[ Continue reading this over at RedmondPie.com ]
Internet of Things (IoT) devices might secure you against street crime but they don’t do a great job guarding you against privacy invasions. This article explains some of those privacy concerns and how to fix them.
Let’s start by looking at the ways that IoT devices can breach your privacy, and how to avoid them.
1. IoT Home Hub Devices Record Everything
Some devices, such as Google Home and the Amazon Echo, constantly listen to their surroundings. This ensures they hear you when you say their “hotword”, or activation word, which initiates audio recording.
Of course, something that’s always listening to you poses a privacy risk in itself. There has been a lot of speculation about whether these devices are always sending recorded information home, even if the user has not activated it via its hotword.
Even if this speculation isn’t based in truth, it is a fact that home hub operators receive private voice logs after the device mistakenly heard their hotword. The BBC reported that Apple and Google have stopped its employees from playing back recordings from home hubs. This was after third-party contractors discovered they were listening to intimate moments that were accidentally recorded.
How to Fix IoT Devices Always Listening to You
While popular smart home hubs have check boxes you can tick to tell them not to monitor your voice, who knows what’s going on in the background? Imagine if a stranger was sitting in on all of your discussions, and you simply made them promise not to tell anyone what it hears. Would you trust that stranger with your private information?
As such, the best way to fix this IoT security issue is to never allow it to occur. Don’t purchase smart devices that have a 24/7 listening capability (if possible). Always-listening devices are identifiable if they’re marketed as offering voice-activation, as they need constant monitoring to listen out for commands.
2. They Can Be Hacked From the Outside
A big draw for IoT devices is their ability to receive commands from the internet. This allows users to control smart home devices from any location in the world.
This feature isn’t perfect, though. While remote smart home control allows location-independent control and monitoring of your home, it also opens the door for hackers to do the same. Hacking is one of the scariest IoT privacy concerns, as people all around the world can gain access to your home uninvited.
It sounds like something out of science fiction, but it’s, unfortunately, a reality. Trend Micro claims their software blocked 5 million hacking attempts on IoT cameras, 75 percent of which were brute force attacks.
How to Fix IoT Problems With Remote Hacking
To fix this problem, you need to set up a proper remote system that can keep hackers out. Given that hackers are mostly using brute force techniques to break in, your system needs to be strong enough to resist a barrage of attempts.
Secure your account with a strong password, and use a two-factor authentication device if it’s supported. These will both stop a hacker from getting easy access to your home.
3. Devices Don’t Use Encryption
This is a giant red flag for anyone who cares about their privacy. Zscaler reported that from the 56 million transactions that passed through their cloud from IoT sources, 90% of them were sent as plain text. This means no effort was made to encrypt them whatsoever; anyone could analyze the packets and extract its data.
How to Fix IoT’s Lack of Encryption
Only use IoT devices that properly encrypt their data. Hopefully, the product will state its encryption type on the box or advertising. If it doesn’t, it’s a good idea to play it safe and not purchase it.
At the very least, you could get it and take care of what data you send; never use it for anything you wouldn’t want someone else to see.
Another option is to use a VPN’s encryption scheme on your network, like OpenVPN. Some routers allow for the user to configure a virtual private network, or VPN, on it. A VPN installed on a router allows the user to encrypt and route all their traffic through a third-party server. That would prevent any third-party snoops from inspecting whatever data is transferred between you and the end point.
4. IoT Devices Aren’t Properly Updated
Devices that undergo pressure from hacking attempts should be properly equipped with the ability to receive patches. If an exploit is found in a device, the news can spread quickly amongst the internet, which puts every owner of that device at risk.
A security patch is the best way to combat these flaws as they appear over time. However, the world of IoT has some severe patching issues. Devices may have very barebones support after release or have no means of being patched whatsoever.
A device may have the foundations for security patches, but in the quick world of IoT, the company behind it may go out of business, leaving the device stranded without updates.
How to Fix It
Unfortunately, there’s no way you can actively patch your IoT devices. Fortunately, you can take measures into your own hands by choosing companies with a good reputation or look for open source IoT devices
Putting your faith in a start-up may mean their lack of experience will cause slower updates; that is if they don’t go out of business. Larger businesses will have more experience, faster patch response times, and are far less likely to fold.
