by Ellen Seidler | Ad Sponsored Piracy, Law, Piracy
BI screencap-Ashley Madison on Pirate Bay- click for story
Ad sponsored piracy run even more amok
This has to be the irony of ironies. According a piece by Lara O’reilly in Business Insider, advertising for Ashley Madison is popping up on the Pirate Bay in searches for the hacked data. At the bottom of the results that list the complete torrent to the stolen files there’s an ad for Ashley Madison’s website. I suppose given all the bad publicity of late, the extra-marital affair website needs to find customers wherever it can eh? According to Business Insider:
A check of the source code reveals that the ad is being served by a Barcelona-based ad network called ExoClick.
ExoClick lists on its website that its partners include well-known brands, including bookmakers William Hill, Bet365, and Ladbrokes. The company has featured in Deloitte’s Fast 500 ranking of the fastest-growing technology companies for three years in a row.
Business Insider has contacted ExoClick to ask why the Ashley Madison campaign is running, and also why an ad appeared on Pirate Bay, which is often blacklisted by advertisers because it is notorious for illegal filesharing of copyrighted material. It can be extremely damaging to brands’ reputations for their ads to appear next to illegal or indecent content, and for their companies to be seen to be funding piracy websites through their advertising spend.
Of course Avid Media’s parent company has sent DMCA notices to various web operators to block publication of the hacks, but as everyone knows Pirate Bay sites are impervious to DMCA takedown requests. I’d previously written about the fact that using the DMCA to block release of the hacked data is a questionable application of the law. As of this morning it seems the ads are no longer showing up on the Pirate Bay website. It looks like Avid Media sent a takedown notice to its own advertising folks instructing them to remove the ad and stop sending money Pirate Bay’s way.
Companies allowing ads to be displayed on pirate websites (or alongside pirate scams on YouTube) is nothing new, but this puts an entirely new twist on the problem.
by Ellen Seidler | Ad Sponsored Piracy, Copyright, Google, Law
Youtube slaps ads on scam uploads and collects dough from advertisers who look the other way.
It’s not news that Google doesn’t take kindly to anything standing in the way of revenue. Its business practices on YouTube are no exception.
In order to stuff the mother ship’s coffers, YouTube will monetize just about any crap upload, whether it’s a terrorist recruiting videos or scams linking to pirate websites. When Google monetizes these uploads both it and the uploader make money from the ads. Does anyone care about this dirty income?
Two years ago stories surfaced showing YouTube monetized Al Qaeda videos. At the time a YouTube the Daily Mail quoted a YouTube spokesperson as saying:
‘We also have stringent guidelines regarding advertising on the site, and we may choose to stop placing ads against any video or channel if we determine that the content is not appropriate for our advertising partners.’
Ad for Amazon Prime links to scam pirate movie website
As with most of Google’s dubious business practices the attitude is shoot first, ask questions later (if caught). Is it really OK with advertisers that their ad budgets go to support YouTube and scam account holders (or terrorists)?
I wonder if the folks at Amazon Prime know where its YouTube ad dollars actually go? Do they realize Amazon Prime ads pre-roll on scams for pirate movie websites? It’s likely some of the productions pirated are Amazon Prime originals like Transparent. Does Amazon, or any advertiser on YouTube, demand any sort of accountability as to where their advertising appears?
I’ve written more than one blog post about these shady YouTube monetization practices, but it’s like the movie Ground Hog Day--nothing changes.
Earlier this year Google/YouTube was again called out for ads on terror group videos. This time ads played with ISIS recruiting videos. Companies like Proctor & Gamble, Toyota and Anheuser-Busch were among those who ads played alongside terror videos and Google scurried to remove the ads once it was outed by the press. Though clearly not pleased, advertisers didn’t say much, perhaps not wanting to draw more attention to an embarrassing situation. According to a report on NBC News:
“Our ads should not have appeared and we’re working with YouTube to understand how it happened and to avoid it happening again,” Proctor & Gamble said in a statement to NBC News. Other companies whose pre-roll ads were spotted on since-removed ISIS-related videos — Toyota, Anheuser-Busch and smartwatch maker Pebble — didn’t immediately respond to an NBC News request for comment.
