The makers of the film ‘Angel Has Fallen’ have filed a lawsuit against seventeen alleged pirates. According to the complaint, several defendants used the VPN service ‘Private Internet Access,’ which can expect to be subpoenaed. That effort will likely be fruitless as the VPN doesn’t keep any logs. However, with help from information shared by torrent site YTS, users are still at risk.
Millions of Internet users around the world use a VPN to protect their privacy online.
Another key benefit is that VPNs hide users’ true IP-address, making them more anonymous. This prevents third-party monitoring outfits from carrying out unwanted snooping.
This is one of the reasons why many torrent users have a VPN installed. Instead of displaying their own IP-address in torrent swarms, the VPN IP-address will show up. And when the provider doesn’t keep any logs, that address can’t be traced back to a single user.
Lawsuit Targets Pirating VPN Users
Such a setup seems secure, but it hasn’t prevented the makers of the action movie ‘Angel Has Fallen’ from suing several anonymous VPN users. In a recent lawsuit filed at a federal court in Colorado, the company lists fourteen alleged pirates that used an IP-address of the VPN service Private Internet Access, also known as PIA.
“Upon information and belief, Defendants DOES 3-5, 7-10 and 12-17 registered for paid accounts for Virtual Private Network (‘VPN’) service with the Colorado Internet Service Provider Private Internet Access,” the complaint reads.
The lawsuit in question lists the defendants as Does, which means that their true identities are unknown. However, attorney Kerry Culpepper, who represents Fallen Productions in this matter, hopes to find out more through third-party subpoenas.
Info From YTS User Database
The case relies in part on information from the YTS user database that was shared by the operator of the site earlier this year, as part of a settlement. This includes download details of several users, as well as their IP-addresses and email addresses.
The attorney has requested subpoenas to compel email providers, Internet providers, and Private Internet Access for more personal information. In the past, we have seen that Microsoft and ISPs such as Comcast will hand over what they have, but with a VPN this isn’t as straightforward.
PIA’s Confirmed No-Log Policy
PIA has a so-called ‘no logs’ policy which means that it can’t link a VPN IP-address and a timestamp to a unique user. This policy has been repeatedly tested and confirmed in courts.
Culpepper informs TorrentFreak that he will request a subpoena regardless. He argues that the use of a VPN shows that people were aware of their illegal activity.
“It is relevant because it shows they tried to hide their activities. It shows consciousness of the illegal activities,” Culpepper says, while pointing out an article where PIA warned YTS users that they were at risk.
PIA’s Jurisdiction Angle
In addition, by signing the terms of service, PIA users also subject themselves to the jurisdiction of Courts in Colorado. This is relevant in this case because not all defendants are from the western U.S. state.
“Most importantly, if they signed up for an account with PIA they agreed to jurisdiction in Colorado no matter where they are. Most of the PIA users were not in Colorado,” Culpepper notes.
All defendants are accused of downloading a torrent titled “Angel Has Fallen (2019) [BluRay] [720p] [YTS.LT],” as well as other copyright-infringing content that isn’t specified.
Defendants Still at Risk
According to the complaint all defendants have received at least one DMCA notice. Fifteen of them were also contacted repeatedly on their known email address with cease and desist notices and settlement offers, but these were ignored.
With this lawsuit Fallen Productions hopes to uncover the identities of the people behind these IP- and email addresses.
TorrentFreak contacted PIA for a comment on the lawsuit. The company said that it hasn’t received a subpoena yet and reiterated that it can’t identify individual users.
“Private Internet Access has not received a subpoena in regards to this case. Even if we do, our response will be the same as always: PIA does not log VPN user activity,” a PIA spokesperson informed us.
That was also confirmed in more detail earlier this year in our annual VPN overview.
“There are no logs kept for any person or entity to match an IP address and a timestamp to a current or former user of our service,” PIA said at the time.
That said, defendants are still at risk, as their email addresses are known as well. That doesn’t prove anything, as YTS allowed members to sign up with a fake email, but it could lead to people being identified eventually, without PIA’s involvement.
If anything, this case shows that using a VPN only offers limited anonymity. When people use a VPN irregularly and leave other information behind, such as email addresses, they may eventually be exposed anyway.
A copy of Fallen Production’s complaint, filed as the US District Court in Colorado, is available here (pdf)
Many thanks to TorrentFreak for the breaking news.