5. Devices Use Default Factory Passwords
A default password is a hacker’s favorite way of cracking devices. Some companies will give each device an individual password to prevent this flaw, but others will set the same password for all the devices they create.
If the users of these devices don’t bother changing the password, hackers can learn of the factory default login information and test it on all the devices they can find. They’re bound to find a few that still has the out-of-the-box credentials, which gives them unprecedented access over the device.
The default password problem is so bad, WeLiveSecurity reported on how California has banned any device that shipped with a default password.
How to Fix It
If any devices you purchase have a default password, change it right away. Keeping the old password is leaving the door open for any potential hackers that know the credentials for your particular device.
Improving Your IoT Security
IoT is currently full of security holes, which makes it hard to trust them with your privacy. By taking some proper precautions, you can enjoy IoT devices without handing over your details to hackers.
One highly effective method for improving IoT security is using a virtual private network (VPN) with either a router or a Pi-Hole. VPNs can disguise the location of where your IoT traffic originates. However, it requires that the user install a Pi-Hole (which is a Raspberry Pi that routes traffic through a VPN) or install a VPN on their router.
Read the full article: 5 Common Internet of Things (IoT) Security Issues and Fixes
Dating apps have revolutionized the way people meet in the modern world—making it easier than ever to find romantic partners who share your hobbies, interests, and goals.
However, like most new technology, they also bring various concerns. With the launch of Facebook Dating, these concerns have only been heightened due to the company’s track record around private data.
We spoke to Anna Collard, the Managing Director of KnowBe4 Africa, to find out some of the privacy risks that platforms like Facebook Dating and other dating apps pose to users. Here are five of the biggest privacy disasters and risks these apps can expose us to.
1. Company Data Use
The primary privacy concern from dating apps like Facebook Dating is not breaches or leaks, but the data harvesting from the providers themselves.
“What many people don’t know is that their personal information is worth a lot of money to companies. There’s that saying: personal information is the new oil,” Collard notes.
“These companies don’t just make money by finding a mate for you. They make money by collecting your information and building profiles and then selling that information,” she adds.
At the end of the day, Facebook is one of the biggest advertising platforms online. This means your dating profile activity and data could be shared for targeted advertising
The company, however, claims it will keep your Dating profile separate from your Facebook profile separate. But there are already instances where the data between your dating profile and regular profile are shared. For example, Facebook Dating suggests matches based on your groups and events.
It’s also possible that the extent of data sharing between Facebook services will increase in the future, as the company has done after its acquisitions of Instagram and WhatsApp.
“Even though Facebook claims that they will keep the Facebook Dating app completely separate from the general Facebook app, I don’t think that what Facebook says can necessarily be trusted,” Collard said.
After all, companies are able to update their terms of service at a later stage. Facebook has already reneged on the commitment to not show advertising on WhatsApp, with plans to add ads to the app’s Status feature.
How to Improve Dating-App Privacy
You can limit the amount of data collected by companies by adjusting your privacy settings and carefully reading the terms of services to understand exactly what information is collected.
However, the best way to avoid data harvesting is to avoid the services completely. This is not always possible in the digital era, but you can aim to be more selective in which services you use.
Collard notes that we should reconsider whether we want a single company to have a monopoly on so much personal information, from dating to business information.
She also adds that you should post anything on an app that you wouldn’t want to become public knowledge, since this is always a risk.
2. Private Data Leaks and Breaches
The extent of data harvesting in dating apps already compromises privacy, but this issue is compounded by security breaches and data leaks.
With private data proving so valuable, it’s a frequent target of hackers and cybercriminals. For Collard, security breaches aren’t a matter of if it happens, but when it happens.
The consequences of a dating-site data breach can be far-reaching. Collard points out that after the Ashley Madison leak, people who had used their work email addresses for the site were at risk of being identified by their employers.
“Any sort of social media account carries some privacy risks, but if you look at what you’re sharing on these dating sites, it’s much more sensitive information,” she notes.
Furthermore, the more third parties or apps your data is shared with, the more points or nodes there are for cybercriminals to target.
How to Avoid Getting Your Social Media Data Leaked
There’s nothing a user can do to prevent data breaches on the platform’s side. However, you can take some precautions.
