Anti-Piracy Data Breach Investigation: The Curtain Falls

October 25, 2011 by · Comments Off
Filed under: Announcements & Events, Legal P2P News & Issues 

TMG or Trident Media Guard is a contracted by the French government anti-piracy company that’s meant to monitor pirates as part of the “Hadopi” three-strikes solution.

Back in May 2011, Olivier Laurelli – a security researcher – has told TorrentFreak that he had found vulnerabilities  within TMG’s official website.

Commission Nationale de l’informatique et des Libertés (CNIL) – the French authority responsible for ensuring that data privacy law is applied, handling, and use of personal data, was sent to investigate the security issues. During the investigation, TMG’s online connections with the Hadopi agency were put to a halt; however, further information on infringers were still to be collected and sent via the postal system on DVD.

Numerama reported that CNIL has told TMG to get their systems fixed and running by the 16th of September. Since the deadline has already passed, CNIL made an announcement:

“On July 29th and September 13th 2011, TMG detailed the procedures implemented to improve the security of its information system.”

The Commission noted that TMG’s changes were “satisfactory” and that the company is once again within the legal boundaries, so their job is done; furthermore, TMG’s online connection with Hadopi will be restored.

What won’t be restored that easily is TMG’s credibility, at least in the public eye, and this may have an impact on rights holders as well.
In France, before rights holders can collect IP addresses of infringing users, they have to ask and obtain an approval from the CNIL,” Numerama’s Guillaume Champeau told TorrentFreak.

He said the four rights holder organizations – SCPP, SPPF, ALPA, SACEM/SDRM – filed an application which described the security measures TMG was forced to follow on, in order to obtain the approval.

“But it appears TMG did not abide by all of these requirements, and even the rights holders organizations did not. For instance, they said they would audit TMG every quarter, which they didn’t,” he adds.

“As these rights organizations are the ones who were directly in touch with the CNIL, as they are legally speaking ‘in charge of the collection’ of the IP addresses, they are the ones who may be found in violation of their pre-approval promises.”

Tags: , , , , , ,

Italy One Step from Becoming the Internet Inquisition

September 22, 2011 by · Comments Off
Filed under: Announcements & Events, Legal P2P News & Issues 

Italy is one of the European countries where copyright holders have had their way…all the way. Next to the French, and, more recently, UK copyright laws, the Italian legislation concerning the intellectual property is among the most severe one by imposing what is called ‘the three strikes’ rule on file-sharing aficionados. This means anyone accused of copyright infringement will be warned three times to quit the illegal downloading or uploading before being disconnected from the Internet.

However, just when we thought the narrow-mindedness and absurdity has reached its full potential with this issue, some politicians prove us wrong.

A post at TechDirt alerts us about a scary analysis of a proposed copyright law in the aforementioned country that makes you go ‘Wha’?!!’

The new law would apparently allow for the internet users to have their connection cut off based on a single accusation (which, more than this, doesn’t necessarily has to be made by a copyright holder). Take a look at this list made to the liking of the entertainment industry and which successfully defies the current EU law.

1) citizens, outside of any judicial proceeding and without the right to appeal to the judicial authority, may be banned to access the Internet if ANYONE (a rightholder or an ordinary citizen) notifies a provider about alleged infringement of copyright or trademark or patent (“one strike” disconnections);

2) Internet service providers must comply to the blacklisting of citizens who are *suspected* of copyright or trademark or patent infringements (“proscription lists” to ban citizens from any access to the Net);

3) an Internet service provider must use preventive filters against services that infringe copyright, trademark or patents;

4) an Internet service provider must not promote or advertise, and must use preventive filters against, services that do not directly violate copyright, trademark or patents, but that *may* lead citizens to *think* that infringing services exist;

5) a provider or a hosting provider which does not use effective filters will be charged with civil liability.

Tags: , , , , ,

“Three Strikes” Is On in New Zealand

September 1, 2011 by · Comments Off
Filed under: Announcements & Events, Legal P2P News & Issues 

To the regret of most internet users from New Zealand, the country’s “three-strikes” law under which infringers can be fined up to NZ$15,000 ($12,000) and have their Internet account suspended for up to six months becomes effective starting today.

The law received some heavy criticism especially since a UN report made it very clear that cutting off users from their internet connection, “regardless of the justification provided,” is a violation of the International Covenant on Civil and Political Rights since it acts like a censorship, limiting the type of media people are allowed to use in expressing themselves.

The report inspired the Labour Party to oppose the law although it had originally favored with their votes. The party agrees with UN Special Rapporteur Frank La Rue’s opinion according to which disconnecting people from the internet violates international law, and demands a full review of New Zealand’s copyright laws.

Communications and IT spokesperson Clare Curran emphasized the graveness of the situation the new legislation is about to bring:

“Termination is unsustainable. Labour voted for the Bill in April because we stuck by a commitment to work with the Government to enable Internet service providers and rights holders to reach a compromise on copyright law.”

