Euro IP study finds 25 Tor-and-Bitcoin-loving pirate business models
In colossal surprise, criminals revealed as rather fond of anonymity technologies
Knock us over with a feather: a study by the European Union Intellectual Property Office (EUIPO) has found that those who infringe intellectual property for a living are quite fond of anonymity technologies that cover their tracks.
The Office last week emitted a Deloitte-penned study titled Research on Online Business Models Infringing Intellectual Property Rights (PDF), the first effort in a research project aimed at figuring out just who pirates what and why.
The study aims “to provide an overview of the different infringing business models, assessing how they function, how they are financed, how they generate profits for their operators, what kinds of content they disseminate and how large their user bases are.” It's hoped that policy-makers can arm themselves with this information and respond accordingly.
The study identified 25 different business models for IP abuse, characterised as follows:
- Five business models where IPR is misused in the domain name (or other digital identifier) in marketing practices on the open Internet: cybersquatting, domain name parking, affiliate marketing and marketing of products either related or unrelated to the misused IPR.
- Five business models where IPR is not misused in the domain name (or other digital identifier) in marketing practices on the open Internet: marketing of pharmaceuticals, applied arts replica and virtual items and marketing on third party commercial platforms or social media.
- Five business models existing on the hidden part of the Internet, Darknet: trading of user accounts, computer software source code, complete databases, weapons and storage devices as well as an online e-book library.
- Five business models with the aim of conducting phishing, dissemination of malware or traditional fraud: spoofing, phishing e-mails, ransomware mobile apps, malware dissemination from websites making unauthorised trademark use and fraudulent misuse of the name of a national IP office.
- Five business models sharing digital content on the open Internet: linking, torrent, streaming and cyberlocker sites and a site contributing to video streaming.
EUIPO Executive Director António Campinos writes, in his foreword, that the “shadow landscape” responsible for IP abuse “more and more relies on new encrypted technologies like the TOR browser and the bitcoin virtual currency, which are employed by infringers of IPR to generate income and hide the proceeds of crime from the authorities.”
But the study also notes that, like any business trying to find customers, IP abusers have to market themselves in plain view of customers. This means web ads and social media are often employed, albeit with all sorts of obfuscation and deception in place once victims click through.
The overall tone of the study is therefore grim: anonymity technologies mean it's getting easier for crims to do things like hijack domains and harder for law enforcement authorities to find perps because the smart ones hide their tracks and refuse to use real money or easily-identifiable bank accounts.
Thanks for the insights, EUIPO, and for just about proving the Brexiteers argument that EU tentacles are excellent at pointing out the bleeding obvious.
A promised Phase 2 study will offer “a more quantitative oriented phase where specific business strategies can be researched in more detail.” ®
Sponsored: Becoming a Pragmatic Security Leader