In the wake of a global pandemic, an ongoing war in Europe, and a new U.S. president taking the world on a surprise mystery tour to somewhere, Season 7 of Black Mirror faces the show’s toughest test following its Netflix debut on Thursday.

Ensuring each episode has a provocative, meaningful impact is getting harder in a world where the highly improbable seems to happen much more frequently. Facing genuine competition from real world events, including some that don’t involve Greenland, desensitization is likely to be a factor already.

Block Mirror?

There’s a risk that a Spanish-themed episode, in which a powerful corporation blocks internet traffic to improve sales of an exclusive entertainment product, might be too much, too soon.

Starting around 2008 before reaching its climax in a dystopian future labeled 2025, it could reveal how ISP blocking measures that the public didn’t want, were presented as the only viable option for tackling pirate sites. The episode could place emphasis on assurances that site blocking would always respect fundamental rights, such as the right to receive and impart information.

After fast forwarding to the present day, the episode could show how site blocking has matured to the point where targeting hundreds of pirate sites, means blocking thousands of innocent sites at the same time. Delivered to camera with a completely straight face, the audience should be informed that blocking innocent websites is perfectly fine, because a judge says that it’s legal .

Given that websites in Spain contain material protected by copyright, not to mention information that EU citizens have a right to impart and receive, it does seem unfair that thousands of sites (some claim its millions) find themselves completely blacked out when football matches are broadcast in Spain.

Circumvent Site-Blocking

So, with no help from the authorities and no TV deal expected anytime soon, Spaniards are beginning to take matters into their own hands.

Pirates have always circumvented blocking measures, mostly to access pirated content that blocking measures are supposed to deny. Today, regular developers are coming up with solutions to thwart site blocking, for reasons that include running a business and feeding their families. All they want, and it’s really not much at all, is to put up a website and have people who’d like to pay a visit face no barriers while doing so.

Well, help is starting to arrive, at least unofficially. The developers of the tools below hope to improve a situation that has only deteriorated in recent weeks.

The tools listed below are available from GitHub. Usual security caveats apply, if in any doubt, do not install.

Cloudflare Status Monitor for LaLiga Blocks

GitHub repo: aitorroma/cloudflare-laliga-bypass

Summary of key features/benefits
• The script monitors check.aitorroma.com to verify if Cloudflare is active.
• When LaLiga implements blocks during football matches, the system automatically detects it.
• Automatically disables Cloudflare when blocks are detected
• Reactivates Cloudflare when the site is back online
• Uses webhooks to keep you informed about status changes

• Minimize downtime during football broadcasts
• Eliminates the need to manually manage Cloudflare blocks
• Provides an automated solution to keep the service available
• Ensures service continuity for legitimate websites

Cloudflare Status Monitor for LaLiga Blocks is available on GitHub

LaLiga Block Evasion Filter

GitHub repo: fdezsergio02/Anti-LaLiga

How does the filter work?

This filter leverages the benefits of major CDN servers, allowing you to replace the blocked IP address provided by the DNS server with an IP address from the affected CDN that is not blocked, allowing websites to load correctly.

For example, if the URL “example.com” is associated with the IP address “1.2.3.4,” which is blocked by carriers, this filter switches to an unblocked IP address, such as “1.2.3.5,” so that legitimate pages can load correctly. Depending on the situation, it rotates to the next IP address or chooses a different IP address belonging to the same CDN.

LaLiga Block Evasion Filter is available on GitHub

LaLiga Lock Checker

GitHub repo: GitHub repo: agustim/laliga-lock-checker

Summary of key features/benefits

• Go script to check if a set of domains are blocked and, if necessary, test them through a VPN. The results are saved in a CSV file with time, status and latency.
• Read domains from a JSON file ( sites.json).
• It makes HTTP requests and checks if they respond.
• If they don’t respond, activate a VPN connection (WireGuard) and try again.
• Write the results to a CSV file: hora,domini,estat,latencia_ms.
• It allows you to configure it via command line, environment variables or .env.

LaLiga Lock Checker is available on GitHub

LaLiga IP List

GitHub repo: GitHub repo: r4y7s/laliga-ip-list

Summary of key features/benefits

• This repository maintains a whitelist of legitimate IPs that have been unintentionally affected by judicial IP blocks in Spain ordered by LaLiga as part of its anti-piracy efforts, based on public data from hayahora.futbol .
• The file laliga_ip_list.txt is updated twice a day automatically.
• What’s inside? The laliga_ip_list.txt file includes legitimate IPs that were wrongly blocked during football match streams in Spain, affecting services like: RAE (Royal Spanish Academy), universities and research centers, news outlets, sponsor and club websites

———–

Whether the existence of these tools amounts to evidence of overblocking, remains to be seen. But one thing is certain.

Providing an environment that necessitates circumvention, so that people can go about their legal business, runs counter to the prevention of piracy and so much more.

