As we reported last year, a Regensburg-based law firm, Urmann and Colleagues (U+C), began sending out letters to at least 10,000 people across Germany, ordering them to stop viewing videos on the streaming site Redtube.com (NSFW) and pay €250 ($345) to a shady Swiss company called The Archive. That money, the letter stated, would put a stop to future litigation.

This week, the intellectual property dispute appears to have escalated.

On Monday, Berlin-based law firm Werdermann published a statement (Google Translate) on its website where it says it has been reaching out to people who have received such letters. The firm says since last week, it has conducted “more than 1,000 telephone interviews with concerned persons.” Wedermann appears to be leading the charge in defending people who it believes have been wrongly accused of copyright infringement, and the firm is actively soliciting new clients caught up in this situation.

Werdermann’s German-language statement goes on to say that these people all appear to be customers of Deutsche Telekom as well, which is likely how U+C got its customer details to begin with.

"It is possible that other ISPs will be obliged to provide information in the coming days, or already were, so that customers from Kabeldeutschland [another major German ISP] may get other warnings from Regensburg," Johannes von Rüden, a Werdermann attorney, wrote.

Ars attempted to contact U+C and Werdermann, but they did not immediately respond.

The German magazine, Stern, which has been reporting extensively (Google Translate) on this issue, provided Ars with a redacted copy of one of the letters sent out by U+C. Ars is publishing the four-page, German-language letter in full for the first time here. Additionally, Stern reported (Google Translate) Tuesday that some online scammers have now been inspired by this affair and are crafting and distributing e-mails modeled after U+C's letters. These e-mails ask for more money than the original €250, and even include malware attachments.

A shady Swiss firm

According to Werdermann, The Archive filed a demand on Sunday with the Regional Court of Cologne in an attempt to compel Deutsche Telekom to hand over the names behind the 1,000 IP addresses that it believes unlawfully accessed an adult film called “Amanda’s Secrets.” The filing was made in the Cologne court as Deutsche Telekom sits in this particular jurisdiction.

The Archive has apparently had “procedural representational rights” to the “Amanda’s Secrets” film, and a few other films , from a company called Matrazensport since July 2013. According to The Archive’s German-language business filing with Swiss authorities, its primary business is the “acquisition and evaluation of audio media and audio-visual media of any kind.”

Von Rüden said in his statement that his firm had requested “expedited proceedings” and was hoping to see and possibly challenge this request. But it appears that those efforts to halt the personal data handover were in vain.

On Monday, December 9, German newspaper Die Welt cited (Google Translate) an unnamed Cologne judge’s decision to compel Telekom to handover the names and addresses of the alleged infringers to The Archive. That judge apparently cited an infringement of Section 19 of the Copyright Act, noting that “unauthorized public access” to this film on a “file-sharing website” is illegal.

Von Rüden, however, further said in his Monday statement that individual users should not be held liable if a streaming website posts unauthorized videos. “For serious users of erotic portals, it is not possible to recognize at first glance where the uploaded files came from and whether they come from unlawfully manufactured [originals],” the Berlin-based lawyer noted.

"Hoodwinked"

Both Werdermann and German media cite court documents that say that The Archive has been using a traffic analysis software called “gladii 1.1.3,” which originally identified the 1,000 IP addresses across a particular three-hour period. But software of this type is typically used on file-sharing networks, not to collect data from a streaming site.

“We have deliberately held back our speculation, and we are not participating,” von Rüden added. “But from the case file, it is still not clear how exactly ITGuards’ gladii [claims to have identified the data]. The designs are strongly reminiscent of the usual explanations on the functioning of software for monitoring file sharing networks. The fact that the data was downloaded and then listened to and viewed by an employee is probably [nonsense]. The data may have [even] been issued in breach of the Data Protection Act. This could be punishable, but in any case, has been improper. The District Court of Cologne has apparently been hoodwinked.”

Unlucky 'dube

At least one user accused of infringement suspects that he was tricked into visiting redtube.com via a spoofed URL.

TKowalski reported (Google Translate) in a comment on a legal blog that “266403.retdube.net” turned up in his browser history.

“Well, I must admit that I have been one or two times to the specified page, if not always voluntary (redirects and such). Therefore, I can’t say exactly what was there,” he wrote about the spoofed address. “But if there is a click-ahead address, or redirect, or if the link has been loaded into a pop-up, you can’t even find out. The site, in any case, is no longer accessible.”

The retdube.net URL now appears to forward to the bona fide redtube.com address, but it could have also been acting as a false front for the real thing. However, it is plausible that previously someone was intercepting traffic to the legit site and adding in false links or pop-ups as a way to induce possible copyright infringement.

Last week, another German legal blog published (Google Translate) what it said was an e-mail that a victim had received from his ISP saying that his IP address had been used as part of a “virus attack” just hours after he allegedly visited Redtube.com.

The German lawyer behind the blog, Alexander Schupp, speculated:

There are also two possibilities: either this is a program that spies on the Internet traffic on the infected computer and this data is passed along to interested third parties (in this example, the rights holder) or allows third parties access to the infected computer of the user to use to retrieve the streams at Redtube.

Redtube's US-based lawyer, Hal Milstein, did not immediately respond to Ars' request for comment, but he did say that he was not familiar with the German situation.

Still, other German lawyers are skeptical that this seemingly predatory tactic will eventually be successful.

“The actual case is completely unknown legal territory to courts,” Domick Boecker, a tech lawyer based outside of Cologne, told Ars. “The situation was discussed by lawyers and professors beforehand, but no clear and predominant opinion was found.”

“U+C [has done] a lot of ‘filesharer-hunting.’ Filesharing is pretty clear, because the document to be shared is made available to [third-parties] by the sharer. This case is about streaming. If you watch a stream, you don't make available the content to [third-parties]—so the main argument in file sharing-cases is missing now. The infringement could be an illegal reproduction, but you don't get a classical reproduction, but usually a temporary one, which is transient and incidental of the technical process, which could be privileged by Section 44a of the German Copyright Law.”

Editor's note: Ars would like to thank Tyler Luiten for his extensive German translation help.