Author: Andy Maxwell

For much of 2025, top-tier Spanish football league LaLiga has waged war against online piracy in controversial yet completely unapologetic fashion. A more single-minded approach may not have been deployed by any other entity, ever.

Launched around February, LaLiga’s persistent blocking of Cloudflare (and by extension, countless innocent customers) is a story still being told from distinct perspectives.

In LaLiga’s view, a court order granted it the necessary authority to block pirate sites. In the event that collateral damage even exists, that should be attributed to Cloudflare for a) harboring pirate sites and b) using innocent customers as ‘human shields’ by forcing them to use the same IP addresses as pirate sites. Cloudflare regrets that LaLiga saw fit to obtain a business-disrupting blocking order, without giving it an opportunity to appear in court, causing a rift that still hasn’t been bridged 10 months later.

Silent Cooperation No Longer Enough

The voices of the innocent sites and services, blocked by Spanish ISPs at LaLiga’s behest, have complained but haven’t really been heard. When approached by customers for comment, the ISPs carrying out the blocking haven’t been heard either, mostly because they have said very little indeed. Compliance with a court order has been mentioned in their roles as ISPs; as internet broadcasters with rights to air LaLiga broadcasts that presumably benefit from their own blocking? No comment.

The role of Spanish ISPs in whatever comes next won’t be a secret. As LaLiga opens up the bidding process for the seasons 2027/2028 until 2031/32, the league’s expectations are detailed in black and white.

First impressions raise questions of autonomy; specifically, how much independence will ISPs be required to sacrifice under an anti-piracy regime controlled by LaLiga, one in which it dictates policy, compels support for legal action, and mandates cooperation in investigations against their own customers.

Obligations to Collaborate

There’s little doubt that LaLiga views piracy seriously, but should any remain, none have any hope of surviving the obligations laid out in its anti-fraud policy.

The first paragraph states that successful bidders must ensure exclusive access to LaLiga content within the designated territory and implement at minimum several specified security measures. They include Digital Rights Management (DRM), anti-VPN systems, geo-blocking systems at the device and CDN levels, and security marking at both the source and CDN.

Visible watermarking is required to identify users, and measures must be in place to verify their locations. LaLiga also expects documentation to show the location and sources of any unauthorized retransmissions.

General Obligations

LaLiga says that its partners must “collaborate efficiently” and proactively, including against “the provision of public information aimed at promoting or facilitating unauthorized access to said contents,” whether on Facebook and YouTube, or on Whatsapp, Telegram, and Discord. User Generated Content (UGC) platforms, web-based illegal streaming sites, card-sharing services, IPTV suppliers, and BitTorrent-like systems such as Acestream, are all seen as legitimate targets.

Also under the spotlight, authorized entities “who exploit the content abusively and fraudulently.” When LaLiga initiates legal proceedings against these entities, its broadcasting partners are required to participate as an injured party.

LaLiga also places restrictions on the type of viewing devices broadcasters make available to their customers. LaLiga says that there are only three “safe environments” for installing software – Google Play Store, Huawei AppGallery and iOS Store. Functionality to load software from any other source must be prevented.

Create Synergies, Share Details of Users Detected as Pirates

When rights organization Promusicae sued Telefonica in 2005, demanding the identities of customers accused of pirating music, Telefonica fought all the way to Europe’s highest court to avoid handing over its customers’ personal details.

In 2008, the Court of Justice of the European Union handed Telefonica a landmark win.

But that was then, and this is now.

[T]he successful bidders who, by virtue of their status as telecommunications operators, are internet service providers, undertake to actively cooperate in judicial actions such as preliminary proceedings, aimed, at the request of LaLiga, at identifying those customers who access audiovisual content illicitly through the internet service, through illegal systems such as, for example, P2P (AceStream) or Cardsharing, avoiding formalizing an appeal against the judicial resolutions agreed upon in this area.

ISPs Must Promote Dynamic IP Address Blocking to the Courts

At a time when internet groups and researchers are issuing warnings over the dangers of IP address-based blocking, becoming a successful bidder for LaLiga broadcasting rights requires ISPs not to just ignore the advice, but to invest time and resources to ensure the courts endorse its use.

LaLiga says that the effectiveness of the measures must be promoted as effective against third-party intermediaries it perceives as undermining its blocking efforts.

They include VPN and DNS providers, anonymization services and, in a move unlikely to be well received at the White House, reverse proxy services. Despite receiving no direct mention here, a well-known American company would likely become a primary target.

Extracted from the original (Spanish)

The Successful Bidders also undertake to promote a joint policy against audiovisual fraud and to cooperate in speeding up the adoption of dynamic blocking of those websites and web resources identified as broadcasting, distributing, or sharing LALIGA content without consent, in particular, the modality of “live dynamic blocking” via IP, as well as through any of its technical modalities, collaborating to promote its adoption by the courts of justice and cooperating to achieve maximum effectiveness in the shortest possible time, providing, if necessary, the necessary personnel and means to ensure that such blocks, communicated by whoever is judicially designated for this purpose, take effect any day and time of the week immediately upon communication.

The successful bidders undertake to promote, together with LaLiga, the appropriate judicial and extrajudicial actions to promote the effectiveness of the blocks, in particular against third-party intermediaries whose services are used for the direct or indirect circumvention of the aforementioned blocks, such as, for example, providers of VPNs, reverse proxies, anonymization services, DNS, and/or hosting services.

Immediate Blocking Without Need For Judicial Intervention

An issue as potentially serious as this deserves another direct quote. For obvious reasons the statement here is translated from the original Spanish, but the original document is linked below and available for review.

The Successful Bidders, regardless of whether they are established in the territory or not, voluntarily, expressly and directly undertake, without the need for judicial intervention, to agree to the immediate blocking of those domains, subdomains, IP addresses and web pages and resources that, for violating intellectual property rights and other related rights, are notified to them by LALIGA or by the entity designated by it through any means of notification that allows proof of receipt, who will provide as proof of this evidentiary support extracted and compiled through any of the trusted providers approved by the Spanish or European authorities, together with a technical report issued by their audiovisual anti-fraud department, thereby taking effective knowledge of the illicit nature of the actions of the domains, subdomains and IPs.

Both the supporting evidence and the technical report will be recognized by all Successful Bidders as sufficient proof to directly and free of charge agree to the requested block, which will be facilitated immediately upon receipt of the request by LaLiga.

Surprisingly, the above isn’t even a full accounting of all requirements, far from it, so we’ll return to the topic later.

At this point it’s worth mentioning the tone of the document, which is absolutely uncompromising in both its determination and the instructions required to achieve its goals. On several occasions the Successful Bidders are warned that if they fail to meet LaLiga’s requirements, and then fail to improve or correct the issue at hand, they will have their contracts terminated.

Failure to comply with these obligations, or their partial or defective compliance, after a reasonable period has been provided for their correction, will be a mandatory cause for automatic termination of the contract, with written notification from LaLiga accompanied by a technical report from its Audiovisual Anti-Fraud Department demonstrating the verification of the non-compliance being sufficient proof for this.

There are further examples in the ‘Competitive Tender Process’ document here (pdf)

From: TF, for the latest news on copyright battles, piracy and more.

