U.S. firms enable scammers to bait consumers and steal personal info
Spam and scams have become a way of life. Every day my in-box is full of emails warning that my Apple, PayPal or Wells Fargo credentials have been compromised and instructing me to click a link to restore my good standing. Of course, I’m well aware these are scams but clearly there are many who aren’t.
The same thing holds true with websites. It’s a well-known fact that for many–if not most– piracy peddlers, online malware supplies their lifeblood, their income. The Digital Citizens Alliance* just release a new study highlighting the role U.S. companies are playing in support of this scourge.
In the case of content theft, the pirated movies, TV shows and music is the draw. Bad actors dangle free content, consumers take the bait, and the end result is millions of identities at risk and billions of dollars stolen. Then these computers are taken over to wreak more havoc, causing a nightmare for everyone from Internet users to advertisers who get defrauded, to corporations blackmailed into paying off hackers who threaten to use those rogue computers to launch attacks.
While these rogue sites are run by overseas operators, the DCA found that many are hosted by companies headquartered here in the United States. The study singles out two U.S.-based firms, CloudFlare and Hawk Host as routinely offering up services to malware infested sites.
CloudFlare helps these criminals mask their locations by shrouding their network hosting and domain info:
In order to utilize CloudFlare’s CDN, DNS, and other protection services customers have to run all of their website traffic through the CloudFlare network. The end result of doing so is masked hosting information. Instead of the actual hosting provider, IP address, domain name server, etc., a Whois search provides the information for CloudFlare’s network.
When researchers at the DCA contacted CloudFlare for comment, they received the typical boiler-plate, we aren’t responsible for our customers response:
CloudFlare’s service protects and accelerates websites and applications. Because CloudFlare is not a host, we cannot control or remove customer content from the Internet. CloudFlare leaves the removal of online content to law enforcement agencies and complies with any legal requests made by the authorities. If we believe that one of our customers’ websites is distributing malware, CloudFlare will post an interstitial page that warns site visitors and asks them if they would like to proceed despite the warning. This practice follows established industry norms
-DCA
The DCA’s investigation into Hawk Host highlighted the same scenario. Use pirated films and music to attract visitors and entice them to download malware (before they can download the pirated content). The response from Hawk Host was somewhat different in that their tech support staff agreed that the malware sites reported by the DCA were indeed violating the companies terms of service and should be closed. According to the report:
After an exchange of information, Hawk Host agreed the sites did violate their policies and told Digital Citizens the sites would come down. Cody Robertson (Chief Technical Officer) said the sites “clearly violate our TOS / AUP.” He did add that it would be impossible for Hawk Host to audit all of the 100,000-plus sites they host and that they would continue to rely on abuse reports. Hawk Host’s swift action is an encouraging sign and Digital Citizens is hopeful that the company will continue to take steps to protect Internet users from malicious content.
This is a step in the right direction. For many websites, piracy is a means to and end and in order for win the fight against it, the problem must be tackled on many fronts from search, to infrastructure, to income. The threat of the public being victimized by malicious malware only adds to the damage done by online pirates. You can read the entire DCA report here.
#1 Our pirate pal Kim Dotcom is back in the news as a hearing for his extradition to the United States to face charges of copyright infringement, racketeering, and money laundering was held Monday in New Zealand:
Big car, big chair, big black outfit means a grand entrance at court for America’s target. –NZ Herald
#2 Copyright Reform Takes Center Stage in Nashville. It’s a chance for those who work in the music industry to make sure their voices are heard as members of the House Judiciary Committee come to town to talk copyright and two pieces of legislation close to the heart of those in Nashville, Two pieces of legislation championed in Nashville — the Songwriter Equity Act and the Fair Play Fair Pay Act.
