Communications Litigation Today was a Warren News publication.
'Tricks' Server

2 Dish, Sling Lawsuits Allege Violations of DMCA's Anti-Trafficking Rules

Dish Network and Sling TV filed a pair of Digital Millennium Copyright Act (DMCA) complaints Friday, alleging violations of the anti-trafficking provision of the law, plus the Electronic Communications Privacy Act (ECPA).

In U.S. District Court for Arizona in Tucson, the plaintiffs allege (docket 4:24-cv-00288) Moses Anthony Valenzuela, TV Technologies and The Technology & Medical Store trafficked in illicit internet streaming TV services accessed using vSeeBox and Tanggula set-top boxes (STB) through their Usamediabox.com website, the StreamStore2020 on Amazon, Streamgenietv Technology & Medical Store on Walmart’s website, eBay store Thetechstore2020, and at the Mobility Plus Green Valley store in Green Valley, Arizona.

The defendants' website offered the vSeeBox and Tanggula STBs and had links to the boxes that were sold on Amazon, Walmart and eBay stores, alleged the complaint. The defendants sold the services for a one-time cost of $299-$399. The plaintiffs’ investigators bought a Tanggula STB from the defendants for $399 by visiting Usamediabox.com and clicking to a Tanggula box sold through the Walmart store, it said. They tested the STB and confirmed that the services intercepted and transmitted the plaintiffs’ channels “without authorization,” it said.

Subscribers must present a valid digital authentication key and license request to Sling’s Widevine digital rights management (DRM) server to obtain the channel decryption key required to unlock a channel, said the complaint. The decryption key isn’t exposed to the subscriber but is secured in the content decryption module of the subscriber’s Widevine-supported device, it said. The Widevine DRM also protects against copying of Dish and Sling channels by requiring that the encrypted audio-visual segments that make up a channel are unlocked using the channel decryption key; only subscribers can view the channel and can’t retransmit it, the complaint said.

But a specially developed computer program that emulates the behavior of a reverse-engineered hardware device “tricks Sling’s Widevine DRM server to grant access and provide a channel decryption key” by making the server believe the request originated from a Widevine-supported device that would keep the channel decryption key secured, said the complaint. The computer program uses the channel decryption key to unlock the encrypted audiovisual segments that make up the channel and then compiles the segments to form an unencrypted channel that’s capable of being copied and retransmitted, it said. The unencrypted channel can then be uploaded to a server outside the Sling platform “and retransmitted to any number of users” that can receive the channel without buying a subscription from the plaintiffs, it said.

The services defendants offer are able to receive the plaintiffs’ channels because the DRM used to protect the channels from unauthorized access and copying “is being circumvented” as described, alleged the complaint. Additional content provided on defendants’ services are believed to be acquired from other legitimate pay TV providers that use Widevine DRM, it said. The defendants' process of circumvention enables the services to offer “thousands of channels and tens of thousands of on-demand programs at a small fraction of the cost charged by legitimate providers that pay to license their content,” it said.

Dish and Sling notified the defendants of their DMCA and ECPA violations and requested that they cease and desist from “from selling, operating, participating in, or supporting” the services, but the services “have continued to operate,” the complaint said.

The plaintiffs seek a permanent injunction prohibiting the defendants from manufacturing or trafficking in the services, vSeeBox and Tanggula set-top boxes, “or any other technology that’s primarily designed or produced for circumventing any DRM technology or other technological measure that the plaintiffs use to control access to or protect against copying of a copyrighted work.” They also seek awards of actual or statutory damages; punitive damages; attorneys’ fees and costs; and pre- and post-judgment interest.

The second lawsuit, against defendants Manc and principal officer Maulik Shah in U.S. District Court for Northern Illinois in Chicago, alleges they trafficked in set-top boxes and streaming TV services through their websites at Streamingboxusa.com and Bulkboxx.com, plus two stores on Amazon. Stickers on the STB boxes direct users to contact the defendants at WhatsApp numbers for free trial services, the complaint (docket 1:24-cv-04745) said. After the free trials, the defendants charge fees of $10 monthly or $110 per year, said the complaint.

The plaintiffs discovered that their channels are being transmitted without authorization to users who buy STBs from the defendants' stores, alleged the complaint. A technical analysis of corresponding channels on the services confirmed that channels “originated from Plaintiffs,” it said. The defendants also circumvented the Widevine DRM, it alleged.

The plaintiffs seek a permanent injunction barring the defendants from manufacturing and trafficking in STBs, services or any other technologies that are used to control access to or protect against copying of a copyrighted work, it said. They request an award of actual or statutory damages; attorneys’ fees and costs; and pre- and post-judgment interest.