Today’s internet is arguably better than it’s ever been. Yet there are significant privacy and security concerns that, despite best efforts, only seem to be getting worse.

Calls for governments to get much more involved carry the not insignificant risk of them doing just that. Not necessarily to tackle the issues that led to the cordial invitation, of course, but when blocking and access restrictions are heavily promoted as the solution to one problem, suddenly everyone has a problem. Governments looking for solutions unsurprisingly have many times more.

The Normalization of Blocking

A little over fifteen years ago, there wasn’t much appetite for online blocking, at least beyond abusive images and videos, for which blocking still receives overwhelming public support. Today it doesn’t really matter if the public approves or not, site blocking is permitted almost everywhere. Whether for suppressing piracy or silencing perceived overseas propaganda, or brandished as punishment for non-compliance with local rules, the potential seems unlimited.

Yet the majority of content blocking experienced day-to-day isn’t imposed, it’s a personal choice. Most browsers have an option to block popups, for example. Blocking intrusive advertising is increasingly popular too, since without some type of defense, any veneer of online privacy quickly heads south, taking usability with it. For many, the browser-based uBlock Origin remains the gold standard but thanks to ISPs’ site blocking efforts, running software like Pi-hole takes care of the ads and with its own DNS, simultaneously unblocks the pipes.

For those averse to tinkering under the hood, personal blocking performance is almost completely reliant on the decisions made by third-party blocklist maintainers. Make the right decisions and deploy reputable blocklists, overall things can go very well indeed. That doesn’t necessarily mean everything always goes according to plan, but with the right approach, getting back on track is simplicity itself.

Blocklists Always Contain Errors

The standard lists bundled with uBlock Origin and Pi-hole are generally perceived as very good. Indeed, many view uBlock as an indispensable first line of defense against the endless appearance of malicious ads. On GitHub, all kinds of DNS blocklists are available from Hagezi’s repo, all with a common and genuine mission to keep the internet as ‘clean’ and as safe as possible.

Essentially a one-man labor of love crammed into his spare time, by many accounts Hagezi’s main lists strike a fair balance between blocking unwanted trackers and not breaking websites, which for most people is the sweet spot. For those with more specific needs, there’s no shortage of choice.

The threat intelligence-led blocklist has been used here without any issues, likewise the feed for NRDs (newly registered domains) which often contains new streaming site domains, purchased as replacements in the wake of anti-piracy blocking. Others clearly have specific goals in mind, one in particular.

The ‘Anti Piracy – Protects Against Piracy!’ Blocklist

This blocklist contains over 11,000 entries, in theory blocking access to just as many pirate sites. In practice, it may block a few thousand but since domains come and go quickly, only well-funded anti-piracy groups have the necessary resources to stay anywhere near up to date, and the list naturally reflects that.

No third-party list will ever be comprehensive, and this one makes no claims to the contrary. Indeed, a disclaimer concerning all lists notes that the ultimate responsibility for using or not using a blocklist lies with the user. We completely agree, and we’ll return to that in just a moment.

The fact that many domains on the list today fell out of action a decade or more ago, presents issues. These issues are not unique to this blocklist; they also apply to any region where enthusiasm for pirate site blocking isn’t matched by corresponding unblocking when domains are repurposed.

The key differences deserve early emphasis: Pirate site blocking lists are imposed and either fully closed or open to limited scrutiny. Hagezi’s blocklists are free, voluntary, and transparent. While that means errors get pointed out (see below), that’s what gives open source its strength.

Welcometothescene.com was home to The Scene, a drama miniseries set around the topic of piracy. Created by Jun Group, the show was free to watch online, including on peer-to-peer networks, under a Creative Commons license. Released to a pre-YouTube audience in 2004, the last episode aired 20 years ago.

Long since repurposed, the domain appears both dead and alive in DuckDuckGo’s search results, and very much alive in the Anti-Piracy Blocklist.

How the domain got onto the anti-piracy blocklist is anyone’s guess, likewise why it’s somehow still there today. Other problematic entries are more current and at times, quite puzzling too.

A Few Examples

We’ve highlighted a few obvious blunders below, but the context means that when compared to similar blunders made elsewhere, these are much less serious. Mistakes are inevitable, yet transparency and the ability to put things right make a world of difference.

Open Source Projects

torrent.fedoraproject.org | torrent.ubuntu.com | fosstorrents.com | tracker.parrotlinux.org | tracker.parrotsec.org | Webtorrent.io | Instant.io

Free Music / Independent Artists / Pro-Sharing Bands

Jamendo.com | bt.etree.org

Anti-Piracy | Transparency Database | Piracy News

Alliance4Creativity.com | Lumendatabase.org | Torrentfreak.com

Government | Satire

Parliamentlive.tv | Southparkstudios.com

These issues shouldn’t detract from the quality found elsewhere in the project, where most of the attention is focused. While an erroneously blocked domain is still one too many, the open nature of these blocklists is undoubtedly one of the most important things to consider when weighing the pros and cons of any kind of content blocking.

Try not to spend too much time looking, small sections like this are entirely accurate but seriously headache-inducing.

Transparency, Accountability, and the Future of Site-Blocking

With absolutely no charge to the end user, Hagezi’s entirely open approach allows the individual to make their own choices about what happens on their networks and on their machines. Some errors will exist, they always do, so if anyone feels that a blocklist isn’t for them, so be it – nobody is being forced to do anything they don’t want to.

It’s about personal choice and striking a balance between the expected end result and the likelihood that it won’t ever be perfect, but probably good enough. And when things do go wrong, the person responsible is always around.

Formal anti-piracy blocking regimes, on the other hand, are mandatory for everyone within their increasingly broad jurisdictions. In most countries they are the antithesis of open source, despite having a direct effect on the majority of internet connections.

There’s no element of personal choice, and any balancing exercise involves someone else’s vision of a good end result. It won’t ever be perfect, but “probably good enough” takes on different light when things go wrong in this context.

Opacity as a Feature

Overblocking is not subject to public reporting and since members of the public have no direct access to blocklists, errors can’t be caught early or even caught at all. For victims of overblocking seeking answers, the almost impossible challenge is to a) prove it b) find out who’s responsible c) report it to the body set up to deal with overblocking and d) come to terms with the reality that the system protects rightsholders and ISPs, period.

If a court authorizes blocking, all parties point to each other and ultimately back to the court in the event of overblocking; bodies to deal with overblocking don’t exist, because effectively, overblocking itself doesn’t exist. That’s clearly evidenced by the lack of complaints, despite that being directly attributable to reporting opacity.

The lack of transparency is often explained as a necessary component of site-blocking strategy, in that secrecy prevents site operators from knowing that their domains are being blocked. The idea that they don’t already know only makes sense if the impact was too limited to notice. In any event, transparency with a 24-hour delay would be sufficient for the public record but unlike the imposition of secret blocklists, publication isn’t mandatory.

While Hagezi’s lists are open source and offer significant benefits for those who choose to use them, company records are proprietary. This is the future of site-blocking and the realization that it won’t arrive tomorrow, requires acceptance of a difficult truth:

For the last 15 years, it always arrived yesterday.

From: TF, for the latest news on copyright battles, piracy and more.

