For VPN Provider HideMyNet DMCA's ABC's Not As Easy As 123

from the you-are-the-weakest-link-goodbye dept

Besides circumventing censorship, one of VPN services' main functions is safeguarding users' privacy. To find out how far these services go to protect their customers' privacy, Torrentfreak conducted a 2-question survey among VPN providers, with mixed results.

As I was looking for a VPN provider myself and got tipped about HideMyNet, which is missing from Torrentfreak's overview, I decided to ask them the two questions myself:

Your service has been recommended to me multiple times, but before I start using your service, I have two questions.

1. Do you keep ANY logs which would allow you or a 3rd party to match an IP address and a time stamp to a user of your service? If so, exactly what information do you hold?

2. Under what jurisdictions does your company operate and under what exact circumstances will you share the information you hold with a 3rd party?

A few hours later I received their response:

 1) Yes, any serious company would. I would be concerned about the quality of a company who did not. If no logs are kept it'd be impossible to respond to a DMCA complaint which puts the company liable for a 100,000$ fine. I highly doubt you're going to find any company willing to risk that sort of liability on a 5$/month vpn account. Good luck!

2) USA - Also, it's the jurisdiction of the server endpoint -- Not the company itself.

A baffling response which, besides being rude, also shows the company is completely clueless about the DMCA. We got in touch with a lawyer who's a DMCA expert who had the following to say:

"Sounds bogus to me. 17 USC 512(m) says the safe harbor is not conditioned on "monitoring the service." However, the service provider will be asked for evidence of its takedown practices, but the service provider only has to give what it's got. The $100k fine is made up too."

Classy, HideMyNet. Inventing a $100,000 fine to scare potential customers into using your service instead of a competitor's. Lesson learned: always make sure a service actually knows what it's talking about before handing over your money and beware of VPN providers that will sacrifice your privacy regardless of whether you are in violation of some country's copyright laws or not.

So what was it HideMyNet: simply unaware of the law? A case of untrained sales representatives being allowed to make up facts? Scared of the weight and money the entertainment industry's lobbies are throwing at suing the hell out of honest companies? Or do you have other motives to hide behind the DMCA?

Filed Under: dmca, privacy, tracking, vpn
Companies: hidemynet

SOPA And Its Broad Regulation Of VPNs, Proxies And Other Important Tools

from the is-this-what-we-really-want? dept

There are so many scary parts to SOPA, it's taking some time to pull out all the pieces. One of the scarier parts of SOPA that isn't found in PROTECT IP, is the addition of a form of an "anti-circumvention" rule, which makes it illegal to try to get around any blockade on the US government's blacklist. Like the DMCA's dreadful anti-circumvention clause, this one is also vague and overly broad -- and would create problems for all sorts of legal services. The EFF is listing out some perfectly legal services that would suddenly be in legal crosshairs:

In this new bill, Hollywood has expanded its censorship ambitions. No longer content to just blacklist entries in the Domain Name System, this version targets software developers and distributors as well. It allows the Attorney General (doing Hollywood or trademark holders' bidding) to go after more or less anyone who provides or offers a product or service that could be used to get around DNS blacklisting orders. This language is clearly aimed at Mozilla, which took a principled stand in refusing to assist the Department of Homeland Security's efforts to censor the domain name system, but we are also concerned that it could affect the open source community, internet innovation, and software freedom more broadly:

• Do you write or distribute VPN, proxy, privacy or anonymization software? You might have to build in a censorship mechanism — or find yourself in a legal fight with the United States Attorney General.
• Even some of the most fundamental and widely used Internet security software, such as SSH, includes built-in proxy functionality. This kind of software is installed on hundreds of millions of computers, and is an indispensable tool for systems administration professionals, but it could easily become a target for censorship orders under the new bill.
• Do you work with or distribute zone files for gTLDs? Want to keep them accurate?  Too bad — Hollywood might argue that if you provide a complete (i.e., uncensored) list, you are illegally helping people bypass SOPA orders. 
• Want to write a client-side DNSSEC resolver that uses multiple servers until it finds a valid signed entry? Again, you could be in a fight with the U.S. Attorney General.

This is how the Great Firewall of China works as well -- by threatening service providers who don't help block with the idea that they might be liable if they don't figure out "some way" to block things. Then everyone scrambles to censor well beyond what is required under the law, just to avoid liability. The end result of this will make the internet significantly less secure. VPN providers will go out of business or be severely limited. This is exactly the opposite of the direction we should be moving in.

