Amr Allayyan, the owner of a store selling satellite receivers in Amman, was shocked to discover that a lawsuit had been filed against him. Unbeknownst to him, the court sentenced him in absentia to three months imprisonment and imposed a fine of one thousand Jordanian Dinars. The legal action followed a raid conducted by the Copyright Bureau of the Department of the National Library, who, acting in the capacity of judicial police, confiscated his decryption receivers. Allayyan was unaware that possessing these receivers constitutes a violation of intellectual property rights under Jordanian law.
He acquired the devices through a distributor who provided him with a tax invoice for the “Gazal”-branded receivers—a counterfeit decryption brand. He then posted on social media to announce their availability in his store. Allayyan believes his posts are what led the Department of the National Library to discover his possession of illegal devices.
Jordanian stores and markets sell various types of satellite receivers that have been modified to enable decryption. The National Library states that these receivers are a blatant violation of the Copyright Protection Law No. (22) of 1992 and its amendments.
The cost of these receivers in Jordan varies considerably from 14 to 124 Jordanian Dinars. They come bundled with different packages, offering access to world championships, movies and TV series, sports, and children’s shows, with subscription periods ranging from one to ten years.
“IPTV” refers to delivering media content, videos, or live TV broadcasts over the Internet Protocol (IP) network. By creating an account on specific applications for smart TVs or smartphones and entering the device key and ID, users can access encrypted content without needing to purchase a receiver.
An analysis of court rulings between 2016 and 2022 revealed that more than 70 percent of prosecutions were the result of raids targeting stores selling receivers. The verdicts in these cases varied and could result in different outcomes. Some individuals received fines ranging from 100 to 1000 Jordanian Dinars as a penalty. In other cases, imprisonment for three months was imposed, accompanied by the confiscation and destruction of the seized items. However, there were also instances where individuals were exempted from liability altogether
However, these lawsuits have not deterred companies from continuing to sell (decryption) receivers or offering assistance to users facing technical issues with their devices, such problems related to the “MAC address”—the receiver’s serial number which links it to a central server providing the device with (illegal) content.
Such (decryption) devices and (illegal) services contradict the terms and conditions set by beIN Sports. The company’s terms and conditions, consisting of eighteen clauses, guarantee data privacy and protection for several subscription categories, ranging from 159 to 293 USD annually. The subscriptions offer 96 channels, a variety of packages, and online streaming services for popular sports tournaments and entertainment shows.
The authors of this investigation examined the general contract between BeIN Sport and subscribing parties, uncovering clauses specifically related to copyright infringement. The terms stipulate that the subscriber “refrain from assisting any person or entity that performs reverse engineering, code reproduction, decryption, configuration, modification, copying, or distribution; or downloading or attempting to hack or access the service with a fraudulent IP address. Further, it is prohibited to reproduce, loan, rent, lease, sublicense the material or make it available to the public; or to make derivative works, broadcast, commercially exploit, send, or transmit any part of the programs or channels offered as part of the service.”
Subscribers are explicitly instructed to use the service solely for personal purposes and refrain from making it available to the general public or for group viewings. Charging any fees, directly or indirectly, to third parties for viewing or listening access to any of the programs or channels included in the service is also strictly prohibited.
Source: Telecommunications Regulation Commission, Primary Indicators of the Telecommunications Sector in Jordan
Yousef, the owner of a store selling decryption receivers, says that the decryption receivers he acquires from distributors are linked to illegal server rooms. It is estimated that there are around thirty such rooms in Jordan. The rooms violate intellectual property rights and are thus tracked by security services. Therefore, most of them distribute (illegally) decrypted content from outside Jordan to avoid being traced. Through official subscriptions, paid via “Zain Cash” or bank transfers, these servers provide decrypted content codes to thousands of subscribers in multiple countries, including Yousef’s store, granting them access to the unauthorized service.
This process exposes subscribers to potential privacy violations through their devices’ internet connection or routers connected to the receiver, as highlighted by the Jordanian Telecommunications Regulatory Commission (TRC). The level of risk depends on the user adhering to best practices for configuring settings, using strong passwords, employing advanced encryption mechanisms, regularly updating routers and internet-connected devices, and downloading secure applications.
Dr. Imran Salim, an information security consultant and expert, warns that the use of this technology puts ordinary users at risk, as some applications associated with it may contain viruses. Additionally, the IPTV technology itself can harbour harmful viruses or even collect credit card information due to its subscription-based nature. Devices can be compromised, and thus, user information stolen.
As for tracking service providers, Salim explains that hackers use VPNs to hide themselves, making it difficult to detect them. However, subscribers can still be traced through IPTV technology, enabling the authorities to track them easily.
According to the Jordanian Telecommunications Regulatory Commission (TRC), encrypted channels can implement several measures to prevent hackers from pirating their content. These measures include monitoring unauthorized broadcasting of their channels, conducting analyses to identify the addresses used by pirating entities that rebroadcast content, and collaborating with licensed parties to block them, among other measures. The Commission adds that its role is merely a supportive and not a fundamental role, as defined under the law. However, in the future, coordination may be possible with authorized entities to adopt national-level mechanisms based on artificial intelligence to block access to servers rebroadcasting encrypted channels.
On the contrary, Salim believes that licensing the services and enabling user subscriptions could offer a viable solution. According to him, as the encryption strength increases, these services become slower, deterring hackers attempting to decrypt them.
