A second VPN has been successfully sued into stopping BitTorrent traffic from flowing through their proxy servers, according to court records.
Some VPN providers were encouraging people to use their unencrypted network proxies in order to Torrent copyrighted material. They also created and provided instructions on how to do so, while serving advertisements on the subject.
Now that a second VPN has been sued and forced to block all BitTorrent traffic, we need to examine this as an industry trend.
Were these isolated incidents, or is this just the tip of the iceberg?
VPN.ht Bans BitTorrent
This lawsuit started to heat up in October 2021. It was between VPN.ht (Wicked Technology Limited) and Millennium Funding Inc (Millennium Media and Voltage Pictures among others). In a nutshell, the movie industry up against the alleged piracy enablers.
Wicked claimed that they didn’t have to follow U.S. law because the owner was Algerian, therefore they had no jurisdiction. But the court noted that their company advertised to every state in the U.S. and ran several U.S. servers. That alone was enough to establish piracy enforcement for the region.
Once that was established, there were very few valid ways for Wiched to defend against charges that had been brought against them. The court had frozen their PayPal accounts as well. That means that they had to at least try to defend their practices in court.
After the judge reviewed their ads and deemed that they had included pro-piracy messages, the defense started to crumble. Wicked had also given their users instructions on how to set up their BitTorrent clients to use their SOCKS5 proxies for high speed Torrenting.
The issue was, those SOCKS5 servers aren’t encrypted.
That allowed the movie industry to catch users pirating music, movies, and games. The evidence was clear and out in the open. Wicked soon moved to settle. In Q3 2021 they told the court that they were in negotiations with Millennium Funding.
In early October, they settled. Here is a copy of the court injunction. The judge would unfreeze the VPN’s assets in exchange for shutting down all BitTorrent traffic through their site.
The statement included this:
Logs for US Servers: Within 30 days of entry of this order, the Wicked Entities are hereby ORDERED to store log records of the Internet Protocol (“IP”) addresses tied to servers in the United States under their control that subscribers of Wicked’s VPN use and to retain said log records for at least 12 months on a rolling basis. Said log records shall include the identification information of the subscriber as stored in the records for the Wicked Entities.
That meant logs would have to be handed over if they existed. Wicked claimed there were no logs to hand over. To be more precise, what they said to their customers was: Even if there were logs, they wouldn’t hand them over.
Wicked then took the step of shutting down all of their US servers. They told their clients to use their gateways in Canada and Mexico instead. BitTorrent through their SOCKS5 servers was effectively shut down.
TorGuard Bans BitTorrent
Millennium Funding Inc set their sights on the next target: TorGuard
This was another firm who encouraged their customers to make use of an unencrypted SOCKS5 server to pirate things.
As far as evidence went, it was overwhelming, perhaps even more so than in the last case. Here is the data that was in the settlement documents: Ad copy, tutorials on setting up SOCKS5 and other proxy configuration information. They even got TorGuard to admit that they had the ability to monitor and block the traffic flowing through those proxies.
On just one of their many SOCKS5 servers, Millennium recorded 98,500 instances of movie piracy. It was a pile of evidence that left a lot of TorGuard people nervous.
Their defense was that their provider, Quadranet, failed to process and pass on the copyright claims. If their records were correct, Quadranet brought everything to a boil by failing to send over 100,000 DMCA notices to TorGuard.
But even though the ISP was undoubtedly partly at fault, they weren’t on trial this time around. So TorGuard settled and blocked all BitTorrent traffic as part of the injunction.
So is this an industry trend?
Understand that Millennium Funding is just one of three major rights holder sectors that can take advantage of this sort of evidence and ruling. They only cover the movie industry. There is plenty of room for more lawsuits involving the publishing and music industries. This is likely just the tip of the iceberg.
And it isn’t even the end for Millennium. They found a plethora of other VPNs who use unencrypted SOCKS5 servers, because they circumvent the speed issues associated with using the fully encrypted VPN service. Of course, they also bypass any possibility of privacy or security for their users.
For the media industries, this is a goldmine. In the past, lawsuits failed because encryption provided the VPNs with plausible deniability: How could they know what was happening inside an encrypted tunnel? But the combination of VPNs mentioning or alluding to acts of piracy in advertising, and unencrypted servers providing a way for the entertainment industry to gather evidence and ‘take names’, will be a potent combination in courts around the world.
What Happens To The Users?
There’s no way to know if a VPN is really following a no-log policy. The users need to hope that’s the case. Because if not, they’ll get hit with hundreds of thousands of individual fines and possibly hardware impounding on the basis of these two cases alone. And that’s just in the U.S. In other countries, piracy is considered on the same level as physical theft, and can carry a jail term.
Users would be advised to look into dedicated privacy apps instead of VPNs, if they want to do more than just scramble their IP address. Hoody looks like a promising alternative.