Mega Has Now Terminated 95,000 Users For Repeat Copyright Infringement

Founded by Kim Dotcom following the takedown of Megaupload in 2012, Mega’s rise has been nothing less than impressive.

Despite parting ways with the entrepreneur several years ago, the cloud storage platform has gone from strength to strength. Late 2013, the site was hosting around 0.6 million files, a figure that increased to 3.6 billion just a year later. In 2019, the site reported 63.8 billion files on its servers but for Mega, significant further growth is only ever a few moments away.

“Mega’s users upload approximately 65 million files per day, 750 files per second on average,” Mega revealed this week.

Mega Publishes 2020 Transparency Report

According to the company’s just-published transparency report, by September 2020 Mega was playing host to around 84 billion files, a ~32% increase over the previous reporting period. Those files were uploaded by more than 200 million registered users located in 200 countries, all of whom enjoy end-to-end encryption that hides the content of their files both from Mega and the wider world.

Mega offers features that can be compared to those at Dropbox, so it is an attractive proposition for people looking to back up their own content, documents, and other files. But while Mega is privacy-focused by design, users are still able to easily share their files with third-parties as long as their links contain a decryption key. When this is the case, some users treat Mega like any other file-hosting platform – in some cases to store and distribute copyright-infringing files such as movies, music, TV shows, and just about anything else.

Copyright Infringement & Content Removal

When shared openly with the public, these links to pirated content attract the attention of copyright holders which are then able to file a complaint with Mega to have them taken down. Mega says that complaints and resulting takedowns happen quickly – certainly within four hours but often in minutes.

Copyright holders have three options; the removal of a specified link to a file, the removal of all links to a file, or the removal of all links to and all instances of the file.

During the most recent reporting period spanning 12 months to September 2020, rightsholders filed 1.193 million takedown requests with Mega, which sounds like a lot but when compared to the overall storage maintained by the site, percentages are low.

During the months covered by the report, the total number of links and/or files taken down peaked at just 0.0006% of the site’s total files, having hit a low of 0.0002% of total files during the first quarter. (Note: Mega’s first reporting quarter is Q4 of the previous year)

Mega Transparency 2020

While Mega took down many more links/files during its last 12 month period than it did in any previous year since its inception, the report suggests that in terms of overall content, Mega has a very low ratio of infringing versus non-infringing content.

The chart below shows a general upward trend of links taken down in 2019/2020 but the almost flat red line since 2017 reveals that despite a worrying start back in 2013, the percentage of links/files that aren’t considered infringing on the service are now keeping ratios well and truly pinned back.

Mega Takedowns 2020

“The number of unique takedown requests submitted represents a very small percentage of the total number of files stored on Mega. In Q3 2020, the links taken down represented 0.0004% of the 84 billion files uploaded to Mega servers,” the company writes.

Also a factor is the volume of incorrect notices sent to the company by copyright holders. Mega doesn’t provide a specific number but does note that when users file counternotices, the majority are accepted by the company.

“This is probably because many content owners and agents trawl the Internet using robots which generate incorrect notices on behalf of copyright owners, and due to the failure of owners and agents to review the specific link content,” Mega notes.

Dealing With Repeat Infringers

After initially operating a “five strikes” policy, in 2015 Mega introduced a “three strikes” regime to deal with users who receive multiple copyright takedown requests against their account. The company’s policy applies to users who receive three valid complaints in any six-month period. While incorrect claims are disregarded upon successful appeal and don’t count towards a ban, users reaching this limit have their accounts terminated.

“As of 30th September 2020, Mega had suspended 94,966 users for repeated infringement,” the company notes, adding that the data reveals that “suspensions have declined to a very small % of the number of registered users.”

Mega copyright suspensions

As the image above shows, Mega terminated around 8,850 users during the last 12-month reporting period, which is way down from the peaks observed in 2013, 2015 (change to ‘three strikes’) and 2017, and relatively stable when averaged out over the past three years.

Suspending Other Accounts Due to Objectionable Content

While terminating 95,000 users in total for repeat copyright infringement offenses may sound like a lot, that figure is dwarfed when it comes to the action taken by the company against those who upload child exploitation and other objectionable content. Mega says that it has terminated 565,000 accounts for storing and sharing this type of content and in all cases account information was made available to law enforcement agencies.

“Although all files stored on Mega are encrypted prior to being uploaded to our system, and we therefore cannot access that content unless we are provided with the decryption key, Mega does have access to user registration information and the IP addresses used to access our services,” the company says in respect of handing user data over to the authorities.

“After 12 months, identifying information such as email and IP addresses is anonymized (except that email address records are retained for reference by the user’s contacts or where the user has participated in chats with other Mega users), but other related database records may be retained. This includes records of financial transactions relating to a user’s account where Mega is legally required to retain such information.”

Mega’s full transparency report can be found here (pdf)

From: TF, for the latest news on copyright battles, piracy and more.


BREIN Launches Anti-Piracy Campaign Targeting BitTorrent Uploaders

Anti-piracy group BREIN is at the forefront of the fight against copyright infringement in the Netherlands.

Many of its efforts have been focused on legal action against big targets such as The Pirate Bay and the IPTV market, with the group achieving notable legal precedents along the way.

Now, however, BREIN says it wants to strike at the heart of the sharing landscape by targeting users whose sharing habits play a key role in keeping content alive.

Frequent and Long-Term Infringers on the Radar

From December 15, BREIN says it will begin a long-planned project (‘FLU’ – Frequent and Long-Term Uploaders) to reduce the availability of movies, TV series, books and music on file-sharing networks.

Using specially developed software (AFLU: Analysis Program For Frequent and Long-Term Uploaders), BREIN will search for local BitTorrent users who regularly upload infringing content and/or share it for long periods of time.

