by Ellen Seidler | Piracy, Publishing, Tech
U.S. firms enable scammers to bait consumers and steal personal info
Spam and scams have become a way of life. Every day my in-box is full of emails warning that my Apple, PayPal or Wells Fargo credentials have been compromised and instructing me to click a link to restore my good standing. Of course, I’m well aware these are scams but clearly there are many who aren’t.
The same thing holds true with websites. It’s a well-known fact that for many–if not most– piracy peddlers, online malware supplies their lifeblood, their income. The Digital Citizens Alliance* just release a new study highlighting the role U.S. companies are playing in support of this scourge.
In the case of content theft, the pirated movies, TV shows and music is the draw. Bad actors dangle free content, consumers take the bait, and the end result is millions of identities at risk and billions of dollars stolen. Then these computers are taken over to wreak more havoc, causing a nightmare for everyone from Internet users to advertisers who get defrauded, to corporations blackmailed into paying off hackers who threaten to use those rogue computers to launch attacks.
While these rogue sites are run by overseas operators, the DCA found that many are hosted by companies headquartered here in the United States. The study singles out two U.S.-based firms, CloudFlare and Hawk Host as routinely offering up services to malware infested sites.
CloudFlare helps these criminals mask their locations by shrouding their network hosting and domain info:
In order to utilize CloudFlare’s CDN, DNS, and other protection services customers have to run all of their website traffic through the CloudFlare network. The end result of doing so is masked hosting information. Instead of the actual hosting provider, IP address, domain name server, etc., a Whois search provides the information for CloudFlare’s network.
When researchers at the DCA contacted CloudFlare for comment, they received the typical boiler-plate, we aren’t responsible for our customers response:
CloudFlare’s service protects and accelerates websites and applications. Because CloudFlare is not a host, we cannot control or remove customer content from the Internet. CloudFlare leaves the removal of online content to law enforcement agencies and complies with any legal requests made by the authorities. If we believe that one of our customers’ websites is distributing malware, CloudFlare will post an interstitial page that warns site visitors and asks them if they would like to proceed despite the warning. This practice follows established industry norms
-DCA
The DCA’s investigation into Hawk Host highlighted the same scenario. Use pirated films and music to attract visitors and entice them to download malware (before they can download the pirated content). The response from Hawk Host was somewhat different in that their tech support staff agreed that the malware sites reported by the DCA were indeed violating the companies terms of service and should be closed. According to the report:
After an exchange of information, Hawk Host agreed the sites did violate their policies and told Digital Citizens the sites would come down. Cody Robertson (Chief Technical Officer) said the sites “clearly violate our TOS / AUP.” He did add that it would be impossible for Hawk Host to audit all of the 100,000-plus sites they host and that they would continue to rely on abuse reports. Hawk Host’s swift action is an encouraging sign and Digital Citizens is hopeful that the company will continue to take steps to protect Internet users from malicious content.
This is a step in the right direction. For many websites, piracy is a means to and end and in order for win the fight against it, the problem must be tackled on many fronts from search, to infrastructure, to income. The threat of the public being victimized by malicious malware only adds to the damage done by online pirates. You can read the entire DCA report here.
*I’m a member of the DCA advisory board.
by Ellen Seidler | Copyright, Film, Google, Piracy
YouTube users claim Fair Use as a defense for uploading full copies of pirated movies
There was a lot of talk about fair use and takedown abuse at last week’s U.S. Copyright Office Section 512 roundtables in San Francisco. Many of those who spoke, bemoaned how poor, innocent uploaders were victimized, time after time, by malicious DMCA takedowns.
It’s a tried and true talking point, convenient, but disingenuous all the same. Some of us, myself included, tried to make the point that creators, whose work is routinely (and massively stolen), are often (doubly) victimized by malicious fair use claims.
I thought I’d share an example of this that occurred just this week on YouTube. On Tuesday a full-copy of the Swedish indie film “Kyss Mig” (all 147 minutes of it) was uploaded to YouTube by a user aptly named “Free Movies.” As an added flourish, the user-name included the notation, “free movies bitches.”