Of course ads on videos linking to scam pirate movie sites are clearly not in the same category as ISIS recruiting videos, but the underlying issue remains the same. Where are the standards?
Why does Google depend on its community guidelines as a means to vet content for monetization rather than hire a staff to do it?
Why does Google allow YouTube to monetize uploads without checking them first? Where are the gatekeepers? Why doesn’t Google, with all its riches, hire staff to review content before ads appear on videos? Google wont’ stand in the way of users uploading pirated movies or hate videos but certainly it could vet the videos to determine if they are appropriate for monetization. Why don’t advertisers demand as much?
There’s a reason Google flacks pull out the same old rhetoric when any of its YouTube policies are scrutinized. For Google, muddying the waters by mixing its protect free speech message with its unfettered approach to monetization is a savvy tactical move. It’s a smoke bomb that provides political cover so YouTube can continue to rake in big bucks and avoid accountability.
It’s one thing to hide behind the shield of free speech by allowing unrestricted uploads, but making money off them is quite another. The two are very different issues, yet Google gets away with treating them as one in the same.
Those with enough clout to force change seem either impotent, or unconcerned. Despite the ad industry’s formation of the Trustworthy Accountability Group and its “Brand Integrity Program Against Piracy” there seems to 
have been little effort, beyond weak rhetoric, to call Google to account for its bad business practices.
Where’s TAG when it comes to Unilever’s ad promoting its sustainable business practices or the Weinstein Company promoting its upcoming movie No Escape on scam pirate uploads? Why don’t industry representatives demand accountability from Google?
Do the advertising folks for Intel, Lexus, Sanuk Shoes, Oxiclean, Sandals Resort, the Weinstein Company and Disney care that their ad campaigns underwrite criminals? Does anyone care?
The advertising industry needs to take charge and force change. I can write blog post after blog post documenting the myriad of ways YouTube scams advertisers (and the public) but unless those who send money Mountain View’s way demand accountability, nothing will change.
by Ellen Seidler | Copyright, Film, Law, Piracy
The fight against movie piracy is a fight FOR diversity
It’s no secret that Hollywood has a long way to go when it comes to diversity and a new report released today by the Media, Diversity, & Social Change Initiative at USC’s 
Annenberg School shows just how far. Echoing findings of a similar study issued last winter by UCLA’s Bunche Center, today’s report finds that women, minorities and LGBT characters are not only rare–but often insignificant in Hollywood films. The findings include:
- Of the 4,610 speaking or named characters on screen, only 19 were coded as LGBT across the 100 top films of 2014.
- Only 30.2% of the 30,835 speaking characters evaluated were female across the 700 top‐grossing films from 2007 to 2014. This calculates to a gender ratio of 2.3 to 1. Only 11% of 700 films had gender‐balanced casts or featured girls/women in roughly half (45‐54.9%) of the speaking roles.
- Only 17 of the 100 top films of 2014 featured a lead or co lead actor from an underrepresented racial and/or ethnic group. An additional 3 films depicted an ensemble cast with 50% or more of the group comprised of actors from underrepresented racial/ethnic backgrounds.
- In 2014, no female actors over 45 years of age performed a lead or co lead role. Only three of the female actors in lead or co lead roles were from underrepresented racial/ethnic backgrounds. No female leads or co leads were Lesbian or Bisexual characters.
The report is a must-read, but how does it have anything to do with the topic “movie piracy” or the Electronic Frontier Foundation (EFF)? Well, given that Hollywood is clearly doing a pretty lousy job telling the diverse stories of our society at large, where can audiences watch films that reflect our lives? Look no further than the narratives created by a diverse cornucopia of independent filmmakers.
Pirate sites around the globe feature stolen LGBT movies
Unlike those in Hollywood, indie filmmakers are not well-funded and often have to cobble together lean production budgets using a variety of sources from credit cards to crowd-funding. Without the deep pockets of the studios, these filmmakers often go deep into the red to create their not-so-mainstream films.
So, when it comes to assessing piracy’s damage, indie filmmakers, like their counterparts in music, are often the most vulnerable. As I noted in a 2013 blog post about the negative impact piracy has on LGBT cinema:
Unlike studio-backed films, these titles usually don’t get a theatrical release and so are totally dependent on back-end revenue (VOD, DVD, TV) to recoup production costs and pay off debts. Parasitic pirates, who themselves profit from piracy, erode this much-needed revenue stream.