The key criteria for receiving a notice is as follows:

– IP address has been observed sharing BREIN member companies’ content
– IP address belongs to a Dutch ISP
– In a four-week period, IP address has been seen at least twice in any relevant swarm, with an interval of at least seven hours

The focus, at least for now, will be on those who distribute multiple infringing uploads of content aimed at the Dutch market. BREIN says that it has a preference for original Dutch content but will also be interested in foreign-made Dutch-subtitled or dubbed content, distributed by users of torrent sites or apps like Popcorn Time, for example.

Casual Downloaders Are Not The Initial Targets

Similar anti-piracy campaigns over the years have sought to sow widespread fear among all file-sharers but BREIN is being very specific about its targets and goals. The project is not about targeting casual sharers but those who play a more important role in the sharing ecosystem.

“This project is not about incidental – so-called ‘hit & run’ downloaders, but about frequent BitTorrent uploaders. Habitual infringers who act not so much as a primary and large-scale source, which have already been and are being successfully enforced, but more as a lubricant, because they perpetuate the exchange of illegal content through their so-called ‘seeding’,” BREIN says.

“Without these types of users, the exchange [of files] will not work.”

With this strategy of going after a relatively small subset of users, BREIN appears to be deploying a tactic that has the potential to starve BitTorrent swarms of the crucial elements they need to survive. These users not only have a tendency to supply upload faster to other users but they also seed for longer, bringing health to swarms.

In a sharing climate that is disproportionately reliant on these types of sharers, with the vast majority of users simply grabbing whatever content they need without hanging around and contributing for too long, BREIN will be hoping to degrade the transitory experience of the masses by removing bandwidth thereby rendering downloading more laborious.

Indeed, BREIN advises that “the more often and longer [users] are in an infringing BitTorrent swarm as an uploader” the more likely they are to become of interest to BREIN. This message, should it gain traction, could be of real benefit to the project.

If BREIN succeeds this could be an interesting experiment, but first of all it needs to tie IP addresses to the key individuals themselves, a practice that is rarely easy or without costs, especially in the Netherlands.

Warning Notices Will Be Sent To More Prolific Sharers

BREIN’s plan is to send “informative warnings” to more prolific sharers for at least six months, targeting up to a maximum of 1,000 IP addresses per month. It hopes to utilize ISPs’ ability to match IP addresses to real-life identities in the hope they will pass notices on.

“We will always ask for the cooperation of the relevant ISPs to forward that e-mail. In case of refusal, we will request (or demand) the corresponding email addresses so that we can send the alerts ourselves,” BREIN says.

The big question is whether the anti-piracy group can rely on traditionally stubborn local ISPs to get involved in the process voluntarily. TorrentFreak approached BREIN for comment on whether any ISPs have already agreed to work on this project but Managing Director Tim Kuik said he prefers for ISPs to individually communicate whether they are willing to cooperate.

From the language used, however, it seems that BREIN could take legal action to compel ISPs to either cooperate or even hand over customer data.

Legal Action Against ISPs That Refuse To Coopeate

BREIN says it has already considered the possibility that some ISPs won’t be willing to cooperate and is prepared for legal action to force compliance.

“BREIN will, in that case, be forced to enforce cooperation through the court. In such a situation, BREIN will most likely be looking for a minimum [data retention] period from six months into enforcement against the uploaders in the target group whose IP addresses are found in the Bittorrent swarms,” BREIN explains.

Indeed, it seems the cooperation of the ISPs might be an important element here, and somewhat of a double-edged sword. On the one hand, ISPs might face a backlash from some customers for cooperating in an anti-piracy scheme. On the other, it appears that if ISPs pass on warnings on BREIN’s behalf, BREIN won’t be seeking to obtain any information that would personally identify those infringers.

“BREIN will only do so if providers do not want to cooperate by forwarding the notifications to the subscribers whose IP numbers were obtained by BREIN in the context of FLU,” the anti-piracy group says.

BREIN says it sought advice from a communications specialist and market research company Kantar when formulating the proposed warnings, something which suggests a persuasive approach over brute force, at least in the first instance.

Campaign Forms Part of a Government-Funded Study

An interesting aspect of BREIN’s campaign is that the associated market research project has received funding from the Ministry of Education, Culture and Science. The first phase, which measured the state of play before the notices, has already been completed.

Additional research will be carried out to assess the effectiveness of the warning notices as time progresses. If a positive effect is observed, the warnings will continue but BREIN warns that if its efforts don’t yield appropriate results, it will consider bringing enforcement measures to the table.

Processing of Personal Data

The documentation provided by BREIN indicates that the anti-piracy group has been extremely thorough in considering privacy concerns. Notably, BREIN says that following consultations with the Dutch Data Protection Authority, it was determined that a license is not required for such collection of data. Nevertheless, BREIN says it will only collect the information it needs, with the rest being discarded.

“The starting point with FLU is proportionality, which means that the personal data that is processed is only that necessary for the specific purpose BREIN wants to achieve with FLU,” BREIN says.

“To detect relevant Dutch IP addresses, BREIN uses special software developed on request. Several samples are taken on various titles every month. Irrelevant addresses are not saved. Data that is not used will be deleted and data that is being used will be deleted as soon as possible after sending the advisory warning.”

Specifically, BREIN will immediately anonymize all foreign IP addresses it obtains although it will do its best to avoid them capturing them in the first place. Dutch IP addresses will be stored for a maximum of six weeks but if those same IP addresses are spotted more than twice in a four-week period, BREIN will retain them for longer to facilitate the notice-sending element of the campaign.

What Happens After the Six-Month Campaign?

BREIN says that the research into the effectiveness of the project will be “highly dependent” on the levels of cooperation it receives from ISPs. Again, it is not yet clear whether any or all have agreed to cooperate. Presuming they do and infringement “significant diminishes”, FLU will be extended for another six months with research carried out to determine effectiveness.

