Why Don’t VPN Providers Get Caught Out By User’s Activities?

While there is a lot of legitimate reasons to use a VPN, they also have illegal uses – like piracy and hacking.

VPNs help to hide your identity online. They hide your IP address so that people on the other end don’t know where you’re really connection from and also encrypt your data, so that anyone listening or snooping on your connection won’t know what your doing.

The one person or company that does know your true IP address though, is your VPN provider.

The question is: if someone is doing illegal things like downloading movie torrents using a VPN, then how come the VPN providers, who are facilitating this, don’t get into trouble?

The primary reason is that VPN providers fall under the DMCA “safe harbor” rules, so provided that they have a DMCA process process properly setup and functioning, they should be fine. We won’t go into the DMCA in this article, but a quick Google search should explain everything to you.

It’s also important that VPN providers work with data centers that understand the DMCA process and won’t kill their connections whenever a notice is received. See most VPN providers rent servers and internet capacity in data centers across the world. Data centers are usually massive specially made buildings that look like warehouses. However instead of stock inside they have rows and rows of computer servers, all hooked up to a VERY fast internet connection.

Data centers are where generally all of the world’s websites are hosted, along with other internet connected services like the Facebook App on your phone, or WhatsApp.

So if the user of a VPN is doing something illegal and that person’s VPN provider has a proper DMCA process in place, provided they follow the steps it should be OK. Data centers and other parties involved in the provisioning of the VPN service (like the providers domain registrar) might also get notices saying that “X VPN Provider” is doing illegal things. This is why it’s important that those data centers and other related businesses under the DMCA and the protections it affords to the VPN provider.

As long as the VPN provider acts in accordance with the DMCA, then it should be fine.

It’s also important that VPN providers apply some basic scans to try and prevent their VPN users from using some of the more well-known illegal hacking and scanning methods that they might try to employ. This is because while DMCA protects them from a user downloading copyrighted content, it wouldn’t protect them from a user who is using their services to hack a website. So those are the kind of acts that they need to proactively monitor and stop.

While basic hacking methods can be fairly easy for a VPN provider to detect, there are of course some that aren’t. And they are also dealing with what is a fairly sophisticated computer expert, which can make their detection and blocking job harder. That’s one of the obligations of being a VPN provider though – they must be prepared to police their users somehow.

VPNs Can Speed Up Your Internet Connection

If you’ve got slow internet speeds, then a VPN might just be the fix.

Slow internet can of course be due to a number of reasons: poor equipment (like you modem), you being too far from the exchange, too many people trying to use your connection, the state of the websites/services you are trying to use, malware slowing you down, and many, many others.

Slow internet can also be due to your ISP. Your ISP could be doing something called “traffic shaping” or “packet analysis”. This is essentially when they take a look at the data you are transferring over your connection and then adjust the maximum speed or latency of your connection.

For example, if they look at your data and see they you’re doing a lot of torrenting, then they might dial down your internet speed to a crawl, because you’re not meant to be doing that! Or, in peak usage times when everyone is logging into their emails at home after work or just browsing before bed time, if your ISP has limited overall capacity they might decide to dial down the speed of all services except for emails and general web browsing.

It’s in cases like these when a VPN might just help you out. When you use a VPN your connection is encrypted, meaning that even your ISP can’t even see what you are transferring. For example, they won’t know if you are browsing Reddit, doing searches on Google, playing an online video game or torrenting a movie. All they will see is encrypted data going across your connection.

This way, your ISP can’t identify what you’re doing as it can’t do it’s usual packet analysis. And if it can’t do it’s packet analysis then it is less able to shape your traffic, or you might be skipped over. Speed problems solved!

Bear in mind though that this might not work all the time and as we mentioned at the very start of this article, there is a large number of reasons why your internet connection might be going exceptionally slow. It’s also important to note that while a VPN might speed up an unusually slow internet connection, it might slow down a normally functioning connection.

Ensure you check out our VPN reviews to work out which VPN providers might suit you best if you decide to give this a shot.

DRM Supplier Denuvo Suffers Website Leak

Denuvo is an anti-piracy company that become semi-famous last week when Resident Evil 7, a title for which they supplied the copy protection, was cracked by piracy group “CPY” in just five days – a record.

If you thought that was bad though, things have just taken a turn for the worse for Denuvo.

It’s been revealed that for some reason formerly private parts of their website were made open to the public for a short period, and crackers have wasted no time in downloading the contents.

