Cloudflare explains how it helps target pirate sites * TorrentFreak
Earlier this month, several groups of copyright holders sent their annual recommendations on “notorious markets” to the United States Trade Representative (USTR).
Submissions are meant to appeal to well-known hacking sites, apps, and services, but Cloudflare was mentioned frequently as well.
Cloudflare in the spotlight on hacking
The US web security and infrastructure provider cannot be officially listed in the final report because it is not a foreign company. However, rights holders took the opportunity to point out that the CDN service helps pirate sites with their infringement activities.
The Motion Picture Association (MPA), for example, pointed out that Cloudflare can hide a website’s IP address and hosting provider. This allows operators of copyright infringing sites, including The Pirate Bay, to thwart enforcement efforts.
“Cloudflare’s customers include some of the world’s best-known and oldest pirate websites, including The Pirate Bay, whose current domain, thepiratebay.org, has been identified as infringing the copyrights of rights holders by six million times, ”the MPA wrote.
“Nonetheless, The Pirate Bay and other notorious pirate sites remain Cloudflare customers despite repeated notices of Cloudflare infringement.”
Cloudflare: “We share information”
According to Cloudflare, these types of characterizations don’t tell the whole story. In a rebuttal sent to USTR this week, the company hopes to set the record straight. Cloudflare does not deny that it “protects” IP addresses, but notes that there are many options for rights holders to obtain information.
For example, through a Basic DMCA subpoena, which can be signed by a court clerk, rights holders can request information, including IP addresses, payment details, and other account details. In the past year alone, the company received 67 DMCA subpoenas targeting hundreds of domains.
There are also more direct options. When copyright owners file a copyright infringement complaint through Cloudflare’s web form, the company will share the name of the hosting company used by the targeted site.
This option should come as no surprise to the MPA, RIAA, and other groups who have complained to the USTR, as they all use the abuse form. Apparently, this helped them identify the hosting companies of the accused pirate sites.
“In fact, all rights holders who have referred to Cloudflare in their complaints have also referred to web hosting providers who use Cloudflare’s services, demonstrating Cloudflare’s cooperation in giving them access to the information they are using. need to pursue a withdrawal, ”writes Cloudflare.
IP addresses are restricted
Without a subpoena, the CDN provider gives details of the company hosting the allegedly counterfeit sites. However, the host’s IP address is generally not shared as this type of sensitive information has been abused by malicious actors in the past.
“While we understand the importance of combating copyright infringement, we do not believe that opening a website to a cyber attack is an appropriate or legally acceptable way to combat copyright infringement,” explains the company, adding that a selected group of “trusted” notifiers can obtain this information.
“Cloudflare provides originating host IP addresses through its Trusted Reporter program to entities that have demonstrated a real need for information and have adequately demonstrated the willingness and ability to secure the information and protect it from being used. for cyberattack purposes. “
In addition, the CDN provider is also working with a small number of rights holder groups to find ways to use automated processes so that information on allegedly infringing sites can be shared even faster.
Losing confidence in trusted journalists?
Trusted notifiers include the RIAA, MPA and the Swiss watch industry, all of which have called out Cloudflare in their recent notorious market submissions. Reading between the lines, the CDN provider is not happy with everyone as some have decided to share sensitive data in public.
“Unfortunately, however, some rights holders who have gained access to sensitive intellectual property information through our Trusted Reporter process have demonstrated through public submissions to Notorious Markets that they do not believe they have an obligation to secure such information. .
“This blatant disregard for the sensitivity of the information given to them and the commitments they made when registering for the program does not help build trust or long-term cooperative relationships,” Cloudflare warns.
The CDN provider does not mention a name, but the MPA and RIAA have shared information about hosting companies of suspected pirate sites hosted by Cloudflare. That said, we haven’t seen any IP addresses shared by these groups.
Tensions and accusations remain
It should be noted that the RIAA had already anticipated Cloudflare’s rebuttal. The music industry group has confirmed that it can get the IP addresses of pirate sites. However, since Cloudflare notifies its customers if this happens, they can quickly switch to new hosting providers before the RIAA can do anything.
“Since there is no real-time access to the site location, any IP address provided by Cloudflare one day may be inaccurate the next,” RIAA wrote.
Overall, it’s clear that there is quite a bit of tension between Cloudflare and certain groups of rights holders. This is also illustrated in one of the CDN provider’s closing comments, which urges rights holders to keep an eye on the real target.
“We believe it is time for rights holders to shift their comments away from political advocacy and instead focus on the physical and online markets which are the intended subject of the Notorious Markets report,” the company concludes.
A copy of Cloudflare’s rebuttal, submitted to the United States Trade Representative’s office, is available here (pdf)