If ISPs do not assist, or compliance with notices does not yield sufficient results, BREIN will then decide whether to move to enforcement.

“At the earliest after this initial six-month period, if necessary BREIN will scale up and take enforcement action against those users whose samples are found three or more times in a BitTorrent swarm. These are users who continue to seed content for a long period of time or who repeatedly download and upload infringing files every month,” BREIN adds.

Finally, BREIN has also laid out criteria for enforcement action, should it be deemed necessary.

– IP address has been observed sharing BREIN member companies’ content
– IP address belongs to a Dutch ISP
– In a four-week period, IP address has been seen at least three or four times in either a) different swarms, b) in the same swarm more than seven hours apart, or c) a combination of these variants.

The documents supporting the scheme can be found here and here (PDF, Dutch)

From: TF, for the latest news on copyright battles, piracy and more.


MPA Hits MediaBox HD on Github: “Massive” Movie & TV Show Piracy

Preventing the general public from accessing movies and TV shows without paying for them is a monumental task that, if anything, feels even more difficult than it was 15 years ago.

In addition to hundreds, perhaps thousands of torrent and streaming sites, copyright holders also have to deal with the growing threat of premium IPTV, which grants access to every type of live TV under the sun for comparatively low prices.

Somewhere in the middle of this organized chaos, movie and TV show companies are trying to tackle pirate apps. Mostly Android and iOS-based, these consumer-friendly tools present content in easy-to-navigate interfaces, pulling content from not just their own sources but in many cases third-party file-hosting and IPTV/streaming suppliers, much as other pirate sites do too.

MediaBox HD Targeted By The MPA

One of the more popular tools in this growing niche is MediaBox HD. Available for both Android and iOS, the app is in demand by those looking to access premium content on their phones or, as is increasingly the case, a tablet or Android-based set-top box.

MediaBox HD

MediaBox HD’s popularity lies in its many features. Aside from a large free library of movies and TV shows, it supports services such as Real-Debrid for more reliable streaming, has Chromecast support, can offer subtitles and even allows for offline viewing. For groups like the MPA, however, these are all reasons to take the app down.

MPA Sends Copyright Complaint to Github

While MediaBox HD has its own site, at the time of writing it’s impossible to access the Android variant of its app from there. Rather than hosting the APK in the same location, the app’s developers chose to host the software on Github instead, meaning it was vulnerable to an easy takedown.

Teaming up under the banner of the Motion Picture Association (MPA), Paramount, Sony, Universal, Warner, Disney and Netflix, sent a copyright complaint to Github, calling on the platform to remove the piracy-facilitating software.

“We are writing to notify you of, and request your assistance in addressing, the extensive copyright infringement of motion pictures and television shows that is occurring by virtue of the operation of the APK software Mediabox HD, which is hosted on and available for download from your repository,” it reads.

“Specifically, at the URL, the Repository hosts and offers for download the APK, which in turn is used to engage in massive infringement of copyrighted motion pictures and television shows.”

MPA Demands Removal of MediaBox HD Under the DMCA

Attached to the MPA’s complaint but unpublished by Github, the movie and TV show group provides screenshots that claim to show that MedaBox HD streams copyrighted content to the masses resulting in “massive infringement.”

While providing various examples of alleged infringement, the MPA says that these are just the tip of the iceberg since the software goes much further by blatantly infringing other content owned by its members and copyrights held by others.

On this basis, the MPA states that infringement is “plainly is its predominant use and purpose”, citing case law including the MGM v Grokster litigation (2005), the Arista Records v Usenet dispute from 2005, and the 2009 lawsuit between Columbia Pictures and former isoHunt operator Gary Fung.

The MPA suggests that it doesn’t really mind on which basis Github removes the app, whether that’s under the DMCA’s takedown provisions, repeat infringer rules, or Github’s acceptable use policy. Interestingly, however, it does note that it is not trying to claim that the app’s code is copyright-infringing, merely that its sole purpose is to infringe.

“Please note that, by this notice, the MPA Members are not addressing copyright ownership of the APK’s specific lines of code; rather, they are addressing the use of the APK as a whole to provide unauthorized, infringing access to streaming video content, and requesting that you remove or disable access to the APK as a whole on your Repository,” the notice adds.

Github Complied With the Request

Unlike the dispute currently engulfing youtube-dl, which has put Github at odds with the RIAA, there appears to be no such confusion here. Following the request from the MPA, Github removed the MediaBox HD app and, as a result, the software is no longer available from official sources.

While MediaBox HD will likely solve this problem in due course, the attention from the MPA comes after the streaming software was featured in two earlier legal matters.

In September 2019, following a subpoena from the makers of the movie Hellboy, third-party app-store TweakBox took the decision to remove MediaBox HD (plus Popcorn Time and CotoMovies) from its platform.

A month earlier, a Pakistani man who operated a site that offered MediaBox HD, Showbox, Popcorn Time and similar software, agreed to pay a settlement of $150,000 to companies behind the movies The Hitman’s Bodyguard, London Has Fallen and Hunter Killer.

His site, the now-defunct, was forced to remove MediaBox HD and similar tools, despite not being their developer. The MPA hasn’t yet shown any public signs of seeking a settlement from the developers of MediaBox HD but given past history, that might only be a matter of time.

From: TF, for the latest news on copyright battles, piracy and more.


EU Commission Calls For Substantial Law Enforcement Boost to Fight Piracy

While cooperation across borders has been a regular feature of piracy and similar IP crime investigations across Europe, there is considerable momentum in Brussels to make better use of international resources.

Recent actions to tackle unlicensed IPTV providers, resellers and related infrastructure reveal that law enforcement entities are able to pool resources to shut down huge operations. But according to the EU Commission, more needs to be done.

