As many of you know all too well, successfully removing your pirated work from online sites is a time consuming task. Not only does you have to find the infringing content, but have to spend time crafting a DMCA notice to send to the service provider hosting the illicit links and/or files.
I recently was notified about some links shared by a Twitter account that led to some pirated movies. At first I attempted to use Twitter’s web form, but it REQUIRED me to log-on to a Twitter account in order to send a DMCA notice via their web form. Sorry.
I don’t think there’s anything in the law that requires DMCA senders to have an actual account with service provider???? For me, the most efficient approach was to send the take-down notice directly Twitter’s designated DMCA agent listed in the US Copyright Office directory of DMCA agents. Here’s what I found:
Ok, so there’s an email address ([email protected]) clearly listed (as required by law) and so I sent my DMCA notice to that email address. I quickly received an automated response from [email protected] telling me, essentially, that Twitter ignored my request and that I must use their web form instead.
Now, I didn’t send an email “attachment.” I sent an email with the language of the DMCA notice and the infringing links included in the body of the email.
Twitter surely does deal with massive numbers of DMCA take down requests daily, but that’s not my problem. Attempting to force notice creators to log into their system in order to access a clunky web form not only adds greater burden by eating up valuable time, but makes record keeping on much more difficult. Emails provide me with a record of both the reported links and the time/date I sent the notice to Twitter.
This is the kind of stuff that has been happening for a long time with the DMCA. Service providers do everything they can to erect roadblocks to creators who are trying to protect their work from online theft. While Twitter is not alone in this behavior–the real question remains–why are these companies allowed to repeatedly flout the law?
Meanwhile, even a small effort toward progress like the CASE Act, which would provide creators access to a modicum of relief via a small claims process, is being held up in the Senate by Ron Wyden at the behest of tech companies, some of which happen to be big donors.
Twitter’s DMCA “process” is simply one more in a long list of examples as to why the the DMCA doesn’t work. Big tech companies simply ignore the rule of the law and make efficient take-downs as difficult as possible on creators.
It’s been more than 7 years since cyberlocker piracy king Kim Dotcom was indicted for copyright infringement by U.S. authorities. He’s fought extradition from New Zealand tooth and nail, but earlier this month his final appeal was denied. Whether he ends up in a U.S. jail will apparently be determined by New Zealand’s Minister of Justice.
In the meantime, MEGA, founded in in 2013 to replace his shuttered Megaupload.com, is till in business and continues to host infringing conent uploaded by online pirates everywhere. The company is supposedly worth $210 million and, while Dotcom himself claims no direct involvement, conveniently his wife remains a primary shareholder. It’s a murky and twisted enterprise–but is that really a surprise?
In June, the site averaged 12 million visitors per day and it’s a safe bet most weren’t there for legit reasons. Aside from piracy, much of the traffic appears porn related. Visitors from Brazil, Mexico and the United States lead the pack.
Easy to find, watch and download pirated movies, music and books on MEGA
From the start, Kim Dotcom has claimed MEGA is perfectly legal. Supposedly, since the files are encrypted end to end, operators can claim ignorance as to what exactly is being shared. However, it’s not the truth. I easily found, and was able to view, pirated movies without a so-called encryption key. No account required.
Via link posted on Twitter I viewed Bird Box on MEGA without encryption key.
If one does want to actually download the files all that’s required is a free account and installing an app….easy as setting up an account on Netflix.
Google, YouTube, Facebook & Twitter help spread pirated content
In order draw traffic to the site, MEGA users depend on the usual intermediaries like Google, YouTube and Facebook to spread (illegal) links. Today, in the process of writing this post, I did a quick search for the recent hit Captain Marvel. Within seconds–thanks to Google and Facebook–I found a pirated copy hosted by Mega.
From Google to Facebook to a full stream of Captain Marvel
Viewing other content, like HBO’s hit “Big, Little Lies” or, as mentioned above, Netflix’s “Bird Box” (thanks Twitter), were also only a couple clicks away.
In addition, I quickly discovered episodes of the BBC/HBO production “Gentleman Jack” (via YouTube) and historian Anne Choma’s audible companion book (which I reported publisher and thankfully it’s been removed).
Link pirated episode on Mega found via YouTube
The full episode of Gentleman Jack can be screened simply by clicking the MEGA link found in the YouTube description. Piracy made easy.
In yet another example, thanks to Twitter I found a link that offered me season one of the subscription TV series “Vida” streaming on MEGA without any key required. No matter what anyone says, MEGA seamlessly offers tons of pirated content.
