“No Logs” IPVanish Releases Logs To Homeland Security

IPVanish is a highly respected US-based company that has always declared to have a strict no logs policy. It appears to be a lie.
Keep in mind that the logs go back to an incident that took place in June 2016, and IPVanish was then acquired by a company that maintains that no records are stored.

The Zero Logs Claim

Looking at the Internet Archive Wayback Machine, it can be clearly seen that both before and after the incident, IPVanish asserted that no logs were kept at all: “IPVanish does not collect or log any traffic or use of its Virtual Private Network service.”

The Incident

On 4 May 2016, a  US Department of Homeland Security investigator was talking undercover to a suspect who posted some links to child pornography. The special agent traced the IP address which linked the suspect back to Highwinds Network Group, a CDN company which launched in the Usenet industry and which owned IPVanish at the time.

Upon getting a non-lawfully binding summons, Highwinds confirmed that the IP address was theirs, but said that it would not be able to help with the investigation because:
“To protect customer data, we do not log any usage information. Therefore, we do not have any information regarding the referenced IP.”

This lacks consistency with the upcoming part of the court affidavit used for the subsequent trial.
“Highwinds Network Group suggested the HSI submit second summons requesting subscriber information more detailed in nature.”

Homeland Security Investigations (HSI) complied and was rewarded with a set of detailed connection logs that evidently identified the suspect.

It’s proof that IPVanish were indeed keeping logs contrary to “zero logs” policy claim. It gets murkier as Highwands seemed to have freely cooperated with HSI in handing them over.

Trust Expectations

Mr. Gevirtz is a genuinely despicable human being and its good news he was caught. But users want VPNs to provide privacy for legal reasons and expect them to uphold the privacy claims they make. The most important being no logs.

A Different Company Owns IPVanish Now

The whole issue is made more difficult by the fact that StackPath acquired Highwinds (and therefore IPVanish) in February 2017. Replying back to a Reddit discussion on the matter, Stackpath CEO, Lance Crosby, made the following post: “IPVanish has always marketed itself as a “no logging” VPN. At the time of the acquisition 2/6/17, the StackPath team and a third party performed due diligence on the platform. No logs existed, no logging systems existed and no previous/current/ future intent to save logs existed. The same is true today. We can only surmise, this was a one time directed order from authorities. We cannot find any history of logging at any level.”

Image result for jeremy palmer
                     Jeremy Palmer

IPVanish’s Vice President of Product & Marketing, Jeremy Palmer agreed with the statement.

The problem lies in the fact that even though a different company now owns it, many of the senior IPVanish staff have been with the company for years.

The United States of Surveillance 

Back in 2013, NSA whistleblower Edward Snowden revealed the mind-boggling scope and ambition of United States’ mass surveillance program. It represents a case of “collect it all,” and even though much digital ink has been spilled on the issue, no real progress has come of it.

America has no mandatory data retention laws, but it looks like US government flexing its muscles always gets what it wants.

This was what might have happened with IPVanish.

Is IPVanish Trustable?

Maybe PureVPN and Hide My Ass have similarly been nabbed lying about the logs they keep. Until a method to independently audit providers’ no logs claims is set up, the only way to know for sure if a VPN service is trustworthy about its logging policy is when it proves those claims in court.

But what you can about is that a VPN will protect your privacy much more than your ISP will. In IPVanish’s case, the fact that a different company runs it now provides something of a get-out clause to the actions of its past management.

But, then again, many senior staff members were also senior staff members when it took place. And anyway it’s America.


Hollywood Teams Up to Widen Swedish Pirate Bay Blockade

Several major Hollywood studios including Disney, Universal Studios, and Warner Bros, have teamed up with Swedish movie business to widen the local Pirate Bay blockade. Together they want Telia, Sweden’s largest ISP, to block The Pirate Bay, Dreamfilm, Nyafilmer, and Fmovies, as soon as possible.

The previous year, Swedish Patent and Market Court of Appeal ordered local Internet provider Bredbandsbolaget to block The Pirate Bay and streaming site Swefilmer.

