TorrentFreak's Journal
 
 [Most Recent Entries] [Calendar View]

Friday, December 20th, 2024

    Time Event
    9:04a
    Dismantling a 22m User Pirate IPTV Service Led to Big Rise in ISP Blocking

    iptv-ufo-sFor those who enjoy reading professional reports filled with statistics and detailed analysis, the piracy landscape has an endless supply.

    Many reports are highly informative and, regardless of underlying political aims, few get things completely wrong.

    Yet, even the most detailed studies and elaborate industry reports can at times leave the reader feeling puzzled. On the one hand, multi-billion dollar companies have more piracy data and intelligence than anyone else, period. On the other, nobody needs a meteorologist’s report to determine whether it’s raining outside.

    In no other area is this more evident than in the promotion of reportedly effective site-blocking measures; and in no other country has site-blocking been adopted so comprehensively than in Italy. Bur even with very few guardrails and direct access to every tool available, the last year has seen tens of thousands of IP addresses and domains blocked by rightsholders, despite an obvious decline in the availability of pirated content.

    Targeting The Source

    By definition, site-blocking doesn’t remove pirated content from the internet. That’s why removing suppliers from the ecosystem is seen as a much better response than putting up endless, easily circumvented roadblocks. Late November, an investigation led by the Italians came to fruition with an enforcement operation billed as the largest to ever target a pirate IPTV network.

    Operation Takendown reportedly took place on November 26/27 and according to authorities in Italy and several other countries in Europe, it “dismantled” an international pirate IPTV network serving 22 million users and generating an estimated €3 billion per year. At least 11 suspects were detained and around 100 others were said to be under investigation. Meanwhile, there were reports of subscribers all over Europe losing access to channels and in some cases their entire service.

    At the time, this certainly sounded like a very big deal. Law enforcement seized 29 servers, 270 pieces of IPTV equipment, searched 112 private homes, identified close to 600 IPTV subscription resellers, and seized EUR 1.6 million in cryptocurrency plus EUR 40,000 in cash. Since the pirate IPTV provider in question was seen as a significant threat to the Italian live sports and broadcasting sectors, its reported demise was enthusiastically celebrated in the media.

    Eliminating such a massive supplier should in theory restrict availability of illegal streams in Italy, even if only temporarily. After all, that was the entire point of the operation. By extension then, demand for ISP blocking in Italy should be reduced too, even if only for a short time.

    Three Weeks Before, Three Weeks After

    While keeping an open mind, we expected a sizeable albeit temporary dip in blocking tickets filed at Piracy Shield, followed by a relatively short recovery as the pirate IPTV market repaired itself and everything returned to normal.

    Using Piracy Shield blocking data unofficially made available at piracyshield.iperv.it, we took the raid dates of November 26/27 as the central point. From there we examined every blocking ticket filed by rightsholders in the three weeks preceding Operation Takendown, and for comparison every ticket filed in the three weeks after.

    A typical Piracy Shield ticket (credit: piracyshield.iperv.it)piracy-shield-ticket

    During that six-week period, rightsholders filed around 186 Piracy Shield tickets similar to the one above, containing instructions for local ISPs to block a total of 527 IP addresses and 3,322 fully qualified domain names.

    The chart below shows domain name blocking in blue, IP address blocking in red, and the approximate dates of the operation in green in the center.

    click to enlargepiracyshield-blocking-op-takendown

    The data reveals that in the three-week period leading up to the enforcement action, rightsholders’ tickets required ISPs to block 204 IP addresses after they were observed providing access to pirate IPTV.

    In the three weeks following the claimed “dismantling” of the 22 million-user service, rightsholders’ tickets required ISPs to block 323 IP addresses, up 50%+ on the preceding three weeks.

    In respect of domain name blocking, the 1,322 FQDNs requested in the three weeks before the takedown, were easily eclipsed by 2,000 domains listed for blocking in the three-week period afterward.

    Apparently, there were still plenty of piracy threats. And indeed, reports from a number of sources indicate that subscribers who lost service around November 26/27 had their channels restored within 48/72 hours.

    Meanwhile, tickets like the one below are being filed almost daily and on some days, several at a time. It’s a perpetual workload that somehow seems to increase when massive providers get shut down or ‘dismantled’.

    ps-ticket-1

    From: TF, for the latest news on copyright battles, piracy and more.

    6:01p
    EU and NL Domain Registries Take Down Piracy-Linked Domains

    eurid sidnThere are plenty of options for copyright holders to frustrate pirate site operations, but attacking their domain names is particularly effective.

    In recent years, various entertainment industry groups have called on the domain name industry to help out on this front.

