In December 2019, the U.S. Department of Justice reported that two residents of Las Vegas, Nevada, had pleaded guilty to multiple criminal copyright charges related to the running of two video streaming piracy sites - iStreamItAll and Jetflicks.
Both sites were taken down earlier in 2019.
iStreamItAll was an online, subscription-based service that offered more than 118,479 different TV episodes and 10,980 individual movies. The piracy site had more content than Netflix, Hulu, Vudu and Amazon Prime. iStreamItAll used various automated computer scripts that constantly scoured global pirate sites for new illegal content to download, process, and store these works and then make the video available via servers in Canada. A site called Jetflix (rhymes with Netflix) ran a similar operation.
Steven Hawley, a contributing analyst with Parks Associates and Managing Director of Piracy Monitor, said, “Piracy is one thing people don’t want to admit happens. It’s perceived as a vulnerability.” But he said service providers and OTT platforms are “very focused on piracy.” Hawley’s statistical models peg piracy losses at 10% to 15% of streaming revenues. Parks Associates just came out with a new report that finds that the value of pirate video services accessed by pay TV and non-pay TV consumers will exceed $67 billion worldwide by 2023.
The vendor Synamedia does video streaming piracy detection, and it says piracy comes in an assortment of flavors.
Orly Amsalem, a Synamedia product manager focused on video security, said there are pirates who steal video streams from providers. They might legitimately subscribe to the service themselves. But then they use equipment to copy the stream and redistribute it on their closed networks. Or, like Jetflix and iStreamItAll, they might use software to find pirated video.
Pirates can make money from subscriptions or from advertising.
Some of the closed pirate networks are quite sophisticated. The pirates have set up a business that looks a lot like a legitimate streaming platform. “They are using their own CDNs and their own services; they have billing systems; they are aggregating a large number of channels; you have to fill out an application; sometimes you need to buy a device,” said Amsalem. “In some regions they look so real — they have customer service, call centers. Sometimes users are not aware.”
Other pirates offer their illegal content on the open web. “It’s usually an index that will take you where you want,” said Amsalem. “Or it can be a direct stream. Their revenue model is not subscribers but advertising. It’s not the types of ads you want to watch.”
Finally, there’s the ever-popular credential sharing. In the past when video streaming was newer, some of the legitimate platforms actually benefitted from credential sharing because it helped spread the word about their service. But now that everyone is fully aware of Netflix, Amazon Prime and the like, these platforms are less tolerant of credential sharing.
In their most recent quarterly investor calls, executives with both Netflix and Charter made reference to password sharing and piracy. “I guarantee they are taking it seriously,” said Hawley.
Often, when streaming services identify subscribers that are sharing their credentials they’ll take a soft approach. The streaming platforms will contact the sharers and ask if they want to “upgrade to a family plan,” for instance.
Although the popularity of streaming video services keeps rising, consumers don’t want to pay for subscriptions to multiple services. Limelight's most recent State of Online Video Report indicates that the American viewer subscribes to an average of 1.7 services. Price is the main reason consumers around the globe cancel SVOD services. The availability of interesting content is the second reason.
Consumers are tempted to share their credentials as a way to avoid more subscription costs. The assumption is that those sharing are probably millennials. But Amsalem said there are significant numbers of older people who also share their credentials. “They have money, they have jobs, they can pay for those services,” she said.
Some credential sharing is more nefarious than just sharing log-in information with a child who’s away at college. Industrial fraud sharing is a form of credential sharing that usually starts with a data breach in a completely different industry where hackers steal credentials of individuals and sell them on the dark web. Video pirates will buy these stolen lists of credentials and then test them against lists of subscribers to a video service, using software tools to generate a list of working credentials for a particular video service. This is made easier for the pirates because so many people use their same user names and passwords repeatedly.
Companies such as Synamedia have a variety of techniques for fighting the different forms of video piracy.
“It’s about understanding the ecosystem, the threat actors, the marketplace, and the tools that are targeting,” said Amsalem. “We monitor the ecosystem and combine with analytics.”
After piracy has been identified, Synamedia has methods to disrupt the pirate. For instance, it could shut down specific boxes that are redistributing content, or it could surprise end users by replacing pirated content with something else. Sometimes the information that Synamedia provides prompts its business customers to seek legal remedies against the pirates.