In this instance YouTube’s Content ID system worked as intended. The Content ID user (an indie film distributor) had set the system to block uploads of a certain length in its territories. Even though the video was a full, pirated copy of the film, it wasn’t taken down, it was simply blocked. So far, so good right?
Wrong…This YouTube user didn’t seem to think the rights holder had the right to block the full, infringing copy and promptly disputed the block. S/he stated the reason as being:
Approval from copyright Holder is not required. It is fair use under copyright Law.
The user also added a note: “I don’t need to explain.” Clearly Free Movies didn’t bother to read YouTube’s information on disputing a claim or its explainer on fair use.
Despite all the testimony at last week’s roundtable about fair use–and how copyright holders seek out to punish those who claim it using malicious takedowns–it’s worth pointing out, yet again, that for every legit “fair use” claim, there are also false, and rather malicious, abuses of that defense. It’s a fact conveniently overlooked by the anti-copyright apologists.
Bogus “fair use” claim on YouTube
Take a gander below at the actual screen caps documenting this bogus “fair use” claim. Hopefully, officials considering DMCA reforms will acknowledge that creators can be twice victimized by abusive fair use claims.
I did in fact “reinstate” the claim (on behalf of the indie distributor I work for) so we’ll have to wait and see if this user goes on to file a counter-notice. If s/he does so, the film, in its entirety, will return to YouTube even though it’s CLEARLY infringing because we don’t have the financial resources to enforce the removal in federal court.
I’ve had the same thing happen after full pirated copies of our film were uploaded to YouTube. For creators trying to protect their work it’s a lose, lose…Perhaps YouTube should require it’s users to review “fair use” and “copyright” before they are allowed to uploaded content of a certain length? Why should creators be twice victimized while uploaders walk away unscathed?
by Ellen Seidler | Film, Law, Piracy, Tech
The threat of malware could turn people away from piracy
Last week the Digital Citizens Alliance (DCA)* released a study that found websites offering free, pirated content were rife with malware. According to the report, 33% of content theft sites exposed users to malware. Every month 12 million U.S. visitors to these sites open themselves up to the theft of personal data, or worse.
To assess the impact that this malware threat might have on American’s web surfing habits the DCA conducted two surveys on December 10-13.
The first examined behavior and opinions of 1,000 Americans, while the second focused on 500 Americans aged 18-29 (an age group more likely to partake in piracy). The main takeaway–once people realize malware is a threat–is that respondents would be much less likely to visit these sites.
- Fifty-three percent of Americans aged 18-29 acknowledge having visited content theft sites, nearly three times as much as the overall population.
- Seventy percent said that they knew these websites illegally offered content, while 13 percent said they knew it was “wrong” but weren’t sure if it was illegal or not.
- Sixty-three percent said that if visiting these content theft websites exposed them to malware they would steer clear of them in the future.
Figures for all age groups show an even great aversion to the malware risk with 82% reporting they’d steer clear of such websites. This, coupled with the growing influence (and traffic) of legit streaming sites like Netflix give some cause for optimism in the ongoing battle against online pirate profiteers. Below are more results from the survey.
*Disclosure-I’m a member of the Digital Citizens Alliance Advisory Board
by Ellen Seidler | Copyright, Film, Music, Piracy
MUSO’s Global Piracy Insights Report 2016 – Click for more
A report in today’s Torrent Freak noted that content protection firm (anti-piracy) firm Muso recently released its annual Global Piracy Insights Report for 2016 so I was prompted to take a look to see what what’s new on the piracy landscape. According to the report there’s been a, “massive shift towards direct downloads for music content – growing by 31% in 2015” In addition the report found that “28% of all visits to piracy sites in 2015 were through mobile devises, up 8% during the year.”
Viewing habits for pirated movie watchers also seems to have shifted over the past year as more and more users to viewing streamed content instead of downloading torrents. The study examined traffic from 14,000 pirate websites, encompassing 141 billion visits, and according to an analysis of the report on Advanced Television, discovered this trend:
Out of a total 78.49 billion film and television piracy site visits, 73.69 per cent (57.84 billion) were visits to streaming sites…the second most popular piracy delivery type was torrents, capturing 17.24 per cent of audience visits.