This brings me to the EFF and a recent blog post by Mitch Stoltz, a Senior Staff Attorney there. In response to recent efforts by the movie industry to shut down a group of piracy-for-profit websites based offshore, Stoltz sounded the alarm by dusting off the well-worn SOPA canard and cries of “censorship” and “abuse.” His love of the word “abuse” was so strong, in fact, variations of the term appear 9 times in his piece.
Isn’t it time for those at the EFF and others who yell “SOPA” each time the movie industry takes legal action against online pirates to shut the hell up? What is abusive is the way online piracy (for profit) is allowed to flourish, made sacrosanct by tech apologists.
Why can’t we differentiate between websites engaged in theft for profit and legit ones? Are we (and the courts) really that stupid? When it comes to other illegal activity online we manage to differentiate between the good guys and the bad…drugs, child porn, etc.
Piracy is not free speech, it’s theft.
Asking that pirate sites be shut down for criminal activity (movie piracy) is no different. Despite the hyperbole, it’s also not an attack on “free speech.” In fact, ridding the web of pirates actually strengthens “free speech” by helping make sure that oft-marginalized subjects and stories brought to the screen by indie filmmakers are not muted.
Why can’t the EFF find value in protecting the diversity of free speech found in film?
EFF bluster is nothing new. It’s a tired old playbook that I’ve addressed in earlier posts:
…the EFF routinely muddies the waters and conflate valid concerns over online privacy and free speech rights with copyright holders’ efforts to protect their work from infringement. Protecting rights within all three realms is important and doing so effectively, despite EFF rhetoric to the contrary, need not be a mutually exclusive process. The EFF approach to protecting “rights” in the digital age has always has been disingenuous. Gin up hysteria in order to push an anti-copyright agenda–an agenda, covertly built on the interests of the tech industry and NOT the community at large.
So, back to the issue at hand…lack of diversity in film. I would argue that the fight against online piracy is also a fight FOR filmmakers who create diverse films. It’s also a fight for the jobs of all those involved in making them.
There’s no question Hollywood needs to do a (much) better job when it comes to including women, minorities and LGBT in roles on camera and off, but in its perhaps own inadvertent way–by taking aim at online pirates–the industry is helping make sure that audiences worldwide will continue have access to independently produced films, rich with a myriad of characters and stories.
While Stoltz and his tech-influenced ilk continue to demonize Hollywood’s efforts against piracy, I will continue to applaud them for taking action. They are fighting the good fight against piracy for all filmmakers. Meanwhile I will continue to advocate for a Hollywood that better reflects the world around us. The two are not mutually exclusive.
by Ellen Seidler | Copyright, Google, Law
From the Digital Citizens Alliance Report-Selling Rats
Whether it’s ISIS recruiting videos or porn, it’s not news that the YouTube monetizes whatever drek gets uploaded to the site. Now, according to a new report by Digital Citizens Alliance (DCA)*, YouTube is also infested with videos promoting RATS (Remote Access Trojans).
RATS are used by hackers to install malware that takes over computers of unsuspecting internet users. According to the “Selling Slaving” report by the DCA, their targets are often the young:
…are actively looking to take over the computers, called “slaving,” of young girls and boys—and then selling that information online. In effect, they are selling access to our children’s bedrooms.
How does the growth of this illicit spying activity link back to YouTube? As is the case with terrorist recruiting videos, YouTube also offers unsavory creeps a worldwide portal that makes it easy to spread their criminal wares via video. To add insult to injury, these videos are often monetized, meaning YouTube and the hackers not only spread information on this unsavory activity, but also make money from it.
The tutorials included many that showed how to use and spread RATs; links where ratters could download the malware; and examples of RATs successfully deployed showing victims’ faces and IP addresses…Roughly 38 percent of the tutorials for the best-known RATs had advertisements running alongside the videos. The advertising we found included well-known car companies, cosmetics, and even tickets to New York Yankees’ baseball games. YouTube’s parent company, Google, is positioned to get revenue from the sharing of these malicious tutorials that target innocents. –DCA report
The fact Google is making money off garbage is nothing new, but lately a number of online businesses (like Reddit) have been forced to reexamine their “anything goes” policy when it comes to what content to allow online. The question is to ask in the case of YouTube RATS is why can’t Google do a better with housekeeping?