It undermines the entire site-blocking movement, and provides new credibility and moral legitimacy to anything that stands in its way – or indeed, tunnels straight through it.

From: TF , for the latest news on copyright battles, piracy and more.

In recent months, piracy-related overblocking concerns in Italy and Spain have reached new highs.

Rightsholders successfully advocated for broader blocking measures. While these may indeed be more effective, they have also resulted in a noticeable increase in overblocking reports.

For example, Italy’s “Piracy Shield” blocked access to Google Drive, CDN providers, and other legitimate sites and services. Meanwhile in Spain, overblocking is now the de facto standard, as the result of continued disagreement between football rightsholder LaLiga and Cloudflare.

Tensions remain high. Major tech companies have chimed in with calls for a more balanced approach, while some rightsholders see broader blocking action as the best way forward. Meanwhile, gestures to limit overblocking have reportedly found themselves stranded in a black hole.

.Cat Domain Registry

While it’s near impossible to cover all developments, our attention was recently drawn to a response from an organization that hasn’t raised its voice before; the Catalan domain name registry ‘PuntCAT foundation’, which manages the .cat TLD.

The PuntCAT registry allows organizations and individuals to associate with and promote the cultural Catalan identity. This includes the prominent football club Barcelona, which is currently leading the LaLiga championship.

The FCBarcelona.cat domain name doesn’t use Cloudflare and has not been inadvertently caught up in piracy blocking activities. However, other .cat domains have been affected, the registry recently confirmed.

Registry Alerts Customers and Tracks Abuse

PuntCAT reportedly heard from several customers whose websites were blocked by local ISPs, even though they have no association with football or piracy. In response, the registry alerted all customers who use Cloudflare to warn them about potential future problems.

“In recent weeks, some .cat domain holders have informed us that access to their pages, which have no connection to the broadcast of football matches, have been restricted during the broadcasts of La Liga matches,” the email begins.

PuntCAT launched an investigation following these reports and, with help from experts, found that 2,294 .cat domains use Cloudflare as a proxy to improve the security and accessibility of the associated websites.

All at-risk customers were sent an email notification and via its website , the registry informed the public that in February alone, sites with more than 400,000 visitors were affected.

Registry Doesn’t Rule Out a Legal Response

While the registry is not yet directly involved in the dispute, it decided to step up and actively monitor .cat domains for overblocking issues. This real-time monitoring allows it to take swift countermeasures if needed, potentially including legal action.

“If these undue blockages are confirmed, we commit to acting decisively to protect the quality of the service we offer our users, reserving the right to take legal action and to collectively represent the owners of the affected domains,” PuntCAT wrote in the email.

Thus far, the registry hasn’t taken action. However, the fact that core Internet services, including ICANN-accredited domain registries, are concerned about the escalating blocking measures shows that these issues impact the broader ecosystem.

Ironically, these problems come at the worst possible time, as the United States is currently considering its own site blocking legislation . Opponents of the U.S. plans, including EFF , will likely use these overblocking examples to show how site-blocking can spiral out of control.

From: TF , for the latest news on copyright battles, piracy and more.

Adult entertainment company Flava Works specializes in gay media, mostly pornographic films and magazines featuring Black and Latino men.

Over the years, the company has built a reputation for aggressively pursuing legal action against individuals accused of sharing its copyrighted content, often via private torrent sites specializing in gay content. Flava is known for identifying ordinary downloaders and those who leak their content, presumably through use of unique identifiers embedded in official videos.

Many hundreds of alleged pirates have been targeted in these legal actions, including a Hollywood executive who fought back in court. After a retaliatory lawsuit was dropped, the case was eventually settled on undisclosed terms.

In other lawsuits, Flava clearly came out on top, including a damages claim of $1.5 million against a defendant who shared seven films.

Flava’s lawsuits appeared to slow down in recent years, but a new complaint filed at an Illinois district court shows that the production company continues to monitor pirates, including those in private communities.

Lawsuit Targets Alleged Leaker & 47 File-Sharers

The complaint by Flava Works Entertainment and affiliate Blatino Media, lists Canadian resident Nicolas G. as the main defendant. Allegedly a paid subscriber to the plaintiffs’ official websites, the defendant is said to have downloaded several films and then shared some of them on private torrent tracker GayTorrent.ru, which is also accessible at GayTor.rent.

Flava accuses the Canadian defendant of downloading copyrighted videos and distributing them on the torrent platform, in violation of its terms of service.

“Defendant [Nicolas G.] downloaded copyrighted videos of Flava Works as part of his paid memberships and, in violation of the terms and conditions of the paid sites, posted and distributed the aforesaid videos on other websites, including websites with peer-to-peer sharing and torrent technology,” the complaint reads.

The legal paperwork doesn’t specify how the main defendant was linked to the pirated videos, but it’s likely they contained embedded identifiers. Flava alleges that as a result of the unauthorized sharing, dozens of members of the private torrent site were able to download the pirated videos.