First season of Vida on MEGA available to stream for free
Of course, per usual, it’s not just Hollywood blockbusters and HBO fare that continue to be victimized. Independent creators, particularly those without deep pockets for anti-piracy defenses, also lose precious income to online thieves enabled by MEGA.
Why do people bother to pirate? As always, the incentive is the money they earn from ads. Pirates upload content to MEGA, post links on places like Twitter or Facebook and cash in when users click through ads on an intermediary site in order to get to view the actual link. I’ve been writing about this business model for nearly a decade and sadly, little seems to have changed.
It remains to be seen whether Kim Dotcom ends up behind bars in the U.S.–but no matter his fate, there’s little doubt that the online piracy eco-system he helped build continues to flourish, creators rights be damned. The role played by intermediaries like Google, YouTube, Facebook and Twitter in the U.S. cannot be ignored either.
The DMCA (Digital Millennium Copyright Act) was signed into law nearly 20 years ago….yet here we are today, same old tired law but with an online ecosystem vastly different from what existed 2 decades ago. Despite this, no one in Congress seems in any great hurry to update law and as they drag their feet, creative artists continue to pay the price.
For creators trying to safeguard their work from online theft this leaves them with only one option, the DMCA takedown notice. This antiquated process works ok in very limited instances, but for most filmmakers (and musicians) dealing with a large volume of infringements, it’s like using an umbrella to stay dry beneath Niagara Falls. Not only is it inadequate, but the truth is– it’s a joke. Why? Because the DMCA’s safe harbor provision provides loopholes allowing many of tech’s piracy enablers–U.S. based companies play a significant role in allowing pirates entrepreneurs to pimp their stolen content across the globe–to sidestep any legal liability and happily accept the tainted profits filling their cash drawers.
It’s not news that pirate websites are hosted offshore, hidden behind multiple layers of purposeful obfuscation. Most don’t offer a way to remove content via the DMCA and offer this disclaimer: “This site does not store any files on its server. All contents are provided by non-affiliated third parties.” Of course these sites make it nearly impossible to uncover the actual identity of these “third parties” while offering up streams (and earning ad revenue) off hundreds of pirated movies.
In fact, to find out the exact domain or IP where pirate servers are located requires some detective work, parsing through source code using something like Firebug or developer tools on Chrome. Even if one figures out the source, removing the pirated content is quite another matter since these shadowy sites also ignore the DMCA. Located offshore, behind privacy curtains, they stay outside the reach of U.S. law.
They may be outside the reach of U.S. law, but they seem to have no problem depending on U.S. companies for parts of their infrastructure. Peel back more layers of the onion and you’ll find that in fact, there are U.S. based companies that provide a crucial services to efficiently deliver the pirated movies to viewers around the world. One of the major players in this ecosystem is Cloudflare, a CDN (content delivery network) that currently handles about 10% of internet requests.
ILLEGAL PIRACY SITES DO THEIR BEST TO HIDE WHILE CLOUDFLARE HELPS KEEP THEM IN BUSINESS
What does Cloudflare do exactly? According to its website: “Here at Cloudflare, we make the Internet work the way it should.” Well, maybe….but just as it assists legit sites (like voxindie.org) in operating smoothly, it also aids and abets (and profits) from criminal sites that market in stolen goods, like pirated films.
Just in the last couple weeks, I’ve run across many pirate sites and streaming servers that depend on Cloudflare to deliver their pirated movies to visitors. For the purposes of this piece, I’ll focus on a couple examples…but it’s basically the same scenario with site after site I researched.
Let’s take a pirate site called Go Movies (I’ll refrain from providing the exact domain for obvious reasons). It features hundreds of pirated movies and TV shows including titles still in theaters like Blade Runner
and Mother. Though the site has a DMCA button that links to verbiage, it’s a sham. Nowhere does it actually give you a way to contact them to send a takedown notice. A WHOIS search reveals the domain owners hide behind privacy protection service based in Moscow. It also lists Cloudflare as providing its name servers.
The scenario is the same when it comes to the actual source of the streaming file. Using web developer tools, I determined the pirated movie I was investigating was hosted on lemonstream.me. Lemonstream.me doesn’t really have a website. If you try to go to there you’ll just get a 403 Forbidden error message, but that’s where the files originated. There’s a myriad of encrypted code sent from the pirate website (Go Movies) to call up the specific file (in pieces), but a WHOIS search for the domain, it reveals site owners hiding behind another Moscow-based privacy service. What do these sites have in common? The fact that U.S. based Cloudflare provides its name servers for both.
Cloudfare profits off piracy websites
Since these offshore pirate websites ignore the DMCA, will sending a DMCA notice to Cloudflare get you anywhere in a quest to remove the pirated movies? Well you can try, but in reality it’s an utter waste of time.