The leak appears to have first been posted on 4chan with the primary piece of data being an email archive. It contained emails sent to Denuvo from as far back as 2014 and includes all sorts of correspondence. For example one angry gamer wrote that their DRM software is “bullshit” and that if implemented in games, those games will lose thousands of potential sales.

Another email was from a would-be pirate who was struggling with their copy protection and actually asking for help:

Hello everyone at Denuvo,i would like like to ask that i have downloaded a window game ( Dragon age Inquisition ) from utorrent and it is not running properly,i asked from internet and my friend said me it is because of denuvo, please solve the issue as soon as possible, the dvd version is not there in my country so it is only option for me.

People involved with some very well-known game titles also appear to be caught in the leak as this email apparently reveals (the emails are from a contact form, so the details of any supposed sender could be used):

My name is Graeme Jennings and I’m the Executive Producer on the Halo Wars brand at 343i (Microsoft). Would be grateful if someone can contact me in regards to Denuvo pricing etc.

This email on the other hand, in which the sender attempts to gain access to the original executables of a video game (ie minus DRM) so that they could pirate it, is highly amusing. We’re assuming that his or her attempt at social engineering didn’t work though…

Hello, I am the developer of ABZU game, thanks to your Anti-tamper system that prevented our game from getting cracked as of now. We have started working on another great game, and we plan to use Denuvo on that game as well. However, in our development process, we have come at a situation that we need our ABZU game’s original executable files since our new game is based on that, could you send us the original executables of our game that we sent to you for implementing Denuvo?

Enquiry emails from employees supposedly at Capcom and Google, among others, also appear in the archive. Additional, larger files, the contents of which is not currently known, have also been discovered.

We’ll post more info, including any responses from the company, as and when we receive it.

Old Emails, Social Media Posts & Files To Receive Additional Protection

The 31 year old Electronic Communications Privacy Act (ECPA) could soon be updated, an event well overdue given the extent to which the electronic communications have changed over its lifetime.

Under the ECPA, as it currently stands, there are there two possible outcomes when determining whether law enforcement agencies require a warrant to search data (such as emails or social media posts) stored on a third parties’ servers or in the cloud:

  1. If the data has been stored for less than 180 days, then a probable cause criminal warrant is required.
  2. If the data has been stored for longer than 180 days then only a subpoena is required. Subpoenas are usually issued by a Court clerk or sometimes even lawyers, and are not something that a Judge needs to approve in advance.

In the evening on Monday February 6, the US House of Representatives unanimously approved the Email Privacy Act (EPA). The Act will amend the ECPA and require that law enforcement agencies get a court ordered warrant to search data that has been stored for more than 180 days, bringing “old” and “new” data into line with one another.

Given Trump’s nominees… the stakes for privacy have never been higher. It’s crucial Congress act on ECPA reform so that Americans can feel safe in their 4th amendment rights.

Robyn Greene, policy counsel at the New America Foundation’s Open Technology Institute

One of the key motivations for the change is due to the fact that the costs of computer storage space have dropped drastically since 1986. At the same time, storage capacity has increased exponentially. This means that while in 1986 service providers were not expected to keep electronic data for extended periods of time (due to the cost) the norm nowadays is for such data to be kept indefinitely.

For example, services such as Dropbox and Gmail allow a large amount of data (a lifetime of emails, for example) to be stored online either at no cost to the user, or for a very low monthly fee. Facebook and Youtube allow users to upload essentially unlimited amounts of high definition video, all of which must be stored on servers somewhere and does not get deleted.

The amount of data and information that members of the public are now making available online, whether by their posts to internet forums like Reddit, via email, or on Facebook or Instagram, has never been greater or more personal. And with that, concerns about who has access to that information and how are paramount.

If the government wants to read your emails, then they should be required to obtain a warrant just like they would need in order to read your letters, search your hard drive or listen in on your phone calls. Technology has made incredible advances over the years, but the privacy laws for digital communications just haven’t kept pace. Right now, the rules governing how and when the government can access a person’s emails, photos, documents and other online communications are outdated and do not provide for the same Fourth Amendment protections given to on-paper or in-person communications.

Representative Darrell Issa (R-Calif.)

Critics of the change, on the other hand, say that it will become tougher for law enforcement agencies to swiftly and efficiently carry out their investigations. However given that this change simply aligns to two types of data (either older than 180 days or not) we think that’s a pretty weak argument.

Ensure you stay tuned to SafeMonk for further updates on the progress of the EPA as it now heads to the Senate.