Law Enforcement Needs to Give More Priority to IP Crime

In a paper published this week directed at the European Parliament and European Council, among others, the Commission details an intellectual property action plan designed to support the EU’s “innovative potential”. The 15-page document covers a wide range of IP-related topics, from general counterfeiting to pharmaceuticals, patents, and online piracy.

“As regards counterfeiting and piracy, the Commission sees a clear need to step up efforts. In 2016, imports of counterfeit and pirated goods into the EU amounted to as much as EUR 121 billion, which represents up to 6.8% of EU imports (against 5% of EU imports in 2013),” the paper reads.

“New forms of IP infringements have arisen on the internet, such as cyber theft of trade secrets (accounting for an estimated EUR 60 billion of losses in the EU, illegal internet protocol television (IPTV) and other forms of illegal (live) streaming. They raise particular challenges for manufacturing, the creative and cultural industries as well as the sports sector.”

Part of the problem, the Commission notes, is that IP crime doesn’t receive the necessary resources at the enforcement level, something that needs to be corrected in order for the EU to maximize its potential.

“The capacity of law enforcement authorities has to be substantially strengthened. Counterfeiting and piracy must become a higher priority,” the Commission notes, urging Member States and the European Council to include IP crime among the priorities for the next EU Policy Cycle.

EU Commission Promises to Reinforce Stakeholder Cooperation

Noting that all relevant stakeholders should continue their exchanges with Europol in order to further improve threat assessment and coordinated action against IP crime, the Commission says it will do its part to improve and increase cooperation between all players involved in or affected by infringement online.

At the top end, this will not only encompass numerous rightsholders but also intermediaries, including online platforms, social media companies, and the advertising industry. Enhanced cooperation will be sought from other entities too, such as those that may play a more passive role in piracy – payment services and domain name registrars and registries, for example.

This cooperation will form a part of what the Commission describes as the “EU Toolbox”, which among other things will clarify roles and responsibilities while identifying how stakeholders can work together. It will also promote new technologies such as image recognition, artificial intelligence and blockchain, to increase the effectiveness of the EU’s IP protection systems.

Protecting EU Companies From Unfair Competition

Noting that its large single market puts the EU in a special position to act as a “global standard-setter in IP”, the Commission says that must be accompanied by better protections against IP theft originating from non-EU countries.

Part of the effort to promote a global level playing field will come via the fledgling Counterfeit and Piracy Watch List, which late last year called out a broad range of alleged ‘pirate’ sites in the BitTorrent, cyberlocker, stream-ripping spaces.

The EU Commission’s paper can be obtained here (pdf)

From: TF, for the latest news on copyright battles, piracy and more.


Researcher Retains EFF To Fight DMCA Takedowns Sent By Proctoring Company

With millions of students working remotely due to the coronavirus pandemic, the use of so-called proctoring software has skyrocketed.

The stated aim of this software is to detect and prevent cheating in online tests but in order to do that, invasive systems are deployed. Proctoring software watches students through their webcams, records audio via their mics, and tracks any websites visited. On top, these tools examine body movements including eye-tracking, in an effort to identify potential cheaters.

While the companies behind proctoring software champion the benefits, criticism isn’t hard to find online. Nonetheless, Miami University student and security researcher Erik Johnson is finding it difficult to get his voice heard after US-based software company Proctorio began using copyright law to silence his work.

DMCA Takedowns on Twitter and Beyond

Proctorio requires students to install a Chrome extension so Johnson downloaded it and began publishing code snippets to Pastebin during September, linking to them on Twitter, while revealing the scale of the monitoring, among other things.

However, six weeks later he received an email from Twitter explaining that some tweets had been removed after the company received DMCA takedown notices from Proctorio alleging copyright infringement. The material disappeared from Pastebin too.

Earlier this month, Proctorio told Techcrunch that it stood by its takedowns, claiming that Johnson’s publication of code snippets represented a breach of copyright law. The EFF, on the other hand, described Johnson’s criticism – which included the citing of a source – as “a textbook example of fair use” and no different from quoting from a book.

DMCA Takedowns Continued Regardless

A week later, Johnson took to Twitter again with two more posts, one of which revealed he’d reposted the code that had been removed from Pastebin to his Github account. However, the image below shows that those tweets were affected too due to copyright complaints.


The tweets do, however, contain a link to Github but following yet another DMCA takedown request, that page has also been removed.

Battle Moves to Github

“The GitHub account ejohnson9912 is posting proprietary Google Chrome extension source code and documentation without a license or consent from Proctorio, thus infringing on our copyright,” the complaint to Github reads.

“Further, this infringement activity involved reverse engineering and unauthorized hacking through Google Chrome, violating Google Chrome’s terms of service. We request that the account be removed and/or access be disabled to the infringing materials.”

The DMCA complaint was filed with Github exactly a week ago and, as required, the coding platform removed the allegedly infringing material. However, it now appears that Johnson isn’t going down without a fight.

In a DMCA counter-notice filed yesterday, Johnson asks Github to restore his repository, claiming that Proctorio made an error when it failed to consider the fair use exemptions available to him under the DMCA. He further claims that the company mischaracterized his work.

“The disabled content consisted of code snippets used for purposes of research, education, commentary, and criticism regarding Proctorio’s product and its representations to the public. Proctorio’s complaint does not account for the fact that my use is protected by the fair use doctrine,” Johnson writes.

“Proctorio’s additional allegations of ‘reverse engineering and unauthorized hacking’ are both untrue and irrelevant to its claim of copyright infringement.”

It’s at this point things start to heat up. Presuming that Github reinstates the repo, Proctorio will then have to file a lawsuit against Johnson to have it taken down again, significantly raising the stakes. However, the researcher appears to have thought this through, with the help of some heavyweight backing,

“I consent to the jurisdiction of the Federal District Court for the judicial district in which my address is located, and I will accept service of process from the person who provided the DMCA notification or an agent of such person,” he writes.