The rogue torrent site blocked on its home turf was seen as a victory, but it only covered a subsection of Swedish Internet subscribers.

This week, a coalition of major film companies hopes to widen the scope. The Swedish Film Industry, Nordisk Film, Disney Entertainment, Paramount Pictures, Columbia Pictures, Twentieth Century Fox, Universal Studios, Warner Bros. and many other companies are dragging Internet provider Telia to court.

The lawsuit filed on Monday and documented by Ny Teknik requested Sweden’s largest Internet provider to block access to a selection of pirate sites. They include The Pirate Bay, Dreamfilm, Nyafilmer, and Fmovies, as well as many related proxies and mirror sites.

“Telia currently provides its subscribers with unrestricted access to these illegal services, thereby enabling these illegal services to utilize Telia’s Internet service to infringe the rights of rights-holders and others,” the complaint reads.

The movie companies reckon that Telia has a market share of roughly 36% of all Swedish Internet subscribers. Additionally, they’ve said the ISP has the tools to block these infringing sites, which would be both proportional and practical, in line with EU regulation.

This isn’t the first blocking lawsuit in Sweden, but the movie companies are using a different approach this time.

It is similar to Dutch anti-piracy group BREIN’s approach last year in the Netherlands where the complaint asks for a preliminary ruling, so the blockades can be implemented before the case is fully litigated.

The movie companies request the blocking of the pirate services as a whole and not just the domains that are in use now.

They argue that without this option “the rights holders will have to burden the legal system with repeated blocking requests if and when the operators behind the illegal services change domain names.”

Telia has not responded yet at the time of writing. Last year when copyright holders asked Telia to block The Pirate Bay, it had replied that it would only do so after a court order.


ISP Wants US Marshals to Aid Piracy Tracking Firm

Internet provider Grande Communications is seeking help from U.S. Marshals to aid piracy tracking company IP-Echelon. In line with the RIAA lawsuit, Grande Communications wants to know more about a scam where IP-Echelon’s name was misused by scammers to extract payments. The piracy tracking company has thus far been unreachable.Image result for us marshals

Two years ago it was revealed that scammers were abusing the DMCA to extract cash payments from innocent Internet subscribers.

Scammers used IP-Echelon’s and several major copyright holders names to demand settlements for allegedly pirated content.

There haven’t been any reports since, but it seems Internet provider Grande Communications is interested in the matter as it also prepares for its piracy liability case against the RIAA.

IP-Echelon competitor Rightscorp sent DMCA notices, and that is where the case lies. Grande Communications is eager to hear from IP-Echelon to get to the core of the issue as it also received the scam emails.

“Grande has also received IP-Echelon infringement notices, which include both authenticated, PGP-signed infringement notices from IP-Echelon, as well as fake, non-PGP-signed notices which falsely claim to be from IP-Echelon,” Grande told the court at the backend of the previous week.

The ISPs interest in IP-Echelon is understandable. But, it has found it somewhat challenging to get in touch with the company that has offices in the US and Australia.

Grande employed a private process server to serve the subpoena at IP-Echelon’s Los Angeles office, but these attempts failed more than once. The ISP’s legal team also tried via telephone and email to no avail.

Grande felt compelled to ask the court for help and wants the U.S. Marshals to get involved so that it can track down and aid IP-Echelon.

If the Marshals get involved then inevitably IP-Echelon can be tracked down.

Whether information from IP-Echelon is going to help Grande’s case is still unclear, but that’s something for the future.


Legal Blackmail: Zero Cases Conducted Versus Alleged Pirates in Sweden

Since 2017, tens of thousands of alleged file-sharers in Sweden have got threatening messages demanding cash settlements to make a theorized lawsuit go away. But an investigation by Sweden’s SVT failed to bring forward a single instance where a claim led to a conviction for so-called copyright trolls. A professor of law at Stockholm University termed it “Legal blackmail.”

Until recently, Sweden had managed to stay afloat from copyright trolls which have wilted several European for more than ten years. Image result for trollsign

Sweden had avoided the similar fate of its European partners until two years ago.