These downloaders, 47 in total, are listed as John Doe defendants. They’re currently identified only by their respective usernames, including ActorCA, Balloonboy82, Furiousd2023, TheMonitor72, and WarGod83. All face direct copyright infringement claims and a risk of substantial damages.

Millions in Damages

The complaint is brief and doesn’t include any details explaining how the defendants were tracked or identified. The main defendant likely had personal details linked to their paid Flava account, but what evidence exists to show that the alleged users of the site downloaded pirated films is unknown.

The scale of the damages claim is clear. For each of the 47 John Doe defendants the plaintiffs request $150,000 in statutory damages. The main defendant faces a significantly larger claim of $1,500,000, pushing the total damages claim to over $8 million.

Again, no reasons are provided to justify these amounts but $150,000 is the maximum available for copyright infringement of a single work. The lawsuit was filed with a list of 31 copyrighted works, but no details to show who shared what and when. It’s possible that more details will emerge as the case progresses.

All in all, the recent complaint shows that after more than a decade, Flava is still actively monitoring BitTorrent pirates. While new lawsuits are rare, they are not without consequence and should not be ignored. The fact that Flava’s name previously appeared in multiple bankruptcy proceedings says enough.

—

A copy of the complaint, filed by Flava Works Entertainment, Inc. and Blatino Media, Inc at the United States District Court for the Northern District of Illinois, is available here (pdf)

From: TF , for the latest news on copyright battles, piracy and more.

Having listened to LaLiga chief Javier Tebas speak about piracy for almost an hour at a conference recently , several things become apparent.

Whether one agrees or disagrees with his stance on how to tackle piracy, in particular the blocking controversy that has dogged Spain since early February, at a time of crisis this would be the man to have fighting your corner. He’s passionate about his mission, knows exactly what needs to be done, and is as unmovable as he is uncompromising on how to get there.

For these reasons and many more like them, what some argue is a football business problem is already developing into a potential problem for everyone. Tebas believes the financial impact of piracy on Spanish football is currently between 600 and 700 million euros and with the recently confirmed authority awarded by a local court. LaLiga currently blocks 3,000 IP addresses every weekend to reduce the damage.

Empowered By the Judiciary, LaLiga Blocks in Line With the Mission

During the weekend, hunting pirates (Tebas prefers the term ‘martians’) starts at noon on Saturday and ends between eleven and midnight; rinse and repeat on Sunday. If it transpires that all 3,000 IP addresses belong to Cloudflare, LaLiga will block however many it sees fit.

Tebas acknowledges that each Cloudflare IP can in theory protect 1,000 to 2,000 non-pirate IP resources. It necessarily follows that, if blocking is effective, those ordinarily neutral web resources will be rendered inaccessible along with any offending pirate sites, for as long blocking remains in place. Tebas blames Cloudflare for using these innocent resources as ‘human shields’ and at the same time points to just a handful of cases he considers to be verified, genuine complaints.

Other complaints of overblocking are variously described as overblown or non-genuine, and collectively as just “noise.”

“Google has even paid communication agencies to say that there’s been a lot of noise, that there have been some barbaric outages,” Tebas alleged. “I’m convinced that when Google Drive was cut [by Piracy Shield] in Italy, it was with Google’s awareness. With real Google awareness, and I’m going to tell you why it’s like that.”

CDN77: Like Cloudflare But Smaller and Cooperative

CDN77 is a well-known CDN that specializes in live video and VOD. It may be smaller than Cloudflare but still claims to deliver 300 PB of video daily. Tebas doesn’t mention the circumstances that led to its cooperation with LaLiga, but he does seem satisfied with the arrangement.

“We have a company that’s much smaller than Cloudflare, but it provides the same services. It’s a Dutch company, it’s important, but it’s not. It’s called CDN77 and it does the same thing [as Cloudflare] it anonymizes [users]. Well, we have an agreement with them,” he explains.

“During the the game, when we detect CDN77 IP addresses, we don’t block them, we notify [CDN77]. They directly remove the IP address that is sharing the illegal content, and replace it with another IP and then cut it off, that’s it, it can be done technologically.”

LaLiga: No Large-Scale Overblocking

Since early February, fundamental disagreement has persisted over a) the scale of overblocking and b) whether LaLiga’s blocking can be described as indiscriminate.

To the extent that indiscriminate suggests a random, scattershot approach, LaLiga’s objections do seem reasonable. LaLiga says it targets specific IP addresses used by identified IPTV services; it’s well understood that other services may be present on the same IP, but if the judge who issued the order saw no problem, who can insist otherwise?

In the eyes of LaLiga, the scale of the overblocking isn’t significant, but the numbers do seem to lack clear definition. That being said, Tebas is very clear on what it is not.

“It’s not true that there are millions of [blocked] users, as Cloudflare put it. If there are millions of users, and the judge himself says, you haven’t proven it, and they have had the opportunity to prove it, we are the ones who have proven that it’s not true. In other words, they had to prove it, because it’s not true,” Tebas explained.