In a recent New York Times piece, “Limits at Gawker? Rules at Reddit? Wild West Web Turns a Page,” Jonathan Mahler wrote about a maturing web.
There has been no shortage of discussion about how legacy media companies will find their way forward in the digital age. But in trying to recalibrate their identities, Gawker and Reddit are demonstrating that digital media companies are struggling to manage a difficult transition of their own — from financially underachieving, if popular, start-ups to thriving, mature businesses.
“This feels like a moment of reckoning to me,” said Vivian Schiller, the former head of news at Twitter who was previously an executive at The New York Times. “We’re moving from the early days of ‘We’re free to write or post whatever we want,’ to the reality of building a business.”
With this latest DCA report in mind, and the fact that other dubious YouTube users earn income off the filth they spread, one wonders if Google will make better business decisions going forward. The DCA reports suggests a way forward for YouTube’s parent:
A solution exists, but it will require Google to change the way it approaches this issue. When Google is serious about solving a problem, it assigns a human team to do what an algorithm clearly can’t. Bringing in human teams helped block tens of thousands of search queries for child pornography and to ensure the quality of apps on Google Play. Hacking victims deserve the same concern and protection. Google should assign a human team to reviewing these videos and immediately cease advertising on such video platforms. These victims should not be clickbait and ad revenues from slaving tutorial videos can’t be worth the pain and suffering they cause. [emphasis added]
However, if past history is any indication, Google will likely continue to deflect and dodge. If they do, they risk further damage to its brand. The DCA report ends with this observation and a quote from a Ratter’s victim asking that Google do more to eradicate this insidious infestation on YouTube:
If Google continues to sell ads beside slaving videos, can it claim Internet freedom as a defense? If one of the world’s most admired companies takes a stand against slaving, others will follow. Perhaps the best advice on how the company could handle that question came from Cassidy Wolf, who said she would tell Google: “They need to put themselves in (the victim’s) shoes… and imagine if it was their daughter that was being watched in their room and now its being promoted on YouTube and the people that are doing this are making money of this and Google is making money off of this. Honestly, I would just tell them to put themselves in the victim’s shoes and imagine if this was happening to them.”
Once again, the ball is in Google’s court.
*full disclosure-I’m a member of the DCA’s Advisory Board
by Ellen Seidler | Copyright, Law
Protecting private data from online theft is not the same as protecting copyrighted content
Update 8/20/15-The hackers have released the hacked data after Ashley Madison’s parent company did not comply with their demand that the site be closed. It appears, once again, Avid Media’s lawyers are misusing the DMCA in order to prevent the hacked (private) data from being widely disseminated. The post below explores why the DCMA is not the solution.
Original story from 7/21/15: In news first reported by investigative journalist/blogger Brian Krebs, hackers broke into a database containing customer data for web hook-up site Ashley Madison and threatened to post it online. Stealing customer or employee private data is always a bad thing, but what makes this particular hack particularly notable is that Ashley Madison’s business is based on promoting and enabling infidelity among couples. The company’s mantra is “Life is short. Have an affair,” and in order for customers to fool around on their mates without repercussions, anonymity is clearly key. I imagine there are more than a few Ashley Madison clients who are sweating big-time right about now.
Ashley Madison’s clientele are not the only ones at risk of having their online escapades outed. The hackers, who identify as The Impact Team, actually targeted the entire database for the site’s parent company, Toronto-based Avid Life Media (ALM). ALM also operates two other online hook-up sites, CougarLife.com and EstablishedMen.com.
According to Krebs, the hackers were motivated by the websites’ failure to comply with its $19 “full delete” feature, whereby a customer’s information is (supposedly) scrubbed from its database upon request. As Krebs reports:
“Full Delete netted ALM $1.7mm in revenue in 2014. It’s also a complete lie,” the hacking group wrote. “Users almost always pay with credit card; their purchase details are not removed as promised, and include real name and address, which is of course the most important information the users want removed.”