In September 2016 a self-proclaimed organization called Spridningskollen (Distribution Check) headed up by law firm Gothia Law said it would begin targeting the public.

The letters were described as “speeding tickets” for pirates meaning it would only target the guilty. But, a massive backlash and a couple of months later Spridningskollen was gone without a single collection letter being sent out.

That was the calm before the storm.

In February 2017, Danish law firm Njord Law launched a new troll operation targeting the subscribers of several ISPs, including Telia, Tele2, and Bredbandsbolaget. Court documents disclosed the harvesting by the law firm’s partners who were determined to link thousands of IP addresses with real-life people.

Njord Law was permitted by the court to acquire the identities of citizens behind 25,000 IP addresses hopefully to get cash settlements of around US$550. But that’s not all.

Repeatedly, the trolls headed back to court to get more IDs. SVT’s new investigation has revealed the feared copyright troll invasion of Sweden has indeed gained momentum.

SVT revealed that since 2017 Swedish Internet service providers have given personal details of more than 50,000 IP addresses to law firms representing copyright trolls and their partners. Njord Law alone will have sent out 35,000 letters by this year’s end to Swede’s whose IP addresses have been flagged as allegedly infringing copyright.

Let’s assume the trolls get $300 per letter, very quickly they could be earning $15,000,000 in revenues.

But, nothing is that simple.

In 2017, Njord Law received a 60% response for its letters meaning ever fewer settlements if at all.

Despite all the copyright trolls tough-talking, SVT’s investigation revealed that taking people to court and winning a case when they have refused to pay has never happened.

SVT while going through the records held by Patent and Market Court and also the District Courts dating back five years did not find a single case of a troll taking a citizen to court and winning an argument.

Whether Njord Law carries through with its threats, remain to be seen, but if people keep paying up, then this practice will continue and escalate. The trolls have come a long way to give up now.

Putin Urged to Investigate Damage Caused by Telegram Web-Blocking

Internet Ombudsman Dmitry Marinichev presented a report to President Vladimir Putin, saying there ought to be an investigation into the actions of Roscomnadzor after it tried to block Telegram last month. Marinichev noted that Roscomnadzor neglecting damage assessment meant millions of innocent IP addresses were caught up in the dragnet.

The Internet became a battleground once Telegram was banned in Russia by a Moscow court last month.  Image result for security camera

On Roscomnadzor’s instructions, ISPs blocked Telegram in Russia by blackholing millions of IP addresses. It was a shamble. Completely reliable services faced the brunt, while Telegram remained online anyway.

Roscomnadzor has partly cleaned up the mess these past few weeks by removing innocent Google and Amazon IP addresses from Russia’s blacklist. The collateral damage, however, was so massive there have been questions raised regarding the watchdog’s entire approach to web-blockades.

The matter looks set to skyrocket because of the annual report presented this week to President Vladimir Putin by business ombudsman Boris Titov. ‘The Book of Complaints and Suggestions of Russian Business’ has statements from Internet expert Dmitry Marinichev, who said the Prosecutor General’s Office should launch an investigation into Roscomnadzor’s actions.

Marinichev said while trying to bring down Telegram with hostile technical means, Roscomnadzor relied upon “its own interpretation of court decisions” to give direction, reported TASS.

“When carrying out blockades of information resources, Roskomnadzor did not assess the related damage caused to them,” he said.

Over 15 million IP addresses were blocked; many of them had no relations to Telegram operations. Marinichev stated the collateral damage suffered by innocent people was catastrophic.

“[The blocking led] to a temporary inaccessibility of Internet resources of a number of Russian enterprises in the Internet sector, including several banks and government information resources,” he reported.

Advising the President, Marinichev proposed that the Prosecutor General’s Office ought to look into “the legality and validity of Roskomnadzor’s actions” which led to the “violation of availability of information resources of commercial companies” and “threatened the integrity, sustainability, and functioning of the unified telecommunications network of the Russian Federation and its critical information infrastructure.”