Opposing View – Overblocking is Massive

Regular updates posted to X by sysadmin @jaumepons aim to document overblocking in Spain. According to their research, the scale is enormous but given the numbers and technical issues involved, independent verification from outside the country presents challenges.

Claims on X from within Spain

From a base of almost no overblocking according to LaLiga, to the massive overblocking alleged in these reports, it’s clear that both extremes can’t exist at the same time.

According to Cloudflare, various experts, and people whose websites become inaccessible in Spain when football airs on TV, feel that the evidence is on public display. LaLiga’s position is that since evidence wasn’t produced to the standard required by the court, claims of overblocking remain unproven; presumably that also extends to the IP addresses in the image below.

All were reportedly blocked by LaLiga, all belong to CDN provider CDN77 whose cooperation may not have provided immunity from blocking as initially envisaged.

From: TF , for the latest news on copyright battles, piracy and more.

The Internet Archive is widely known for its Wayback Machine, which preserves copies of the web for future generations.

These archiving efforts, which started decades ago, will become more valuable over time. The same could apply to IA’s other projects, including the digitization of old books and records.

Seven years ago, the Archive began archiving the sounds of 78rpm gramophone records, a format that is obsolete today. In addition to capturing their unique audio characteristics, including all ‘crackles and hisses’, this saves unique recordings for future generations before the vinyl or shellac disintegrates due to age.

The ‘ Great 78 Project ‘ received praise from curators, historians, and music fans but not all music industry insiders were happy with it. Several record labels including Sony and UMG, sued the Internet Archive for copyright infringement in federal court in 2023.

Labels Seek $693 Million in Damages

Last year, IA responded to these allegations with a motion to dismiss. According to the Archive, many of the claims were simply too late, as they supposedly pointed to infringements that occurred over three years ago. The record labels claimed they were aware of this; the RIAA sent a cease and desist letter on their behalf but took no further action at the time.

The U.S. federal court in California disagreed. After reviewing the positions from both sides, Judge Maxine Chesney concluded that it wasn’t clear that the statute of limitations had expired for all works, as the RIAA’s letter didn’t mention any specific infringements.

The case moved forward and last month the music labels requested permission to file a second amended complaint, which significantly raises the stakes. This updated version includes 4,624 works that were allegedly infringed by the Great 78 Project, as opposed to the 2,749 recordings listed in the original complaint.

The music companies request the maximum statutory damages of $150,000 per work for each of these recordings, increasing potential damages to an astronomical $693 million.

Progress in Settlement Negotiations

The amended complaint has yet to be accepted by the court, but recent filings suggest that it may not get to that. Apparently, both camps have been engaged in settlement discussions that could potentially result in an alternative resolution.

In a joint filing, the parties asked the court to pause the lawsuit for thirty days so they can work on finalizing a deal. No terms are mentioned, but a resolution outside of court seems realistic.

Specifically, IA and the music labels state that they have “made significant progress in settlement discussions” and are “optimistic that settlement discussions may be successful and that this case can be dismissed.”

The court granted the request and stayed the case for thirty days, canceling a hearing that was planned for Friday. If a settlement is reached, the case can be dismissed; if not, the parties will have to propose a new schedule.

At the time of writing, the Great 78 Project remains online. While several recordings have been removed since the lawsuit was filed, including a copy of Bing Crosby’s White Christmas, many others remain accessible.

It’s not clear what type of settlement the parties have in mind, but the labels will likely insist that all allegedly infringing content is removed. The Internet Archive, in turn, will likely try to avoid any substantial damages.

—

A copy of the joint stipulation and the proposed order to stay the case for thirty days, granted on April 4th, is available here (pdf) . A copy of the proposed amended complaint with the 4,624 works can be found here (pdf)

From: TF , for the latest news on copyright battles, piracy and more.

More than a year after its official debut in February 2024, Italy’s controversial Piracy Shield blocking system is yet to deliver on the key predictions justifying its launch.

Claims of piracy’s total elimination quickly evaporated, taking predictions of major economic benefits down with them. The pirate sites causing the issues are now rarely mentioned by the authorities. Instead, telecoms regulator AGCOM and major football rightsholders have sought to toughen up legislation, and through a current public consultation, amend copyright protection regulations.

Public Consultation

Proposals for new technical and operational changes were reported last month . Hampered by the veil of secrecy surrounding Piracy Shield and its operations, input from the public has little chance of being taken seriously. Fortunately, the most important issues won’t go unaddressed.

A submission dated April 3 by the Computer & Communications Industry Association (CCIA) is notable for the members it represents; global tech giants such as Amazon, Apple, Cloudflare, Google, and Meta, among others.

“Like many other operators in the digital sector – whether based in Italy, in other EU Member States, or outside of Europe, – we have been expressing serious concerns about Italy’s Piracy Shield, which AGCOM has chosen as a tool for issuing orders to block internet sites (i.e. within the very short time frame of 30 minutes),” CCIA’s submission reads.