For consumers, the digital age means accessing music anywhere, anytime at a very low cost (or free) but the picture isn’t so rosy for those who actually make their living writing and performing music. Everyone acknowledges that online piracy was the first tsunami to hit the music industry, but now, though legal, the rise of streaming services like Pandora and Spotify have served to further undermine creators via an antiquated and utterly lopsided licensing system. While most consumers remain blissfully unaware of the complexities of the music licensing maze, those who depend on it for their paycheck are acutely aware that it’s in dire need of an update. In the eye of the storm sit nearly 75-year-old “consent decrees” that determine how rates are set for various forms of music licensing. With the advent of online streaming, those who make their living creating music have found that the outdated decrees have hamstrung their ability to earn a living in the digital age. AsWilliam McConnell explains in his piece “Copyright debate has new tune in the age of streaming” published on thedeal.com:
Artists and the publishing industry say the system needs to be revamped with the advent of digital delivery technology that has devastated sales of traditional CDs. That trend has intensified as listeners increasingly rely on streaming services like Pandora, Spotify, Grooveshark and Beats Music rather than on digital song-purchasing services like Apple Inc.’s iTunes, which pay artists and publishers significantly higher fees. The shift has cut into artists’ earnings from recording music.
We are gratified by the Department of Justice’s decision to open a formal review of the ASCAP and BMI consent decrees. Since the ASCAP decree was last reviewed in 2001 – before even the iPod was introduced – new technologies have dramatically transformed the way people listen to music. ASCAP members’ music is now enjoyed by more people, in more places, and on more devices than ever before. But the system for determining how songwriters and composers are compensated has not kept pace, making it increasingly difficult for music creators to earn a living.
ASCAP remains committed to working with the Department of Justice and all industry stakeholders to modernize the music licensing system so that it better serves songwriters, the businesses who depend on our music and the people who listen to it – not just today, but for generations to come. Updating music licensing regulations to reflect the realities of today’s music landscape will preserve the benefits of collective licensing to businesses that license music, give consumers greater access to the music they love and allow the more than 500,000 songwriters, composers and music publishers we represent to be compensated for the true value their music brings to the marketplace.
With the deadline on August 6th for public comments fast approaching, it’s crucial that songwriters and those who support them speak up on the issue. As musician David Lowery explained in a call to action, published today on The Trichordist:
The DOJ is reviewing the WWII era consent decrees that force songwriters under federal court supervision for supposed anti-competitive practices. Yes the awesome power of the federal government is being used to protect multi-billion dollar companies like Clear Channel, Sirius, Pandora, YouTube/Google, Amazon and Spotify from hippy freak songwriters. Considering that many of these companies are effective monopolies it’s a stunning abuse of federal power on behalf of a few politically connected corporations. The consent decree forces songwriters to allow these services to use our songs while a single appointed for life judge (song czar) makes arbitrary sets our rate of compensation. You may remember that I posted that my million spins on Pandora earned me less than $17? And I can’t even opt out of this service. How is that even fair? That’s how this kind of outrage occurs. This amounts to a government mandated subsidy from songwriters to some of the largest companies in the world. If you are a songwriter, please submit comments. The DOJ specifically would like to hear from you. If you don’t’ understand the legalese just make a simple statement about how you feel about the compensation from these digital services that results from these consent decrees. Be passionate but polite. Here are the instructions: http://www.justice.gov/atr/cases/ascap-bmi-decree-review.html
You should check out Lowery’s post to read the complete comments he posted in response to the DOJ solicitation as well but here’s his opening paragraph:
I am an American songwriter, a member of BMI and a member of the bands Cracker and Camper van Beethoven. I’m submitting this comment on my own behalf in opposition to the ASCAP and BMI consent decrees. I believe these government actions essentially are a compulsory license outside of the Congress and take away songwriters’ rights to due process of law.
You can find out more on the DOJ’s review here but here’s an excerpt as to what they are seeking and where to send/email your comments:
Public Comments Are Solicited
As part of its review, the Department invites interested persons, including songwriters and composers, publishers, licensees, and service providers, to provide the Division with information or comments relevant to whether the Consent Decrees continue to protect competition. While Performance Rights Organizations, such as ASCAP and BMI, monitor for unlicensed uses, enforce copyrights against unlicensed users, and administer copyright royalties, the Department is most interested in comments on competitive concerns that arise from the joint licensing of music by Performance Rights Organizations and the remediation of those concerns.
In particular, the Department requests that the public comment on the following issues:
Do the Consent Decrees continue to serve important competitive purposes today? Why or why not? Are there provisions that are no longer necessary to protect competition? Are there provisions that are ineffective in protecting competition?
What, if any, modifications to the Consent Decrees would enhance competition and efficiency?
Do differences between the two Consent Decrees adversely affect competition?
