piracy

"No logs" VPN provider TorGuard has reached a legal settlement this month with over two dozen movie studios that sued the company for encouraging piracy and copyright infringement.

In the settlement, TorGuard has agreed to block BitTorrent traffic for its users.

TorGuard VPN to block torrents using firewall

Last year, over two dozen film studios had sued TorGuard, claiming the VPN provider maintained no logs and encouraged online piracy through its marketing efforts.

The same set of plaintiffs had earlier demanded $10 million in "damages" from another log-less VPN provider, LiquidVPN.

According to court documents obtained by BleepingComputer, both the film studios and VPNetworks, LLC  d.b.a. TorGuard, have now agreed to reach a settlement in which the VPN provider will block torrents on its network.

TorGuard will "use commercially reasonable efforts to block BitTorrent traffic on its servers in the United States using firewall technology," reveal the documents:

In October 2021, VPN.ht had also "settled" with the same plaintiffs after fighting a legal battle and agreed to block BitTorrent and to log traffic on its U.S. servers.

Several other VPN companies, including Surfshark, VPN Unlimited, Zenmate, PIA, and ExpressVPN were also targeted in similar cases last year.

TorGuard blames host for ignoring over 100,000 piracy notices

Since June 2012, TorGuard had been leasing servers and IP addresses from hosting provider QuadraNet, until late 2021 when the VPN provider notified QuadraNet that it was terminating the service.

Some of these servers were used by TorGuard to offer SOCKS5 proxy services to its customers.

TorGuard's Knowedgebase (KB) had detailed instructions on how its proxy servers could be configured by customers to work with existing BitTorrent clients: 

setting up TorGuard SOCKS5 server with BitTorrent
TorGuard SOCKS5 proxy servers can be used with BitTorrent clients

Note, unlike with VPNs, traffic routed through SOCKS5 proxy servers is by default unencrypted, making it possible for intermediary hosting providers to gain visibility into the network flows, should they choose to.

Records produced by the film studios show that 97,640 copyright infringement notices were sent to QuadraNet confirming instances of piracy at the SOCKS5 IPs assigned to TorGuard.

An additional, 47,219 notices confirmed piracy associated with other TorGuard IP addresses, through November 2021.

Plaintiffs' attorneys shared an Excel spreadsheet with TorGuard showing 250,000 "hit dates of confirmed infringement." Of these records, about 40% of copyright infringement instances were associated with one SOCKS5 IP address alone that had been provisioned to TorGuard.

"Because traffic on TorGuard’s SOCKS5 proxy servers is not encrypted,... QuadraNet could have used conventional network monitoring tools to capture data packets of the piracy and confirm the piracy in the notices plaintiffs sent to QuadraNet," argue the plaintiffs' lawyers.

The film studios further argue that network monitoring technologies like deep packet inspection could have been used to respond to piracy notices and block infringing flows.

TorGuard has blamed the mishap on its hosting provider, QuadraNet for failing to timely forward copyright violation notices to TorGuard's registered DMCA agent.

"TorGuard values intellectual property rights of others, as stated in TorGuard's publicly posted policies. Had QuadraNet sent these notices to our DMCA agent, TorGuard's ordinary business practices would have been to immediately take steps to stop further piracy."

When TorGuard notified QuadraNet that it was terminating its relationship with the hosting provider, "Quadranet tried to persuade TorGuard to continue service by offering different terms," state the court documents.

It is a common practice in the hosting industry for a provider to "null route" a subscriber's IP address, effectively terminating a network connection, where it has received multiple notices of copyright infringement associated with an IP address.

"If QuadraNet had null routed one of the IP addresses assigned to TorGuard where plaintiffs sent notices or at least forwarded the notices to TorGuard's DMCA agent, TorGuard would have taken immediate steps to stop further piracy such as suspending users and adopting a firewall to filter out BitTorrent traffic as it has now begun to do," explains the VPN provider.

In September 2021, the same group of film studios had sued QuadraNet for not null-routing infringing VPN IPs. Luckily though, the plaintiff's earlier complaint centered around VPN (encrypted) traffic and made no mention of SOCKS5 proxies.

As such, the court had to dismiss the lawsuit and side with QuadraNet who claimed it had no visibility into encrypted VPN traffic and "was never aware of the end users' online activity" on its servers.

Update March 14th, 00:12 ET: Added VPN.ht had also reached a similar settlement last year with the same group of plaintiffs and other VPN providers were also targeted.

Related Articles:

Take an extra $5 off this ad-blocking DNS for Presidents' Day

Anonymize your browsing with 61% off a Windscribe VPN Pro Plan

New Fortinet RCE bug is actively exploited, CISA confirms

ExpressVPN bug has been leaking some DNS requests for years

New Fortinet RCE flaw in SSL VPN likely exploited in attacks