When a US-based web host receives a credible DMCA takedown notice, it’s often a sign that action is required to resolve the complaint. That usually means taking down allegedly infringing content uploaded by a third party.

Having met its obligations under the DMCA, compliance typically means that the host avoids liability for third-party infringement. Some overseas hosts operate somewhat differently, however, embracing non-compliance as a beneficial service feature.

DISH Network vs. Virtual Systems, LLC

In the world of ‘offshore’ and ‘bulletproof’ hosting, DMCA non-compliance typically comes as standard. Ukraine-based Virtual Systems, LLC (also known as VSYS Host) advertises itself as a ‘DMCA-ignored’ host, meaning that when DMCA notices instruct the company to take content down, no action is taken.

In October 2024, a lawsuit filed at a Seattle district court accused Virtual Systems, LLC, and its alleged owner and CEO, Vyacheslav Smyrnov, of doing just that.

Filed by broadcaster DISH Network and supported by the International Broadcaster Coalition Against Piracy (IBCAP), the complaint alleged that pirate IPTV services used Virtual Systems’ servers to illegally ‘transmit’ linear streams and VOD content, to which DISH owns the rights.

“Users accessed the Works through a set-top box (STB) or a website that links to the Works or provides a playlist used to access the Works. Users often had to purchase a subscription to view the Pirate Services’ content, in addition to purchasing any required STB. DISH did not authorize the Pirate Services to distribute or publicly perform the Works and received no compensation from them,” the complaint alleged.

DMCA Takedown Notices Universally Ignored

At least in part, the lawsuit targeted unfinished business. Three of the IPTV providers hosted by Virtual Systems were on the losing end of previous legal action in the United States. They were restrained from further infringement under a permanent injunction with the same applying to Virtual Systems. DMCA non-compliance was an additional aggravating factor.

“Virtual Systems and Smyrnov, collectively, were the recipients of at least 512 Infringement Notices. Virtual Systems did not respond to the Infringement Notices and did not take any measures to stop the Pirate Services’ infringement occurring on its servers and network. The Pirate Services kept infringing DISH’s copyrights in Works aired on the Channels, even using the same IP addresses and URLs previously reported to Virtual Systems,” the complaint continued.

In May 2025, a DISH status report[1] running to 370-pages described work to comply with the requirements of Ukraine, with Smyrnov reportedly served under the Hague Convention. Local issues included what appeared to be an attempt by Smyrnov to file a pro se answer to the DISH complaint. But with no signature and other critical shortcomings, the complaint officially went unanswered.

$41.8m Judgment in Favor of the Plaintiff

A default judgment was perhaps the most likely outcome from the beginning and with no direct contact and no answer on file, a win by default seemed all but inevitable.

An order issued this week dated November 12 notes Virtual Systems’ policy on DMCA compliance, which seems to strongly favor the customer, including those with “occasional” copyright issues.

The court also restated the three willful secondary copyright infringement claims in the original DISH complaint, the company’s request for damages, plus a permanent injunction.

Count I – Materially Contributing to Copyright Infringement;
Count II – Inducing Copyright Infringement; and
Count III – Vicarious Copyright Infringement.

Damages up to $150,000 for each registered work infringed.

Finding no obstacle to granting a default judgment, the court considered DISH’s request for maximum damages of $150,000 for willful infringement of each of the 279 copyrighted works listed in the complaint.

A Reasonable Request for a Significant Sum of Money

Noting that a judgment of $41,850,000 is expressly authorized by the Copyright Act, the court nevertheless described the eight-figure claim as “a significant sum of money.”

After weighing various factors, including DISH’s withdrawal of claims for profits attributable to the infringement, plus attorneys’ fees and costs, overall DISH claimed for less than it was entitled. As a result, a judgment of $41,850,000 was viewed as reasonable.

DISH was also granted a permanent injunction, which includes “a prohibition on providing any servers or network used in streaming or transmitting the material and requires termination of any current or future accounts of customers that stream or transmit the material.”

Chris Kuelling, executive director of IBCAP, welcomes the judgment and notes that failing to comply with takedown notices can prove expensive, including on a personal level.

“This ruling against Virtual Systems and its owner is another example of the consequences for hosting providers that choose to ignore takedown notices from IBCAP,” Kuelling says.

“IBCAP does not tolerate hosting providers and content delivery networks that disregard the law and fail to comply with our takedown notices. The result of such noncompliance is not only a permanent injunction, but also significant monetary damages, in this case more than $41 million, personally owed by the owner, Mr. Smyrnov.”

In comments to TorrentFreak, Kuelling says that the Ukrainian courts “seem to be in session and working despite the war” so IBCAP are ready for the next stage.

“With this order now in hand the attorneys will turn their efforts to collection and enforcement of the injunction,” he concludes.

The order granting default judgment is available here (pdf)

From: TF, for the latest news on copyright battles, piracy and more.

For the third Oct/Nov period, three years in a row, once again it’s Fire Stick Crackdown Malware Armageddon Month in the UK.

The annual event begins with the usual publications finding inspiration to write about the most popular streaming device in the UK, with drama injected into the mix by any means available to ensure maximum engagement.

If only there was some way of measuring interest in these articles or related searches, it could potentially provide valuable information on the UK piracy landscape, or even help to achieve behavioral change.

The news surge coincides with the anniversary of the BeStreamWise anti-piracy campaign, which launched around September 2023 and is still going strong. Published just this week, the campaign’s latest research is an important part of the puzzle that begins (but won’t end) with the new policy from Amazon.

Amazon and Sideloaded Apps

While we have yet to see any evidence that a campaign is actually underway at any scale, this recent statement from Amazon concerning Fire TV and sideloading is indeed genuine.

Amazon’s statement:

Piracy is illegal, and we’ve always worked to block it from our Appstore. Through an expanded program led by the Alliance for Creativity and Entertainment (ACE), a global coalition fighting digital piracy, we’ll now block apps identified as providing access to pirated content, including those downloaded from outside our Appstore.

Apps that somehow made it through Amazon’s vetting process or changed their behavior afterward, have been blocked on several occasions in the past. However, the new policy seems to go much further than that, by effectively signaling the beginning of the end for mass piracy via Amazon devices

How it will make its presence known at the consumer end, where loyal Amazon customers can often be found, is currently unknown. The manner in which the news has been released suggests that awareness is an accepted and important part of the equation, and preferred over a formal announcement alongside ACE, of which Amazon is already a member.

AFTVNews reports that the new approach will launch in Germany and France before rolling out globally to what is believed to be over 250 million devices. At least at this stage, there are no indications that the policy will apply retroactively, i.e by disabling apps already sideloaded to users’ devices.

Amazon could do that with the flick of a switch but probably won’t. Fire TV products also generate revenue for Amazon and partners including Netflix, so a gentle migration across to the piracy-restricted Vega OS-based Fire TV Stick 4K Select, seems the least disruptive option.

Unnamed Apps, Unclear Parameters

Apps deemed suitable for initial blocking haven’t been named and given the existing site blocking policy at the MPA (of which Amazon is also a member), it seems unlikely that apps will suddenly find themselves named in the media. That being said, “providing access to pirated content” is open for interpretation.