How easy or difficult is it to acquire in a useful format the contents of ASCAP’s or BMI’s repertory? How, if at all, does the current degree of repertory transparency impact competition? Are modifications of the transparency requirements in the Consent Decrees warranted, and if so, why?
Should the Consent Decrees be modified to allow rights holders to permit ASCAP or BMI to license their performance rights to some music users but not others? If such partial or limited grants of licensing rights to ASCAP and BMI are allowed, should there be limits on how such grants are structured?
Should the rate-making function currently performed by the rate court be changed to a system of mandatory arbitration? What procedures should be considered to expedite resolution of fee disputes? When should the payment of interim fees begin and how should they be set?
Should the Consent Decrees be modified to permit rights holders to grant ASCAP and BMI rights in addition to “rights of public performance”?
All comments should be submitted by electronic mail to [email protected] by August 6, 2014 and will be posted in their entirety for public review at this web address. Information that parties wish to keep confidential should not be included in their comments. Comments may also be sent, preferably by courier or overnight service, to
Chief, Litigation III Section Antitrust Division U.S. Department of Justice 450 5th Street NW, Suite 4000 Washington, DC 20001
Misogyny be found everywhere, even inadvertently on the pages of Salon
In the aftermath of the terrible Santa Barbara massacre, Salon.com Assistant News Editor Prachi Gupta posted a story today in which she examined the role misogyny plays in “nerd culture.” Gupta said she wrote the piece to explore issues raised by, “Arthur Chu, a self-identified nerd who has written a gripping call-to-action in the Daily Beast.” Her piece, like several that have appeared on Salon.com this week, adds to the overdue and significant conversations being played out across social media hashtags (#YesAllWomen) and via news outlets across the country. Gupta quotes Chu:
So, a question, to my fellow male nerds:
What the fuck is wrong with us?
How much longer are we going to be in denial that there’s a thing called “rape culture” and we ought to do something about it? No, not the straw man that all men are constantly plotting rape, but that we live in an entitlement culture where guys think they need to be having sex with girls in order to be happy and fulfilled. That in a culture that constantly celebrates the narrative of guys trying hard, overcoming challenges, concocting clever ruses and automatically getting a woman thrown at them as a prize as a result, there will always be some guy who crosses the line into committing a violent crime to get what he “deserves,” or get vengeance for being denied it.
I strongly urge everyone to read both Ms. Gupta’s and Mr. Chu’s worthwhile posts, but in doing so I’d also like to point out that perhaps Salon.com’s editorial staff should examine their own pages and consider how it, inadvertent though it may be, some of their own advertisements add fuel to the notion that women should be viewed as sex objects. Take a look at the story and note the photo/headline teases “From Around the Web” window that adorns lower right sidebar in the screen capture below: Now in the scheme of things, they’re relatively minor and juvenile examples–but nonetheless, the double entendre’s are clear. Websites subscribe to these feeds to attract traffic and clicks, i.e. income and they’re ubiquitous, and I’m sure many would argue harmless. Perhaps so, but maybe the fact we have grown so accustomed to images such as these, is worth examining while we’re on the subject of the general misogyny and sexual objectification of women. Layer by layer, bit by bit, these advertising images do add up to something greater and more troubling.
Ms. Gupta notes the, “pervasive sexism” that plagues our society. With that in mind, perhaps when Chu asks, “What the fuck is wrong with us?” Salon’s editors could begin to answer that question by revisiting the sexist spam that splashed on their own pages.
The investment that the newspaper industry makes in journalism, made possible by copyright protection and licensing agreements, contributes significantly to having a vibrant democracy where the public can make informed decisions.
Copyright detractors constantly portray copyright and copyright owners as enemies of the public interest and as obstacles to the public’s access to information. Although news aggregators claim to enhance public access to information, their contribution to the production of top quality content is virtually null. Caroline Little’s words are a refreshing reminder that the interests of content creators and the public are intertwined rather than opposed.
Ms. Little’s editorial emphasizes that in the future, in order to maintain a robust news industry, we must be vigilant in protecting it.
…journalism plays a vital role in local communities and in our nation’s democracy. But it also costs money: Newspapers continue to invest more than $5 billion a year in journalism, far more than any other medium in the United States. Newspapers deliver news and information when and where readers want it, in print, digital and mobile platforms.