She continued saying “That compromise meant that termination of Internet access as an ultimate penalty for repeat copyright infringement remained in the Bill, but could not be enacted without the consent of the Minister, but it is clear that this won’t work long-term.”

“It’s a fundamental principle to ensure that the work of Kiwi creators is valued and that they can maintain control over their own works. The old business models — by which the distribution of creative works was controlled by big companies — have gone.”

[…] “Citizens everywhere are hungry for information and creative material via the digital environment. It is absolutely essential we get the balance right.”

With this point she hit the nail right in its head. It’s all about letting go of the old limited and limiting models which, of course, the industry is so reluctant of doing. The easy way is always…easier and we do have quite a self-sufficient industry that has been going on here for many years now. Shaking it may prove quite hard but quite necessary also.

Tags: , , , ,

France Leaks “Three Strikes” IPs

May 19, 2011 by · Comments Off
Filed under: Announcements & Events, Legal P2P News & Issues 

TMG, the French company that holds the responsibility of digging out pirates’ IPs (and keep them secure!) in the “three strikes” program, suffered a security breach last week. The French government “temporarily suspended” its acquisition of TMG data until an investigation can clarify what happened.

This fiasco started last week when a French writer stumbled upon a highly insecure TMG server and accessed internal TMG executables and scripts, along with a cache of IP addresses. According to the initial report, the security on the server was so bad that “one wonders if TMG recently became a Sony subsidiary”—or if the server was a honeypot.

Eric Walter, head of the French HADOPI – the antipiracy agency that manages the “three strikes” program, told Twitter to tell the world that “par mesure de précaution l’ #hadopi a décidé de suspendre provisoirement son interconnexion avec #TMG.”

The temporary suspension of the interconnect agreement means that TMG can’t provide new addresses for the moment. Relying solely on TMG’s list, HADOPI is incapacitated as well.

French tech sites like Numerama posted lists of questions that “need to be answered” by HADOPI and by French data security authority CNIL.

The BBC also had something to say:

“The UK is due to introduce similar legislation, although at this stage it has no plans to punish offenders with disconnection. But it will need to employ a firm similar to TMG.”

Data security is not taken lightly by Europe. For example, a British p2p lawyer was recently fined by the government for leaking IPs of alleged porn file-sharers after being hacked by a group called Anonymous.

The funny part is that the law creating HADOPI also forced French citizens to secure their own connections (with passwords and MAC address filters) to avoid excuses like “a neighbor used my WiFi” in the future.

On its website, TMG brags about its security. “TMG has secured the entire production platform and we have closed access thanks to high reliability security systems,” it says.

“We guarantee the confidentiality of our customers’ strategic information.” Needless to say how ironic all this is.

Tags: , , ,

MPAA Pushes for “Three-Strikes” in Japan

October 22, 2010 by · Comments Off
Filed under: Announcements & Events, Entertainment Industry, Legal P2P News & Issues 

MPAA just knows it has a tragic story to tell – that of a unfortunate dying entertainment industry wounded irreversibly by illegal file-sharing – and that’s what it does. Relentlessly. It manages yet to leave aside notable facts like the increase of global ticket sales with 30% since 2005 when it does.

Here’s its latest effort to get support from the govt officials – “Combating Online Infringement and Counterfeits Act” (COICA) (PDF link) a very persuasive program since it successfully convinced a group of Senators that tracking and shutting down “websites devoted to providing access to unauthorized downloads, streaming or sale of copyrighted content and counterfeit goods” is vital for the industry’s survival. So what if the bill would mean the end of freedom on the Internet and would impose unconstitutional prior restraints on speech? At least all moguls will be safely in control.

More importantly, the bill would mean the US govt will set a precedent that any country can seize or order the blocking of a domain name if some of the content on the domain (even if located elsewhere) violates the country’s local laws.

Yesterday, in a meeting with Japanese govt officials, filmmakers, and music industry representatives, MPAA President Bob Pisano proposed as the only salvation for the country’s record and movie companies a “three-strikes” policy. He pointed out that several other countries have already successfully implemented the system – France, South Korea, Taiwan. “Three Strikes” will also be enforced in the UK starting 2011.

This “epidemic,” as Pisano labeled file-sharing can only be dealt with, he thinks, by cutting off the Internet connection of those who use it.

“We know there cannot be a one-size-fits-all approach to the problem; that there are cultural and practical issues requiring different approaches from one nation or region to another,” he said. “But what we do feel is that the basic belief underlying all of our efforts should be the same — that individual awareness and responsibility are essential if we are to continue to make progress.”

It’s just too pity there was no one there to tell the other side of the story – that of numbers and how they, in turn, spell MORE MONEY in the industry’s greedy pockets and prosperity, not losses, in recent years since file sharing has become a sort of an alibi for its unreasonable demands and behavior.

Tags: , , ,

Next Page »