“These requests are made by rightsholders without due process or possibility for recourse. Hence, we believe that the Piracy Shield poses significant risks to the principles of freedom of enterprise expression, as established by European and Italian law.”

Piracy Shield Risk Factors

The basic factors said to contribute to these risks are well known. The Piracy Shield system was developed by a company affiliated with football league Serie A, one of the few companies currently allowed to use it. The technical features of Piracy Shield have never been made public and participation in the technical committee was by invite only and few operators from the digital sector were invited.

Subsequent operational errors, including overblocking affecting Cloudflare and Google Drive, also feature in the submission, but the specifics can be found in the regulatory amendments proposed by CCIA.

(Note: Machine translations may lack nuance, original documents included below for reference)

Proposed Changes to Regulations

According to CCIA, Article 8, paragraph 3 of AGCOM’s draft, awards AGCOM the power to issue orders to remove content from servers hosted outside Italy (in other EU Member States), based on a reference to provisions in the Digital Services Act (DSA).

While the provision to which AGCOM refers is unknown, establishing the scope of AGCOM’s jurisdiction is important. To that end, CCIA calls on AGCOM to identify the provision “that you believe to establish this extra-territorial power.”

On the same theme, CCIA takes issue with paragraph 4 directly after.

The issue here begins with the assertion that AGCOM should be awarded powers to issue orders to remove content from servers hosted outside Italy . AGCOM currently has the authority to compel Italian ISPs to block access to servers, usually foreign, to prevent those servers being accessed by users in Italy.

Given the similar end result, CCIA notes that when it was previously envisaged that AGCOM should be awarded local blocking power, that was promoted “precisely with specific reference to the hypothesis of servers located beyond national borders, as a substitute for the direct order of removal.”

References to the Digital Services Act

That AGCOM intends to make use of provisions available under the EU’s Digital Services Act (DSA) is a complication, especially when the provisions aren’t made clear, as the ‘extra-territorial’ example above shows.

Further DSA-related issues quickly raise their heads too, specifically concerning Article 9, Orders to act against illegal content . The relevant sections below from the DSA (EU law) and AGCOM’s reference to that law, are followed by a comment from CCIA.

A second translation of CCIA’s comment (in yellow) reads as follows: “Provision should be made for compliance with the formal requirements for authority orders in Article 9 of the Digital Services Regulation, referred to in this same rule as the source of the information obligation.”

This statement may serve as a reminder that removal orders issued under Article 9 of the DSA impose a reporting obligation on intermediary recipients. However, for an order to be considered valid under Article 9, the issuer must ensure that takedown orders contain the following at minimum :

(i) the legal basis for the order under EU/national law (ii) a statement explaining why the information is illegal, (iii) information to identify the issuing authority, (iv) clear information enabling the intermediary to identify and locate the illegal content, (v) information about redress mechanisms available, (vi) details of the authority to receive information about the effect given to the orders.

Major Concerns Over Draft Regulations in Article 10

The real dispute takes place around Article 10, Precautionary proceedings for violations relating to audiovisual content broadcast . To appreciate the gulf between AGCOM’s stance and that of CCIA’s members, the first page of proposals tackle several fundamental issues that AGCOM has thus far refused to discuss.

Basics include the requirement that when AGCOM issues a blocking order, a timeframe of 30 mins to implement it safely isn’t realistic. Five days, on the other hand, is too short for those wrongfully blocked to file an appeal. Calls for improved transparency have also fallen on deaf ears, but the full list goes on…..and on.

A gulf of disagreement

CCIA concludes its submission with a request for a dedicated hearing but before that, the tech industry group urges AGCOM to reconsider its approach.

“We take the opportunity to encourage AGCOM to reconsider its blocking approach and instead focus its efforts on targeting the actual hosts and distributors of pirated content and on protecting content at the source,” CCIA’s submission adds.

“Network-level blocking does not remove content from the internet, can easily be circumvented and is ultimately ineffective in combating piracy, reducing infringing content, or deterring sophisticated piracy tactics.”

CCIA’s summary is available here (pdf), the full set of proposals here (docx, Italian)

From: TF , for the latest news on copyright battles, piracy and more.

With the continued growth of pirate IPTV services in recent years, TV broadcasters and distributors have been ramping up their anti-piracy efforts.

The International Broadcaster Coalition Against Piracy ( IBCAP ) has been particularly active. It’s also the main driver behind a new lawsuit filed yesterday by DISH Network at a Texas federal court.

Lemo TV & Kemo IPTV

The American pay-TV provider accuses the operators of popular streaming services ‘Lemo TV’ and ‘Kemo IPTV’ of direct copyright infringement. These services, operating from Lemotv.com and Kemoiptv.com respectively, promise access to “over 18,000 live channels” and “over 8,400 shows” for a fraction of the price of legal subscriptions.