Desperate to protect brand, lawyers fight Ashley Madison hackers with dubious use of DMCA law
What’s notable about this hack, beyond the target itself, is how ALM is fighting back. ALM says its legal team is turning to the DMCA (Digital Millennium Copyright Act) to prevent further release of hacked client data. So far, the effort seems to have successfully kept most of the information offline. From CNBC:
ALM confirmed that the hack took place and told CNBC it has managed to take down all the personal information that hackers posted online.
“Using the Digital Millennium Copyright Act (DMCA), our team has now successfully removed the…posts related to this incident as well as all Personally Identifiable Information (PII) about our users published online,” ALM said in an emailed statement.
Is the DMCA really the right (and legal) way to fight the Ashley Madison hackers? The DMCA was designed to give creators a means to safeguard their copyrighted creations from online thieves in the digital age but does it extend to hacked data too?
When Jennifer Lawrence’s personal photographs were stolen by a hacker and posted online her lawyers used the DMCA to block their spread since technically, she (and other women who were victimized by the photo theft) owned the copyright for the stolen pictures. In the case of the Ashley Madison hackers, company lawyers claim that ALM “owns” their customers’ content and thus have legal grounds to send DMCA takedown notices to prevent it being published online. Although I’m not legal expert, it seems like a stretch.
The DMCA, old and broken as it is, is the only tool creators have to protect their work. When ALM lawyers send takedown notices in situations like this only serves to muddy the waters and give critics of the law ammunition to attack it.
The DMCA is not a band-aid to be applied in every case of online theft
One can understand why ALM is moving quickly to protect their business model, but shouldn’t the DMCA be reserved for clear instances of real copyright infringement? Can the operators of Ashley Madison really claim to own the photographs and biographical material of its clients?
I suppose the issue will eventually end up in a court of law but in the meantime why doesn’t Congress to step up to the plate and tackle issues surrounding digital hacking, cyber abuse and privacy? No matter what does or does not happen on Capitol Hill, it’s clear that companies (and governments) ultimately need to do a better job encrypting databases to protect them from determined hackers.
Using the DMCA is a dubious solution to a vexing problem. As D.E. Wittkowe noted today in an opinion piece for the Christian Science Monitor:
Copyright law is supposed to protect creative works in a marketplace so that creating and selling these works can be profitable. Protecting these intimate expressions as goods in a marketplace fails to address what’s wrong about wrongfully publishing them. It’s wrong because it’s an invasion of privacy and a violation of trust, not because it threatens someone’s profits.
Let’s hope someone in Washington is listening.
by Ellen Seidler | Copyright, Google, Law, Piracy, Tech
Google could learn a thing or two from VIMEO about how to run an efficient DMCA takedown system
Love it or hate it, for now the DMCA (Digital Millennium Copyright Act) is the law of the land when it comes to safeguarding creative content online. The law, passed nearly 20 years ago, is woefully outdated, but for now, it’s the only tool creators have to protect their work from online thieves. Unfortunately, not every company in the business of “user generated content” approaches DMCA compliance the same way.
Google, a company that makes billions each year in ad revenues generated via trafficking in dubious content, has set up a takedown system that ensures the sending of a DMCA takedown notice is an onerous and inefficient task. After all, the harder Google makes it, the more discouraged creators will become, and the more money continues to flow into its coffers…
Anyone who’s made music or a movie probably has had experience with sending a DMCA takedown request to Google in some form. Whether it’s removing pirated music on YouTube, or requesting the takedown of pirated movies off Blogger sites, creators must tackle a haphazard and convoluted patchwork of online forms in order to get their work removed from Google’s online products.
Not that Google will listen to me, but I’m going to offer some suggestions for simple ways the company could improve the takedown system. Part I will focus on Blogger, Google’s online website platform that’s become the favorite of many pirate entrepreneurs due to its ease of use.
As a creator, when you discover a pirate website hosted by Google’s Blogger (on blogspot.com) is offering pirated copies of your music or movie, to get it removed you usually have to send a DMCA notice to Google.
Here’s where Google turns what could be a relatively easy task into a huge time suck. First, in order to find the correct online form for Blogger you’re forced to click through a myriad of radio-buttons on Google’s Removing Content From Google page. When you finally do manage to click your way through to the proper form (it takes 7 clicks) you’ll waste more time carefully filling in each and every section. Note, your browser’s auto-fill function won’t work particularly well here. Finally, after you complete the form and click send, you can only wait (and hope) that the content will be removed. It can literally take weeks and sometimes it never gets removed.