In a case involving another pirate site, vidzi.tv I tried getting 40 links removed. Vidzi.tv repeatedly ignored my DMCA email requests so I tried sending one to Cloudflare (its namerserver provider). When nothing came of the email, I tried using Cloudflare’s clunky web form (that limits you to 10 URLs at a time). I only received an acknowledgement that my request was received. It’s a worthless pursuit. Nothing changes. The pirated movie remains online…all 40 links, and Cloudshare still profits from the business of thieves.
CLOUDFLARE MADE HEADLINES BY TERMINATING NAZI WEBSITE’S SERVICES
Cloudflare recently made headlines after the company reluctantly terminated the account for the neo-Nazi website The Daily Stormer. The company explained their decision this way:
Earlier today, Cloudflare terminated the account of the Daily Stormer. We’ve stopped proxying their traffic and stopped answering DNS requests for their sites. We’ve taken measures to ensure that they cannot sign up for Cloudflare’s services ever again.
Our terms of service reserve the right for us to terminate users of our network at our sole discretion. The tipping point for us making this decision was that the team behind Daily Stormer made the claim that we were secretly supporters of their ideology.
Of course for Cloudflare, customers that offer up infringing content illegally are not subject to the same scrutiny. Included in its statement as to why it removed The Daily Stormer account was this nugget absolving the company of responsibility when its customers break laws:
…we’ve always said that our policy is to follow the guidance of the law in the jurisdictions in which we operate. Law enforcement, legislators, and courts have the political legitimacy and predictability to make decisions on what content should be restricted. Companies should not.
As tech comes under overdue scrutiny, perhaps its time to again ask the question as to why it’s OK for companies like Cloudflare to openly do business with sites engaging in illegal activity. I’m not the first one to raise this issue. The company was on the losing end of a recent court decision when a district court ruled that the companymust honor a permanent injunction awarded the RIAA against notorious pirate site MP3Skull and its CEO will also be deposed in another piracy related case so there’s hope that the company may be more responsive to DMCA requests.
REVISE THE DMCA TO CLARIFY THE ROLE AND LIABILITY OF INTERMEDIARIES THAT DO BUSINESS WITH PIRACY SITES THAT WON’T COMPLY WITH THE DMCA
Going forward, why leave it up to interpretation? Why not clarify the responsibility of intermediary companies in the DMCA notice and takedown process.
Why not update the DMCA to require that companies like Cloudflare that provide intermediary services be required to either comply with takedown notices (by cutting off services) or only do business with websites that do? After all, Cloudflare is a U.S. based business. Why shouldn’t companies that use its internet services be required to comply with the DMCA? Here are some Cloudflare’s customers, pirate sites that don’t comply with DMCA requests.
While predictable piracy apologists spout tired talking points about slippery slopes, the truth is that this isn’t about censorship or abuse…it’s about creators trying to use the DMCA to legally remove pirated copies of their work from pirate sites. Why should U.S. companies do business with piracy websites that flout U.S. law? The only folks being abused here are the creators whose work ripped off so that others can profit.
Google’s updated piracy report offers the some well-worn excuses
It’s that time of year. The time of year where Google rolls out a shiny update on its “How Google Fights Piracy” report. Google began the tradition in 2013. At the time I noted that Google’s claim to be a “leader” in the fight against piracy was its first mistake. With today’s update, it appears the Silicon Valley giant hasn’t backed down from that dubious claim (or many others).
Katie Oyama, Senior Policy Counsel, Google asserts that, “We take protecting creativity online seriously, and we’re doing more to help battle copyright-infringing activity than ever before.” Yet, in spite of Oyama’s rosy quote, in truth the reality (for creators) battling online piracy continues to be a bleak one.
Google search continues to list pirate links at the top of results
For the moment I’ll focus on Google search. The report claims, “…Google does not want to include any links to infringing material in our search results, and we make significant efforts to prevent infringing webpages from appearing.” It goes on to outline what Google’s doing to remedy the issue including this nugget:
Google believes that providing convenient, compelling, legitimate alternatives is one of the best means of fighting piracy. Accordingly, Google has launched a number of initiatives to present legitimate alternatives to users as part of search results, including providing advertisements on queries for movies and music to link users to legitimate means of purchasing content.
The reports also notes that it has focused on providing, “Clean results for media-related queries users actually type: Thanks to the efforts of Google’s engineers, the vast majority of media-related queries that users submit every day return results that include only legitimate sites.”