“I can be contacted through my attorneys at the Electronic Frontier Foundation.”

From: TF, for the latest news on copyright battles, piracy and more.


Denuvo’s Anti-Piracy Protection Probably Makes Sense For Big-Selling AAA Titles

Mid-October, news began to surface that the systems of gaming giants Ubisoft and Crytek had fallen victim to a hacker attack.

Samples of the companies’ data first appeared on the dark web portal of ransomware group Egregor along with threats that the team could leak more confidential data in the days to come. Indeed, at the start of November, the source code for Watch Dogs: Legion reportedly hit the web.

Supposed Denuvo Contact Leaked

This week a new leak, apparently from the same haul, made an appearance online. Posted to various platforms including Twitter, the documents appear to reveal the financial costs of implementing Denuvo’s anti-tamper technology into Crysis Remastered.

The costs and effectiveness of Denuvo are hotly debated topics so this document, which appears to be authentic, casts an interesting light on the decisions faced by companies looking to protect their titles from piracy – if only for a while.

Crysis Remastered – The Costs of Denuvo

The ‘statement of work’ document begins by listing the headline price of Denuvo’s anti-tamper technology. There are two components – 60,000 euros for the first 12 months of anti-tamper plus another 80,000 euros if the company required ‘unique encryption’. This headline 140,000 figure could receive a discount in the event that the game was released before the end of March 2021, specifically on the Epic platform.

In the event, Crysis Remastered was released on September 18, 2020, meaning that the first year of protection from Denuvo was reduced to 126,000 euros. After the 12-month ‘protection’ period, the licensee will be given the opportunity to extend the contract, with each additional month costing an extra 2,000 euros.

In the meantime, however, additional costs can be incurred if Crysis Remastered turns out to be a particularly successful venture. In the event that the game receives 500,000 “cumulative first time activations” at any time during the licensing period, an additional one-off fee of 60,000 euros is payable to Denuvo.

Crysis Remastered Was Cracked a Month After Release

Just over a month following its release, Crysis Remastered was cracked by the group CPY, albeit after a couple of attempts to get things working as intended. So, considering that the title only enjoyed just over 30 days’ worth of protection, does that mean that Denuvo was a failure and therefore poor value for money?

That’s a big question but given that Denuvo’s current position is that it aims to protect games in the first days and weeks following release, claiming that Denuvo failed seems to be off the table. Whether it still represents good value for money also requires some guesswork, accurate figures for which are largely unavailable.

Waste of Time or Value For Money?

Nevertheless, since we know that Crysis Remastered was released in the Denuvo-discounted period before March 31, 2021, and we optimistically include the 500,000 copies sold clause relating to the first year, in this Denuvo protection will cost around 186,000 euros.

Reductions aside (some outlets are currently discounting the game), 500,000 copies sold at roughly $30.00 sounds a bit like $15m in revenue so, with the protection costing around 1.2% of gross, that doesn’t sound too bad. Indeed, at those prices, if the game enjoyed around 6,200 more sales during the first month from people who would’ve pirated had Denuvo not stopped them, the financial gamble seems pretty balanced, at least as far as this game is concerned.

Also, it’s worth pointing out that just because a game’s protection fails after a while, it doesn’t necessarily mean it won’t go on to commercial success. For reference, the first Crysis was pirated at least 940,000 times in the year following its release (2007/2008) but remained profitable and went on to sell at least three million copies. Times have changed along with the entire market since then, but it’s worth a mention.

Denuvo Provides Additional Services in the Package

As part of the deal, Denuvo reportedly sends its engineers to the developer during the initial integration and then provides remote troubleshooting support, right up until the launch of the title.

The company also carries out manual testing of the protected title and then scans for early piracy leaks post-launch alongside manual piracy monitoring with regular emailed updates.

Denuvo is Probably Here to Stay

While the leaked documents only relate to Crysis Remastered, it is by no means the only game with Denuvo protection. Of all games released since September, just four have been cracked, all of them taking roughly a month to hit pirate sites. To date, titles including FIFA 21, Watch Dogs: Legion have all ‘survived’ their first four weeks, with others such as Dirt 5 and Need For Speed Hot Pursuit Remastered creeping close to that target.

Whether those titles and the ones released more recently (Yakuza: Like a Dragon, Assassin’s Creed: Valhalla, and Football Manager 2021) will make it too remains to be seen but overall it seems that developers still have confidence in Denuvo and the insurance-type policy it provides.

Finally, it’s worth pointing out that Cyberpunk 2077, the most anticipated title of 2020, will release December 12 without any DRM whatsoever. It’s not clear what kind of deal Denuvo would’ve offered its developer but it is expected to become a smash-hit nonetheless.

The question of whether it could enjoy even more success with Denuvo may never be answered.

From: TF, for the latest news on copyright battles, piracy and more.


Youtube-dl Wins Reprieve But Deezer & Spotify Downloaders Are On Thin Ice

Takedowns of tools and sites that help users to rip content from YouTube have been ongoing for years.

Some platforms have wilted under lawsuits while others are regularly targeted using the anti-circumvention provisions of the DMCA.

Until last month, it was generally assumed that there was no effective way to counter these actions but when the RIAA targeted youtube-dl on Github, the entire situation came to be seen in a different light.

While the future will be the judge of whether the RIAA made the right overall decision, having Github remove the wildly popular software now presents a dilemma for the labels. With the bear having been well and truly poked and with Github, the EFF, and other interested parties now putting their weight and money behind a legal defense, issuing takedowns for similar tools will now present a less straightforward proposition.

That being said, the issue of stream-ripping isn’t going away anytime soon, and with Deezer and Spotify facing similar problems, legal solutions will probably need to found. However, comparing the youtube-dl fight with those faced by tools that extract content from other streaming services isn’t something that should be done in haste.