These include not reusing passwords, usernames, or email addresses across platforms.
Collard suggests that dating app users, especially those sharing sensitive information such as HIV status or sexual preferences, should set up a completely unique email address and profile when configuring Facebook accounts, if possible.
When a dating platform requires you to sign in with your Facebook profile, or another pre-existing profile, it prevents you from mitigating the risk of breaches.
3. Cyberstalking and Stalking Risks
Since the goal of dating apps is to meet up and go on dates, they present a unique physical risk that most other apps don’t have. It’s important to be aware of this and to be selective in arranging dates.
When it comes to cyberstalking, there are multiple ways for people to link your dating profile to your other online profiles. This is especially true if you re-use usernames and profile pictures across sites.
Cyberstalking is a risk on any social platform, but dating apps can result in cyberstalking turning into physical stalking.
Furthermore, if you link your Instagram profile to your dating profile, geo-tagging your pictures can make it much easier to find the places you frequent, such as your workplace or favorite café.
“If you use an account name on, let’s say Tinder, that you use somewhere else, it’s very easy for even non-technical people to find out who you really are. You have to be really careful that whatever you set up there—that you don’t expose who you are and where you live,” Collard says.
How to Reduce Cyberstalking Risks
To mitigate the physical risk of meeting up, Collard suggests the following tips:
- Meet in public places.
- Get to know someone before being alone with them.
When it comes to cyberstalking, it’s important to reduce the risk by keeping your dating profile separate from other profiles that can be used to identify you or your workplace. In order to keep your profiles separate, take the following precautions:
- Use unique images of yourself
- Never post or share your home address
- Don’t share any identifying information that makes harassment and stalking easier for strangers.
- Keep private communications within the dating app’s chat client for as long as possible, since they don’t require you to share a phone number like other chat apps.
4. Data Used for Extortion and Discrimination
As Collard points out, dating apps have more sensitive personal data than the average social media app.
This includes sexual preferences, fetishes, dating preferences, HIV status, and other private information that can be used to extort or discriminate against individuals.
Extortion and discrimination can happen when data is leaked or when a person’s identity is linked to a dating account. This is especially true in contexts or countries where this information attracts significant stigma or in countries where homosexuality is illegal.
How to Avoid Cyber-Extortion
Again, use caution regarding who you trust and what personal data you share on dating apps. Follow these simple tips:
- Use a unique email address for a dating profile.
- Do not share intimate images that can be used to blackmail you.
Stay Safe on Online Dating Platforms
Dating apps always carry privacy risks, but make sure to take precautions when choosing to use a platform.
Always take into account a company’s track record with user privacy and data. And most of all, stay safe.
Read the full article: 4 Dating App Privacy Disasters and How to Protect Yourself
Looking for a free VPS? Before we get started, we should discuss what a VPS is.
A virtual private server (VPS) is a virtualized server remotely hosted on a machine owned (or leased) by an internet hosting provider. The machine itself is physical, while the VPS is part of a virtual environment, and the operating system which you will choose is a server OS.
VPS hosting is not usually described as affordable. For hosting websites with high-performance requirements, you’re looking at $50 a month, minimum. Usually aimed at business customers, a VPS often comes with some useful features like SSL/HTTPS built in. Such servers are typically used for online stores.
Using a VPS as a personal VPN, however, requires far less in the way of hardware resources. This makes it the perfect solution for hosting your VPN.
Whether you plan to use a VPS long term or just to try it out, you might consider a free VPS host. While some VPS hosts offer free trials, often these are little more than a scam, a gateway to your bank details.
Worse still, that’s just the beginning.
1. Free VPS Located in a Place With Sketchy Laws
When you’re looking to subscribe to a hosted VPN, one of the most important considerations is its location. It’s an advantage if the service resides in a nation without data retention laws. Better still is a VPN host that doesn’t fall under the auspices of the 5-Eyes surveillance alliance.
Similarly, if you’re planning to set up a personal VPN on a free VPS host, the location of the VPS server is paramount.
While this may not be your only privacy concern, if the VPS isn’t registered in a safe location, avoid it.
2. Can You Trust the Free VPS Host With Your Data?
You need to trust the VPS host before you sign up for it.
