this post was submitted on 10 Dec 2024
739 points (97.8% liked)

Games

32947 readers
935 users here now

Welcome to the largest gaming community on Lemmy! Discussion for all kinds of games. Video games, tabletop games, card games etc.

Weekly Threads:

What Are You Playing?

The Weekly Discussion Topic

Rules:

  1. Submissions have to be related to games

  2. No bigotry or harassment, be civil

  3. No excessive self-promotion

  4. Stay on-topic; no memes, funny videos, giveaways, reposts, or low-effort posts

  5. Mark Spoilers and NSFW

  6. No linking to piracy

More information about the community rules can be found here.

founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 36 points 1 week ago* (last edited 1 week ago) (1 children)

Why ask the registrar to take down a subdomain of a website?

Those subdomains are not managed or controlled by the registrar, so all the registrar can do is either take down the entire domain or ask their client to take down the subdomain. In this case they asked their client, who took down the subdomain, after which the registrar took down the domain anyhow :D

For a single isolated offence, Brandshield's first action should have been to report the copyright infringement to itch.io and ask for a takedown of that content, instead they went directly to the registrar and falsely claimed that itch.io was a fraud & phishing site. I suspect that they falsely claim that it's about phishing and fraud, because otherwise registrars will not take down the site unless there is systematic copyright infringement (like a torrent site). And I suspect that brandshield goes directly to the registrar with their complaint, since that is easier to automate than finding the right contact info on a website.

So my take is that: The registrar was in the wrong for taking down the domain after itch.io removed the problematic subdomain. Brandshield is scum. And Funko is in the wrong for using brandshield.

No real need for further answers from itch.io, nothing new has come to light.

Edit: while under the shower I realized that Brandshield's posts do contain some kind of news: Brandshield does not deny having used fraud & phishing as reason for the takedown request, thereby confirming that they did. Before we just had itch.io's retelling of the events, which might have been a misrepresentation by itch.io or due to a cock-up by the registrar, but because of the lack of denial by brandshield, we now have confirmation that it did happen like itch.io said.

[–] [email protected] 1 points 1 week ago (2 children)

Those subdomains are not managed or controlled by the registrar

I might be getting the terminology wrong, I've not had to work too closely with the specifics of subdomains in my career, lol. But you can definitely have blah.itch.io points to a different IP than itch.io and that's done through DNS. So if they suspected blah.itch.io to be a phishing site imitating Funko's site, it makes sense that they'd report it to the people controlling that.

And yeah, it looks like Itch does use sub domains for user pages instead of URL paths. https://xk.itch.io/ So if some user's page was trying to imitate Funk's site then I could see this line of thought. I'd need to see the page that was supposedly imitating and what it was imitating to really make a judgement call though.

[–] [email protected] 2 points 1 week ago (1 children)

If it had been phishing, then going to the registrar would have been the right call, because you want to take that down asap. But according to itch.io it wasn't, instead it was a a real fansite that was linking to the real website of funko's game (according to itch.io). Something which most media companies allow since it's basically free publicity and goodwill, but if they did want it taken down for copyright reasons, then a DMCA takedown request send to itch.io would have been the correct first action.

In the response statement by Brandshield, Brandshield does not deny having send a takedown request for phishing to the registrar (confirming that they did), nor do they dispute itch.io's statement that it wasn't a phishing site (confirming that they know that it wasn't), instead they only speak about "infringement".

So now we know that Brandshield is knowingly making false accusations that have potentially serious consequences for their victims. And it's not going to be the first time that they've done this, but even this high publicity case will probably not have any legal consequences for brandshield, so it looks like they will continue getting away with it. Unfortunately they're not alone, it often seems like the entire DMCA industry is rotten.

[–] [email protected] 2 points 1 week ago (1 children)

So now we know that Brandshield is knowingly making false accusations that have potentially serious consequences for their victims.

They said their platform is "AI driven" which could very easily imply this was an automated process with no human making a decision. It's still bad, but a different kind of bad than "knowingly" making a decision.

[–] [email protected] 3 points 1 week ago (1 children)

You can't create an automated machine, let it run loose without supervision and then claim to not be responsible for what the machine does.

Maybe just maybe this was the very first instance of their ai malfunctioning (which I don't believe for a second), in which case the correct response of Brandshield would have been to announce that they would temporarily suspend the activities of this particular program & promise to implement improvements so that it would not happen again. Brandshield has done neither of these, which tells me that it's not the first time and also that Brandshield has no intention of preventing it from happening again in the future.

[–] [email protected] 1 points 1 week ago (1 children)

I'm not trying to exonerate them of any blame, I'm just saying "knowingly" implies a human looking at something and making a decision as opposed to a machine making a mistake.

[–] [email protected] 0 points 1 week ago (1 children)

I made an automaton. I set the parameters in such a way that there is a large variability of actions that my automaton can take. My parameters do not pre-empt my automaton from taking certain illegal actions. I set my automaton loose. After some time it turns out that my automaton has taken an illegal action against a specific person. Did I know that my automaton was going to commit a illegal action against that specific person? No, I did not. Did I know that my automaton was sooner or later going to commit certain illegal actions? Yes I did, because those actions are within the parameters of the automaton. I know my automaton is capable of doing illegal actions and given enough incidences there is an absolute certainty that it will do those illegal actions. I do not need to interact with my automaton in any way to know that some of it's actions will be illegal.

[–] [email protected] 0 points 1 week ago (1 children)

I'm not trying to exonerate them of any blame

[–] [email protected] 1 points 1 week ago* (last edited 1 week ago)

And I'm not saying that you are. I tried to show with a parable that they do not need to see their machine's actions to know that some of it's actions are illegal. That's what we were disagreeing on: that they know.

[–] [email protected] 2 points 1 week ago

Registrar is 1API.NET which uses Verisign.

DNS is currently configured to cloudflare (maybe as a result of this fubar scenario?). blah.itch.io would be pointed in DNS not from the TLD registrar in this scenario.

Contacting itch.io directly would be the first step long before going the registrar route as they obviously manage DNS on their end and not the registrar end.