There was no way I could not share this. I recommend watching all the way through to the end. Is the message entirely on solid ground copyright-wise? Not quite. Is the sentiment in the right place? I think so. And it’s funny as hell and includes a nice shout out to one of my favorite bands, The Dropkick Murphys.
Happy Monday.
DN
Andrew Orlowski reports at The Register that last week Google quietly suspended its legal action to “muzzle” an investigation by Mississippi Attorney General Hood into whether or not the search giant was abiding by the terms of its 2012, non-prosecutorial settlement with the government over illegal online sales of prescription drugs. Any explanation of Google’s change in strategy or the future of that investigation are subjects for another day. But the fact that AG Hood was ultimately not stymied—either by litigation or by a brazen attempt in the State House of Representatives to legislatively tie his hands—is probably good news for American consumers because State Attorneys General “often act as the de facto consumer protection arm in their respective states,” notes a new report published yesterday by Digital Citizens Alliance.
Following up on its December report, which presented a look into the scope of the malware hazard for consumers who visit content-theft sites, DCA and RiskIQ have again collaborated to begin looking at the hosting services that either inadvertently or knowingly support illegal sites, which then endanger consumers. The hosting services in this regard are particularly relevant because they are not shadowy operators based in hard-to-reach geographies but are legal corporations with offices in the United States. As such, the news that Google will now look to “cooperate with AG Hood” rather than remain on the offensive comes at a good moment for consumers. This is because DCA notes that state AGs will be the first authorities who may choose to investigate US-operating hosting services to determine their role in fostering the dissemination of malware.
The December report called Digital Bait revealed the likelihood (about 30% in some cases) that users of content theft sites would infect their devices with malware, and the report also identified the various types of malware being deployed in order to steal information and/or assets from consumers. Digital Bait also presented a glimpse into the dark web-based economy where criminals engage in transactions like selling the IP addresses of a girl’s computer or even a cybercriminal paying content-theft site owners to deliberately host malware on their sites. The report contains some eye-opening statistics like the one from the DOJ, which states that 16.2 million American consumers have been victims of identity theft, incurring financial losses of more than $24.7 billion.
The report released yesterday, Enabling Malware, looks at two hosting companies, each of which responded very differently when DCA contacted them with their findings. The first was CloudFlare, which is “known for its willingness to support, or at least overlook, illicit activities,” the report states. CloudFlare is a hosting service that is specifically designed to mask the identity of site owners and of the true hosting site of any content, whether the content is legal or not. The site’s blog reads, “Signing up for CloudFlare is like taking your number out of the phone book, and putting in CloudFlare’s number under your name.”
This type of service can be (and is) used by journalists or bloggers operating in locations with authoritarian governments or other hazards to free speech and reportage. But it is also a natural hosting choice for content-theft site owners, thus earning the service the nickname “CrimeFlare” among cyber-security experts. DCA contacted CloudFlare with regard to its hosting sites like Putlocker and Animex, both of which were identified in the Digital Bait report as delivering malware to users. CloudFlare did not respond until a day or two before the release of this new report and wrote the following:
“CloudFlare’s service protects and accelerates websites and applications. Because CloudFlare is not a host, we cannot control or remove customer content from the Internet. CloudFlare leaves the removal of online content to law enforcement agencies and complies with any legal requests made by the authorities. If we believe that one of our customers’ websites is distributing malware, CloudFlare will post an interstitial page that warns site visitors and asks them if they would like to proceed despite the warning. This practice follows established industry norms.”
In other words, CloudFlare is not going to do anything unless authorities make them.
The other hosting service DCA and RiskIQ looked at was HawkHost, whose support includes watchfreemoviesonline.top, which was found to have a 32% malware exposure rate in the research conducted for the Digital Bait report. When DCA contacted HawkHost, the company’s response was very different from CloudFlare’s, stating that the sites identified by DCA would be taken down because they “clearly violate our TOS/AUP,” according to CTO Cody Robertson. Additionally, executives at HawkHost have agreed to meet with DCA to discuss findings linking malware with content theft sites and to look for ways to better protect consumers. DCA commends HawkHost, stating that they find the company’s response “an encouraging sign.”
DCA and RiskIQ will continue to study the link between content-theft sites and malware, as well as the legal hosting services that operate in the United States, which may be supporting malware-infested sites. These findings will be presented to State Attorneys General, who then have the authority to investigate the extent to which a particular hosting service may or may not be willfully turning a blind eye to illegal enterprise that is directly harming American consumers. So, as mentioned, beyond any implications regarding the Google investigation itself, last week’s affirmation of AG Hood’s authority in that case is likely a good sign for protecting consumers in general from the chronic I-Didn’t-Know-Defense too-often employed by various OSPs.