Signing up for a service means submitting your personal data as part of the sign-up process. For free trials, you may also need to use a credit card. Once you’ve done that and your account is created, you’ll need to set up your VPS (which involves installing the server software onto the virtualized server).
Another issue is whether logs are kept of your activity. Can you trust the VPS not to retain logs of when you log on, your IP address, or monitor your connection of evidence of activity? Can you be certain that this information won’t then be sold to advertisers or given away under legal duress?
No, you can’t.
3. A Free VPS Could Be a “Man in the Middle”
The potential for security and privacy abuses by the owner of a free VPS doesn’t end there.
A man-in-the-middle attack (MITM) occurs when you log into what appears to be a legitimate destination (a router, server, or website). The MITM attacker then uses the fake or compromised destination to capture your login, passwords, and other personal data. These scams usually go after financial information.
4. Is the Free VPS Free of Vulnerabilities?
Whether the free VPS host offers Windows or Linux, vulnerabilities can always exist.
After all, why would the owner of a free VPS spend time updating software and hardware? They’ve probably got paid customers to service. Checking the available operating systems and ensuring they’re regularly updated is wise whatever VPS you’re using.
But if the VPS environment isn’t offering up-to-date OS options, there’s a risk that your VPN installation can be subverted. Consider, for example, the hardware vulnerabilities in AMD and Intel processors, Meltdown and Spectre. If mitigation isn’t in place for these flaws, they can potentially be exploited.
While an extreme example, it nevertheless illustrates that the VPS host is not obliged to maintain a free server.
5. A Free VPS Server Could Be a Scam
Finally, very few genuine free VPS services are available. Among those that are, the aim is almost certainly to onboard potential customers with the promise of gratis hosting. While the trial-period offers are oftentimes legitimate, a few disreputable hosts abuse the concept.
When a scam is in operation, the free VPS does not exist. Victims are encouraged to sign up, choose the free VPS option, but provide card details. Eventually, it becomes apparent that the free VPS doesn’t exist.
Instead, it is a scam, and victims’ credit cards are charged.
Given how freely scammers misuse their victims’ data (see above), don’t expect this to be the end of it.
Forget Free VPS Providers
Free trials are useful. Whenever a reputable VPS offers them, they’re worth trying before buying.
However, free VPS providers that don’t have that layer of trust should be avoided. Privacy is key when hosting a VPN. If you cannot trust your VPS host with a single item in this list, then it’s time to reconsider.
Read the full article: 5 Ways a Free VPS Can Endanger Your Privacy
Most people interested in privacy or who stream Netflix need a VPN. You might only need it for your browser. Or you could require a full-VPN service to protect all your internet traffic. But what’s the right solution for your privacy concerns? CactusVPN offers most of what users need.
Is CactusVPN Right for You?
Subscribing to a virtual private network (VPN) means you can protect your privacy, particularly when using public Wi-Fi. It can also block electronic surveillance, and potentially frustrate advertising. A VPN can also protect against ISP throttling and geo-location blocking, if you ever need Netflix from another country (or if you want American Netflix). But all that is not the same thing as security from surveillance.
No VPN will protect you from physical surveillance. Members of your household can monitor internet activity regardless of whether you use a VPN. A VPN is designed more for domestic users than anyone else. Political journalists, dissidents, freedom fighters, and anyone wishing to learn restricted information publicly available elsewhere in the world should only rely on a VPN in conjunction with encrypted messaging (e.g. Signal) or accessing the internet via Tor.
However, if you’re comfortable with the inherent limitations of all VPN technology, CactusVPN offers relatively inexpensive plans ranging in price from $3.20 for the full package or as low as $2.27 for a less private way to bypass streaming geo-restrictions on Netflix.
Is Your Subscription Safe With CactusVPN?
Being able to trust your VPN is vital. If there is no trust, there is no point in using the service. The idea that a VPN might take your money and run, provide a substandard service, renege on its guarantees and features, and even share your logs with a third party, should be enough to make you look elsewhere.
According to their About page, CactusVPN was formed by three friends in 2011 and operates 27 high-speed VPN servers across 15 countries. Its headquarters is in Moldova (in Eastern Europe).