Self-contained apps that proactively present infringing content to the user, seem to be the most obvious candidates for blocking. Open apps, essentially video players that require users to provide their own playlists or login to a remote system, aren’t so easily defined.

They’re easy to identify and at the point of download, usually completely legal too. Whether Amazon sees itself splitting hairs over legality is unknown, but in a second statement, slightly different from the first, Amazon does seem to hint at a particular type of app being of particular interest.

“[Blocking piracy apps] builds on our ongoing efforts to support creators and protect customers, as piracy can also expose users to malware, viruses and fraud,” Amazon notes.

There’s no indication that piracy apps with or without any of these three features will be treated differently than any other. However, from the company’s perspective, blocking apps for being malicious would be much more straightforward than defending its position based on the semantics of copyright law.

Zero tolerance of malware and fraud is also widely accepted, even among consumer-level pirates. Yet in theory, this gives them no reason to stay in the Amazon ecosystem. As a result, they will have important decisions to make.

Buy a Brand New Fire TV 4K Select?

From today’s piracy perspective, Amazon’s latest device is an unattractive proposition and, at some point, older devices will be viewed that way too. That leads to a scenario where anti-piracy campaigns based on the threat of malware and fraud will likely become even more relevant.

While yet to appear on the official website, this week BeStreamWise has been circulating some basic information on what it says are the results of a new study. The premise is straightforward: Around 40% of people who stream content illegally suffer some kind of financial fraud as a result.

The research – among more than 2,000 Brits – found that, of those that have accessed illegally streamed content in the past 12 months, an alarming four in ten (39%) have suffered financial losses after being targeted by criminals. The average amount stolen was £1,680 – more than half of the average monthly gross salary in the UK – while one in 10 (11%) people lost more than £7,500.

Countering these claims seems pointless for two key reasons. Firstly, victims of this type of fraud typically have no idea who was responsible. They can try to narrow things down, but it rarely amounts to much. It’s self-reported guesswork at best; 65% of respondents said they had “near misses with hacking attempts whilst watching content illegally online” but what a near miss is supposed to look like depends on what the respondent believes they saw.

A Genuine Crisis

The second point is more important: studies like this are easily criticized, but there is mounting evidence that large parts of the world are under attack from malware known as infostealers. There’s no substitute for reading about the issue directly but the headline figure today of 33,411,241 machines infected speaks for itself.

There clearly is a significant problem with some pirate streaming sites and that is not going away.

HudsonRock.com obtains data stolen from user devices that have been compromised by infostealers and through this data it can see what the hackers had access to. This includes logins and passwords for the sites users visit. The site’s search engine can therefore show how many users of a certain domain have been compromised.

This does not mean that the site in question was the infection vector or that visiting the site is now unsafe. It simply means that those credentials were likely obtained when the user was compromised. The data is terrifying.

People will shrug and declare it doesn’t affect them, but one look at the set-top device crisis Brazil faces right now really puts things into perspective. Read Microsoft’s reports and Google’s lawsuit, which attempt to shut down pirate set-top box botnets that are typically delivered from China with malware already installed.

So, when Fire TV bites the dust and pirates migrate away from what was a relatively safe option, what devices will they buy next? Perhaps more to the point, through what mechanism will pirates be discouraged from doing so?

Because it’s likely that, by then, nothing printed in the media will have any credibility among pirates, and it will be years before they even start listening again.

By then, it might already be too late.

From: TF, for the latest news on copyright battles, piracy and more.

Investigations, prosecutions and substantial prison sentences are an important part of the anti-piracy arsenal. The public downfall of a prolific pirate provides the kind of deterrent messaging that can put people off before they even get started.

At least, that’s a possibility, if everything goes according to plan.

Sky Investigates TikTok Star

UK man Simon Hannigan is a popular food and cooking star on social media. Active on Facebook, Instagram, and TikTok, his ‘DadtheDish’ account on the latter has over 523,000 followers and 6.4 million likes.

At what point Sky’s investigation linked Hannigan to piracy is unclear but at his sentencing last week, his Facebook groups – including one with 4,775 members – were described as “shop windows” for his sales of pirate IPTV subscriptions. Reportedly using streams sourced from an operation in Europe, Hannigan’s Android app provided 3,500 channels (including those belonging to Sky) for £28 for six months or just £50 per year. Payments for subscriptions were recorded as “paid adverts.”

According to local news outlet MEN, business was good.

“The court heard how Hannigan had previously gloated about his success in text messages, claiming that ‘business was booming’ and ‘phones were blowing up’.”

Sky Investigates, Police Step in to Make the Arrest

On March 23, 2022, what’s described as a Sky-led investigation culminated in Hannigan’s arrest. He reportedly confessed to providing ‘links’ but denied breaching copyright laws, “arguing he wasn’t in control of the system,” MEN reports.

“One of the ‘mother systems’ used to facilitate the operation was based in Europe, serving 50 million people globally,” the publication continues.

The investigation eventually traced 2,644 payments made directly into Hannigan’s bank account, together worth around £152,000.

His arrest in March 2022 apparently came as a relief; the now 35-year-old said being a ‘downstream middle man’ was ‘very difficult’ and took its toll. He was reportedly glad to see an end to the stress it had caused him but with a potential prison sentence looming at his sentencing last Thursday, would the stress return?

Sentencing

At Preston Crown Court, Hannigan received a two-year sentence suspended for 24 months, and was told to carry out 250 hours of unpaid work. So perhaps some stress, but nothing compared to the stress of a Manchester prison. For a legal system that currently hands down years in prison for offensive tweets, Hannigan might consider himself lucky.

He pleaded guilty to offenses that began in 2019 and only ended upon his arrest three years later; participating in a fraudulent business, concealing and transferring criminal property, and providing a service contrary to copyright law.

Local news reports published Friday following Hannigan’s sentencing are notable for something else; the complete absence of official commentary.

No statement from Sky is unusual, something that also raises questions about the nature of the prosecution. In common with the Premier League, Sky often carries out private prosecutions and the mention of a Sky-led investigation does seem to point in that general direction. If that’s indeed the case, balancing the prospect of future prosecutions against community service may be a difficult exercise.

The absence of any commentary from regional police is unusual too, even when considering the lack of a custodial sentence. The absence of both Sky and police is even more unusual but whether the suspended sentence dampened enthusiasm is unknown.

Whether Hannigan’s mitigation tipped the scales is unclear, but a closer look at his portrayal in the media is certainly interesting.

Get Knocked Down, and Keep Getting Back Up Again

Even before his arrest in 2022, Hannigan had appeared in national media. In April 2021, an interview with prominent broadcaster ITV revealed how 11 years earlier, Hannigan found himself homeless and living in a second hand £250 car.

A 2023 interview with national newspaper The Sun revealed that those days were long gone.

“A chef who makes thousands from sharing recipes online used to be homeless and living out of his car,” the interview begins.

“Simon makes between £2,500 – £5,000 per post, collaborating with some of the UK‘s biggest supermarket and homeware brands for sponsored content. His creative endeavor began as a bit of fun two years ago when he set up an Instagram teaching people how to cook during lockdown.”