“Defendants offer United States Subscribers a 36-hour free trial to the Service and sell Service Subscriptions for one device for $28.50 for six months, $39 for one year, $59 for two years, and $100 for four years,” the complaint notes.

In addition to selling direct to consumers, both services operate reseller programs. This allows third parties to launch their own custom-branded IPTV streaming sites and apps for under $200. Resellers purchase credits for use with their branded services which they can resell to their own customers at a significant markup.

In a footnote, DISH claims that resellers of Lemo TV and Kemo IPTV include the following: Xtremehdiptv.org, Bestusiptv.com, Slingtvbox.com, 1dollariptv.com, Fubo-iptv.com, Tv-wave.com, Kemoiptv.shop, Geministreamz.us, Honeybeetv.com, Honeybeeiptv.org, Honeybeeiptv.io, Dynastyiptv.shop, Dynastyiptv.com, Dynasty-iptv.com, Caliptostreams.com, and 4kliveiptv.com.

Unveiling the John Doe Operators

The complaint alleges Lemo and Kemo use the services of Cloudflare and Namecheap, which are both based in the United States. However, the identities of the operators remain unknown. DISH hopes to uncover more information through this lawsuit so it can name the defendants in an amended complaint.

To gather more information, DISH filed a motion to expedite discovery. Specifically, it seeks permission to subpoena a wide variety of third-party intermediaries who may be able to help identify the defendants.

These include Cloudflare and Namecheap, but also other hosting companies, payment providers, and social media services such as 24 Shells, Des Equity, Hivelocity, Tucows, GoDaddy.com, DigitalOcean, Newfold Digital, Google, Coinbase, PayPal, Meta Platforms, and X Corp.

The discovery request is not limited to the main Lemo and Kemo domains, but also includes the alleged reseller services, as shown below.

$25 Million in Damages

The lawsuit mentions that at least 171 registered copyrighted works were infringed and DISH seeks the maximum of $150,000 in statutory damages for each, totaling over $25 million. In addition, the complaint seeks an injunction to transfer the infringing domain names.

While their identities are currently unknown, DISH believes that the defendants acted willfully and on a massive scale, ignoring approximately 100 notices of infringement sent by IBCAP and DISH since February 2021.

IBCAP executive director Chris Kuelling says that their anti-piracy lab classifies Lemo and Kemo among the most egregious IPTV services. During the first quarter of 2025, the services accounted for nearly 30% of all unauthorized streams detected on set-top box and IPTV services.

Based on this data, IBCAP helps its members to select the prime candidates for legal action, which ultimately resulted in this week’s lawsuit.

“This lawsuit is the latest example of our lab’s ability to identify the pirate services that are significantly infringing our members’ content and stack-rank such services in order to target and remove the worst infringers.”

“This level of theft is unacceptable for our members, and we will put a swift stop to it—just as we have successfully done with numerous other pirate services through court-ordered injunctions,” Kuelling adds.

—

A copy of the DISH Network complaint, filed yesterday at the U.S. District Court for the Southern District of Texas, is available here (pdf)

From: TF , for the latest news on copyright battles, piracy and more.

Like many similar reports published most weeks by newspapers in Europe, an article published by Belgian media outlet L’Echo late Saturday evening pulled few punches.

The publication explained that after football broadcasters DAZN and 12th Player obtained authority from a local court for a new type of enforcement action, on Saturday Belgian ISPs blocked around 100 illegal streaming sites and five pirate IPTV providers. The measures were reportedly timed to take effect shortly before the start of the second day of the Belgian football championship play-offs, presumably to maximize the irritant effect of sudden pirate ssite blackouts.

“DAZN: First of Its Kind”

According to L’Echo, DAZN described the action as the “the first of its kind” and a “real step forward” in the fight against content piracy in Belgium. Comments like these are fairly standard in the anti-piracy arena, likewise claims that rightsholders have acquired a secret weapon capable of tipping the balance of power.

L’Echo’s report was much more balanced but if the various components came together as planned, major disruption of live match streams at a crucial point in the season seemed to have a real chance of success.

The groundwork was completed last month. An order issued by the Brussels Enterprise Court late March, authorized DAZN and 12th Player to engage in dynamic blocking boosted by a significant additional component.

While this would be its first use in Belgium, dynamic blocking is already used extensively elsewhere. The mechanism allows for speedy responses to blocking countermeasures, including domain changes and the appearance of proxies and mirrors, and there’s no requirement for a follow-up legal procedure.

Pirate sites are by now mostly familiar with dynamic blocking but in this case, the rightsholders also had an eye on spoiling a circumvention tactic popular with millions of users. Faced with blocking on Saturday, users in Belgium who switched from ISP-provided DNS to Cloudflare’s DNS wouldn’t have restored connectivity quite so easily. Moving to DNS provided by Google or Cisco may not have helped much either.