Deezer Continues To Fight Against Stream-Ripping Tools

For years, music streaming service Deezer has been trying to prevent people from accessing its premium service without paying and/or downloading tracks as DRM-free audio files.

Last month, however, Deezer’s security team sent messages to pirate app users warning them that while they had been observed using unauthorized tools, the company wasn’t going to stop them. Well, not directly at least.

Just recently, TorrentFreak received new information which indicates that while Deezer isn’t going after ‘pirate’ users, it is certainly keeping up the pressure on those who create or distribute third-party tools. In addition to various takedown notices filed with Google and Twitter (1,2,3), the company also targeted Git platform,

A complaint filed with the project, forwarded to various app developers and obtained by TorrentFreak, has Deezer demanding that several Deezer-related projects – including ‘deemix’ (a tool based on Deezloader Remix), ‘freezer’, an app that claims to help users “Download and decrypt tracks from Deezer in style”, and ‘ayeBot’, a Discord bot that downloads music from Deezer – should be taken down on copyright grounds.

“DEEZER..[..]..offers, since 2012, an international online music on demand service, through free and paying services…with a formidable presence on the Internet and has acquired renown in the music industry and among Internet users,” the complaint reads.

“We have discovered that [links on the site] make available applications as Deemix, Deezloader or Freezer, which use illegal methods to bypass Deezer’s security measures to unlawfully download its music catalog, in total violation of our rights and those of our music licensors (phonographic producers, performing artists, songwriters and composers).”

The Deezer notice is notable since it cites no specific law as a basis for the takedowns. However, while speaking with “lesderid”, the operator of the git at, TorrentFreak learned that the takedowns of the allegedly-infringing projects were carried out as requested since they were sent by Deezer in good faith.

“I try to be fair, but at the end of the day if it’s a legitimate notice sent by someone authorized to send it, I’ll take the content offline as required by EU law (largely equivalent to DMCA) to stay out of liability. I took down the repos and gave [the project operators] the option to submit a counter notice,” he explained.

Youtube-dl v Deezer downloading tools

Since these takedowns were actioned (and others too, according to various sources associated with the various projects), the question has been raised whether the youtube-dl matter could potentially render a better outcome for Deezer downloading tools moving forward. The knee-jerk reaction is probably not, but it’s still worth looking at some of the reasons why.

The main reasons for Github reinstating youtube-dl can be found in advice offered by the EFF. When these potential defenses for youtube-dl are compared to those available to Deezer downloaders, the contrast is clear to see.

The first key difference is that while both YouTube and Deezer have millions of users, only the former allows uploads from the public. This means that where it’s possible to say that youtube-dl has been used by “journalists and human rights organizations to save eyewitness videos” and “educators to save videos for classroom use”, such noble applications simply do not exist within a Deezer downloading tool. All of the content accessed is provided by companies or artists and is fully licensed, a massive difference when compared to YouTube.

In respect of YouTube’s much-referenced “rolling cipher”, characterized by the labels as encryption but dismissed by the EFF as simply a part of web-browsing, it’s fairly simple to spot the differences at Deezer. Indeed, and like competitor Spotify, Deezer uses a type of encryption in its business that the EFF strongly attempts to distance youtube-dl from.

“Importantly, youtube-dl does not decrypt video streams that are encrypted with commercial DRM technologies, such as Widevine, that are used by subscription video sites, such as Netflix,” the EFF statement reads.

YouTube is a Free Service – Deezer Premium is Not

Finally, it’s worth pointing out that most Deezer and Spotify downloaders are designed to circumvent either some of the restrictions placed on ad-supported accounts or provide full access to the related subscription service without paying for it. If we consider youtube-dl as a multi-purpose tool with substantial non-infringing uses, how Deezer downloaders operate sit in stark contrast.

Indeed, this type of behavior led Spotify to label similar software as “instruments of fraud” earlier this year, a claim that on face value shouldn’t be too difficult to build a case around. In the unlikely event the copyright claims against downloaders fall short, that is.

From: TF, for the latest news on copyright battles, piracy and more.


Amazon Patents Technology to Track Down Streaming Pirates

Amazon is not just the largest e-commerce retailer, the company also has a significant copyright portfolio.

In recent years the company has increased its anti-piracy efforts, both individually and as a member of the Alliance for Creativity and Entertainment.

The company has booked some successes but copyright infringement remains a challenge. As with other streaming platforms, virtually every Amazon title is pirated shortly after its release.

Amazon’s New Patent

With a newly obtained patent, the company hopes to make it easier to find people who leak their content. The invention titled “encoding identifiers into customized manifest data” can be used for various purposes but copyright enforcement is high on the list.

In short, Amazon proposes a technology to add unique identifiers to streaming video. While these types of ‘watermarks’ are not new, Amazon’s implementation is.

Tracking Down Pirates

The patent description is highly technical but when we focus on the anti-piracy application it becomes clear how Amazon envisions using it. The company itself provides an illustrated example of a ‘pirating’ subscriber who records a copy of its series “The Tick.”

From the patent

amazon pirate patent

The subscriber in question has a unique identifier (ID:1011). When this person plays the video, Amazon generates customized manifest data (126) based on this ID. This is used as input for the Fire TV player (124) which requests video data based on the data and decodes the video fragments from the media server (122).

When the subscriber records the video, with an HD camera in this example, this includes a code or mark that points back to the manifest data.

“However, unbeknownst to user 102, a pattern of version information 110 is encoded into at least some of the content fragments (e.g., 112-118) identified by customized manifest data 126 and is recoverable as a version pattern 132 that can identify user 102 as the source of the recorded episode,” Amazon writes.

The identification code can be clearly visible but it can also be invisible. That can be useful to make it hard for pirates to remove these identifiers.


“It is desirable in some implementations that the overlay representing version information be imperceptible to the human eye,” Amazon writes.