The article also mentions how Hannigan made the leap from sleeping in a car to selling lots of them. Hannigan told The Sun he sold the car after being motivated by a kind stranger and then immediately launched a new business.

“I turned that one car into eighty cars with six months, buying and selling them, for £2,000 each,” he said, adding that landed him a job at Ford and at just 24, he became “head of business” at Ford UK on a salary of £150,000. Then he started his own recruitment company, a a post on LinkedIn reveals.

A Changed, Copyright-Aware Man

During mitigation, the Court heard that prior to the pirate IPTV business, Hannigan had been hospitalized with a burst appendix. When he returned home, he discovered that his partner had left him for his friend, and once again found himself in ‘dire financial straits’. Looking for work, he reportedly posted on Facebook and stumbled into IPTV sales, initially catering to family and friends.

MEN reports that Hannigan is now proposing to “assist Sky News and the British Copyright Council” to help deter others so that they don’t end up in a similar predicament. Yet as deterrent messaging goes, his case may not be the best example.

Instead of news that Hannigan will be sampling prison food for the next few months, any hope of sending a deterrent message on TikTok, Facebook, and Instagram, lies in shreds. Even Hannigan’s entrepreneurial spirit and never say die attitude may not be especially motivational, at least according to the paperwork.

From a car retail business, recruitment company, clothing and vodka businesses, to Dad the Dish Limited and his latest venture, Munch Box, the overwhelming majority were incorporated and then dissolved by the government for failing to file even their first set of accounts.

From: TF, for the latest news on copyright battles, piracy and more.

Filing lawsuits against internet users who allegedly shared copyrighted content online without permission, has led to countless cash settlements over the years and for some, a lucrative business model in its own right.

There’s also no shortage of cases going wrong for all kinds of reasons . A recent case in Canada, seeking “extraordinary equitable relief” upon which cases like this either live or die, collapsed in dramatic fashion at the very first hurdle, and went further downhill from there.

Background to a Familiar Claim

Hellboy Productions, Inc. filed its statement of claim at Federal Court in Toronto on March 4, 2025. The basis for the claim was very familiar, having made hundreds of appearances in cases previously filed at courts in Canada, the United States, United Kingdom, Scandinavia, and beyond.

Anonymous for now….

The movie in question, Hellboy: The Crooked Man, fits the profile for an appearance in a settlement lawsuit. Hellboy movies have never performed well at the box office and after generating just $1.4m worldwide, the latest outing continued the trend.

While many fans of the Hellboy brand still wanted to watch The Crooked Man, average reviews of 4.5/10 most likely dampened enthusiasm for paying to do so. That can lead to activity on pirate sites for as long as it lasts and in this instance, long enough for the copyright holder to capture ~2,400 IP addresses linked to three Canadian ISPs – Telus, Cogeco, and Bell.

Turning IP Addresses into Names and Physical Addresses

In common with the UK, Ireland, and Australia, unmasking alleged pirates in Canada typically requires the plaintiffs to obtain a Norwich Pharmacal order, or simply Norwich order for short. Obtained from a court, Norwich orders compel a third party, who for various reasons have become unwittingly involved in someone else’s wrongdoing, to disclose information (usually documents/records) that can help a plaintiff identify an alleged infringer.

In this case, the claimant (Hellboy Productions, Inc.) alleges that infringers used internet connections provided by Telus, Cogeco, and Bell to pirate the movie. If served with a Norwich order, the ISPs would be required to match the IP addresses and timestamps provided by the plaintiffs, to activity logs that identify the corresponding account holders.

A small sample of the IP addresses collected by the plaintiff

Once in the hands of the movie company, this information triggers a process to contact as many account holders as possible, on the assumption that they (or someone close) are infringers, and therefore liable to pay compensation for any damages caused. The amount tends to vary but whether the demand was CAD 1,000 or more, the potential revenue from 2,400 subscribers would easily exceed worldwide box office sales.

At least, if all went to plan.

Does the Claimant Have a Bona Fide Claim?

In an order and reasons issued last week, Case Management Judge John C. Cotter notes that Telus did not oppose the order requested by the movie company, while the positions of Cogeco and Bell are simply unknown. The absence of ISPs doesn’t mean that a claimant automatically wins, however.

“A lack of opposition from an ISP is not sufficient on its own to grant the motion. The Court must be satisfied that the applicable test has been met. This is important given the privacy interests of the unidentified alleged wrongdoers,” Judge Cotter explains.

Before those interests are weighed against those of the rightsholder, the plaintiff must show that it has a bone fide claim for copyright infringement and can show, on balance, that the alleged infringers used the ISPs’ services to infringe its rights.

According to the Judge, the plaintiffs failed to produce sufficient evidence to show either.

Insufficient Grounds for Asserting Copyright Ownership

“An analysis of the merits of the claim in this case includes some minimal analysis of whether copyright subsists in the Work, and whether the plaintiff has standing to assert a claim for copyright infringement. In the context of this case, the issue of standing is whether plaintiff is the owner of the copyright in the Work, which is asserted in paragraph 4 of the statement of claim,” Judge Cotter writes. (see screenshot above)

“The plaintiff’s evidence did not include a certificate of copyright registration. The plaintiff’s evidence on copyright subsistence and ownership is limited to the following in the Law Clerk Affidavit (which is the same for each of the three motions):”

Plaintiff’s name appears in the credits (Law Clerk Affidavit)

Showing the company name in the credits above means that the plaintiff relied on presumptions available under Section 34.1 of the Copyright Act that a) copyright subsists in the work and b) since its name appears in the credits as the maker of the movie, it should be presumed that the plaintiff is indeed the maker.

According to Judge Cotter, those presumptions do not apply when the plaintiff has requested a Norwich order. Section 34.1(1) sets out a precondition for the engagement of the presumptions.

In this matter, the 2,400+ plus defendants are currently anonymous and without knowing who they are, it’s impossible to show that a defendant had “put the existence or title of the copyright in issue.”

Unable to trigger the precondition, no reliance could be placed on the presumptions available under Section 34.1. The Judge dismissed the evidence shown in the Law Clerk Affidavit as “at best, hearsay evidence for which the source is not specified,” and with no copyright certificate there was no way to prove ownership. Moreover, there was no evidence to show that copyright subsists in the movie.

With no bona fide copyright claim, the Judge dismissed all three motions for Norwich orders. He then addressed a few additional issues in need of an airing.

Evidence Should Be Organized, Easily Understood, Easy to Verify

In his order and reasons, Judge Cotter emphasizes that the Court is entitled to demand the “best available evidence” when granting the “extraordinary equitable relief of a Norwich order.”

While failure to establish copyright ownership proved fatal for all three motions, the image of the movie credits page also fell short of the expected standard. The Judge also criticized evidence presented in the affidavit of Thomas Nowak, the CEO of anti-piracy/BitTorrent monitoring company Maverickeye UG, the supplier of evidence in this case and scores of others in the past.

Showing that Telus, Cogeco, or Bell is the ISP for the alleged infringers was a requirement to obtain a Norwich order. Deficiencies in the example below and a series of issues detailed on pages 17-21 of Judge Cotter’s order, led to the conclusion that the plaintiff had failed to show that, while also failing to meet the evidence standard expected by the Court.