Moldova is not a member of the European Union so it is not under any existing or future data-sharing obligation. Similarly, it is not a Five Eyes group (FVEY) member, so there is no legal requirement for CactusVPN to share data with Anglo-sphere security services.
The CactusVPN philosophy is simple:
We believe everyone deserves privacy and freedom, we believe internet should be safe for everyone; we believe people shouldn’t be afraid of using the internet.
CactusVPN Free vs. Pro Features
To give you the full CactusVPN experience, both the free and pro (or paid) versions of the app include the same features. While the VPN service is wise to provide this, 24 hours probably isn’t long enough to fully appreciate any service.
The following features are all available in both CactusVPN free and pro modes.
Internet Kill Switch
A vital feature found in all good VPN clients, an internet kill switch cuts access if the VPN connection drops. A lot of different causes can cause a VPN to suddenly cut out. And most computers are designed to reestablish an internet connection as soon as the VPN drops. Without a kill switch, this automatically exposes your location to a variety of sources.
A kill switch in theory blocks all connection after a VPN drops. This means all internet is blocked until you manually reconnect to the VPN or close the client.
CactusVPN’s Apps Killer
CactusVPN, aside from offering a dedicated kill switch, offers a feature called “Apps Killer”. Apps Killer prevents only certain apps, that you select, from connecting to the internet. One scenario is blocking access to the internet during a DDoS attack on an online game. Meanwhile, if you’re torrenting with CactusVPN, Apps Killer will close your torrent client if the VPN connection goes down. This will conceal torrenting activity from your ISP, even in the event of a VPN outage. In theory, at least.
In practice, a kill switch is just another layer of identity protection.
Sort Servers by Speed
Need to find the fastest server? Like many VPN clients, CactusVPN has a drop-down menu to choose from the library of servers. While this is sorted by location by default, the list can be reorganized to Sort by speed. It’s a useful feature which we hope other VPNs will introduce.
Note that whatever server you choose will be affected by the basic speed of your internet connection. See below for speed testing results.
Easy Server Switching
As stated, the server can be easily switched to any other location. This is again via the drop-down menu, where the new server (in any city or country) can be selected. A short wait is needed while the VPN reconnects.
Easy VPN Protocol Switching
VPN protocol switching is also a feature, although this can only be done between connections. SSTP, OpenVPN, L2TP, PPTP, and IKEv2 protocols are all available via the Settings screen. We’ve written about the various advantages of VPN protocols, such as OpenVPN vs. IPSec and SSTP.
DNS Leak protection
Also in the settings screen is the option to enable DNS leak protection. Three servers can be used here: CactusVPN DNS, Google DNS, and OpenDNS.
DNS leakage has been a major problem for VPN services over the years. Having leak protection is always an advantage, but it’s curious to see it disabled by default. It may be that the service provider has disabled leak protection in order to improve VPN reliability. After all, many browsers can be manually set to prevent WebRTC leaks—at the cost of website compatibility.
An alternative mode is bundled with CactusVPN: Smart DNS. This is an alternative to a VPN, intended to enable region-blocked streaming without the load of VPN encryption and other VPN features. Intended for streaming video, it’s ideal for viewing Netflix on CactusVPN.
VPN Apps for All OSes
CactusVPN offers apps for Windows, macOS, iOS, Android and Android TV, Fire TV, and extensions for Chrome and Firefox browsers. As such, you should be able to use the service on all your devices. There is also support for other hardware via OpenVPN.
For the Fire Stick, CactusVPN offers a (free for 24 hours) VPN app.
Download: CactusVPN for the Fire Stick (24-Hours Free)
Money Back Guarantee
On top of it all, CactusVPN offers disappointed customers their money back.
Its money-back guarantee comes into play if you’re unable to connect to the CactusVPN VPN or Smart DNS servers. This is a 30-day refund policy acts like a parachute if you subscribe after trying the CactusVPN free version.
CactusVPN Security and Privacy
An insecure VPN is of no use whatsoever. Knowing the strength of security and privacy before buying a subscription is a huge advantage. Fortunately, CactusVPN’s free option can prove advantageous here.
Shared IP Address
This is a useful security feature that prevents activity being traced to your device. Instead, a shared IP address is used, grouping CactusVPN users together.
