Moonwalk was a massive pirate streaming operation that offered tens of thousands of pirated movies and TV-shows to more than 100 million end-users.
Despite its size, it was largely unknown to the public at large. It wasn’t a classic streaming piracy site. Instead, it operated as a middleman, offering a library of pirated content to hundreds of pirate sites that could embed their videos for free.
This activity wasn’t apparent to the casual pirate site user, but anti-piracy groups were well aware of it. After carefully researching the operation, the Motion Picture Association, together with Dutch anti-piracy group BREIN, took action last fall.
The two industry groups did so by going after the hosting companies. In October, BREIN and MPA obtained ex-parte orders from a Dutch Court ordering three local hosting providers to disconnect Moonwalk’s servers while preserving essential evidence.
This did indeed happen, and from one day to the next, hundreds of pirate sites lost access to their video host. While several of these eventually returned, BREIN and the MPA believe that 25 streaming sites ceased operating permanently.
Despite this success, the BREIN and MPA have yet to identify the operators. In addition, they also want access to any evidence that can help them to investigate the case further, including information on the 283 streaming sites that used Moonwalk.
The two groups tried to get this information from the hosting providers in question: Serverius, Worldstream, and YISP. While the hosts helped to take Moonwalk offline in response to the ex-parte court order, further cooperation was reportedly lacking.
“[T]he providers have not or not fully complied with the requested delivery of identifying company data. In cases where data were provided, these were found to be false or not traceable,” BREIN notes.
In an attempt to legally oblige the three hosting companies to share more evidence and act more diligently going forward, BREIN and the MPA are taking them to court in the Netherlands.
“BREIN is now progressing in a collective action, including the continuation of the closure and inspection of the seized documents with company data,” the group writes.
The legal paperwork provides a detailed overview of the case including Moonwalk’s infrastructure. Among other things, BREIN and the MPA retained the forensic anti-piracy services of NAGRA, to see how and where it operated from.
This led to a list of IP-addresses, which were connected to the three hosting companies. The majority were linked to Worldstream and YISP, while ten IP-addresses were hosted at Serverius, through two resellers.
Serverius has handed over some data but doesn’t want to press their resellers for further information. YISP has also shared some details but is generally reluctant to share more evidence. Worldstream, for its part, categorically refuses to hand over customer details over privacy concerns.
Through their legal action, BREIN and the MPA are requesting an order to compel Worldstream and YISP to share all seized material and information relating to Moonwalk and its customers. In addition, the anti-piracy groups seek an order requiring the hosting companies to keep Moonwalk offline.
The copyright holder groups also want to confirm what the obligations of third-party services are when it comes to alleged copyright infringements. Among other things, to clarify what information they have to share.
“BREIN also requests a declaration of justice with regard to a number of obligations with regard to the enforcement of intellectual property law. On the one hand because of the refusal of the defendants to voluntarily provide relevant company data and on the other hand because of their structural failure to take adequate measures to have reliable data,” the request reads.
The need for accurate information is exemplified in the Moonwalk case. For example, YISP did share some personal details of Russian residents who were supposedly linked to Moonwalk, but these turned out to be false.
BREIN sent investigators to Russia and found that one address pointed to a jobless man in an apartment complex. This man was not technically skilled and the sole computer he owns is only used by his wife. Another lead identified a woman in Kyiv, who had no clue about Moonwalk either.
In the grander scheme, the present legal action aims to set clear guidelines on what type of information hosting companies should collect and share. Ideally, hosting companies should make sure that their customers are all verified.
“BREIN intends to encourage defendants and comparable hosting providers to provide BREIN exclusively with verified company data of their customers and to set up their administration, general terms and conditions and company policy accordingly,” the anti-piracy outfit writes.
The current case is expected to have a broader impact on other Dutch and European hosting companies. BREIN and the MPA aren’t shying away from a thorough legal battle that could go all the way up to the Supreme Court, and they also note that the EU Court of Justice may have to weigh in on some issues.
As such, this lawsuit is about much more than Moonwalk alone. While the pirate CDN is an immediate target, future rulings could set the tone for copyright enforcement measures in the years to come.