Category Archives: CopyFight

Anti-Piracy Outfit Will Not Sue Hadopi ‘Hacker’

Posted on by

Exactly a week ago, French anti-piracy company Trident Media Guard experienced a security breach after they failed to properly secure their servers. As reports begin to surface that TMG intend to sue the alleged ‘hacker’, the target of their intentions informs us that having backed themselves into a corner, the company will not take legal action against him.

Image is Loading....Last Saturday, we began reporting on a security breach at French anti-piracy company Trident Media Guard (TMG). The company had been entrusted by the French government to carry out monitoring of file-sharing networks in pursuit of their nationwide anti-piracy program.

Blogger and security researcher Olivier Laurelli, aka Bluetouff, told us that a TMG virtual machine had been leaking data, including security tools and, according to a later report by news resource Numerama, IP-addresses of French citizens.

Naturally the revelations generated controversy, with the Hadopi agency announcing that they had suspended electronic connections with TMG and had resorted to shifting file-sharing monitoring data around on DVD instead.

As the pressure mounted on TMG, in the middle of the week they called in Commission Nationale de l’informatique et des Libertés (CNIL) to investigate the security issue. CNIL is the French authority responsible for ensuring that data privacy law is applied to the collection, handling, and use of personal data,

Then yesterday, Telecom Paper reported that TMG would sue the person responsible for finding the security flaw, but adding that it would be unusual for the French courts to prosecute people who expose lax security as doing so is deemed to be in the public interest.

TMG’s position, however, is slightly more awkward than that.

After first trying to play the situation up, using language such as “we have been the victim of data theft”, TMG followed up with claims that the exposed information was in fact nothing to do with their main systems. Furthermore, the server from which it came allegedly carried no live end-user data and was in fact a mere test machine. According to a source quoted by PCInpact, this is why TMG left it unprotected.

So on what basis would TMG sue Bluetouff? We asked him.

“TMG first said to the press it was an unprotected test server with no confidential data, and that there was no hack. So I’m really wondering on what basis they could attack,” he explained.

“I guess they need to sue someone because of insurance stuff or just to avoid admitting their own fail. So just wait and see but I’m quite sure they won’t sue.”

Bluetouff then reminded us of the security flaw he discovered in software developed by ISP Orange, which inadvertently leaked users’ IP addresses as it tried to block file-sharing.

“Orange had the same reaction, to send me lawyers first over their splendid ‘hadopiware’. Then they tried to understand what happened and who is guilty of what afterwards,” he explained.

Then within minutes we had another message from Bluetouff. “Wow, that was fast,” he said.

As predicted, TMG had announced that they won’t sue after all, unless they find evidence of “a formal intrusion”, something which presumably won’t be possible on a server they left deliberately open.

Time will tell what conclusions the CNIL data inspectors will draw from the episode. Their report is forthcoming.

Read

U.S. Bill To Criminalize Illicit Movie / Music Streaming

Posted on by

Three U.S. Senators have introduced a bill that would make streaming unauthorized music, movies and TV-shows a felony. The bill is said to address a gap in current legislation where streaming is not considered a criminal offense. The question is whether the new legislation is really needed though, as the authorities have already started several criminal investigations into movie streaming sites in recent months.

In March, the White House published a white paper with several recommendations on how to make copyright law compliant with the digital age. Among other things, it suggests classifying unauthorized streaming of copyrighted material as a felony and to allow for wiretaps in copyright related cases.

The first suggestion has now been turned into a bill that Senators Amy Klobuchar, John Cornyn and Christopher Coons officially introduced last week. The bill (S. 978) was presented in the same week as the PROTECT IP Act, another major anti-piracy bill designed to clamp down on sites that facilitate online copyright infringement.

If adopted, the bill will criminalize sites that offer streams of copyrighted content (such as YouTube) if they don’t act within the boundaries of the law. Under current definitions the law considers streaming to be a “public performance” instead of “reproduction and distribution.”

Under the new bill, streaming sites (and users) will get the same treatment as the more traditional forms of file-sharing such as BitTorrent and direct downloads. This opens the door for the authorities to crack down on streaming sites more aggressively. But the big question, however, is whether this additional power is really needed.