The report is available to subscribers only so I cannot delve deeper into the figures but I’m not surprised to see streaming gain a growing foothold as the favored viewing platform. Pirates, like the rest of us, have grown accustomed to watching shows streaming on Netflix, HULU and Amazon. It’s no wonder the same patterns persists when watching pirated fare.
For those who care about the impact of piracy on musicians, comes this unfortunate news:
2015 saw a 25% rise in the use of YouTube ripper sites, used primarily for downloading mp3’s from YouTube music videos. The ripper piracy from mobile devices overtook piracy from desktop devices, growing by 46% last year. The usage of these sites is far larger than many realise, in fact making up 17.7% of all visits to piracy sites for music content.
One piece of apparent good news from the report is that, according to MUSO researchers, “…piracy levels remained relatively throughout the year, with a 5% overall decline.”
Andy Chatterley, MUSO CEO ultimately focuses on what can be gained by studying these trends noting the report as helping creators develop a framework by which nudge consumers in better (legal) directions:
This report gives a complete picture of the piracy landscape and identifies key insights into piracy audience and behaviour. The Global Piracy Report is hugely valuable to right holders and for the first time looks at all forms of piracy traffic and not just p2p usage. In understanding the scale and mechanism of the audience we can be better informed to re-connect this audience to legal content.-MuSO press release
The report also found that streaming piracy in both the United States and UK was trending down, “likely to be due to legal music and video streaming services such as Spotify and Netflix.” But, before celebrate too much it also noted that in many countries, streaming piracy is actually increasing. What’s that old saying, two steps forward, one step back?
by Ellen Seidler | Copyright, Film, Music, Piracy, Social Media, Tech
Facebook has been promising for some time to introduce tools that would allow rights holders to automatically detect and remove pirated content from its pages.
The company has endured a lot of bad publicity around the freebooting of viral YouTube videos on its pages, but Facebook’s also long been a place where pirated movies and music found a cozy habitat. That is–until now. I’ve recently begun to utilize this tool to manage Facebook DMCA takedowns and wanted to share my first impressions, but first a bit of background.
First of all, I’m thrilled that Facebook, with all its resources, has finally begun to take copyright infringement seriously. In introducing the new tool last month the Facebook development team explained why the company had finally stepped up:
Video has become an important part of the Facebook experience for people around the world, due in large part to the amazing creativity we’re seeing from all kinds of video publishers.
To provide the best experience for everyone who watches, creates and shares videos on Facebook, we work with our community to understand which tools they want us to build. Based on this feedback, on top of the measures we already have in place, we’ve been building new video matching technology to further help rights owners protect the content they own.
Signing up is easy and the interface straightforward and simple to use
I found signing up for the rights manager tool to be relatively straightforward. You must have a page to link the rights manager to and I initially applied for, and was accepted into the program, by using our film’s Facebook page. Once I received approval I was able to upload a reference copy of our film (and trailer) to the Facebook rights manager dashboard. A trailer I’d uploaded to our page previously was also listed. From there, Facebook’s automated digital matching tools went to work.
Facebook’s Rights Manager dashboard is pretty straightforward
According to Facebook the Rights Manager tools will allow publishers to:
- Easily upload and maintain a reference library of the video content they want to monitor and protect. Publishers can upload content libraries and publish live video as references for Rights Manager to check against, including videos they are not sharing publicly on Facebook. Rights Manager then monitors for potential infringement of that content across Facebook.
- Create rules about how individual videos may be used. Publishers can set specific match rules to either allow or report copies of their videos based on criteria of their choosing—for example, how much content has been reused, where the matching video is located or how many views the matching video has received.
- Identify new matches against protected content. Rights Manager’s dashboard surfaces any new matches against a publisher’s uploaded reference files and live video. On the dashboard, publishers can filter matches by time, date or view count, and then either report potential copyright infringement or allow the matching content to remain published.