CactusVPN employs an interesting approach to encryption, utilizing both 128- and 256-bit AES encryption. While this might seem archaic, their reasoning is compelling:
The AES-128 is very strong and it cannot be cracked through full-scale search on the key. Although you may be entitled to think that longer keys offer more security benefits, the truth is that an algorithm can’t be ‘less broken’ than ‘not broken’. So there is no additional benefit for security from cranking up the key size to 256 bits.
In addition, CactusVPN highlights that a 256-bit AES connection will use 40% more CPU. As such, their argument is that there are computer resource trade-offs between security and computational overhead.
Meanwhile, several VPN protocols are on offer with CactusVPN: SSTP, L2TP/IPSec, OpenVPN, IKEv2/IPSec, SoftEther and PPTP. Which option is best depends on your activity. Overall, OpenVPN is perhaps the most desirable, but not always practical to set up. CactusVPN recommends OpenVPN and SoftEther for torrenting, however, and OpenVPN for security.
A major concern for privacy advocates using VPNs is the logging policy (as with warrant canaries, we are agnostic about the realities of logging policies). Is the data of customer activity available to third parties?
CactusVPN has a “guaranteed no-logs policy” which they hope will generate trust. Their policy states:
…we will not store any data relating to your activities while using any of our privacy solutions, and will not record, monitor, log or store any of your information. CactusVPN also guarantees that none of your information will be passed on to a third party.
In addition, they do not store “…any IP addresses, traffic logs, connection timestamps, used bandwidth or session duration information that could be traced to a single person.”
In truth, logging policies are not very enforceable outside the legal jurisdiction in which the host company resides. They are generally designed to protect the host company against consumer violations of said policy, not the customer.
CactusVPN Speed Test
A VPN reduces the speed of your internet connection—sometimes a lot. So, it’s worth knowing in advance just how much the speed will be lost.
We’ve tested CactusVPN with premium speed-testing service Speedtest.net. Note that this test was performed on a broadband fiber FTTC (Fiber to the Cabinet) local loop.
First, the speed test without CactusVPN connected:
As you can see, the speed is 41.47Mbps down, 10.05Mbps up, with a ping of 14 meters per second.
Via a VPN server in London:
39.63Mbps down, 9.57Mbps up, 17 m/s.
Finally, a CactusVPN server in Zurich, Switzerland:
Notice the difference in ping rate: 39.33Mbps down, 9.29Mbps up, a ping of 43 milliseconds.
So, with local servers, the CactusVPN speed is good, although ping rate (understandably) degrades with distance.
Smart DNS Speed Test
In addition to testing the speed of the CactusVPN, we also looked at speed using the Smart DNS feature. After all, there’s no point advertising a fast alternative to VPN for video streaming if it isn’t fast enough.
With the Smart DNS mode enabled, the results are:
As you can see, the result is a 39.23Mbps download, and 10.09Mbps upload score. Ping is 14 milliseconds to a DNS server around 40 miles (64.37 km) away.
CactusVPN Customer Service Options
Several support options are available from CactusVPN. Foremost among these is the Submit ticket option in the client app. Available alongside a Save logs button, both are found in the Help screen (a doctor’s bag in the top-left corner), accompanied by links for the ToS, Blog, Refund Policy, and more.
Clicking Submit ticket opens the relevant page on the CactusVPN website, saving you time looking for the link. Note that all contact with CactusVPN is via the support ticket screen. While they operate social media accounts (such as @CactusVPN on Twitter) the response will always be to raise a support ticket.
You can also start a live chat during business hours. This will typically appear unprompted while you browse the site.
The Support tab on the website, meanwhile, features a collection of tutorials, an FAQ, and other guided sections.
Should You Subscribe to CactusVPN?
With all of this considered, you should be ready to decide: CactusVPN, or another service?
Overall, we found it a competent VPN service. While the Windows client crashed on one occasion while switching protocols, it was otherwise stable. It’s ideal for most activities: CactusVPN connects to Netflix libraries around the world without any problem; you can use Cactus VPN servers for torrenting. CactusVPN is also safe to use for online shopping and protecting your device on public Wi-Fi.