Those who’ve followed the news about the U.S. Government crackdown on ‘unauthorized’ movie streaming sites in recent months might reasonably think that providing streams is already a felony. As part of “Operation in Our Sites” U.S. Immigration and Customs Enforcement (ICE) and Homeland Security Investigations (HSI) have already launched several criminal investigations into such sites.

One of the affected sites was Channelsurfing.net, a website where links to external sports streams were listed. The site itself did not offer any streams, it merely linked to streams that were offered by third-party sites. Nevertheless, ICE and HSI classified the site as a criminal operation and arrested the alleged owner, 32-year old Brian McCarthy from Texas.

McCarthy has been charged with criminal copyright infringement for “reproduction and distribution” of copyrighted material. In addition he was charged with aiding and abetting copyright infringement.

The above suggests that the authorities already treat streaming, or linking to streams, as a felony. This means that either the arrest of McCarthy and the seizures of a dozen domains last year were illegitimate, or that the new bill isn’t really needed to deal with streaming sites.

If the bill is adopted, streamers of copyrighted content face a maximum prison sentence of five years. This is the same sentence as Brian McCarthy is currently facing, even though he was arrested in March for ‘linking’ to streams.

The law can often be confusing, and apparently so confusing that it may even fool justice at times.

Read

Google Wins Anti-Piracy Filtering Lawsuit, Filters Anyway

Posted on by

Since April 2010, French music rights and anti-piracy group SNEP has been engaged in legal action against Google. SNEP felt that Google should censor search terms such as torrent, RapidShare and MegaUpload. Having been decided once already in Google’s favor the case went to an appeal. This week the Court of Appeal decided that Google can’t be forced to filter.

Image is Loading....The Syndicat National de L’édition Phonographique (SNEP) is an organization set up to protect the rights of the French recording industry. SNEP collects royalties for its member labels and also carries out anti-piracy activities on their behalf.

As part of their anti-filesharing actions, in April 2010 SNEP initiated legal action against Google in an attempt to force the search giant to filter certain terms from their auto-suggest feature. It will come as little surprise that the words targeted were ‘torrent’, ‘RapidShare’ and ‘MegaUpload’.

SNEP’s case relied on Article L336-2 of France’s intellectual property code. The article states:

“In the presence of an infringement of copyright or related right caused by the contents of a communication service to the public online, the high court, acting as appropriate in summary proceedings,” is authorized to take “all appropriate measures to prevent or halt such infringement…”

As noted by news outlet Numerama, this provision was introduced into law in anticipation that some day ISPs would be asked to block access to file-sharing sites. SNEP clearly thought they could extend the target of the legislation in their favor.

In September 2010, the Tribunal de Grande Instance de Paris rejected the complaint and ordered SNEP to pay Google 5,000 euros in costs. Dissatisfied with the court’s decision, SNEP took the case to appeal, asking for damages of 1,000 euros for every day the results appeared in Google’s listings. Furthermore, they added a list of artists, albums and songs to be filtered in connection with the above terms.

This week the Court of Appeal in Paris handed down its ruling. In common with the earlier decision, the Court found that the mere presentation of terms in a set of search results did not necessarily mean that an infringement of copyright would follow.

Furthermore, in an apparent reference to RapidShare and MegaUpload, the Court noted that just because users of these sites can use them to transfer unauthorized copies of music, it does not automatically follow that the sites are rendered illegal as a result. The Court also made clear that SNEP could not hold Google responsible for the subsequent activities of Internet users who use their search engine.

However, as first reported by us earlier this year, Google already took the decision to filter its auto-suggest feature, a move duly noted by the Court of Appeal. But does it then follow that this act of self-censorship must be an admission of guilt?

“The fact that Google has filtered its results does not mean that they have complied with [SNEP's] request and admitted responsibility,” said the Judge, adding that despite Google’s actions, any infringing content still remains on the web.

Once again the case was decided in Google’s favor and SNEP was ordered to pay 5,000 euros costs.

Read