Cloudflare, Google, and Cisco Ordered to Block DNS Resolvers

Over the past several years, Cloudflare has faced several lawsuits that demanded pirate site blocking measures on its public DNS resolver. Rightsholders take the position that when ISPs implement DNS blocking, users shouldn’t be able to switch to a public DNS service like Cloudflare’s to regain access.

Those cases mostly focused on Cloudflare in Italy but a site-blocking case filed by Canal+ in 2023, concluded in 2024 with Cloudflare, Google, and Cisco ordered to prevent use of their DNS resolvers to access dozens of pirate sites.

In terms of platforms blocked in a single swoop, the order obtained by DAZN and 12th Player in Belgium may be even broader in scope.

New Law, New Blocking Momentum

New law passed in Belgium in 2022 aimed to strengthen rightsholders’ piracy-fighting capabilities. A new expedited judicial procedure at the Brussels Enterprise Court promised tougher measures such as dynamic blocking, and the creation of a new department within the Federal Public Service FPS Economy (SPF Économie).

Documents seen by TorrentFreak late last week include a notice penned by the Belgian Online Anti-Piracy & Illegal Gambling Office . The notice references a “regulatory order” to block public DNS resolvers, stemming from a court order concerning claims of copyright infringement against pirate streaming sites.

Domains For Blocking (public DNS resolvers) [dark square=domain unresponsive]

The notice does not mention DAZN or 12th Player by name but the nature of the domains (almost 140, all linked to illegal sports streaming sites) and the date of the notification (April 3, 2025) suggest a strong link to Saturday’s events. DAZN’s standing as a dominant rightsholder means the notice is unlikely to relate to anyone else.

Pro Site-Blocking ISPs

Site blocking has existed in Belgium for close to 15 years with The Pirate Bay an early target back in 2011. Until recently, however, site blocking measures have been quite patchy and lacked volume in general.

By the summer of 2024, DAZN and 12th Player were helping to push that trend in a different direction after obtaining an order to block around 90 pirate streaming sites offering content to which the companies own the rights.

Local ISPs Telenet NV, Proximus NV, Voo NV, and Orange Belgium NV were technically the defendants in that matter but the site blocking process in Belgium is completely non-adversarial. In February 2024, the CEOs of both Proximus and Orange openly spoke out in favor of site-blocking measures, with the former indicating they couldn’t come soon enough .

Resistance is Futile – and Expensive

Whether the Brussels Enterprise Court took the ISPs’ cooperation into account isn’t clear, but as far as we’re able to determine, the dynamic blocking order seems to have taken their compliance for granted. The same cannot be said of the operators of the public DNS resolvers, Cloudflare, Google, and Cisco.

The Court reportedly set penalties at €100,000 per day for non-compliance, a sharp turnaround from the status quo barely a year ago when public DNS resolvers mostly considered themselves too distant from infringement to be held liable. Given that the vast majority of the sites in the blocking order act as portals or indexes for content not even they host, links to direct infringement are distant indeed.

That raises the most important question of all: can blocking be considered successful if it doesn’t remove or even target the infringing streams that fuel the entire ecosystem?

From: TF , for the latest news on copyright battles, piracy and more.

Most prevalent in the movie and TV show sectors, applications for DMCA subpoenas are regularly filed at courts in the United States.

Aside from their intended purpose, DMCA subpoenas can provide useful clues about future anti-piracy strategies. When subpoenas are contested by intermediaries, subpoena applications sometimes become copyright cases in their own right. From a rightsholders’ perspective, in some cases they may be the only potential source of information yet to be exhausted.

Getting Prepared

A few days ago, the UK’s Premier League asked a California federal court to issue a DMCA subpoena against Cloudflare. The application identifies 38 target pirate streaming sites , many of which utilize multiple domains. Since the platforms all use Cloudflare, the Premier League hopes that information held by the company will help to unmask the sites’ currently anonymous operators.

Before filing an application under Section 512(h) of the DMCA, which allows copyright owners to obtain a subpoena and receive “information sufficient to identify an anonymous infringer,” applicants are first required to send DMCA takedown notices to the platform in question. The notices should identify the infringing content and state where the content can be found; in cases involving streaming sites, the right tools can prove helpful.

Recreating the Toolkit

The screenshot below shows a live match playing on a pirate streaming site. Culled from the Premier League’s application, it provides clues that allow us to start identifying the tools in use and the problems they’re likely to solve once combined with Open Source Intelligence ( OSINT ).

At a basic level in this context, OSINT can be almost any information made available on the internet. The screenshot is our primary source; it will help us identify the tools to recreate the toolkit, which in turn will use other public information sources to satisfy the requirements of the application.

M3U8 Sniffer

In this example it appears that when the Premier League visited the website sporttuna.pro, they were redirected to sporttuna.website and then to sporttuna.xyz (boxed in red).

Like most pirate sites, the ‘backend link’ or source of the stream (boxed in green) isn’t on public display. These links can be obtained in various ways but in this case, Chrome extension M3U8 Sniffer is the weapon of choice.

