Victims of such crimes rarely need to be told twice which is a fairly obvious indicator that this campaign is aimed at the vast majority who have no such problems. And if the vast majority have no issues, why all the panic?

Let’s be clear here, this isn’t a pro-piracy rant at the expense of people simply trying to make some money off the back of their hard work. This is a reaction to scare tactics that are not only insulting to people’s intelligence but are also unlikely to reach their goals. Fact: if visiting pirate sites leads to all of the things being claimed, people wouldn’t use them. If people didn’t use them, the campaign wouldn’t be needed.

These claims of ‘people’ falling victim to criminals are problematic too. Last week we reported on a huge survey carried out in the UK, which also covered public attitudes towards various types of anti-piracy campaigns. One of the suggestions was that instead of making vague claims, it might help to present real-life examples of people who became victims of hacking as a result of visiting pirate sites.

Of course, this latest campaign – just like all the others – makes no effort to do that. Instead it uses actors and well-known activists to drive home the message that people who visit such platforms get what they deserve.

“If you visit pirate websites, even the law can’t protect you,” warns Graham Burke AO, Chairman of Creative Content Australia.

“You are going to a criminally dangerous neighborhood. Pirate sites are big businesses and exist solely to make money by robbing you, or worse. This is an area where your cyber security is in danger and malware, blackmail and identity theft are commonplace.”

It’s true that pirate sites can indeed have terrible ads and of course, malware can be present in downloads, most commonly software releases where such things are easily hidden. But blackmail and identity theft are such serious crimes that one would think that if a pirate site had been involved in such things, the police would’ve got involved and we would’ve heard about it. We haven’t.

On the other hand, it is extremely easy to find reports of people getting scammed via methods that have nothing to do with pirate sites, such as by telephone or phishing attacks. This is where things start to break down and make nightmarish anti-piracy campaigns lose credibility.

The awful experiences being described in most of these campaigns aren’t the experiences of the majority of people who use these sites. If truth be known, most people reading this article have probably had more attempts to have their identities stolen via email in the past three months than anywhere else on the Internet, pirate sites included.

Indeed, when we spoke to security company MalwareBytes on this topic in 2018, the company told us that pirate sites aren’t the biggest risk at all – email is.

“These days, most common infections come from malicious spam campaigns and drive-by exploit attacks,” said Adam Kujawa, Director of Malware Intelligence.

In response to claims in another dubious anti-piracy campaign in the same year, security expert Mikko Hypponen from F-Secure told us that it was false to claim that pirate sites are the number one source for malware online. He again pointed to email as the number one risk.

“Pirate sites are not the most common source for infections, and it hasn’t been since the early 1990s,” he informed TorrentFreak. “Today, the most common ways of getting infected are via malicious email attachments, browser plugins and extensions and web exploit kits.”

The bottom line here is that there is absolutely nothing wrong with anti-piracy campaigns per se but they must be believable and based in fact, not a twisted version of the truth. Also, the companies behind them might also consider being a little less cynical.

While one can’t expect a guide on how to pirate safely, campaigns that only warn of the dangers without offering some advice beyond “don’t use pirate sites” suggest that there’s no genuine concern about the safety of Internet users. In fact, the message in this campaign is actually “you’re on your own and nobody will help you.”

If only on a subconscious level, that won’t go unnoticed. Somehow, these messages need to move forward more positively. It’s become a cliche but all of the content in one place at a fair price from a legitimate source is the best way to stop people visiting pirate sites. Or at least powerful enough to stop a significant number from preferring them, especially when considering all of the horrors that lie within….

Drom: TF, for the latest news on copyright battles, torrent sites and more. We also have an annual VPN review.

Like any other Hollywood movie, pirated copies of the movie “Contagion” appeared on pirate sites around the world at the end of 2011.

At the time, it was briefly listed among the most pirated movie titles but, as time went by, interest waned.

That pattern is all too common. Over the past few years, the movie was downloaded a few hundred times per day, at most. In January, however, something changed.

When the Coronavirus (COVID-19) outbreak started to hit the mainstream news, some people started to link it to the fictional “MEV-1” pandemic depicted in “Contagion.” Although the two can hardly be compared, besides being virus outbreaks, interest in the 2011 movie suddenly spiked.

Google Trends reveals that searches for the phrase “contagion movie” started to rise in January, reaching a peak around the end of that month. Later in February, as the Coronavirus started to spread globally, searches flared up again.

The increasing demand directly impacted sales. Over the past days, Buzzfeed and other several news outlets reported that movie rentals for “Contagion” had gone up, putting the movie in the top 10 of iTunes movie rental chart, as well as the trending list.