Oh Yeah, I’ve heard this line before, but unfortunately it isn’t true. This morning, after taking a gander at the report I went to Google search to search for the recent indie film Carol. I typed in a pretty logical query–the kind “users submit every day” — choosing the phrase “watch Carol online.” The VERY TOP RESULT took me–instantly–to a full, high-quality, pirated, illegal stream of the film.
Top result leads to full, pirated stream of the movie
Ok, so maybe the word “online” is too linked to piracy….so let’s drop the term and use only the terms, “watch Carol,” the first result was identical and led to the same pirated stream. Yeah, there was was ad offering legit links at the top (which is a good thing) but unfortunately pirated versions remained front and center and at #1 in the actual search results..
So much for their well-oiled talking point. The fact is that Google search still provides a direct path to pirated content.
If some innocent person is simply looking for a way to (legally) watch Carol uses Google search instead of wheretowatch.com, why does the FIRST link in Google’s results offer a pirated version? I didn’t say I wanted to “watch Carol free” I said merely that I wanted to “watch Carol.” Is that a pretty standard approach to consuming movies??? Watching them???
Does Google really believe that watch isn’t a term people use every day to search for a movie online?
The only time I found somewhat clean results was by using the term “Carol movie.” Now, forgive me, but it someone is looking to “watch” a film doesn’t it make sense they’d use that same term in a search query? Apparently Google’s engineers didn’t think so. For them it seems that using the term “watch” is not a word worthy of inclusion amid their “vast quantity of media-related queries” when it comes to searching for a film title?
It’s also important to note that when I started typing in the terms “Carol mov…” Google’s own auto-complete provided the suggestion (carol movie online) which leads directly to the same pirated stream of Carol listed at #1 (see below).
Google auto-complete offers up a term that leads directly to pirated copy of the film
I’ll be examining Google’s report further and will follow up with another post, but I couldn’t let the announcement of this update slide by with nary a mention. There’s much more to sift through, but I’d venture to guess it will be more of the same old, same old. As I noted in my analysis of an earlier version of this Google report:
After reading it I think a more accurate title would be “Why Google Shouldn’t Have to Fight Piracy Because it Offers so Much Other Good Stuff.”
While the report does outline various positive steps Google’s taken (under duress) to mitigate its role in incentivizing and enabling piracy, most of the document reads more like an evangelical tome as to how their innovations have benefited content creators, blunting any collateral damage that may have occurred. In other words, let’s overlook the bad in favor of the good…
I have a feeling not much will have changed…If there’s any truth in the claim that Google is “doing more” it’s because it’s allowing morepirated content than ever on its products.
The Google team doesn’t seem to appreciate email as a form of communication
I’ve written about Google’s laborious and time-consuming DMCA takedown maze, a process that forces creators to find, then fill out cumbersome online forms. I’ve also written about the fact that Google makes it difficult, if not impossible, to find the email address for its DMCA Agent–in apparent violation of the law’s requirements.
Even when you do find the correct email address for Google’s DMCA agent (via the U.S. Copyright Office), the Google team’s correspondence makes it clear that you will be penalized for taking this legal, more efficient approach. Sending a DMCA takedown request via email is far less burdensome for a couple significant reasons:
Sending a DMCA via email is fast and easy in contrast to Google’s online form
You have a copy of the DMCA notice you send, making record-keeping and follow-up much easier
Of course, if you do send a DMCA takedown notice to Google via email it seems to really annoy the Google “team.” Take a look at the email responses to a DMCA notice I recently sent via email. Note that the DMCA template I used was crafted by my attorney.
In response to this perfectly legal and accurate DMCA notice, I received this email asking me to be sure that my original notice complied with the law. I was forced to send a second email confirming that yes, I do know what the heck I am doing when I send a DMCA takedown notice.
Google makes you send a second email
Ok, after all this, Google still isn’t happy. Yes, they eventually end up complying with the law and sending me confirmation that they are acting on my takedown request…but, but….next time, you’d better do it the Google-way using their online takedown maze.
No thank you. I prefer to send my DMCA notices in a way that benefits ME, not Google. It’s not my fault that Google’s business model is such that attracts a tsunami of takedowns every day.
The fact is that Google has the technology to process DMCA notices via email just as easily those sent via its web form(s). While submitting DMCA requests via an online form may be helpful for those individuals who aren’t familiar with the process–or creators who send them infrequently–Google’s convoluted online takedown process serves simply as a time- sucking deterrent.
Maybe if I sent the DMCA via a GMAIL account they’d be more receptive? 😉
As an indie film and broadcast journalism veteran, I'll share my perspectives on issues of interest to the creative community and beyond--Ellen Seidler
