Over the past several months, Danish law enforcement authorities effectively shut down the thriving local torrent tracker scene.
It started last fall when DanishBits and NordicBits went offline after their alleged operators were caught.
As we often see, many of the users of these sites quickly found a new home at other trackers. In a matter of days, Asgaard and ShareUniversity saw their member counts skyrocket. However, this didn’t last long. Both sites were swiftly targeted by law enforcement and eventually they folded too.
Rights Alliance was quick to celebrate this success, which was achieved with help from the Government’s SØIK IP-Task Force. It went as far as declaring victory in the war on Danish pirate sites.
Going After Persistent Pirates
However, the users of these sites didn’t simply disappear. Many moved on to other sites, including the private torrent tracker Superbits, which is currently one of the most visited sites in Denmark.
This prompted Rights Alliance to issue a stark warning last month. The group said that it was closely monitoring the situation. With help from local law enforcement, it switched its efforts to criminally prosecuting persistent pirates, even those who hide behind a VPN.
The VPN comment raised a lot of questions. At the time we asked the anti-piracy group for more details, but it was unable to clarify their threat at the time. We were not the only ones asking questions either. Many people doubted Rights Alliance’s claims, which triggered the group to publish an “explainer.”
So what does Rights Alliance claim exactly?
Are VPN Users at Risk?
The explainer notes that with the help from the SØIK’s IP-Task Force, the investigation into persistent pirates is elevated from a civil to a criminal matter. This means that targets risk a prison sentence of up to six years, and it also opens the door to more elaborate investigative tools.
“This penal framework opens up a completely different investigative toolbox for the police in Denmark and in international cooperation, where states provide mutual legal assistance so that electronic evidence of criminal acts can be exchanged,” Rights Alliance explains.
Now that the authorities see piracy as a serious crime, they can use the Budapest Convention on Cybercrime to ask for assistance from foreign countries. These foreign law enforcement agencies can compel local companies to hand over data.
“For example, data from VPN service providers may have been used by users for illegal file sharing. Therefore, the Rights Alliance also looks forward to the identity of the users who have hidden so far being uncovered,” Rights Alliance explains.
No Data to Hand Over
This makes sense, but it doesn’t mean that these VPN companies can help. In the past, there have been several examples of VPN companies that were compelled by courts to hand over information. However, if they don’t keep logs, there’s not much to hand over No IP-address logs at least.
In other words, Rights Alliance is correct that it will be easier to request information from VPN providers. And if VPNs keep extensive logs they may be able to identify users. However, many VPN companies don’t keep logs, so these have little to share.
That said, since it’s a criminal matter, in some jurisdictions VPNs can be compelled to assist law enforcement to monitor certain IP-address activity while the user is connected. With shared IP-addresses that’s not enough to pinpoint a specific user, but in theory, that can be narrowed down. We haven’t seen this before, but perhaps this is what Rights Alliance is referring to.
We assume that Rights Alliance threats are in part meant to scare and deter pirates. That tactic has worked pretty well over the past weeks. However, it doesn’t have a secret tool to unmask VPN users.
VPN Users Can Always Expose Themselves
It is worth stressing that even users of a good VPN can be at risk. When these people use email addresses or other info that can lead back to them, a VPN isn’t going to help much.
In a follow-up, Rights Alliance informed us that they merely refer cases to law enforcement. The group typically shares IP-addresses, profile names, and other relevant information. After that, it’s up to the authorities to obtain further evidence.
Thus far, the anti-piracy group has already referred several persistent pirates to the police this year. Their efforts are targeted at hardcore pirates who continue to share content on torrent sites. This includes SuperBits, which is specifically mentioned in Rights Alliance’s explainer.
Update: Added a section about logging demands.