- Whitelist specific Pages or profiles to allow them to use their copyrighted content. Publishers can specify Pages or profiles that have permission to publish their protected content without being monitored for potential infringement.
- Protect their reference library at scale with the new Rights Manager API. We’re rolling out an API for Rights Manager to improve bulk uploading for publishers and to allow media management companies to support partners in managing, monitoring and protecting their content across Facebook. You can find out more about the Rights Manager API here.
Facebook’s tech support is responsive and proactive in working to improve the system
Facebook asks for feedback in an effort to improve its rights manager tools
I do believe this type of fingerprinting technology will be an increasingly crucial tool as we move forward in the battle against online piracy on sites like Facebook, but as with any new offering, there are glitches.
The good news is that so far, Facebook’s technical support team is quite responsive and the company seems to be making a concerted effort to sort through issues and improve the tool’s operation. Any time you remove an item from the dashboard a window pops up soliciting feedback. I’ve also had a fair amount of helpful email correspondence with the support team and have found Facebook’s prompt and open response to my queries offers a welcome contrast the less-than-stellar support offered by a (popular) site that shall remain nameless.
As with any new tech, there are some glitches
I also set up a Rights Manager account for an independent film distributor I work for and in the process of uploading dozens of reference files have found the “matching” to be rather hit and miss. At this point Rights Manager seems to do a great job detecting the company’s opening logo (and music) but little else. What makes it even stranger is that the tool detects the distributors opening logo and music and then matches it to the wrong reference file. Obviously ALL the titles I’ve been uploading share the same opening sequence from the distributor but when it comes time to actually issue the takedown to remove the infringing (matched) content, it auto-populates the form with the film’s title, which in these instances is the wrong one.
Lots of early glitches with Facebook’s Rights Manager tools
I’ve also come across situations where a single film title is simultaneously listed has having matched multiple reference files to different titles, but NEVER the actual reference file for that particular film. Consequently, rather than send a DMCA notice with incorrect information, which would be illegal, I have chosen to wait for Facebook to sort out this particular glitch. This is where their responsive tech support will, hopefully, come in handy.
I’ve also found that there’s a lot of uploaded content that doesn’t really match anything. Perhaps a song is playing in the background that matches the film’s soundtrack, but it’s difficult to tell? At this point the system’s matching capabilities clearly need to be dialed in order to better weed out innocent content.
As it stands, I have been manually removing this erroneous matches from the dashboard, but that takes precious time, and efficiency is one reason this system was developed in the first place. For larger entities there are API tools, but for independent, smaller entities, it seems that utilizing the dashboard will be best route.
Users can create “match rules” to fine tune content matching
Some of the hiccups I’ve encountered thus far are likely simple bugs in the system, while others may well be user error. Fortunately, Facebook has created tools that allow publishers/creators to fine tune the matches based on length of time, territory and content type.
I plan to spend some time working through the reference files I’ve uploaded to create appropriate match rules in the hope that it will result in fewer false positives.
Will creators be able to make money from their videos and music?
There’s also the question of monetization. Will rights holders be able to earn money from copies of their work uploaded to Facebook? It’s likely at some point in the future, but first Facebook will need to fine-tune Rights Manager. They can’t afford to complicate a system that’s still for all practical purposes in beta mode.
Overall I’m pleased with Facebook’s effort. Yes, it’s overdue and yes, it’s not (yet) perfect but it is a huge step in the right direction and hopefully can serve as a model for other social media and video sites across the web looking to do a better job thwarting piracy.
As I’ve written previously, I firmly believe UGC sites of a certain size (like Facebook, Vimeo, YouTube, et al) should be required to offer this type of tech in order to qualify for safe harbor. Of course that assumes the creaky old DMCA will be revised and the odds of that actually happening any time soon….well, I’ll leave that discussion for another day. In the meantime, I’m going to get busy on Facebook and upload some more reference files. So far I’ll give the new system a thumbs up!
by Ellen Seidler | Copyright, Google, Piracy
Googl
e’s updated piracy report offers the some well-worn excuses
It’s that time of year. The time of year where Google rolls out a shiny update on its “How Google Fights Piracy” report. Google began the tradition in 2013. At the time I noted that Google’s claim to be a “leader” in the fight against piracy was its first mistake. With today’s update, it appears the Silicon Valley giant hasn’t backed down from that dubious claim (or many others).
