DNS providers as hack fighters? Application Groups Weigh Options * TorrentFreak


Given the extreme financial might and political influence wielded by the world’s largest entertainment corporations, most obstacles can be pushed aside or simply knocked down. But exceptions exist.

In the fight against piracy, not only do the smallest gains require unusual effort, but they increasingly depend on the cooperation of third parties, usually those in the online technology industry. If these companies cannot be persuaded to voluntarily commit commercial resources to the war on piracy, prosecutions and compulsory conscription may arise.

The message – that Internet companies must tackle piracy or be held responsible for participating in it – is not new. Internet service providers, websites, search engines, hosting providers, domain companies, social media services, and advertising companies are all seen as part of the problem.

intermediaries-counterfeit

Whether it’s terminating suspected infringing users and implementing copyright filters, performing due diligence, blocking websites or running a search engine, technology companies can be held liable when third parties disrupt the business models of other third parties. This new business reality is not just spreading, it has global aspirations.

Control phone book, control communications

A presentation prepared for the recent fifteenth session of the World Intellectual Property Organization’s Advisory Committee on Enforcement begins with a brief explanation of the Domain Name System (DNS) and how it works. The fundamental importance of DNS for the Internet is obvious.

So that humans don’t have to remember thousands of IP addresses to access their favorite websites, the DNS system keeps all those numbers in a database and matches them to domain names that are easier to remember. When domain names are entered into a browser (Google.com, for example), DNS converts the domain to an IP address and the page appears. If done correctly, it is completely invisible.

wipo - domain explainer

As of this writing, a few billion websites depend on the DNS system’s ability to perform these conversions. The problem for rightsholders is that some of these sites make it easy to find their copyrighted works, and with easy-to-remember names like thepiratebay.org, they’re too easy for people to find. .

Following legal action, ISPs in dozens of countries are now required to block their customers from accessing sites such as thepiratebay.org. Since ISPs have their own copy of the DNS “phone book”, they look up thepiratebay.org, find the IP address assigned to it, and swap it out for a completely useless one.

Rights holders like this arrangement. Critics say Internet infrastructure shouldn’t lie to its users.

So why such drastic action? FMovies….and a few others

While The Pirate Bay’s resistance to shutdown helped fuel the early days of blocking pirate sites, sites like FMovies could end up bearing the blame for more extreme measures.

With nearly 87 million visits per month through desktop alone, FMovies is not only massive, but also quite possibly the most comprehensive pirate-style VOD streaming site available today. It operates many domains in various jurisdictions under multiple brands and is also not limited to the “niches” of mainstream movies and TV shows.

Hollywood companies forced ISPs in several countries to tamper with the site’s local DNS entries after obtaining injunctions or voluntary cooperation. Site traffic continues to grow because it’s always online – DNS tampering can’t change that, not for FMovies or any other site

Perhaps the most surprising thing about the presentation is that it talks about options for action against the DNS, while revealing the countries where FMovies has infrastructure, names the companies that allegedly support that infrastructure, and places their location on a map.

fmovies-wipo-infrastructure

So what steps could be taken by DNS service providers to take FMovies offline, make it inaccessible, or even make it slightly less efficient than it is now? The presentation contains a few ideas, but before going back to it, it may be useful to review the slide.

Why would interference in the DNS system, which has no ability to delete content, be preferred to actually delete the content?

OVH and M247, two companies listed as servicing FMovies, are very large hosting operations and couldn’t hide even if they wanted to. The fact that they are in the EU also makes them “accessible” legally, in the event that they are indeed home to one of the largest reserves of counterfeit premium content in the world. They probably have no idea that is the case, of course, and being rich in money, their lawyers would be very happy to explain it, in court if necessary.

But the real issue here isn’t who has the ability to fight back, it’s that DNS interference has always been portrayed as a tool of last resort, something to use when all else fails. The presentation to the WIPO Law Enforcement Committee even states that DNS resolvers are completely incapable of removing infringing content.