Starting of May, reports came in that along with various web services, around 50 VPN, proxy and anonymity platforms had been blocked for providing access to Telegram. News on May 22 had seen that number swell to over 80 although ten were later after they terminated access to Telegram.

Currently, Roscomnadzor is carrying on with its efforts to block access to torrent and streaming platforms. It freshly ordered ISPs to prevent at least 47 mirrors and proxies giving access to previously blocked sites.

53 Pirate Sites Blocked in Singapore

Singapore ISPs have blocked 53 pirate websites after a successful application by the MPAA, which accused the sites of blatant copyright infringement.

In 2014 Singapore passed amendments to copyright law that grant ISPs to block ‘pirate’ sites after mounting pressure from copyright holders.

The amendments came into effect in December 2014, but it was not until later that websites were targeted. In September 2016 following MPAA request, Solarmovie.ph became the first site ordered to be blocked under Singapore’s amended Copyright Act.

Owing to a successful application by the MPAA earlier this year, yesterday 53 sites across 154 domains have been blocked by ISPs rendering them inaccessible.

“In Singapore, these sites are responsible for a major portion of copyright infringement of films and television shows,” an MPAA spokesperson told The Straits Times (paywall).

The High Court, however, cannot grant a block injunction on any site without first proving the site is “flagrantly infringing”. YouTube is an example of non-blatant infringement.

The judgment should be tipped in copyright holders’ favor for sites to be considered for blocking.

There are also additional factors the Court takes into consideration when deciding to block a site like ISPs burden, technical feasibility, and its effectiveness.

In line with regions such as the UK and Australia, sites targeted for blocking needs to be informed of the case made against them, to make sure they’re given a chance to defend themselves in court. Not a single fully-fledged ‘pirate’ site has ever defended itself against a blocking application anywhere in the world.

Finally, copyright holders can apply for amendment of blocking order to the Singapore High Court should ‘pirate’ sites try to evade an ISP blockade. It is similar to the Australian model where each case must be heard on its merits, unlike the UK model which is more streamlined.

Recent Reports by Motion Picture Association Canada states at least 42 countries have obligations to block infringing sites. Just in Europe, 1,800 websites and 5,300 domains have been rendered inaccessible, with Portugal, Italy, the UK, and Denmark leading the way.

Copyright holders in Canada are lobbying hard for a site-blocking regime as they want to the “uncertain, slow and expensive” way of going through the courts.

ISP Telenor Will Voluntarily Block The Pirate Bay in Sweden

Telenor, an ISP will block The Pirate Bay in Sweden voluntarily. It is a result of the consolidation with Bredbandsbolaget; a Telenor owned ISP that was previously tasked with blocking The Pirate Bay.

In 2014, Nordisk Film, Swedish Film Industry, Sony Music, Universal Music, and Warner Music filed a case against Bredbandsbolaget, one of Sweden’s biggest ISPs.

The ISP did not back down.

The company stated that it refuses to block The Pirate Bay.

The parties met in court in February 2015. Bredbandsbolaget argued that ISPs just like postal service should not be held responsible for content exchange.

TV companies SVT, TV4 Group, MTG TV, SBS Discovery and C More, teamed up with the IFPI alongside Paramount, Disney, Warner, and Sony in the case.

The Stockholm District Court in November 2015 decided in favor of Bredbandsbolaget.

Bredbandsbolaget blocked The Pirate Bay in March 2017 but pledged to fight on.

It seemed to have affected Telenor, the parent company of Bredbandsbolaget, as The Pirate Bay will be blocked by Telenor too.

The reason could be because the two brands will now merge into one entity even though Bredbandsbolaget was acquired by Telenor back in 2005.

Before the merger, Bredbandsbolaget’s 600,000 broadband customers were denied access to The Pirate Bay, now 700,000 of Telenor’s customers will likely face the same fate.

The company said they are merging both the brands.

Anyway, it’s a wise move because at EU level the legal basis for web-blocking on copyright infringement grounds was firmly established last year.