    The MPA previously signed landmark agreements with registries, enabling the movie industry group to act as a “trusted notifier” of “pirate” domains. Other players in the domain name market have been more reserved.

    EU and NL Registries Tackle Pirate Domains

    The Public Interest Registry (PIR), for example, which oversees the .org gTLD, previously denied requests to take action against The Pirate Bay. According to PIR, caution is advised to ensure a “free, open, safe and secure internet”.

    In recent years, rightsholder pressure hasn’t abated. Domain name registries that fail to take action are now listed as “notorious piracy markets” themselves, as recent reports against the .cc, .io, and .tv domain extensions have shown.

    Politics also play a part. For example, U.S. lawmakers previously asked domain name registry VeriSign, known for managing the .com domain, to help tackle online piracy.

    EU and NL Registries Tackle Pirate Domains

    Despite these developments, there’s little public discussion about new agreements between domain registries and rightsholders. Given the sensitivities involved, not all collaboration needs a spotlight.

    This week, Dutch anti-piracy group BREIN reported that it had booked new success with its previously unknown ‘registry strategy‘.

    Following a notice from BREIN, the SIDN (.nl) and EURid (.eu) registries took several pirate site domains offline. SIDN’s actions targeted IPTV-related domains, such as streamdeal.nl, iptvproviders.nl, omniptv.nl and iptvstreamplus.nl.

    Streamdeal Quarantined

    quarantined

    EURid reportedly removed seven domain names after BREIN reached out. These domains, which were used to provide access to pirated films, music, books and games, were registered though domain proxy services that shield the identity of the owners.

    The .eu domain names are not publicized as those sites use alternative gTLDs that remain active. Mentioning these domains in public could therefore serve as an unwanted advertisement.

    Reporting Illegal Content?

    BREIN says that these registries take responsibility by helping to shut down illegal activity. On what grounds these companies take action isn’t immediately clear.

    “Pirates like to use trustworthy top-level domains such as .nl and .eu for their illegal websites. The organizations responsible for this, SIDN and EURid, know this and take their responsibility by helping to combat illegality,” BREIN writes.

    The anti-piracy group goes on to mention that pirate IPTV services infringe copyrights. That violates the terms and conditions of the domain registries, so they can be terminated on these grounds. But were they?

    TorrentFreak reached out to both SIDN and EURid, requesting more information and both registries say that the domain name terminations referenced by BREIN were not copyright related.

    Inaccurate WHOIS Information

    SIDN spokesperson Marnie van Duijnhoven explains that the domain name registrations were canceled, because the owners didn’t provide or confirm the correct WHOIS registration data.

    “This is a standard procedure at SIDN that we apply if there is reason to doubt the correctness of the registrant’s data. The reason may be a report from a third party such as Stichting Brein, but also, for example, the Police,” Van Duijnhoven says.

    While these verification procedures were initiated in response to BREIN’s notifications, the decision to cancel the domain names was not directly related to the content on the sites. Instead, the cancellations were made under Articles 16 and 18 of SIDN’s terms and conditions, which cover inaccurate WHOIS information

    EURid spokesperson Reelika Kirna confirmed that inaccurate registrant data also triggered their response. This is a terms of service violation, but not one related to copyright.

    “Following the request from BREIN regarding seven .eu domain names, we carried out our standard procedure for registration data validation and subsequently suspended these domain names due to a breach of Articles 3(b) and 4(d) and (e) of our Terms and Conditions,” Kirna informed us.

    Roads to Rome

    BREIN’s director Bastiaan van Ramshorst informs us that SIDN and EURid are indeed correct. In these instances, copyright wasn’t the reason to report the domains, at least on paper.

    The anti-piracy group previously reported domains to SIDN on the basis of copyright infringement. These complaints are handled under the separate notice and takedown procedure. That wasn’t the case here, but the aim is the same.

    “BREIN’s goal is the same: to take the domain offline because copyright and related rights are being violated on a large scale. The grounds on which SIDN takes action does not matter to us.”

    “Both roads lead to Rome. Obviously illegal websites almost always have incorrect WHOIS data because infringers want to remain anonymous. BREIN can and does use both grounds,” Van Ramshorst adds.

    Whether any of these roads is easier than the other is unknown, but SIDN’s latest transparency report shows that notice and takedown (NTD) reports are rare. The registry received 39 NTD requests in the first three quarters of the year.

    During the same period, SIDN launched over 5,000 procedures under article 16 and 18 of its terms and conditions, which includes claims concerning inaccurate WHOIS information.

    From: TF, for the latest news on copyright battles, piracy and more.

    << Previous Day 2024/12/20
    [Calendar]     		Next Day >>

TorrentFreak   About LJ.Rossia.org