“Legal frameworks and case law lack a clear picture at international and national levels. The case law primarily deals with liability as secondary infringers if DNS providers serve structurally infringing websites. This generally requires an intention, which could be established by notice,” it reads.

Sony Music certainly hopes that will be enough.

Quad9 DNS resolution dispute

In Germany, based in Switzerland Quad9 DNS Resolver is now in a direct legal dispute with Sony Music after it refused to cooperate with the label’s campaign to have a music piracy site blocked. Sony took the case to court, arguing that Quad9 has a duty to block the site – a site that does not itself contain infringing content but links to content hosted on another site (or sites), elsewhere entirely.

Perhaps with an eye to the type of intent mentioned above, Sony has indeed given Quad9 clear notice of the infringement. Unfortunately for Quad9, Germany sets the bar very low when it comes to involvement, making it the ideal location for this type of trial.

According to the legal concept of Störerhaftung, otherwise known as disruption or disruptor liability, a disruptor is someone who is involved in any way with the distribution of illegal content. As the involvement progresses, Quad9’s role is either extremely minimal or absolutely crucial, depending on the perspective.

Sony currently seems to have the upper hand (1.2) and while it’s not over yet (1), some liability protections have already been removed. According to a German regional court, since Quad9 only initiates IP address queries to DNS servers and does not transmit any information, it cannot benefit from “mere conduit” disclaimers.

Cloudflare ordered to block pirate sites

If Quad9 loses, any order forcing it to block will be part of the package being waved around in other jurisdictions to achieve the same goals: do the vendors want to cooperate now, or maybe they prefer legal conscription? In the EU, this type of approach tends to spread, where one decision leads to another and then becomes the accepted norm as intermediaries give up.

And the momentum is building.

In July, an Italian court ordered Cloudflare to block three torrent sites on its public DNS resolver 1.1.1.1. Music industry group FIMI said that since the Cloudflare service helps people access pirate sites, Cloudflare becomes part of the piracy problem. The court agreed and issued a preliminary injunction against Cloudflare.

While the copyright holders have shown their intent in no uncertain terms, Cloudflare is drawing its own lines in the sand. Although it was forced to block in both Italy and Germany, Cloudflare recently said it will fight all “global” blocking requests if they target its 1.1.1.1 DNS resolver.

Less aggressive options

If DNS entities get tired of lawsuits, they may be tempted by so-called no-fault injunctions, the presentation suggests. Popular in the UK and India, the idea is that intermediaries are named as respondents in blocking claims, but copyright holders have no intention of suing them.

Everyone involved recognizes that intermediaries are well placed to help and that everyone’s rights must be respected under the principle of proportionality. This reconciles the rights of copyright holders, the rights of intermediaries and the rights of Internet users to access information. The important thing is that there is no conflict and as long as the plaintiffs follow the procedure, blocking tends to obtain court approval.

Another preferred option does not involve the courts at all because direct agreements between copyright owners and intermediaries do all the heavy lifting. By designating groups like the MPA as “trusted notifiers,” DNS entities could follow the example of two domain registries and decide what to block privately.

“Proactive measures by DNS providers to deter online infringement and other illegal activities should be adopted, such as ensuring the accuracy of registrant/WHOIS data. Voluntary reactive measures, such as confidence notification agreements, should be encouraged,” concludes the presentation (pdf).

WIPO indicates that the views expressed in the presentation on DNS providers and resolvers are those of the authors and are not necessarily shared by WIPO members. The authors are the leading copyright attorney in Germany Jan Bernd Nordemann and Dean S. Marks, former Deputy General Counsel and Head of Global Content Protection at the MPA.

Image Credit: Jimmy Nilsson Masth (Unsplash License)

Previous 3 IPS officers promoted to IGP grade, 3 others promoted to DIG grade
Next Protecting IoT devices requires a DNS-based solution