To the downloaders out there who got free copies of The Avengers, Game of Thrones, and Rihanna songs, you’re welcome.

It was supposed to be informative. It was supposed to show you how to defend yourself if you were flagged by the Copyright Alert System (CAS), the new anti-piracy regime launched earlier this year by U.S. Internet service providers and major content companies.

In a study started in late February and shared with the Daily Dot, users attempted to get caught using the peer-to-peer filesharing program BitTorrent in a common, but illegal way. That means downloading torrents of popular movies, shows, and albums, and uploading them, piece by piece, for other users.

But damn if that thing isn’t hard to trigger.

The CAS, started in February, is supposed to flag U.S. Internet users who share popular movies and music on programs like BitTorrent, then give them a slap on the wrist. Then, if they do it four more times, they’ll get a more severe punishment. Violators could have their browsers locked or their connections slowed, depending on which Internet provider they use.

People have serious concerns about how fair the system will be, its own advisory board says it has major trust issues, and one question has loomed large over the program’s deployment: What happens if it flags me? How do I fight back?

So the study tried to get the attention of the CAS in the most obvious way possible: By sharing files over a standard residential account with Verizon, one of the program’s five participating Internet providers. (The others are Time Warner, Comcast, AT&T, and Cablevision.)

The first step was to download BitTorrent, the go-to file sharing method for media pirates. The study obtained torrent files the way many people do: By visiting the Pirate Bay, the world’s largest torrent site, and picking some popular, recent content. That included the season 3 premiere of HBO’s Game of Thrones, the most-pirated TV episode of all time. It also included songs by Rihanna, because for some reason her music frequently triggers similar systems in France and New Zealand, and The Avengers, which a redditor reported his girlfriend’s little brother had been sharing when he received a CAS warning.

Here’s the nitty-gritty of how the system is supposed to work: A CAS partner that holds a copyright (say, Walt Disney Studios Motion Pictures) wants to cut down on the number of people pirating one of its movies (say, The Avengers). Disney Studios will download a torrent of that file, and watch it all the way through to make sure it’s really The Avengers. If it is, a Disney employee will have the CAS download the file from a peer-to-peer filesharing program like BitTorrent.

It hinges on a simple fact about BitTorrent: If you’re uploading a file without masking your Internet protocol (IP) address, your IP will be visible to whoever’s downloading from you—including the CAS’s MarkMonitor software. The CAS matches the IP addresses of uploaders against those of customers who use one of the five participating ISPs—say, Verizon—and then Verizon sends them a warning. Yes, that means that if you can mask your IP address, the CAS shouldn’t be able to flag you.

But, as the goal of the study was to get caught red-handed by the CAS, the investigative team made no attempt to disguise its IP address, and no attempt to block connections from IPs that might belong to MarkMonitor or other copyright tracking services.

After downloading all that content, then came the waiting game. They let all those files seed—upload to other users—each night. Any day, perhaps, there’d be an email sent to that Verizon account, saying the CAS noticed the pirated content, and please stop. If an alert comes, it costs $35 to contest it with the American Arbitration Association, which is refunded if the user wins.

And how does one do that? Officially, the CAS has said that whoever pays for the Internet connection is liable for any copyright infringement on that account. But in a memo to its customers, Comcast has indicated that “I don’t know who did it, but it wasn’t me!” is a valid defense.

But after three weeks of providing free entertainment to downloaders all over the world, Verizon never came knocking. So all we can say with certainty about the system is that it isn’t unfailingly flagging infringers.

The results of this study do not prove, by any means, that the CAS isn’t working. It just didn’t work in this instance, in a limited test of just one of the five participating ISPs.

A Verizon executive told the Daily Dot they’re increasingly flagging more and more users. The people who run the CAS have said they will eventually provide comprehensive numbers to the public—but they’re not talking now. So maybe in the future, someone will try this again, and we’ll get a better sense of the system.

Until then, whoever you are: Enjoy your Game of Thrones. It’s good, isn’t it?

Disclaimer: The analyses performed in connection with this article were done for non-commercial, newsgathering purposes. The files downloaded and used for the analyses were existing torrents and were used only for non-commercial, testing purposes. As a content creator and intellectual property owner itself, The Daily Dot does not condone or endorse piracy, and respects the intellectual property rights of others.

Correction: A previous version of this story claimed the study was conducted in February. It was actually started in February, after the implementation of the CAS was announced.

Illustration by Jason Reed, Photo by madaboutshanghai/Flickr