Going after alleged pirate sites through third-party service providers such as domain registrars and hosting companies is a sensitive issue. With the SOPA pushback fresh in mind, the MPAA is now carefully testing this approach in court. Considering the delicate matter at hand it's rather painful that a recent injunction targeted an innocent IP-address, due to a typo.

A few days ago news broke that the MPAA was granted a broad injunction, allowing them to shut down the domain names of Pubfilm’s alleged pirate site ring.

In addition to targeting domain registrars, the injunction also references third-party service providers that host or link to Pubfilm, preventing companies from doing business with these sites.

With the legal paperwork in hand the MPAA successfully shut down several domains. In addition, the Hollywood group also reached out to the associated hosting companies, DigitalOcean and Vultr, requesting them to take appropriate action.

Initially, the case was kept from public view, but this week the court lifted the veil. This allowed us to take a closer look at the injunction, and how it came to be. What caught our eye immediately, is that the court’s preliminary injunction lists an incorrect IP-address.

As it turns out, the MPAA’s private investigator Bob Brasich made a typo in his testimony, and it took several weeks before he spotted the mistake.

“I discovered yesterday, March 5, 2017, that the IP address for the Vultr/Choopa server as stated in paragraph 8 of the Second Supplemental Brasich Declaration contained a typographical error,” Brasich informed (pdf) the court last week.

“The Second Supplemental Brasich Declaration stated that the IP address for the Vultr/Choopa server was 108.61.191.ll4. However, the correct IP address for the Vultr/Choopa server in question is in fact 108.61.191.141, a transposition of the final two digits.”

As far as we can see, the preliminary injunction hasn’t been updated through a corrected order yet, but that’s besides the point really. What’s most concerning is that a simple typo can lead to the wrong server being disconnected.

In this example, the hosting companies also have a domain name as additional proof, but it’s not hard to see how small mistakes can potentially lead to large consequences, especially when these orders become broader and more common.

After the private investigator discovered the error, the MPAA immediately asked the court for a new order correcting the mistake. Ironically, however, that request ends with an apology that also contains a rather embarrassing error.

“Counsel apologies for any inconvenience,” the correction letter states (pdf), complete with glaring mistake.

Anothre Tyop



The typo mistake should act as a warning to illustrate how important oversight is in these cases. And there are more issues regarding the preliminary injunction that are worth keeping a close eye on too.

To a certain degree, it is reminiscent of the blocking provisions that were listed in the controversial SOPA bill, which aimed to increase liability for third party service providers. The application was also filed under seal and without alerting the defendant beforehand, which means that there was minimal oversight.

While it has only been used against registrars and hosting companies thus far, the language in the injunction is quite broad and the MPAA could try to apply it more broadly in the future.

This wouldn’t be a total surprise either. The testimony of the MPAA’s private investigator submitted against the Pubfilm sites is already rife with mentions of third-parties that provide services to the pirate sites.

Google Drive, for example, is named as a video host of the streaming sites. Doubleclick and Propeller Ads are mentioned as advertising partners, and other services such as Imgur, Facebook and Sucuri are listed as well.

If these type of injunctions indeed become more common, it will be interesting to see how other stakeholders will respond. As for the MPAA, they might want to double check their filings in the future, just to be sure.