“Not only does that make it more difficult for content pirates to detect, alter, remove, or otherwise defeat the overlay, it ensures that the quality of the video content being marked with a version identifier is not significantly degraded.”

Without going too deep into the technical details, it is clear that Amazon is trying to find and possibly implement advanced technologies to track pirating users. These technologies already exist, but can be quite resource-intensive.

Instead of encoding the identifier or watermark in the video content, Amazon proposes to add it to the manifest data. As a result, Amazon’s solution can be more easily applied at the individual level. This can be useful to protect content on Amazon’s own streaming service, but other rightsholders may want to use it as well.

Works on Live Content Too

The company specifically mentions live streaming content, such as NFL matches including the Super Bowl. These live broadcasts can be played with individual marks, but they can also carry more general information such as people’s location.

“It should be noted that the term customized manifest data is not limited to the level of specificity corresponding to individual persons or devices as described in the anti-piracy context.

“For example, for an NFL broadcast scenario, customized manifest data might be a level of specificity based on geography,” the patent reads.

According to Amazon, its solution may also avoid the need for client-side watermarking on the user’s playback device, which is another advantage.

At this point, it is unclear whether Amazon already uses this technology but the company’s intentions are obvious; make it possible to track pirating subscribers. That said, ‘watermarking’ is not new and thus far it hasn’t stopped many pirates, so how effective it will be remains to be seen.

From: TF, for the latest news on copyright battles, piracy and more.


Nintendo Shuts Down Smash Bros. Tournament, Blames Use of Pirated Games

Video games players all over the world love Nintendo’s games and Nintendo loves gamers – as long as they play by the video game giant’s strict sets of rules.

Nintendo has a history of intolerance towards those who use its content without permission and has taken action against fans who copy, modify or recreate its titles for new platforms. Yesterday the company made its latest move, delivering a big blow to the competitive Smash Bros. gaming community.

The Big House Gets Dismantled By Nintendo

Since 2011, The Big House event has taken place annually, acting as a convention for Super Smash Brothers fans from around the world. In light of the extraordinary events of 2020, The Big House recently made the decision to take its event online for the first time in its history, hoping to continue the fun despite a worldwide pandemic.

For Nintendo, however, the manner in which this event was set to take place was simply too much. According to The Big House, Nintendo contacted them with a cease-and-desist notice, warning that the organizers do not have permission to host or broadcast the event.

“We are forced to comply with the order and cancel The Big House Online for both Melee and Ultimate. Refund information will be sent shortly. We apologize to all those impacted,” the “heartbroken” organizers announced yesterday.

Nintendo Issues Cease-and-Desist to Shut Down The Big House

The announcement from The Big House indicated that Nintendo’s objections were based in the proposed use of a third-party project known as ‘Slippi‘.

This set of tools would’ve been absolutely crucial to the proposed event as they provide Super Smash Bros. Melee with a broad range of features simply unavailable in the official version. This includes automatically saved replays, live match mirroring, and rollback netcode that allows people to smoothly play the game online. By banning the use of Slippi, the online tournament is no longer possible.

Nintendo: Pirated Games and Misuse of Branding Unacceptable

In a statement obtained by Polygon, Nintendo expressed appreciation for the “love and dedication the fighting game community has for the Super Smash Bros. series,” adding that it had partnered with numerous Super Smash Bros. tournaments in the past. However, in the case of The Big House, it simply could not tolerate the manner in which the event would be taking place.

“Unfortunately, the upcoming Big House tournament announced plans to host an online tournament for Super Smash Bros. Melee that requires use of illegally copied versions of the game in conjunction with a mod called ‘Slippi’ during their online event,” the company said.

“Nintendo therefore contacted the tournament organizers to ask them to stop. They refused, leaving Nintendo no choice but to step in to protect its intellectual property and brands. Nintendo cannot condone or allow piracy of its intellectual property.”

Why The Use Of ‘Slippi’ is Unacceptable to Nintendo

To fully comprehend Nintendo’s position requires an explanation of how Slippi functions and what its requirements are. Publicly launched in June 2018, Slippi is a custom version of the popular Dolphin emulator for the Gamecube and Wii, one adapted for Super Smash Bros. Melee online play.

Its Slippi Online component provides a key feature that the original game doesn’t – the addition of “rollback netcode” that allows for online play of a quality suitable for the testing environment of competitive online gaming. However, to achieve this the player must also have a copy of the Super Smash Bros. Melee game file on their computer to run through the emulator.

While having a backup copy of a piece of software is not illegal in the US, it’s still a big no-no for Nintendo, especially when the resulting game content will be streamed online.

Inevitable Backlash

With outlets like Kotaku now describing the cease-and-desist as “absurd bullshit” and threads on Reddit boiling over in hatred towards Nintendo by some of its most hardcore fans, Nintendo appears to have shot itself in the foot once again.

As this tweet shows, some fans simply aren’t prepared to accept that Nintendo “appreciates the love”, as history appears to show otherwise.

From: TF, for the latest news on copyright battles, piracy and more.


Xtream-Codes Breaks Silence 14 Months After Historic IPTV Anti-Piracy Raids

For broadcasters all over the world, the problem of unlicensed IPTV providers, suppliers, and resellers has only grown during the past few years.

Despite many law enforcement actions, it has remained trivial for consumers to buy subscription packages to access the majority of pay TV channels, PPV events, and VOD content. Last year, however, authorities across Europe took coordinated action to deliver what they hoped would be the most significant blow yet.

Operation Targeting Xtream-Codes

In September 2019, the Guardia di Finanza (GdF), an Italian law enforcement agency under the authority of the Minister of Economy and Finance, revealed that a huge operation was underway to dismantle, among other things, the software service known as Xtream-Codes.