Filed Under: copyright, proxy, regulation, sopa, vpn

Swedish ISP Will Automatically Encrypt All Traffic To Protect Privacy Under New Data Retention Laws

from the how-it-all-works dept

When Sweden first put in place its IPRED law, which required ISPs to hand over identifying info on people accused of file sharing, one of the first ISPs to respond was Banhof, who immediately put in place a new policy to delete all log files. Now that Sweden is pushing forward with a data retention law that would require ISPs to keep log files, Banhof has taken things up a notch by encrypting all traffic on their network via a VPN. That means that even if it keeps logfiles, the information will be effectively useless. Honestly, I'm surprised that more ISPs haven't done something similar and pitched themselves as focused on protecting privacy. It's difficult to see how Swedish politicians can really respond to this. They can't exactly order ISPs not to encrypt traffic. Just think of the mess that would cause. So, as the US starts looking (again) at data retention laws, they might want to consider what's happening in Sweden.

Filed Under: data retention, encryption, sweden, vpn
Companies: banhof

Microsoft Loses Yet Another Patent Lawsuit

from the how's-that-looking-now? dept

In the last few years, Microsoft has become a bigger and bigger supporter of patents, which is a bit ironic, given that Bill Gates once pointed out that the software industry never would have developed if there had been software patents back in the early days. But, proving that new companies innovate, while older companies litigate, Microsoft has become a big patent hoarder in recent years. But, to date, while it's used those patents to threaten lots of companies, it seems like Microsoft's decision to live by patents, is actually costing it quite a bit of money.

We've already covered Microsoft's big loss to i4i at the end of last year, for which Microsoft was told to pay nearly $300 million. And, now, Microsoft has lost a patent lawsuit in East Texas (of course) from a company that appears to have been set up just to sue Microsoft -- claiming patents over VPN technology. In fact, the company's business plan basically admits that its business model is to win these sorts of lawsuits. Hard to see how that's promoting progress or innovation in any way. Oh well. Live by the patent, die by the patent, I guess...

Filed Under: innovation, patents, vpn
Companies: microsoft, virnetx

Dear Hulu: Stop Treating Me Like A Criminal

from the if-you-don't-want-me-to-watch... dept

I mentioned recently that, for some idiotic reason, Hulu has stopped letting me view any of its content. That's because I use WiTopia's VPN service for security reasons. It seems that plenty of other WiTopia users are discovering this, as well, and are getting annoyed. The issue is that Hulu wants to block people from outside the US from viewing its content (for licensing reasons, even if they're pretty pointless in today's world). But, for some bizarre reason, it's been decided that anyone who uses any sort of VPN or proxy can't use Hulu at all because they might be coming from a foreign country. I'm sitting here in California and Hulu tells me I might be illegally accessing its content, so it doesn't allow it. So, instead, I don't give Hulu any additional ad views and I don't watch the content I wanted to watch. How does that help anyone? It appears to make everyone worse off. And it's not like WiTopia is some free anonymous proxy -- it's a pay-service that has been around for ages and is used regularly for WiFi security purposes. Many of its users are US-based (the company is based in the US, and most of its servers are in the US as well). So, because (gasp!) a small group of people outside the US might dare to catch a video (with ads!!), all of Witopia's US customers can't watch any content at all? This is the same ridiculous content industry mindset that drives so many people to unauthorized file sharing: they treat you as a criminal first and force you to prove you're not (or sometimes, don't even let you prove otherwise). The problem the industry is facing isn't due to some guy in Europe catching The Colbert Report from across the sea. It comes from turning off legitimate customers and users who are sick of being treated like crap.

Filed Under: content, security, video, vpn
Companies: hulu, witopia

The Pirate Bay's New Business Model Apparently Working Wonders

from the wonder-how-this-will-work-out dept

One of the key elements of the trial against The Pirate Bay in Sweden was the claim by the entertainment industry that the site's owners were profiting massively by selling ads on the site. The defendants denied this, claiming that they basically earned enough to keep the site operating, but not all that much more. However, the entertainment industry may now have evidence of a new lucrative business model by The Pirate Bay. Apparently, 113,000 customers have already signed up for The Pirate Bay's new anonymous VPN service, which costs around $6/month. So, we're talking more than half a millions dollars coming in every month from this alone... and that's just based on customers signing up in the first week or so. But would the entertainment industry really be able to go after that revenue as well? After all there are plenty of services out there that provide anonymous VPN services, so you can't say that this particular revenue is "profiting from piracy." Either way, though... it's yet another sign that everything the entertainment industry tries to do to "fight" file sharing seems to come back to bite them.

Filed Under: anonymity, business models, privacy, vpn
Companies: the pirate bay