News Roundup 7 February 2017

ISPs can block The Pirate Bay under EU law

European Internet Service Providers (ISPs) can be ordered to block access to the popular torrent and streaming site The Pirate Bay (TPB), though the domain itself doesn’t host infringing material.

Back in 2014, the Court of Hague concluded a lengthy case against local anti-piracy group BREIN, arguing that the block, which obliged Dutch ISPs Ziggo and XS4ALL to block access to TPB, was ineffective and restricted the ISP’s entrepreneurial liberty.

Following the case, TPB was unblocked, though BREIN appealed the decision, which then went to the Supreme Court in the Netherlands and was later referred to the EU Court of Justice (ECJ).

After careful consideration, the EU Advocate General (AG) Maciej Szpunar delivered his opinion to the court, spelling bad news for users of the torrent site across Europe. The court considered whether or not TPB is communicating illegal content to the public despite the fact that the torrent site doesn’t store infringing content, only metadata.

The AG concluded that a website could still be considered as sharing infringing content if the operator is made aware that copyrighted works are being shared without permission but does not take action.

If local courts agree on this point, the ECJ can order ISPs to block TPB in accordance with EU law, AG’s report said.

Multinational Internet provider blocks TPB and other “pirate” sites

In another recent news item concerning TPB, ISPs across several countries have blocked access to the site for more than a week now. Requests are being halted by the Internet backbone network Cogent Communications, which has blacklisted TPB’s CloudFlare IP address and numerous other popular torrent sites.

Internet backbone providers are an integral part of the commercial aspect of the Internet. They have datacenters all over the world and are responsible for transmitting the data of millions of users. When a user types in a domain name, a request is sent through a series of networks, before reaching the server for the website in question.

This exchange of data also applies to TPB and other torrent sites, including Primewire, Movie4k, TorrentProject and TorrentButler. For over a week now, the backbone provider Cogent has blocked access to these sites.

Pirate Bay
The Pirate Bay could be blocked under EU law if local courts agree with a decision passed by the ECJ. The site is also being targeted by the large network provider Cogent Communications. Source: Wikipedia.

The sites in question all use CloudFlare, which has been assigned the public IP address 104.31.19.30. While this can be reached without problems by most users, users going through Cogent’s network will not be able to access the sites. The block concerns multiple ISPs all over the world, though only a small number of users both in Europe and the US According to Cogent’s own routing check, it applies to the company’s entire global network.

When asked for details, a spokesperson from Cogent said that the company “does not discuss such decisions with third parties,” adding that they do not control the DNS records of the sites in question.

Since Cogent has refused to respond directly to the block, it’s only speculation that the reason for the block is that the sites are accused of facilitating copyright infringement.

The websites in question can still update their own DNS records and switch to a new IP address, but since they are in the sights of large providers such as Cogent it’s likely that new IP addresses will be blocked as well.

Privacy International uncover global hack operations by the FBI

Back in February 2015, the FBI began the largest known hacking operation to date, targeting over 8,000 computers across 120 countries. Lawyers in the US have challenged the legality of a warrant targeting 8,000 computers in 120 countries. US lawyers have called into question the warrant, arguing that the judge had no authority to greenlight searches beyond the boundaries of a single district.

Global digital rights organization Privacy International has filed a brief against the legality of the FBI’s operation, specifically the fact that 83% of the computer hacks in question were outside of the US

“Well-established international law prohibits the government from undertaking law enforcement functions in other countries, without those countries’ consent, which the government did not seek here,” reads the brief signed by Privacy International’s General Counsel Caroline Wilson Palow.

The FBI investigation concerns a “dark web” child pornography site called Playpen. The FBI seized the site back in 2015 but did not shut down the agency for 13 days. During the interim, the FBI deployed a network investigative technique (NIT), malware that attempted to identify visitors to the site. The NIT depended on a “non-public” vulnerability for the Tor browser and targeted an IP address as well as other basic system information. The FBI then proceeded to hack 8,000 computer across the world, including 1,000 in the US alone.

Although there has been a lot of coverage on the US issues, the ramifications internationally have received considerably less attention, including FBI hacked computers in Australia, Austria, Chile, Colombia, Denmark, Turkey, Norway and likely the United Kingdom.

Privacy International’s main point of contention concerns the fact that the FBI warrant did not extend beyond the judge’s own district, and were carried out without the host country’s permission. By targeting users in other countries, Privacy International argue, the FBI were potentially in breach of local laws, which could trigger diplomatic conflict.

“How will other countries react to the FBI hacking in their jurisdictions without prior consent? Would the US welcome hacking operations on a similar scale carried out on US residents by other countries? Is the FBI violating the laws of foreign jurisdictions by hacking devices located in them?” wrote Scarlet Kim, legal officer at Privacy International.

What’s concerning is that since the Playpen investigation, US magistrate judges can now sign global hacking warrants, since changes concerning remote searches came into effect following amendments to the Rule 41 legislation in December 2016.

Leave a Comment