Deficiencies in the example above and a series of others detailed elsewhere, plus the failure to show ownership of the copyright it aimed to enforce, meant the plaintiff’s requests for Norwich orders were denied. As a result, the anonymous alleged infringers remain anonymous, but for how long is unknown.

Despite significant criticism, dismissal of the plaintiff’s motions, and denial of its request for an award of costs, Judge Cotter notes that his order does not preclude further motions by the plaintiff.

As sure as day follows night, those motions will arrive, only the timing is in doubt.

The original claim can be found here (pdf), Judge Cotter’s order is available here (pdf)

From: TF, for the latest news on copyright battles, piracy and more.

The action in Argentina two months ago was announced with a reasonable level of detail. Targeting dozens of IPTV services with an estimated eight million global subscribers, Spanish football league LaLiga described the operation as “historic” and as the dust settled, its importance wasn’t in doubt.

Targeting a Network with Eight Million Subscribers

Following an investigation by the Cybercrime Prosecutor’s Office of San Isidro (UFEIC), most likely fueled by investigations carried out by LATAM anti-piracy group Alianza, MPA/ACE, Nagravision, and others in the region, local police raided four office buildings in Vicente López, Buenos Aires.

The raids were conducted under the authority of San Isidro Guarantees Court No. 4 and images of DDI agents and tables covered with cash were soon circulating online. Publishing a statement containing a long list of branded and ‘dismantled’ IPTV services can end badly; however, LaLiga seemed unusually confident that resurrection wouldn’t play a role here.

LaLiga Seemed More Confident Than Usual

While there were no immediate reports of an existential IPTV crisis in Brazil, complaints about service issues were still quick to arrive and only seemed to increase throughout September.

Services Start Shutting Down

On-screen notices announcing a service’s demise aren’t especially common but since early September, IPTV subscribers in Brazil have been exposed to quite a few of them.

An early casualty was ‘My Family Cinema’ which had been one of the most recognizable IPTV brands in the region. The notice reportedly came via a set-top box update; some reports implied that updates were probably required to get back in the game.

End of the road for “this brand”…

LaLiga’s presumed confidence that services wouldn’t rise from the dead seemed to look a little precarious given the terminology in the shutdown announcement. Indeed, some former customers claimed that My Family Cinema was subsequently “taken over” by another service called VELA.

Intermittent service and other errors were reported there too, at least for a while.

Easy come, easy go….

Reports that My Family Cinema was still partly operational continued through October but perhaps more ominous news had already began to surface.

People keen to renew their subscriptions to various services complained that was no longer possible. Some said that after ‘upgrading’ to VELA and upgrading again to another substitute service (Konex), payments were successful. Or rather, payments went through as expected but resulted in either no service or a service with ads.

With some users preparing to dust off their torrent clients and others mulling the pros and cons of YouTube, heated discussions over consumer rights – including the possibility that the services were executing some kind of exit scam – helped to descend the situation further into chaos.

From a rightsholders’ perspective, mistrust and declining confidence in piracy are valuable commodities. Few things focus the mind more than throwing good money after bad, and if pirates pick up the blame, it doesn’t get much better than that.

Consumer rights failure…

Two Months After the Raids – Why Now?

Official news on how the case is progressing appears to be almost non-existent.

A comment from anti-piracy group Alianza confirmed that the legal process is indeed under seal. The practical issues observed on the ground are probably linked to advances made by the Argentine Public Prosecutor’s Office in its ongoing investigations against the platform’s operators, the theory goes.

Other information provided by Alianza clarifies that the eight million subscriber estimate concerns the network’s peak worldwide. Working on the basis of 6.2 million subscribers more recently, Alianza claims that 4.6 million subscribers can be found in Brazil, together generating between US$150 million and US$200 million.

As for the network’s operational structure, Alianza president Jorge Bacaloni says that management, IT/technical, and financial matters are handled in China.

The investigation in Argentina reportedly concerns a ‘command center’ that controls/coordinates pirate services across the region. An office in Buenos Aires was reportedly responsible for marketing the services and for what could be over US$100m in global piracy sales.

Common Denominator For Popular Brands

Since there are signs that new services are easily launched and if necessary, devices with subscriptions to defunct services can be remotely updated to access another service, common ownership/control seems a reasonable explanation, in broad terms at least.

Proving that’s actually the case to a criminal standard is quite rightly a matter for the prosecutor’s office. However, if there’s a central marketing/sales operation common to some or even all of the named services, that should be much easier to discover.

Since Alianza provided no real clues, we cannot say whether the marketing company apparently used by some of the IPTV services is just a marketing company, or whether it’s THE marketing company referenced by Alianza.

What we can confirm is that in this instance, zero effort was expended to hide the connections, despite that being technically trivial. What that says in the bigger picture, if indeed it says anything at all, is for the prosecutor’s office to determine.

Other signs that the overall business was approached from otherwise legitimate angles, include the trademark applications for ‘My Family Cinema’ filed in Paraguay.

Given that there are copyright complaints filed against several branded services and other entities with links to them, why it took around six years to take action is unclear. Perhaps timing and opportunity are still the most important factors.

From: TF, for the latest news on copyright battles, piracy and more.

The major Hollywood studios of the MPA, which in recent years now includes Netflix and Amazon, are well known for obtaining site blocking injunctions at the High Court in London.

While blocking of new domains continues at a considerable pace, applications for all-new injunctions are relatively rare. Since they tend to operate in groups while adopting familiar branding, the most persistent pirate sites are identified quite quickly, and then blocked under the scope of previously obtained injunctions.

Outliers certainly exist, but the recent addition of Cloudflare shows that the landscape can shift quite quickly and in unexpected directions. New rightsholders are also getting involved.

Warner Bros. Discovery & TNT Sports

During the past few years, surging interest in live sports coupled with rising prices for already expensive official packages, have combined to give pirate IPTV services the conditions in which they thrive. Pressure on the European Commission increased last week with demands that include the introduction of pan-European blocking orders.

In the UK, the Premier League has been going about its blocking business relatively silently, with parallel action from Sky targeting persistent IPTV providers. Following an application for a Section 97a blocking injunction at the High Court in October, a pair of established albeit rebranded rightsholders will soon enter the fray.

Known as BT Sport until 2023 and now owned by Warner Bros. Discovery and BT Group, TNT Sports is a group of premium TV sports channels operating in the UK and Ireland.

The six defendants are instantly recognizable as the UK’s leading internet service providers. Having been put on formal notice that their subscribers are accessing pirate sites and services offering TNT Sports content illegally, they will be required to block the illicit platforms under Section 97A of the Copyright, Designs and Patents Act 1988.

Specific Content Currently Unclear

WBD Sports has an impressive range of sports rights; the Olympics, tennis Grand Slams, cycling Grand Tours, PGA Tour, World Snooker, FIM Speedway GP, plus various winter sports.

In the UK and Ireland, TNT Sports airs everything from the Premier League and FA Cup to UEFA Champions, Europa, and Conference Leagues, to Premiership Rugby, MotoGP, Cricket, UFC, and boxing.