Last week, Cory Doctorow reported on Boing Boing that Amazon has a growing counterfeit products problem on its hands due to a change in company policy that allows Chinese suppliers to sell direct on the platform, bypassing domestic importers. If accurate, the issue itself is not very surprising. What is surprising is that Doctorow does not acknowledge—at least not in this article—that the counterfeit outbreak he describes is an inevitable result of the anti-IP agenda he has personally supported for years.
At some point, one must toss that copy of The Declaration of the Independence of Cyberspace into the digital dumpster and accept that the internet is not a magical cornucopia whose bounty will flow only so long as it operates beyond the legal limits of the physical world. To the contrary, the virtual increasingly has significant influence on the tangible. Doctorow describes the following:
“In late 2015, there were a spate of warnings about knockoff sex toys on Amazon made from toxic materials that you really didn’t want to stick inside your body. Now this has metastasized into every Amazon category. Sometimes its clothes and other goods that have weird sizing, colors, or poor construction. Sometimes its goods that generate no complaints, but are priced so low that the legit manufacturers can’t compete, and end up pulling out of Amazon or going bust.
Or it can be the worst of both worlds: super-cheap goods that make it impossible for legit manufacturers to compete, coupled with low-quality knockoffs that generate strings of one-star reviews from pissed off customers, meaning that even if the fakes were chased off the service, the sales will never come back.”
Sound familiar? Doctorow observes that Amazon is making money on transactions that may defraud—or even endanger—consumers while simultaneously causing permanent economic harm to legitimate suppliers. Isn’t that what many of us have been saying would happen when IP rights are not enforced online—that the “free culture” fiesta would extend beyond the supposed “harmlessness” of media piracy and eventually manifest as physical goods that can maim, poison, or kill people? Or at least just rip them off?
Unfortunately, the broader battle over IP protection on internet platforms has been distorted by a naive belief in the harmlessness of pirating entertainment media and the assumption that IP only serves the big conglomerates who produce those works. This feeds a sense that IP in general is just a “protectionist” regime for entrenched corporations to slow innovation. When it comes to physical goods, though, suddenly people begin to notice that protecting IP happens to protect consumers. This is why for instance trademark infringement is not a minor transgression. The knock-off Polo shirt won’t get anyone killed, but the knock-off Graco car seat certainly could; and when one distribution service like Amazon is vying to be the “Everything Store,” the possibility for widespread hazard becomes clear.
Presumably, Amazon will recognize the potential loss of consumer confidence if their counterfeit problem grows. The company could take mitigating measures akin to the effective, anti-fraud practices employed by eBay, which weighed heavily in its favor in a 2002 litigation with Tiffany over fraudulent products being sold on that platform. That Doctorow writes the following, however, is the real hypocrisy that needs to be addressed:
“Amazon is bending over backwards to refund customers who get bad fakes, but either can’t or won’t stem the tide of fakes themselves (I run into counterfeit editions of my books on Amazon all the time). It may be that it’s more profitable to offer refunds to customers who get bad products than it is to police the millions of SKUs that are pouring in now that Chinese industry has a direct pipeline to Amazon’s customers.”
Doctorow is criticizing Amazon for tackling the counterfeit problem one infringement at a time while failing to take broader measures to “police” its own platform to “stem the tide.” Is that not a familiar refrain copyright holders have been singing about mass infringement of their works on platforms like YouTube? I think it is. Either these platforms are under the control of their owners or they’re not. Either we want a digital market that protects suppliers and consumers, or we don’t. And we can’t have the former without shedding this naive premise that the technology itself obviates the need for intellectual property enforcement, or that IP is exclusively a barrier to access, information, or innovative services.
This subject actually refers back to the first article I wrote about any of these issues—one that appeared in December 2011 in Stars & Stripes supporting SOPA/PIPA because of their associated provisions designed to mitigate counterfeit products entering the military supply chain. You remember SOPA, right? Certainly, the cadre of “digital rights” activists won’t let you forget it as they chronically insist that all proposals to protect any kind of IP online are basically SOPA in disguise. (See Guide to Critiquing Copyright in the Digital Age).
Likely, nobody remembers that Tittle II of SOPA contained anti-counterfeiting provisions as did a companion bill to PIPA called the Combatting Military Counterfeits Act, authored by Sheldon Whitehouse (D-RI). These provisions and proposed amendments would not be protecting US consumers from Amazon-purchased counterfeits more than the existing statutes (Title 18) already do, but the bills did go further to protect against certain types of counterfeiting, and both bills expanded the principle that trafficking in counterfeits online poses a serious threat to consumer safety.
As Doctorow’s observations forecast, someone’s eventually going to get hurt. And unfortunately, that’s often what it takes for people to demand any kind of action. Or we could change the conversation before that happens.
You must be logged in to post a comment.