What was unique about this particular action is that Xtream Codes itself wasn’t an IPTV provider. The company behind the software/system offered a comprehensive package that allowed people to manage their own IPTV reselling service and associated customers. It was also registered as a company in Bulgaria and had a local VAT number.

Nevertheless, Italian authorities portrayed Xtream-Codes as a pirate operation, one fully deserving of being shut down to face criminal charges.

For more than a year after the demise of Xtream-Codes, things went almost completely quiet. Until last week, that is, when another massive series of raids were carried out, again at the behest of Italian authorities and again making references to Xtream-Codes.

700 Law Enforcement Officers Shut Down 5,500 IPTV Resources

As previously reported, last week the European Union Agency for Criminal Justice Cooperation (Eurojust), announced that 700 police officers had been deployed in 11 countries, shutting down around 5,500 servers and other resources related to pirate IPTV.

The reports were echoed by Itay’s GdF, which claimed that as part of the operation (codenamed ‘The Perfect Storm’) it had managed to discover the identities of “over 50 million users” of pirate IPTV services.

While neither announcement mentioned Xtream-Codes by name, when the platform was shut down last year the exact same number of users was mentioned as being connected to the IPTV management system, one that the Italian authorities had already labeled a major pirate service.

It now transpires that after more than a year of maintaining their silence, the people behind Xtream-Codes have had enough.

Xtream-Codes Breaks Its Silence

Earlier today, the previously silenced Xtream-Codes (XTC) portal suddenly produced a lengthy statement in Italian. Its purpose, according to its authors, is to dispel false claims made about the company’s operations after the huge events of last week.

“The company had been in the software development business since 2015 and until its closure, operated worldwide. Proof of this is the great success of users who used the XTC platform and to whom our heartfelt thanks go, who have recognized our product as the best performing tool on the market, in the field of IPTV software,” it begins.

“Over the years we have received many recognitions and awards for our work from the entire IT community, not least XTC has been recognized as one of the 1000 fastest-growing companies in Europe.”

Noting that the company passed “the legality test” in the USA, XTC notes that it registered for the NAB Show in Las Vegas, an annual trade show produced by the National Association of Broadcasters. That event did not go ahead as planned in April 2020 due to the coronavirus pandemic but XTC says that as a company it faced additional problems of its own.

“First of all, the first key concept must be clarified: XTC IS AGAINST PIRACY,” the team insists.

“The hard work carried out in recent years, however, risks being thwarted by the legal events that have arisen in Italy in which the name of XTC, without any foundation, is compared to a criminal association dedicated to the piracy of copyrighted content.”

Xtream-Codes: We Are Against Piracy

The Xtream-Codes system itself could be put to legal uses just as easily as it could illegal uses, since it’s only the licensing status of the content being delivered that makes any difference to its standing. However, in common with software like uTorrent in the BitTorrent scene, Xtream-Codes was well known in IPTV piracy circles simply because it was used by pirate IPTV providers and by extension, many end-users.

All of that being said, it may surprise those who deployed the software in a commercial sense or utilized it in their homes that XTC now claims that it has been working with law enforcement for some time.

“Over the years, XTC has always collaborated with international judicial authorities in order to stop the phenomenon of piracy, to identify and stop those who illegally used our platform. Those judicial authorities, in their sacrosanct activities to combat crime, have always started from the right assumption, which is also the second key concept of the story: THE XTC PLATFORM IS AN ABSOLUTELY LEGAL SOFTWARE,” the company says.

“For these authorities, there has never been any doubt about the lawfulness of the XTC platform, but they have focused their attention, rightly, on the distorted use that some users have made of it and in such cases, XTC has always shown itself to be collaborative in combatting crime.”

Authorities in Italy Saw Things Rather Differently

Unfortunately for XTC, however, the authorities in Italy reportedly saw things in a different light. According to XTC, there was never any attempt to cooperate with the platform to tackle a reported minority of users who abused its systems.

“[The authorities] have never attempted to interact with XTC to try to intercept the dozen users, among the more than 2500 who counted the platform before closing, who used it illegally. XTC was in fact equated to that ten or so subjects, even placing it at the top of this criminal association,” the company complains.

XTC says that in September 2019 it was shut down and also blocked by all ISPs in Italy, a decision accepted on the basis that the truth would soon come out. However, a year on XTC says it is now suffering due to claims that it has been carrying on its business under alternative branding.

“Today, after about a year, XTC is burdened with further very strict precautionary measures, which cannot be reported here for reasons of confidentiality, since some say we are continuing our business under a different name.

“For this infamous affirmation, devoid of any foundation, once again XTC has had to suffer serious consequences, primarily in terms of reputation, which we have built with so much effort over the years,” the company complains.

Criticism of the Press and Authorities

Given the technical nature of a system like Xtream-Codes and the tendency of the mainstream media to take reports by the authorities at face value, it came as no real surprise when many publications took the information they had been provided last year and extrapolated it.

XTC says it remains very disappointed with much of the reporting, which failed to acknowledge that its systems and software only managed IPTV streams and the company did not provide any content itself. The overall intent of XTC, of course, is something to be determined at trial but in the meantime, the company feels it has been poorly treated.

“IPTV is the future and it is very sad that we have been forced to stop for no good reason. It is as if the Italian authorities are trying to spread the message that IPTV software is illegal. For this reason, we have decided to break the silence and denounce the heavy harassment we are undergoing both as XTC and personally, with the awareness that, after this story, to which we are total strangers, nothing will be the same as before.

“But, as someone said ‘soon the time of honors will be over’ and what is seriously assumed at this stage by the investigating bodies must be proven before the Italian judiciary, in which XTC places its utmost and unconditional trust,” the XTC team adds.

Hoping for an outcome in its favor, the company says it has suffered “incalculable damage” due to the actions against it but is now promising that when the truth does come out, it will be “filing a bill” to recoup its losses.

From: TF, for the latest news on copyright battles, piracy and more.