Here’s where it gets particularly annoying. Many companies, take the video-hosting site Vimeo, for example, give rights holders several ways to send a takedown notice: email, a web form or snail mail. When sending a DMCA to Vimeo (and many other sites) I use a template I created (with an attorney’s help) that makes it easy to copy and paste infringing links into a DMCA takedown email. It’s not only quick, but I have a record of the notice in my sent email box. For indie content creators fighting online piracy, email is by far the most efficient way to send and record DMCA notices. As far as I’m concerned, Vimeo earns a gold start for DMCA takedown efficiency.
Vimeo provides a shining example of good DMCA takedown practices:
- Vimeo accepts email submissions. It’s quick and efficient–a godsend if you have to send notices routinely (as many musicians and filmmakers do).
- You have a copy of the DMCA notice you sent and proof of when it was sent.
- You receive an email confirmation from Vimeo that the material has been removed and their message includes a copy of your original DMCA notice.
- Vimeo provides a reference # so that if there are any issues with your notice, you can easily follow-up with the real person that signs the email receipt.
Meanwhile, over at Google, things aren’t so straightforward. Each time I send a DMCA takedown to Google via its web form, if I want to keep a copy, I’m forced to create a PDF copy of web form. Even then some of the entries don’t show up. For the rights holder it’s an imperfect and time-wasting process. Google has intentionally created a takedown process that impedes creators at every step.
Google’s Blogger takedown procedure is a joke:
- Google requires users navigate through a series of buttons (7 clicks) to get to the DMCA web takedown form.
- Google requires you fill in the entire form each time you need to sent a takedown notice.
- Google does not give you a copy of the form you sent, only a brief acknowledgement that you sent something signed by the mysterious “Google Team.”
- Sender never receives notification infringing material has been disabled.
Because of their business practices, Google does have to deal with tons of takedown notices every day. It’s a mess of its own making and they certainly have the financial resources to deal with it responsibly. Google reps insist a web form is the only way to make sure they receive the information required in a DMCA notice. However, their refusal to accept emails (that could be read by a bot) forces indie artists who routinely send takedown requests to its web maze.
Since users are forced to use a DMCA web form, there’s certainly NO justifiable reason Google can’t respond with an email confirmation that includes the original takedown notice. After all, that’s an automated process and would require ZERO resources on their part. Google chooses not to do so because they want to make the process as opaque and complicated as possible. While it complies with the letter of the law, Google has refined a system whereby creators are discouraged from exercising their legal rights at every turn.
Google’s DMCA practices are designed to impede rights holders every step of the way
Vimeo quickly sends an email confirming removal
Along with the email, Vimeo includes the original DMCA notice
Google makes users jump through hoops to send a DMCA notice, doesn’t provide a copy, and offers no confirmation that any action has been taken
Google includes a case number in the subject heading of the email, but don’t bother trying to contact Google using it. The “Google Team” won’t respond. So what’s the case number good for? Not much.
As for turnaround time-when I send VIMEO a notice within hours the content has been removed (and I receive an email confirmation along with a copy of my notice). With Google it can literally take weeks…and sometimes nothing happens…ever.
In order to improve the DMCA system on Blogger I would ask for the following:
- Offer a direct link to the Blogger DMCA takedown form
- Allow the form to be auto-filled and if one has a Google account information the form would be pre-filled with the appropriate information
- Send an email receipt that includes a copy of the DMCA notice
- Send confirmation when the infringing content has been disabled
- Remove content in a timely manner. This means days, NOT weeks.
For a company like Google that can take us to the top of Mt. Everest with the click of a mouse it’s beyond comprehension as to why they can’t offer content creators a better way to utilize the DMCA process. Google periodically publishes puff PR pieces extolling the myriad of ways it supposedly tackles piracy, but in reality helps maintain the status quo where the rights of online thieves are held in higher regard than those of creators. Of course for Google impeding the legal rights of creators is good for business. Profits ahead of people is the key to Google’s success.
Next week-Part II-YouTube’s DMCA CMS takedown, another inefficient mess for rights holders.