To do that, we must have fair copyright laws to enable newspapers to receive fair compensation in support of this journalism.
This year, the House Judiciary Committee, the Commerce Department, the Copyright Office and others are looking at potential changes to the Copyright Act. The newspaper industry applauds these efforts to ensure that copyright law is best suited for the digital age. We hope that any changes to the Copyright Act will continue to ensure that content creators — including those who invest in journalism — receive fair compensation.
Ms. Little’s editorial focuses on the threat posted by for-profit aggregator sites that, “exist solely to aggregate content from the websites of original publishers for the sole purpose of selling this content to business users at a considerable profit.” Clearly the news business is not exempt from the type of content theft/monetization schemes that have long afflicted music, and more recently movies. As with the music and film industry, this piracy undermines legitimate journalism’s ability to publish and thrive online. As Ms. Little notes:
Newspapers’ concern in this area is not the personal use of newspaper-generated content but rather its use by businesses that benefit financially through the unlicensed monetization of that content. By taking newspaper content without paying for it, these companies undercut the fundamental economic model that supports journalism that is so important to our communities.
At first glance, I thought it legit. After all, the news website The Daily Beast was mentioned in the headline. I read the story and clicked on the Facebook link to post it on my Vox Indie Facebook page. Only then did I realize it was a pirated site for print when the post promoted the freenewspos.com rather than the article. I did a double-take and discovered that the operators of freenewspos.com had copied the entire Daily Beast story and posted it, word for word, to their site. As is typical in piracy for profit schemes, advertising appears adjacent to the piece. The site operators earn income by stealing the work of journalist Kevin Fallonfrom the Daily Beast.
Adding insult to injury, it’s a Google-sponsored AdSense ad that adorns this pirate page so Google’s making money at the expense of The Daily Beast too. Of course Google has long been in the business of enabling and profiting off pirated content, and now I can add online journalism to the list of industries that suffer from Google’s ad network profiteering. These screen captures showing the original Daily Beast story and its pirated counterpart.
Also note the disclaimer at the bottom of the pirated version, “Disclaimer statement: The point of this article or rights belongs to the authors and publishers. We take no responsibility for the content of this article and legitimacy.” The domain is hidden behind a company called Moniker Privacy Services.
When you click the “who we are link” a page pops up in Italian. Drilling down into a translation of the “Terms of Service” one finds this:
…you want to publish or print into your website, blog, forum, RSS feed or in any other publication, an article taken from our website, you must follow these rules: Respect the author’s copyright by publishing the entire article without making any changes. [emphasis added] Include all the information present in the author’s box at end of article.Do not change both the title and the content of the article. Leave all links in the article with their syntax. Insert at end of article republished claims on our website with active link: Article taken from: freenewspos.com not republish our article in sites that contain illegal or mp3 files, information for hackers, bad language, violent content glorifying racism or contain pornography, child abuse or exploitation of children, adults or animals, or any other activity deemed illegal or contrary to applicable Italian laws. Do not republish our article via unsolicited email, spamming, or pop up ads. Never sell any article taken from freenewspos.com fees not ask to read an article taken from our website.
Seems that it’s OK to pirate another’s content as long as you link to the original? Not exactly how copyright law is supposed to work, but hey, in our online environment it seems as though making up things as one goes along is fine and dandy. As Ms. Little points out, “The most convenient way to request permission to copy and distribute material is by contacting the publisher of the content. In addition, clearinghouses exist that provide an easy way for business users of content to obtain redistribution rights.” This site never mentionsasking the author for permission.
There’s also a somewhat Freudian typo in the site’s FAQ section as well an ironic (English) acronym in use. I believe it should read, “How do I use POS?” but instead it reads:
How do I sue POS?
The application operates in a complete automatic fashion. A reader is able to obtain subscription and read information without the need to log in. If you provide your E-mail, you will be able to access the POS management application,
where all notifications from POS and news can be viewed in full (POS does not send you spam or advertisements). Other advanced functions will also be available.
POS will not place any restrictions on how you use the application.However, your use and development of the application must not infringe the reputation of POS,nor cause any damage to any of its facilities. You must ensure third party rights are protected.instead of POS, as POS does not hold any copyrights of services provided by the aforementioned third party.