M3U8 Sniffer

From the developer’s website: The extension intercepts visited web page’s network requests and identifies all m3u8 video stream URLs. When a m3u8 URL request is found, it is displayed in a box that overlays the visited web page (see images above) from which you can copy the m3u8 URL or play the video stream. Also, you can open the extension’s popup window to view the first and last m3u8 URLs found for each site, as well as to set a variety of extension options.

M3U8 Sniffer is a free extension available from the Chrome Web Store. Further information is available from the developer at SnifferTV.com .

Identifying the Remaining Tools

Identifying the remaining tools was a little time-consuming but if we said the method was advanced or complicated, that would be a lie.

We simply trawled through the browser evidence images and took screenshots of the toolbars. These contain the icons of the apps used to obtain the evidence.

After extracting the toolbar icons we put those we recognized to the side, then identified the remainder using reverse image search tools. Straightforward options include Google Images and Google Lens .

As an alternative, Chrome extension RevEye Reverse Image Search provides instant results from Google, Bing, Yandex, and TinEye.

(Note: Bad extensions exist, trust nobody, check the source )

Internet Download Manager

Given that M3U8 Sniffer “does NOT provide functionality to download the actual video streams” another piece of software comes in handy. IDM is a popular choice in the niche and appears to be the downloader of choice in this particular toolkit.

From the official website: When you click on a download link in a browser, IDM will take over the download and accelerate it. You don’t need to do anything special, just browse the Internet as you usually do. IDM will catch your downloads and accelerate them. IDM supports HTTP, FTP, HTTPS and MMS protocols.

Unfortunately, IDM isn’t free but it is free to try via a 30-day trial . Some prefer JDownloader since the price is more predictable, but there are plenty of options in this niche.

Fiddler

Our best guess at identifying this next tool comes with a small caveat that its icon was almost impossibly blurred and even when fresh it’s still pretty basic. Ultimately, a green diamond and a single white ‘F’ works here.

Fiddler and tools with similar functionality (web debugging proxy tools) are used extensively by developers and investigators when keeping a close eye on HTTP traffic is a must. For those who’ve never cared to take a closer look, it can be real eye-opener. Even the most innocuous websites can behave pretty badly until users notice, so there’s never a bad time to take a first look.

Fiddler Classic and Fiddler Everywhere are both available as free trials, and the same is true for Charles Proxy which appears regularly as evidence in Indian site-blocking cases.

Some prefer to monitor traffic with Wireshark but for others it can be too much. Open source and available on Linux, Windows (GUI), and macOS, MITM Proxy will scratch most itches for free.

At a pocket friendly price of $0.00, the open source MITM Proxy (man-in-the-middle) does exactly as its name suggests, making it a popular choice.

Instant Datascraper

Scraping data from websites in a structured and usable format isn’t always easy and for big jobs, things can quickly descend into a time-wasting nightmare.

Instant Data Scraper hopes to eliminate the frustrations often associated with scraping and with over a million users, people seem happy with the results.

It’s impossible to say how the Premier League uses Instant Datascraper, but it could easily consume a visible members’ list in an instant or scrape a mountain of forum posts. The options are only limited by data becoming unavailable.

From the official site: Instant Data Scraper is an automated data extraction tool for any website. It uses AI to predict which data is most relevant on a HTML page and allows saving it to Excel or CSV file (XLS, XLSX, CSV). This tool does not require website specific scripts, instead it uses heuristic AI analysis of HTML structure to detect data for extraction. This means that our scraping method works just as well with small and lesser known websites, as it does with global giants like Amazon. Also, our users do not need to have any coding, json or xml skills

The software is free and available direct from webrobots.io and the Chrome Store .

IPNetInfo | Investigator

IPNetInfo describes itself a small utility that allows people to easily find all available information about an IP address. That includes the owner of the IP address and sundry other details. Hosted on Nirsoft.com and GitHub respectively, both also have a bit more to offer.

Investigator is actually a collection of useful tools , one of which is bound to come in useful sooner or later. Developed by Nirsoft, IPNetInfo is surrounded by dozens of other useful free tools at Nirsoft.net so still worth a quick visit.

Those with access to a Linux command line also have access to the best tools when investigating domains, IP addresses, and DNS. For Windows users or those who simply prefer the convenience of GUIs, the following perform well and look great too: Digger Tools , DNSViz , URLQuery , DMNSApp , URLScan , and WebCheck .

Finally, a pair of outliers to consider.

The End: Emulators

Given that there are Android emulators that are less elaborate, more predictable, and therefore better suited to the assumed job in hand, the discovery of two fairly elaborate emulators in the toolkit initially seems a little puzzling.

There’s bound to be a good reason they’re installed but right now, those reasons will have to wait until another day.

Of course, the answers to these questions and others like them, are always out there. ‘Out there’ is a very, very big place but the answers usually give themselves up quite quickly once curiosity arrives.

From: TF , for the latest news on copyright battles, piracy and more.