Anti-piracy group warns about malware-riddled sites – fair, or scaremongering?

Piracy image courtesy of ShutterstockA UK body battling online media piracy has released a rather stark warning about “bogus content” on sites providing access to pirated films and TV shows, claiming that 97% of such sites feature either malware or scams, and 3 out of 4 people who use these dodgy services subsequently suffer “problems with their device”.

The report has been described by observers as “biased”, “misleading” and “scaremongering through carefully chosen statistics”, but its findings have been promoted by the police-backed Action Fraud website.

According to the research, all but 1 of 30 sites investigated served malware, potentially unwanted software or some form of credit card fraud.

A parallel survey found that 39% of people who had visited copyright-infringing sites, intentionally or otherwise, were annoyed by pop-up advertising, somewhere between 28% and 32% were hit by malware, while 1 in 5 “lost personal data or had personal information stolen”.

The study was published by the Industry Trust, a body which describes itself as “the UK film, TV and video industry’s consumer education body, promoting the value of copyright and creativity”, run by a small team but supported by a raft of big-name media studios, cinema operators and retailers, including Amazon, MGM, Sony, Universal, Paramount, Odeon, Sky and BBC Worldwide.

The investigation was carried out by anti-piracy consultancy firm Intelligent Content Protection, which for some reason prefers to use the short form Incopro.

Their research apparently involved detailed analysis of the 30 copyright-infringing sites most visited by UK internet users. Exactly which sites were looked at is not made clear, but the report claims they were selected using data from Amazon-owned Alexa, whose own toolbar has not been free of controversy in the past thanks to its data-slurping nature.

It seems rather surprising that Alexa can so accurately identify sites carrying copyright-breaching content, and hopefully this valuable insight is shared with police and other copyright enforcers as well as media consultancies like Incopro.

The lack of disclosure of which sites were involved leaves open a number of questions, as just about any site that hosts user-provided content, i.e. most of the web, is likely to have the occasional problem with copyright.

Major sites like YouTube and Wikipedia frequently have to remove inappropriate content, but it seems unlikely they were among the selection looked at for this study.

The details of the dangers found are also rather hazy. The terms “malware”, “virus”, “rootkit” and “credit card fraud” are repeatedly used with little consistency and no firm description of what is meant by them.

This is particularly problematic in the survey data, which implies that those surveyed were asked separately if they had been hit by viruses and by malware, terms often confused.

Malware is generally used as a catch-all term covering all forms of malicious software, including true viruses, but some people use “virus” to describe any kind of genuinely malicious or dangerous software including trojans and worms, while others limit the application of “malware” to the less dangerous set of items such as aggressive adware and other potentially unwanted applications (PUAs).

Using such overlapping and commonly-confused terms undefined in a survey, and not verifying how respondents understand and use them, renders the response data pretty much meaningless.

According to Incopro, the “most popular type of malware” found on 10 of the selected 30 sites is something which “installs pop-up ads” – without more detail, this could be no more than popups displayed by a website, or in-app advertising, which is to be found just about anywhere.

Free digital content lives by advertising, and many sites enforce little control on the aggressiveness of the adverts they serve, often via third-party ad services.

Criticism is also levelled at deceptive buttons disguised as download or “play” functions but which actually lead to unwanted content, something which most web users will be well used to.

These tricks are a common feature of free software sites, which monetize the services they offer by allowing sponsored “foistware” to dominate pages ostensibly devoted to other applications.

It should be little surprise that sites providing illicit access to copyrighted media material would also be supported by such techniques.

No-one really likes foistware, any more than we enjoy having pushy ads shoved in our faces while trying to enjoy the web, but most of us have come to accept them as the price we pay for not paying anything for our content.

Copyright infringement may feel like an extension of the free-for-all nature of the internet, but it’s well within the rights of those trying to make a living from film and TV to try to protect their income. However, this sort of ill-thought-through campaign is not going make the anti-piracy lobby any friends.

As one expert quoted by the BBC puts it:

This is a clear extension of the long-running Fact [Federation Against Copyright Theft] strategy of portraying illegal copyrighted content as dangerous, after the ability to portray it as poor quality was finally dropped as untenable.

Hyping malware danger to promote a cause is not an uncommon sight, and it has more serious side-effects than merely annoying people.

Misleading and unfounded warnings dilute the efficacy of attempts to alert people to real dangers, encouraging the already under-informed and under-protected general population of the internet to treat the risk of malware as no more than a scare tactic used by vested interests to control and confine their online freedoms.

People need to appreciate the risks they take whatever they’re doing online, but warnings need to be accurate, helpful and backed up by clear and detailed evidence. This is not the way to do it.

Image of piracy courtesy of Shutterstock.