Katie Oyama, Senior Policy Counsel, Google asserts that, “We take protecting creativity online seriously, and we’re doing more to help battle copyright-infringing activity than ever before.” Yet, in spite of Oyama’s rosy quote, in truth the reality (for creators) battling online piracy continues to be a bleak one.
Google search continues to list pirate links at the top of results
For the moment I’ll focus on Google search. The report claims, “…Google does not want to include any links to infringing material in our search results, and we make significant efforts to prevent infringing webpages from appearing.” It goes on to outline what Google’s doing to remedy the issue including this nugget:
Google believes that providing convenient, compelling, legitimate alternatives is one of the best means of fighting piracy. Accordingly, Google has launched a number of initiatives to present legitimate alternatives to users as part of search results, including providing advertisements on queries for movies and music to link users to legitimate means of purchasing content.
The reports also notes that it has focused on providing, “Clean results for media-related queries users actually type: Thanks to the efforts of Google’s engineers, the vast majority of media-related queries that users submit every day return results that include only legitimate sites.”
Oh Yeah, I’ve heard this line before, but unfortunately it isn’t true. This morning, after taking a gander at the report I went to Google search to search for the recent indie film Carol. I typed in a pretty logical query–the kind “users submit every day” — choosing the phrase “watch Carol online.” The VERY TOP RESULT took me–instantly–to a full, high-quality, pirated, illegal stream of the film.
Top result leads to full, pirated stream of the movie
Ok, so maybe the word “online” is too linked to piracy….so let’s drop the term and use only the terms, “watch Carol,” the first result was identical and led to the same pirated stream. Yeah, there was was ad offering legit links at the top (which is a good thing) but unfortunately pirated versions remained front and center and at #1 in the actual search results.. 
So much for their well-oiled talking point. The fact is that Google search still provides a direct path to pirated content.
If some innocent person is simply looking for a way to (legally) watch Carol uses Google search instead of wheretowatch.com, why does the FIRST link in Google’s results offer a pirated version? I didn’t say I wanted to “watch Carol free” I said merely that I wanted to “watch Carol.” Is that a pretty standard approach to consuming movies??? Watching them???
Does Google really believe that watch isn’t a term people use every day to search for a movie online?
Google’s auto-complete suggests piracy-linked search terms
The only time I found somewhat clean results was by using the term “Carol movie.” Now, forgive me, but it someone is looking to “watch” a film doesn’t it make sense they’d use that same term in a search query? Apparently Google’s engineers didn’t think so. For them it seems that using the term “watch” is not a word worthy of inclusion amid their “vast quantity of media-related queries” when it comes to searching for a film title?
It’s also important to note that when I started typing in the terms “Carol mov…” Google’s own auto-complete provided the suggestion (carol movie online) which leads directly to the same pirated stream of Carol listed at #1 (see below).
Google auto-complete offers up a term that leads directly to pirated copy of the film
Didn’t Google’s engineering wizards notice this when they supposedly tweaked their algorithms to “return results that include only legitimate sites?”
I’ll be examining Google’s report further and will follow up with another post, but I couldn’t let the announcement of this update slide by with nary a mention. There’s much more to sift through, but I’d venture to guess it will be more of the same old, same old. As I noted in my analysis of an earlier version of this Google report:
After reading it I think a more accurate title would be “Why Google Shouldn’t Have to Fight Piracy Because it Offers so Much Other Good Stuff.”
While the report does outline various positive steps Google’s taken (under duress) to mitigate its role in incentivizing and enabling piracy, most of the document reads more like an evangelical tome as to how their innovations have benefited content creators, blunting any collateral damage that may have occurred. In other words, let’s overlook the bad in favor of the good…
I have a feeling not much will have changed…If there’s any truth in the claim that Google is “doing more” it’s because it’s allowing more pirated content than ever on its products.