Since sales patterns are typically not too different from piracy trends, we decided to take a look at the popularity of the movie on torrent sites. This idea was opted by Julia Alexander of The Verge, and with help from IKnowWhatYouDownload, we were able to get some hard data.

As mentioned earlier, before the Coronavirus reached the mainstream news the film was being downloaded roughly 200 times a day. On January 24, this went up to 1,543, and a day later 9,369 downloads were recorded. A week later, more than 25,000 people downloaded the movie during a single day.

This download pattern is very similar to the Google Trends chart. Both show the same initial peak, with interest picking up again at the end of February.

Tracking BitTorrent downloads is a complicated process so IKnowWhatYouDownload’s numbers are likely not 100% precise. But the trend is obvious – there’s a massive increase in “Contagion” piracy.

Looking at the geographical data we see that most downloads came from South Korea initially. On the first day of February, 22% came from South Korea, which is the country that’s most affected by the Coronavirus after China. Only 6% of the downloads came from the US, and fewer than 1% from the UK.

A month later this changed a little. The US (10%) took over from South Korea (9%), and interest in the UK went up, which was good for 4% of the downloads on March 1.

The numbers reported here only apply to BitTorrent downloads, which represent only a fraction of the entire piracy landscape. With direct download and streaming sources added to the mix, the download figures may be several times higher.

Overall it’s clear that the Coronavirus outbreak has raised the interest in “Contagion,” both through legal and illegal channels. It’s important to keep in mind, however, that the film has very little to do with the challenges the world’s facing today.

After all, nothing spreads like fear….

Drom: TF, for the latest news on copyright battles, torrent sites and more. We also have an annual VPN review.

Kodi is widely known as a very convenient media player. While the open-source software is content-neutral, some third-party addons use it to offer pirated content.

In recent years rightsholders and anti-piracy organizations have worked hard to target copyright infringing addons. This is done through enforcement actions, but also through scare tactics.

On numerous occasions, Kodi addons have been associated with malware and other malicious content. While it is certainly true that there are some shady addons out there, the warnings are often overblown, lacking any supportive data.

A more analytical approach to this issue is being taken by a group of researchers from Northwestern University and Brave Software. They use a data-driven model and have created a software crawler to identify any potential threats in third-party Kodi addons.

Their software, aptly named ‘De-Kodi,’ scraped the web and discovered tens of thousands of addons. A small percentage of these, roughly 9,000, were still active. The researchers then tested them for potentially harmful activity.

The results show that most addons are safe. A significant portion include URLs that are linked to advertising, tracking, or Kodi’s own blacklist. However, only 13 addons included URLs that were flagged by Google’s Safebrowsing service for potentially malicious “social engineering.” Another 131 addons included links to potentially malicious IPs.

“In our study, we discovered 43,308 addons out of which 8,485 were unique and correctly working. Out of these, only a handful was potentially harmful,” Brave Software researcher Matteo Varvello tells TorrentFreak.

This doesn’t sound like a broad threat, but some nuance is warranted. The researchers also found that many of the problematic addons are relatively popular. This means that while malicious addons are rare, they still have the potential to impact a lot of people.

The SportsDevil addon, for example, which is listed among the ten most popular addon domains, is flagged as potentially malicious, includes tracking scripts and is on Kodi’s ban list.

Because users may not be aware of these threats, or the fact that that addons may track them or serve ads, the researchers decided to make the information public in the form of an addon.

“After we built De-Kodi, we realized that the information we collected was very useful to the average Kodi user, not only the research community. An addon was the easiest way to bring this information to the large Kodi user base,” Varvello tells us.

The result is the new SafeKodi addon which is available to the public for free. Kodi users who install it can use the software to check whether there are any potential security issues on their platform.

In addition to helping the public, the public can help the researchers as well. SafeKodi allows users to flag addons they think are unsafe. In addition, it will automatically locate new and unknown addons and test these on-demand.

The input from users allows the researchers to expand their findings and provide a more accurate overview of the third-party addon ecosystem.

“The current plan is to attract some user-base for SafeKodi. This allows us to complete our study with potential addons we will discover thanks to our users, and those that appear through the evolution of the Kodi ecosystem over time,” Varvello says.

In addition to insights about advertising, tracking, and potential malware threats, the research also provides additional detail on the video sources of addons.

For example, they found that the most popular media serving domains are GoogleVideo.com, Akamaihd.net, and Archive.org. These domains include legitimate content but are also used by pirate services.

The results of the study are detailed in a paper titled: De-Kodi: Understanding the Kodi Ecosystem. The findings will be officially presented at the World Wide Web Conference in April where the De-Kodi source code is also scheduled for release.

Drom: TF, for the latest news on copyright battles, torrent sites and more. We also have an annual VPN review.