POS does not place any restriction on the contents or the way your articles are published,whether you are a reader or a writer. But, POS will not be held liable for any third party claims against the accuracy or the legality of any contents published.
You are not allowed to publish or paste any material involving defamation, racism, pornography, violence and any contents forbidden by laws of your country or those that POS considers or has been reported to be inappropriate. POS has the right to delete the above mentioned material or contents without notification to its publisher.
I dare say POS is a POS, but I digress. The fact is that respecting copyright ultimately means respecting creators’ rights to determine how their works are used. Companies like Google, and this (POS) pirate publishing site, practice their own alternative view of copyright–take what’s not yours and monetize it (illegally) until someone finds out.
When I checked out the site’s Twitter feed is was full of Tweets advertising “free” movies online. Not surprisingly it’s more scam than substance, as each Tweet linked to a freenewspos.com post with a bunch of keywords or summary for a popular movie title–simply more SEO churn for ad dollars. One Tweet listed links to a post that, in turn, linked to a YouTube page which, in turn, linked to another off-site ad forwarded from a Google-hosted Blogger, Blogspot.com site. Google seems to seems to be entwined in this site’s nefarious activities every which way.
When I attempted to actually login and create a user account in order to see how the site worked, the page came up blank on multiple browsers. Maybe it works for users in Italy? Regardless, it seems pretty clear that freenewspos.com is a site built on a business model dependent on attracting traffic and ad revenue by promoting content that is stolen and, often times, make believe. Perhaps not much can be done to prevent this site from operating, but surely Google could do better in choosing business partners?
Late last month ad industry executives from around the country attended the annual Advertising Week convention in New York. Included among the events was a panel “Digital Media Value Under Attack: It’s Worse than You Thought.” Nebulous title aside, it was basically a discussion focusing on the role that advertising plays in supporting online piracy. Rick Cotton, NBCUniversal’s Senior Counselor for IP Protection, pretty much summed it up when pointed out that, “No one has asked the blunt question of whether you want your ad associated with a pirate site…Advertisers should not want their ads to be in that environment. It’s getting more risky to be in business with criminal websites.”
Bob Liodice, CEO of ANA (Association of National Advertisers) agreed and suggested the industry needs to be accountable for its role in monetizing piracy.
“It makes us all shake our heads, wondering how we can wrap our arms around this. We have theft going on here.” Liodice believes that one problem is that no one has taken “ownership” of the piracy problem. “We have to create a level of collaboration in order for the [advertising] industry to own the issue.” Liodice stressed that collaboration has to be “systematized” and that the industry has to make it “personal.”
I know it’s only been a couple of weeks, but the advertising industry has been aware of the problem for a long time and yet nothing changes. Despite lip-service to the contrary and July’s White House’s announcementt of a much-hyped–but essentially toothless–anti-piracy “best practices” pact by online ad servers Google, Microsoft, Yahoo AOL and others, the sad fact is that advertisements from major American companies continue to adorn (and make money for) pirate web pages.
Below is just a sampling of ads that popped up when I looked for (and found) pirated streams of a recent indie film “White Frog.”
Why is it still acceptable for online advertisers to get away with this? Why is their money still filling pirate coffers at the expense of content creators? Online ad service providers and their clients seem to have no difficulty fine-tuning technology to sniff out web user’s product preferences. Why can’t they sniff out pirate pages and block their ads from appearing there? Do the head honchos at Snickers or USA Today know that their logos are plastered across stolen goods? Do they care? Why isn’t Disney, an entertainment giant, making sure that their dollars don’t end up in pirate pockets?
I can’t really think of any excuse for these major brands to be in the business of paying pirates to promote their products. Clearly the powers that be don’t care enough to demand change. For them, it’s all about the money, morals be damned…
For content creators whose work is routinely stolen and monetized by others perhaps its time to really pay attention. I know I won’t be putting snickers in any trick or treater’s plastic pumpkin this Halloween.
As an indie film and broadcast journalism veteran, I'll share my perspectives on issues of interest to the creative community and beyond--Ellen Seidler
U.S. firms enable scammers to bait consumers and steal personal info
At first glance, I thought it legit. After all, the news website The Daily Beast was mentioned in the headline. I read the story and clicked on the Facebook link to post it on my 
