Italy’s Piracy Shield Moving From Digital Farce To National Tragedy
from the when-precious-copyright-is-more-important-than-literally-anything-else dept
Walled Culture has been following the sorry saga of Italy’s automated blocking system Piracy Shield for a year now. Blocklists are drawn up by copyright companies, without any review, or the possibility of any objections, and those blocks must be enforced within 30 minutes. Needless to say, such a ham-fisted and biased approach to copyright infringement is already producing some horrendous blunders.
For example, back in March, Walled Culture reported that one of Cloudflare’s Internet addresses had been blocked by Piracy Shield. There were over 40 million domains associated with the blocked address – which shows how this crude approach can cause significant collateral damage to millions of sites not involved in any alleged copyright infringement.
Every new system has teething troubles, although not normally on this scale. But any hope that Italy’s national telecoms regulator, Autorità per le Garanzie nelle Comunicazioni (Authority for Communications Guarantees, AGCOM), the body running Piracy Shield, would have learned from the Cloudflare fiasco in order to stop it happening again was dispelled by what took place in October. TorrentFreak explains:
After blocking Cloudflare to prevent IPTV piracy just a few months ago, on Saturday the rightsholders behind Piracy Shield ordered Italy’s ISPs to block Google Drive. The subsequent nationwide blackout, affecting millions of Italians, wasn’t just a hapless IP address blunder. This was the reckless blocking of a Google.com subdomain that many 10-year-olds could identify as being important. Reckless people and internet infrastructure, what could possibly go wrong next?
The following day, there was a public discussion online involving the current and former AGCOM Commissioners, as well as various experts in relevant areas. The current AGCOM Commissioner Capitanio showed no sense of remorse for what happened. According to TorrentFreak’s report on the discussion:
Capitanio’s own focus on blocking to protect football was absolute. There was no concern expressed towards Google or the millions of users affected by the extended blackout, only defense of the Piracy Shield system.
Moreover:
AGCOM’s chief then went on to complain about Google’s refusal to delete Android apps already installed on users devices and other measures AGCOM regularly demands, none of which are required by law.
It seems that Capitanio regards even the current, one-sided and extreme Piracy Shield as too weak, and was trying to persuade Google to go even further than the law required – a typical copyright maximalist attitude. But worse was to come. Another participant in the discussion, former member of the Italian parliament, IT expert, and founder of Rialto Venture Capital, Stefano Quintarelli, pointed out a deeply worrying possibility:
the inherent insecurity of the Piracy Shield platform introduces a “huge systemic vulnerability” that eclipses the fight against piracy. Italy now has a system in place designed to dramatically disrupt internet communications and since no system is entirely secure, what happens if a bad actor somehow gains control?
Quintarelli says that if the Piracy Shield platform were to be infiltrated and maliciously exploited, essential services like hospitals, transportation systems, government functions, and critical infrastructure would be exposed to catastrophic blocking.
In other words, by placing the sanctity of copyright above all else, the Piracy Shield system could be turned against any aspect of Italian society with just a few keyboard commands. A malicious actor that managed to gain access to a system that has twice demonstrated a complete lack of even the most basic controls and checks could wreak havoc on computers and networks throughout Italy in a few seconds. Moreover, the damage could easily go well beyond the inconvenience of millions of people being blocked from accessing their files on Google Drive. A skilled intruder could carry out widespread sabotage of vital services and infrastructure that would cost billions of euros to rectify, and could even lead to the loss of lives.
No wonder, then, that an AGCOM board member, Elisa Giomi, has gone public with her concerns about the system. Giomi’s detailed rundown of Piracy Shield’s long-standing problems was posted in Italian on LinkedIn; TorrentFreak has a translation, and summarises the current situation as follows:
Despite a series of failures concerning Italy’s IPTV blocking platform Piracy Shield and the revelation that the ‘free’ platform will cost €2m per year, telecoms regulator AGCOM insists that all is going to plan. After breaking ranks, AGCOM board member Elisa Giomi called for the suspension of Piracy Shield while decrying its toll on public resources. When she was warned for her criticism, coupled with a threat of financial implications, Giomi came out fighting.
It’s clear that the Piracy Shield tragedy is far from over. It’s good to see courageous figures like Giomi joining the chorus of disapproval.
Follow me @glynmoody on Mastodon and on Bluesky. Originally posted to Walled Culture.
Filed Under: agcom, blocking, censorship, copyright, elisa giomi, italy, piracy shield
Companies: cloudflare
Comments on “Italy’s Piracy Shield Moving From Digital Farce To National Tragedy”
MPAA and RIAA:
We are scared
Hi! I’m Italian and I’m scared to this kind of “Great Wall”. I’m not a technician but I’m working on the net from several years and never seen something like this. I have some projects and a site (a blog to learn about privacy and free tools to get help in this) I’m writing against Piracy Shield and try to get my readers beware of possible consequences. Here is a bad time and Piracy Shield System seems to become more dangerous every day.
I’m hoping that Cloudflare can downsize these gentlemen and teach some IT and how the Internet works. I hope that the Milan ruling can become a boomerang for Agcom and the whole system
Re: Government incompetence
Here in Italy, the saving grace of this is that the Italian government’s IT efforts are almost always inept. The Great Wall is something to just be routed around by Italians. Just like the ban on Chad GPT early on, these things so little but make the government look incompetent and impotent.
Re: Re:
You know, this the way I consoled myself whenever people in charge of my country passed another tyrannical law regarding the internet. It worked until it didn’t.
For reference, my country is Russia.
Forget infiltration. There’s some copyright maximalist calculating the potential quarterly profits that could be generated by holding these essential services hostage.
Re:
I’m guessing if somebody blocks AGCOM the whole internet in Italy will come tumbling down!
Who could’ve guessed a big, clunky ban-all web-blocker would’ve been a bad idea?
Not the people supposed to actually know what they’re doing, apparently.
Greed always wins.
Re:
Untill it doesn’t.
Tragedy. I don’t think that word means what you think it means.
Sure, it’s a bad thing. I just think it doesn’t rise to the level of a tragedy.
Re:
Give it time.
You do not interfere with online infrastructure without consequences. Actually, the fact that schools and businesses in Italy have already been fucked over due to “guilt by associated IP address” is a significant problem.
This is going to reach levels of FAFO like when Canada wasn’t allowed to post news about wildfires on Facebook because Facebook wouldn’t let that news be disseminated, or when a fire station in the US got its Internet connection terminated despite their ISP insisting that it would be live during emergencies (it wasn’t).
At the rate that Piracy Shield is going, it’s a matter of when, not if, that lives get lost in the name of copyright enforcement.
It’s worse than that. The attacker doesn’t need to compromise the system directly.
They just need to look like they are sending additions to the block list from any of the copyright companies who can add to it. Compromising any of their systems would work. How many of them went with the cheap option on their own internal security ?
I’d need to know more about how they communicate with the block system to know if someone can appear to be an authorised user.
“When she was warned for her criticism, coupled with a threat of financial implications, Giomi came out fighting.”
I don’t know, what does it say about a system when you are threatened with a fine just for publicly stating you think it isn’t good?
what happens if a bad actor somehow gains control?
lol too late, it was designed for bad actors.
I initially misread that as “Privacy shield” rather than “Piracy shield” and went “Huh. That actually sounds useful…. Oh…. Wait.”