Which of these assets the companies aim to protect is currently unclear. As the exclusive rightsholder, Premier League has been obtaining site blocking injunctions in the UK since 2013, initially targeting platforms including First Row Sports, Drakulastream, and Rojadirecta. Running parallel to its work blocking IPTV providers under the authority of renewable blocking orders, more recently Premier League began blocking web-based platforms including TotalSportek, FootyBite and VIP League.

A similar picture emerges for UEFA; also an exclusive rightsholder, UEFA obtained its first injunction in 2018 and returns to court to ensure rolling protection whenever the granted period is due to expire.

With a deal that secured exclusive live broadcasting rights for TNT Sports until the end of the 2030/31 season, Premiership Rugby seems among the most obvious candidates for piracy protection.

Worth around £84 million, the deal comes at a time when average audiences are reportedly up 10% in the current season, where live-to-live scheduling with Premier League matches is reportedly driving a 39% audience increase over events with no lead-in.

The World is Getting Smaller

Several of the defendant ISPs have direct interests in sports broadcasting remaining as piracy-free as possible. British Telecommunications owner BT Group owns claimant TNT Sports in partnership with claimant Warner Bros. Discovery.

Those interested in watching TNT Sports channels can do so via streaming platform Discovery+. Or, if they prefer, via defendant EE Limited’s EE TV platform, or using satellite and cable broadcasts made available via defendants Sky and Virgin Media’s networks respectively.

The TNT Sports package available via defendant TalkTalk includes the four main TNT Sports channels, leaving Plusnet the only defendant ISP without a TV offering. It’s ultimately owned by BT Group, however.

A wider plan to obtain blocking injunctions valid all over Europe is the type of consolidation we’re likely to see more of in the coming months and years. Rightsholders are becoming increasingly averse to duplication of effort in multiple member states but whether the European Commission believes that’s appropriate remains unclear.

From: TF, for the latest news on copyright battles, piracy and more.

In October 2022, over 100 rightsholders, powerful media groups, and various organizations, demanded decisive action from the European Commission to tackle IPTV piracy of live sports and similar events.

Familiar names, including the MPA, UEFA, Premier League, Sky, beIN, LaLiga, and Serie A, demanded legislative change from the European Commission to ‘End Live Piracy Now’. That didn’t happen, and with no legislative instruments or European-wide regulation on the table, the EC launched a new consultation. Advice on how to use a ‘toolbox’ of existing measures appeared in a subsequent recommendation.

In October 2025, a full three years after their initial demands failed to elicit the preferred response, a coalition of rightsholders is once again demanding urgent action from the European Commission.

Coalition Demands New Legislation

In a letter addressed to Executive Vice-President Henna Virkkunen and Commissioner Glenn Micallef, top-ranking executives representing some of the most powerful corporations, sports leagues, broadcasters, and other rights holders make it clear that patience has run out.

After emphasizing their significant contribution to European entertainment, culture, and the wider EU economy, the coalition reports that the investment required to produce content of the highest quality, is still under threat from criminals operating illegally in the market.

“Our investments continue to be threatened by organized criminal enterprises. For years, rightsowners have raised the alarm. Today, piracy has reached scales that can no longer be ignored,” their letter to the EC notes.

“While we acknowledge the important work undertaken by the European Commission in addressing this challenge through the 2023 Recommendation on combating online piracy of sports and other live events, its implementation has yet to deliver tangible results. We therefore look forward to seeing further legislative steps being taken to achieve the objectives set out in the Recommendation.”

Billions of Euros in ‘Losses’

The scale of the problem is highlighted with reference to estimated losses to rightsholders running to many billions of euros. In most cases these figures concern revenue predictions for a hypothetical market free of piracy, so not actual losses per se, but still unrealized potential, in part due to unlicensed and illegal competition.

These ‘losses’ include €1.5 billion in France (actually €1.2 billion according to official data), where recent reports indicate that under existing legislation, IPTV piracy has already been contained.

The inclusion of €2.2 billion in estimated ‘losses’ in Italy appears to run counter to the claimed success of the Piracy Shield blocking system. That said, the figure receives at least partial support from reports that damages are soaring because Piracy Shield isn’t effective.

The letter also references a recent report indicating that the effectiveness of takedown notices has plummeted to an all-time low. As previously reported, the report seemed positioned to demand more action from EU lawmakers against intermediaries.

A deterioration in compliance rates would’ve been useful in negotiations, but taken in context, the figures paint a different picture.

Demands for Legislative Change

To tackle the threat posed by criminal competition, failing anti-piracy measures, and a EC Recommendation that had no measurable effect, the coalition is demanding the European Commission to urgently implement the following:

1. Ensure that, upon receipt of a notice, infringing content is taken down as near to immediately as possible and in all cases within a maximum time frame of 30 minutes. The urgency of live event piracy justifies a far shorter timeframe which is further supported by the fact that such removal can already be effected in a significantly shorter timeframe using the technology solutions available today.

2. Ensure EU-wide live dynamic blocking orders (including IP blocking) that address mirror sites and successor domains are made available in all Member States.

3. Ensure intermediaries (including but not limited to platforms, hosts, VPN, CDN and app stores) introduce and maintain robust Know Your Business Customer (KYBC) policies.

The Proposals: Good For Rightsholders, Bad For Everyone Else

Proposal 1 doesn’t appear to demand much from a legal perspective. It aligns with existing copyright law, the principle of rapid action to mitigate harm, and discards ambiguous terms in existing legislation (such as “expeditiously”) by defining a specific timeframe.

If we assume that the coalition wants the 30-minute maximum enshrined in law, that’s a fairly clear sign that in the absence of prosecutions against the operators of pirate IPTV services, liability would likely shift to intermediaries.

The significant burden of compliance warrants a reference to Piracy Shield’s 30-minute requirement and the fact that since its inception, ISPs have received nothing in exchange for compliance and have paid all costs from their own profits.

Proposal 2 concerning EU-wide live dynamic blocking orders, is much more complex than a short paragraph of text could ever hope to explain. On one hand, EU law already obliges member states to allow rightsholders to defend their rights, but specifying the means through which that should be achieved is something new.

A broad, results-based definition might work, but the fact that the coalition is insisting on legislation, suggests potential pushback from governments and/or local ISPs against implementing such measures. The reasons behind the reluctance may be quite complex, but it’s possible that aspects of national copyright law that align with the requirements of the EU cannot (or are not required to) accommodate the specific requirements of the major rightsholders.

The demand for IP address blocking to be enshrined in law disregards the findings of a highly competent study which details the failures of Piracy Shield. The study found that IP address blocking caused significant levels of collateral damage, with the knock-on effects still continuing today.

Proposal 3 calling for “robust KYC policies for intermediaries” is nothing new, but once again, intermediaries face the burden of compliance.

Based on the assumption that compliance would be enforceable, new legal obligations would ensure that the cost of compliance would come right off intermediaries’ bottom lines. Or, more likely, increase the costs for the 99%+ of customers for whom formal identification would be of no benefit, leaving less than 1% of potentially criminal customers to identify using fake or stolen documents, as many do already.

It’s important to note that the proposals in the letter are exceptionally brief and lack key details and nuance that will only develop in time. That being said, at face value the most cynical part of the proposal concerns app stores, CDNs, and VPNs.