General usage for browsing yielded good results. However, one incident caused concern: a visit to this very site via the CactusVPN server in Kansas, USA. The resulting web page was a “520 Web server is returning an unknown error”, which didn’t occur when browsing VPN Proof normally. This appears to be a common issue with free VPNs, a good reason for avoiding them. Of course, CactusVPN is not a free VPN, but might need to take steps to avoid 520 errors.
For privacy concerns, it offers a mature, considered no-logging policy that should ensure CactusVPN earns your consideration as a VPN option.
On the other hand, not all the features were interesting. While the Smart DNS mode is useful, it’s probably more suited to streaming video through a game console than as an alternative mode on your PC.
Still not certain? Use the CactusVPN free trial to help make your mind up.
Read the full article: CactusVPN Review: Can a Free VPN Option Make It Less Prickly?
The Pirate Bay is blocked in dozens of countries around the world. In most cases, ISPs are ordered to take action after a relatively short legal process.
In the Netherlands, however, pirate site blocking has proven to be a rather cumbersome and slow-moving process, lasting over a decade.
The blocking battle started in 2010 when Dutch anti-piracy group BREIN went to court, demanding that local ISP Ziggo should block The Pirate Bay. The ISP, which was later joined by XS4ALL, fought tooth and nail and used all options at its disposal to prevent a blocking requirement.
Appeals, EU Court, and a Do-over
A Dutch court first issued an order to block The Pirate Bay in 2012, but this order was overturned two years later. Anti-piracy group BREIN then took the matter to the Supreme Court, which subsequently referred the case to the EU Court of Justice, seeking further clarification.
After a careful review of the case, last year the EU Court of Justice decided that The Pirate Bay can indeed be blocked. The top EU court ruled that Pirate Bay’s operators knowingly provide users with a platform to share copyright-infringing links, which violates the EU Copyright Directive.
The EU ruling put the case back with the Dutch Supreme Court for a final say. However, instead of ending the matter, the country’s highest court decided that the case should get a do-over. The Supreme Court sent the case back to the Court of Amsterdam for a fresh look at the matter.
ISPs’ Long List of Defenses Fail
Today the Court of Amsterdam issued its new ruling, which is a clear win for BREIN. Based on existing jurisprudence from the EU Court of Justice as well as local law, it concluded that a Pirate Bay block is warranted.
In its decision, the Court waved away a long list of defenses from the Internet providers. For example, the argument that legal content would also be blocked failed, as the vast majority of The Pirate Bay’s links – 90 to 95% – point to copyright-infringing material. If this changes in the future, subscribers have options to address this in court.
The fact that Pirate Bay users will circumvent the blockades is not seen as a stumbling block either, nor is the argument that pirate streaming services are a bigger problem than torrent sites.
“The streaming phenomenon and its magnitude are irrelevant to the decision in this case, as both parties assume, as mentioned, that TPB is still a well-visited website,” the Court writes.
Other defenses failed as well. These include the alleged violation of the ISPs’ entrepreneurial freedoms, BREIN’s alleged failure to go after the Pirate Bay’s operators, and BREIN’s unauthorized collection of subscribers’ IP-addresses.
Dynamic Blocking Order
The Court ordered that the two ISPs, Ziggo and XS4ALL, must block The Pirate Bay’s domain and IP-addresses. This is a so-called dynamic blocking order, which means that new IP-addresses and domain names of TPB and its proxies can be added along the way.
The ISPs were also ordered to pay BREIN’s legal costs, which comes down to more than €250,000 for Ziggo and roughly €60,000 for XS4ALL.
The Pirate Bay has been blocked by Dutch ISPs for several years. This was the result of preliminary ruling which first required the most-used ISPs to take measures while the legal process makes its way through the courts. So for TPB users, not much will change.
Ziggo and XS4ALL have yet to comment on the verdict but are expected to be disappointed.
For BREIN and the copyright holders, however, this first blocking case is a crucial victory. Research has shown that blocking measures are not effective if a single site is blocked, so they are eager to request more pirate site blockades.
BREIN is happy with the outcome and it expects that this will be the end of the legal proceedings. However, if the ISPs see any reason to continue the case, the anti-piracy group is confident that the blocking order will stay in place.
BREIN also intends to ask other ISPs to follow suit. While these are not covered in this proceeding, the anti-piracy group can use the court order to back up their request.
From: TF, for the latest news on copyright battles, piracy and more.