“No logs” VPN provider TorGuard has reached a legal settlement this month with over two dozen movie studios that sued the company for encouraging piracy and copyright infringement.
In the settlement, TorGuard has agreed to block BitTorrent traffic for its users.
The same set of plaintiffs had earlier demanded $10 million in “damages” from another log-less VPN provider, LiquidVPN.
According to court documents obtained by BleepingComputer, both the film studios and VPNetworks, LLC d.b.a. TorGuard, have now agreed to reach a settlement in which the VPN provider will block torrents on its network.
TorGuard will “use commercially reasonable efforts to block BitTorrent traffic on its servers in the United States using firewall technology,” reveal the documents:
TorGuard blames host for ignoring over 100,000 piracy notices
Since June 2012, TorGuard had been leasing servers and IP addresses from hosting provider QuadraNet, until late 2021 when the VPN provider notified QuadraNet that it was terminating the service.
Some of these servers were used by TorGuard to offer SOCKS5 proxy services to its customers.
TorGuard’s Knowedgebase (KB) had detailed instructions on how its proxy servers could be configured by customers to work with existing BitTorrent clients:
Note, unlike with VPNs, traffic routed through SOCKS5 proxy servers is by default unencrypted, making it possible for intermediary hosting providers to gain visibility into the network flows, should they choose to.
Records produced by the film studios show that 97,640 copyright infringement notices were sent to QuadraNet confirming instances of piracy at the SOCKS5 IPs assigned to TorGuard.
An additional, 47,219 notices confirmed piracy associated with other TorGuard IP addresses, through November 2021.
Plaintiffs’ attorneys shared an Excel spreadsheet with TorGuard showing 250,000 “hit dates of confirmed infringement.” Of these records, about 40% of copyright infringement instances were associated with one SOCKS5 IP address alone that had been provisioned to TorGuard.
“Because traffic on TorGuard’s SOCKS5 proxy servers is not encrypted,… QuadraNet could have used conventional network monitoring tools to capture data packets of the piracy and confirm the piracy in the notices plaintiffs sent to QuadraNet,” argue the plaintiffs’ lawyers.
The film studios further argue that network monitoring technologies like deep packet inspection could have been used to respond to piracy notices and block infringing flows.
TorGuard has blamed the mishap on its hosting provider, QuadraNet for failing to timely forward copyright violation notices to TorGuard’s registered DMCA agent.
“TorGuard values intellectual property rights of others, as stated in TorGuard’s publicly posted policies. Had QuadraNet sent these notices to our DMCA agent, TorGuard’s ordinary business practices would have been to immediately take steps to stop further piracy.”
When TorGuard notified QuadraNet that it was terminating its relationship with the hosting provider, “Quadranet tried to persuade TorGuard to continue service by offering different terms,” state the court documents.
It is a common practice in the hosting industry for a provider to “null route” a subscriber’s IP address, effectively terminating a network connection, where it has received multiple notices of copyright infringement associated with an IP address.
“If QuadraNet had null routed one of the IP addresses assigned to TorGuard where plaintiffs sent notices or at least forwarded the notices to TorGuard’s DMCA agent, TorGuard would have taken immediate steps to stop further piracy such as suspending users and adopting a firewall to filter out BitTorrent traffic as it has now begun to do,” explains the VPN provider.
In September 2021, the same group of film studios had sued QuadraNet for not null-routing infringing VPN IPs. Luckily though, the plaintiff’s earlier complaint centered around VPN (encrypted) traffic and made no mention of SOCKS5 proxies.
As such, the court had to dismiss the lawsuit and side with QuadraNet who claimed it had no visibility into encrypted VPN traffic and “was never aware of the end users’ online activity” on its servers.