Reports emerged that Piracy Shield, the anti-piracy platform deployed by Italy’s Communications Guarantee Authority (AGCOM) has itself been pirated.
An unknown individual registered himself under an alias as a GitHub user and published the source code, data model, API, test suites and documentation for Italy’s Piracy Shield there. Some of the directories on GitHub were time-stamped as early as March 20.
“Piracy Shield … is not only an Italian-based attempt to combat online piracy, but it is also a dangerous door to censorship. Its indiscriminate blocking of legitimate websites and IP addresses constitutes an immense danger, paving the way for uncontrolled censorship under the pretext of copyright law enforcement,” said the user.
Italy’s Anti Piracy Act requires piracy complaints to be reported to AGCOM within five days of being detected. In turn, AGCOM requires ISPs to respond to blocking requests within 30 minutes of being notified by AGCOM.
Further reading
Piracy Shield: Online Source Code and Documentation. Article. By Luca Colantuoni. March 27, 2024. Puntoinformatico.
Why it matters
Agree with this action or not, the leaker has a point. Process seems to be poorly thought out and self-defeating. One ISP left the Italian market because of indiscriminate blocking by the platform.
Puntoinformatico also reported on March 28 that Europe’s largest ISP, OVHcloud, sold an IP address that had apparently been reported to AGCOM and blocked by Piracy Shield; not knowing of the block. The buyer of the IP address from OVHcloud put it into service and only found out later that it had been blocked by Piracy Shield when the server was reported unreachable from Italy.