Blocking of regular piracy websites has been a feature of anti-piracy enforcement in Europe for almost 15 years.
The way these blocks are achieved is broadly similar, with entertainment industry companies filing “no-fault” injunctions against Internet service providers who stand before the courts accused of facilitating the copyright-infringing activities of their subscribers.
Once this infringement has been identified and the ISPs put on notice by the courts, they are required to block access to the sites in question, using basic DNS techniques or in the UK, for example, more sophisticated methods that require a VPN or similar tool to tunnel through.
IPTV Blocking – A More Sophisticated Beast
In recent years, live sports groups such as the Premier League and UEFA have obtained similar injunctions that are more complex. These ‘dynamic’ blocking efforts require intricate work by the organizations’ anti-piracy partners, who identify the IP addresses of specific ‘pirate’ servers, including those that can be changed at short notice, in order for ISPs to block them at match times.
While unpopular, there is nothing particularly surprising about these efforts. Content companies have obtained the necessary legal permissions and have a right to protect their businesses. And for the ISPs, it should be a simple case of them ‘firewalling’ the IP addresses in question so that subscribers cannot access them directly to watch live matches. However, it seems pretty clear that something else is going on too.
ISPs’ Vested Interest in Stopping Pirates
Now that they are both broadcasters and ISPs, companies including Sky have a vested interest in stopping piracy. This means that while blocking injunctions against ISPs used to be fiercely contested, that’s no longer the case. In fact, in a recent blocking case brought by UEFA in Ireland, it was revealed in court documents that Sky actually supported the action, despite being a defendant.
While that’s the company’s prerogative, something more worrying was mentioned in the same case. It appears that in this matter, Sky or others acting on its behalf, have been monitoring the traffic of Sky subscribers who accessed the servers of pirate IPTV providers.
Perhaps Not the ‘Dumb Pipe’ ISPs Are Usually Portrayed As
In the order obtained by UEFA in the High Court of Ireland in September, comments made by Justice David Barniville revealed that the activities of Sky subscribers were used to support the application by UEFA to have pirate services blocked.
“I am satisfied that the [blocking] Order is necessary for the purpose of protecting the Plaintiff’s copyright against infringement. I note from the evidence, and accept, that there has been a significant shift away from the use of websites in more recent years in favor of devices and apps, in particular, set top boxes that can be watched on televisions in people’s living rooms,” Justice Barniville wrote.
“The affidavit of Jiajun Chen provides a confidential traffic analysis which evidences the use of the Sky network by Irish viewers to watch online illegal UEFA content.”
That the traffic analysis itself is “confidential” feels just a little ironic, given that it apparently reports on communications that should have been confidential too.
In this case, Mr. Chen appears to have obtained access to at least part of the Internet habits of some Sky subscribers. Any requests made from customers’ connections usually go straight from their devices via the ISP to the ‘pirate’ servers in question, meaning that only Sky should be in the middle. Reading between the lines, Sky appears to have monitored, logged, and made available information related to these communications to support the application of the plaintiff.
Worryingly, this monitoring of customers’ traffic has been going on for some time, since it was briefly covered in previous blocking injunctions obtained by the Premier League. Precisely what information is being held is unclear but if it relates to attempts to access ‘infringing servers’, any and all data (if only metadata) is available to ISPs.
No Expectation of Communications Privacy?
Putting aside the issue of copyright infringement for a moment, this type of monitoring behavior is unlikely to sit well with the customers of ISPs who either demand or at least expect privacy. Neither does it sit well with Ed Geraghty, a Senior Technologist at UK-based charity Privacy International.
“Censorship and monitoring of the Internet, generally, leads to chilling effects and violates our human right against arbitrary interference to our privacy, home, and correspondence. This is just another example that despite cries to the contrary from industries and governments alike, the Internet is a heavily surveilled and highly regulated space, where tracking is rampant,” Geraghty informs TorrentFreak.
“In recent years there have been great strides in the roll out of end-to-end encryption and the safety and privacy it can offer the content of our communications whilst in transit, but fundamentally there’s still – necessarily – huge amounts of metadata attached to our every interaction online.”
What Can Be Done to Prevent ISP Monitoring?
While some will argue that privacy shouldn’t apply when subscribers are reportedly breaking the law, the big question relates to the slippery slope. If subscribers’ activities are apparently being monitored for one type of traffic today, how long before other types of traffic are considered fair game too? Preventing this, privacy experts insist, is not just possible but also necessary to prevent Internet surveillance from getting out of hand.
“Depending on which point the ISPs are monitoring, there are various ways you can attempt to obscure your traffic – for instance, using third-party DNS over HTTPS, or a VPN – but be aware that this is merely shifting who can see your traffic away from your ISP to someone else,” Geraghty adds.
Given their simplicity and wide availability, the use of VPNs to prevent monitoring is a natural choice and something that has been gaining traction in recent times. David Wibergh from OVPN says he believes that Sky is proposing the “black holing” of IP addresses instead of blocking DNS queries, which is problematic in itself.
“As IP addresses are typically in temporary use and could be used by several sites simultaneously, it can lead to unexpected and obtrusive blocking of content that has nothing to do with piracy,” Wibergh says.
“By using a VPN provider you remove the internet providers’ capabilities of performing blocking, surveillance and traffic analysis, as the only traffic originating from you is towards the VPN provider’s server. It’s crucial to choose a VPN provider that is trustworthy as VPN providers are able to perform the same form of traffic shaping as the ISP. But even if there is a risk that VPN providers log; it’s a guarantee that your ISP logs.”
Daniel Markuson, Digital Privacy Expert at NordVPN, says that perceived privacy intrusions like these will only will lead to more uptake.
“Blocks of services and the subsequent discoveries of traffic monitoring and trade will lead to an increased demand for VPNs,” Markuson says.
“Whenever a government announces an increase in surveillance, internet restrictions, or other types of constraints, people turn to privacy tools. We saw similar spikes in different regions: for example, when the US repealed net neutrality, or the UK passed the law dubbed ‘The Snoopers’ Charter‘.”
Finally, a simple, obvious, but nevertheless important comment from Harold Li, Vice President of ExpressVPN, that applies to all Internet users concerned about the privacy of their communications.
“The onus is still on consumers to take action and protect themselves,” he concludes.
Many thanks to TorrentFreak for the breaking news.