Since app stores already require developers to comply with rules under the Digital Services Act, the mention here raises questions of who the proposal targets. The prospect of ~740 million European citizens having to show their papers to gain access to mobile apps would be an extraordinary proposal. The negative effect on privacy, amplified by increased risk of data breaches and other cybersecurity threats, would be unquestionably disproportionate.

Introduce the same concept to many VPN providers, for whom the privacy model plays a central role in everything from hosting choices to online marketing, mandatory KYBC rules would undermine their entire business and the privacy of millions of customers.

The requirement would almost guarantee that subscribers would immediately seek alternatives and spend their money outside the EU.

None of the proposals directly specify their targets, so may be subject to change or interpretation. But for the purpose of identifying a vanishingly small number of potential bad actors, each with a limitless supply of stolen data to identify as someone else, the proposal seems destined to fail.

From: TF, for the latest news on copyright battles, piracy and more.

After calling out pirate sites including Vidsrc, HydraHD, and Cineby in a submission to the USTR’s Notorious Markets review, Hollywood’s next targets were put on notice.

The MPA’s use of the term ‘hydra’ was a reference to sites that have a tendency to respawn and multiply in response to site blocking measures. In the case of VidSrc, a platform that excels at making piracy simple for many other sites reliant on its services, VidSrc represents the body of a hydra in a piracy-as-a-service wrapper.

Providing a constant flow of content to sites facing potential decapitation is always a threat, but the new action required VidSrc to show some regenerative powers of its own.

Weapons Built in India

With site blocking measures back on the agenda in the United States, seeking an injunction on home soil capable of eliminating or even seriously disrupting a site like VidSrc, would introduce unnecessary risk for very little gain.

A relatively weak injunction would probably have little or no effect, while a big win could call into question the need for new law to support a formal site blocking regime on home soil. When balanced against the benefits of obtaining an injunction in India, of the kind that U.S. courts would be unlikely grant, no better option exists anywhere else.

The injunction obtained at the High Court of New Delhi late September featured members of the MPA and ACE. Beyond Universal City Studios, identifying the rest of the plaintiffs was more difficult than it should’ve been, but we can now confirm them as follows:

• Universal City Studios Productions LLLP (United States)
• Warner Bros. Entertainment Inc. (United States)
• Netflix US, LLC (United States)
• Disney Enterprises Inc. (United States)
• Apple Video Programming LLC (United States)
• Crunchyroll, LLC (United States)
• SBS Co. Ltd. (Republic of Korea)
• CJ ENM Co. Ltd (Republic of Korea)
• SLL Joongang Co. Ltd. (Republic of Korea)

The scope of the injunction certainly made it stand out. The initial order covered the blocking of 248 domains by local ISPs but also compelled domain registrars worldwide to suspend them within 72 hours.

Framework for Follow-Up Blocking and Suspensions

The real power is the injunction’s ability to tackle any number of replacement domains that subsequently appear to circumvent blocking. The first additional wave of submitted domains is detailed in a follow-up order designed to disrupt VidSrc by blocking and suspending ‘all’ of its domain names at the same time.

In addition to the 248 domains listed in the original injunction (pdf), blocking can also be applied against sites, services, and domains meeting the following criteria:

1. Any site which appears to be associated with any of the previously blocked sites, based on factors including;

• Site name, site branding, site operator’s identity
• Source of the infringing content
• Provision of additional/alternate access to blocked domains

2. Any other site, site owner or anyone else discovered to have been infringing the Plaintiffs’ exclusive rights and/or any other right, including but not limited to hosting, streaming, making available, communicating to the public, or facilitating the same.

That led to the plaintiffs submitting the following domains; the overwhelming majority are linked to VidSrc and most fulfill all blocking criteria, not just one as required.

The corresponding domain name registrars (DNR) identified by name “and other DNRs, their directors, partners, employees, and all others acting in the capacity of principal or agent acting for and on their behalf,” are directed to;

• Lock and suspend the domains within 72 hours of receiving the order
• Gather personal details relating to the registrant of the domains, including;
• Know-your-customer data, credit card details, mobile number etc.
• Supply that information to the plaintiffs within 72 hours

Precisely when or if these instructions were received by the registrars is unknown.

VidSrc Takes Refuge in Russia

With no obvious signs of enforcement action against its domains and zero element of surprise, VidSrc had plenty of time to take evasive action. In hindsight, it probably responded far more quickly than necessary.

On the front pages of the domains listed for blocking/suspension, notices state that users need to switch to a new set of domains.

While obscured in the image above, the domains are clearly visible when visiting the domains supplied by the rightsholders. All replacement domains are linked to Russia; one carries the .ru ccTLD and the other three use .su, the ccTLD previously allocated to the Soviet Union.

The switch to Russia-linked domains isn’t entirely unexpected. Convincing US-based registrars to suspend domains on behalf of US-based rightsholders, seems more likely to return better results than attempting the same in Russia.

That said, TorrentGalaxy lost control of a .su domain in April 2023. The domain is no longer linked to a torrent site, but it does remain active. If nothing else, it suggests that .su domains aren’t necessarily a stable option. As a long-term option, they’re not suitable at all; the .su ccTLD is expected to be completely phased out by 2030.

Demanding the suspension of the single .ru domain, using the legal avenues available in Russia, to protect U.S. rightsholders brandishing an injunction issued in India, doesn’t sound like an ideal recipe for success. Whether the South Korea-based rightsholders SBS Co. Ltd, CJ ENM Co. Ltd, and SLL Joongang Co. Ltd. continue to do business in Russia is unclear, but beyond local site blocking measures, options for enforcement seem minimal.

Reaction Time Undermined The Order

If the Court’s instructions had been followed to the letter within the 72 hours allocated, the outcome may have been different.

The reasons for the delay at domain registrars is currently unknown. However, it appears the volume of site-blocking instructions handed down by Indian courts, collectively affecting at least tens of thousands, maybe even hundreds of thousands of domains in recent years, is becoming a problem.

The plea is fairly self-explanatory, and while it makes a lot of sense on the ground, it also introduces additional complications.

Under the IT Act, the Ministry of Electronics and Information Technology (MeitY) could simply order the companies hosting pirate sites to cease doing so. Since that renders the sites immediately inaccessible, blocking at 2,700 ISPs wouldn’t be required, thus easing the administrative load. In the event a site is located outside India, blocking at the gateway level could achieve a similar effect.

The IT Act in India allows the government to block sites under Section 69A on specific grounds, such as national security or public order. The Copyright Act is very clearly not the IT Act, and attempting to find common ground fails at the first hurdle.

The request for the plaintiff to carry out a trace route to each site’s web server, to determine their location, may be well-intentioned. Yet in practical terms, it’s completely baffling. The overwhelming majority of pirate sites use Cloudflare, which ordinarily prevents web servers from being located. In fact, the use of reverse proxies and similar anonymizing technologies were among the main reasons rightsholders turned to blocking injunctions in the first place.

With Indian courts more than happy to grant extraordinarily broad injunctions, at times covering tens of thousands of domains, India has become the website-blocking capital of the world. On paper, at least.

From: TF, for the latest news on copyright battles, piracy and more.