Walid Bshouti, a lawyer specializing in cases related to technology and communications law, argues that the penalties outlined in Article (51) are insufficient. The punishment of imprisonment for three months to a year can be replaced by a fine of two dinars per day in addition to a fine of one thousand Jordanian Dinars.
Bshouti adds that the factories can evade punishment under Articles (51) and (54) while server room owners and distributors are the ones being implicated since their sales revolve around the ability to decrypt content protected under intellectual property rights.
Bshouti suggests imposing more substantial fines under the Consumer Protection Law and initiating multiple lawsuits against distributors, device manufacturers, and violating subscribers.
WIPO Copyright Treaty: Article (11) and Article (12), Item (1):
It is prohibited to import goods that constitute an infringement on any intellectual property rights protected under the relevant legislation, according to the following:
Article (4) of the Consumer Protection Law interprets the obligations related to technological protection measures and copyright under the WIPO Copyright Treaty.
The contracting parties shall provide adequate legal protection and effective penalties against the circumvention of effective technological measures used by authors in exercising their rights under this treaty or the Berne Convention. These measures aim to prevent the use of copyrighted works without authorization from the relevant authors or against the provisions of the law.
The National Library states that most receivers are imported from abroad, with many coming from China. Some receivers are locally manufactured in Jordan, but the Library does not know who their manufacturers are. This aligns with the response from the Jordanian Customs Department, which indicated that some receivers have been made in Jordan.
According to the Library’s response to an access to information request, the devices can be used and imported as regular receivers. Once they enter the Kingdom, they are modified for (illegal) decryption purposes.
One particular company, operating in Jordan for five years, assembles and sells these (illegal) decryption receivers. Company officials explained to ARIJ, on the condition of anonymity, that they import the receiver parts and assemble them in Jordan. They then load pirated content onto the device’s software and activate it with an Internet access code. The company also offers technical support and repair services for any technical problems or malfunctions.
These entities, claiming to be licensed companies, heavily rely on social media platforms for advertising. These advertisements stretch beyond Jordan, as Egyptian retail pages on Facebook also promote and sell (illegal) decryption receivers under various names, including counterfeit brands assembled in Jordan.
Acquiring Chinese receiver components to assemble in Jordan is not challenging, since any entity or individual can purchase them directly from China. This makes controlling the entry of these parts into the country difficult.
“Omar” utilizes his fifteen-plus years of experience in information technology by working on a private IPTV server and selling (illegally) decrypted subscriptions. He does this by sending an M3U link and inputting it into the display screen. The cost of each server is no less than 20,000 Jordanian Dinars (approximately USD 28,000). Omar explains that multiple servers are usually required to serve hundreds of thousands of subscribers.
The Jordanian Telecommunications Regulatory Commission (TRC) explains that the decryption process is carried out by connecting devices using television broadcast and production equipment, which are readily available in local and global markets. These devices convert the content of the channels to an electronic format that can be retransmitted over the Internet to a group of subscribers connected to servers, (and activate their illegal subscriptions that are relatively inexpensive compared to the costs of direct subscriptions to (legitimate) channels.
To evade detection, server operators frequently and intentionally change their IP addresses. The Jordanian Telecommunications Regulatory Commission (TRC) explains that they can track subscriber IP addresses by monitoring the traffic on a specific channel and determining their geographical location.
In computer science, encryption is defined as a computational process that restricts access to specific data unless the proper decryption mechanism is used. By entering the server’s IP address, the Internet can be used to distribute decryption keys to subscribers via (illegal) decryption receivers. Encrypted channels periodically change their decryption keys during content broadcasts to safeguard their content. According to Issa Al-Mahasaneh, the director of the Jordan Open Source Association, this is what causes the intermittent signal interruptions experienced when using counterfeit decryption receivers like Spider, Gazal, and Magic.
In a research paper titled “Why MAC Address Randomization is Not Enough: An Analysis of Wi-Fi Network Discovery Mechanisms,” the authors propose that detecting a device’s real MAC address even when randomized address allocation is employed is possible. This can be done by creating fake hotspots, thereby enticing clients to connect using their actual MAC addresses.
The article also states that the other technique relies on the new 802.11u standard, commonly referred to as Hotspot 2.0. Operating systems such as Linux and Windows send Access Network Query Protocol (ANQP) requests using their real MAC addresses.
Salim also says that the technology used in the decryption receivers is IPTV, which is susceptible to hacking and piracy to allow more than one person to utilize the service. Decrypting the content can be done through various means. Some hackers gain access to internet services through legal subscriptions by cracking encryption codes and re-selling them, enabling multiple users to utilize them.
Despite the efforts of content copyright holders to protect their exclusive rights through technical or legal means, some cafés continue to broadcast sports matches that require commercial subscriptions using decryption receivers. Rights holders have issued written warnings to café owners to cease infringing on their content, but according to Yousef (who works at a café in Amman), this has proven futile. He says, “Not a single café was affected. The café would shut down one device while turning another one on.”
As the 2022 FIFA World Cup in Qatar approached, these “companies” started advertising special offers for decryption receivers, priced at 20 Jordanian Dinars per device, with delivery services available across all provinces of the Kingdom.
Warning picture
The investigation team contacted an employee of one of these companies through WhatsApp, who explained that the devices they sell are entirely Jordanian. When the investigators expressed concerns about violating the law by purchasing the devices, the employee responded, “The devices are fine, we have never experienced such an issue [with the law].” The company also confirmed the possibility of purchasing devices at a cheaper wholesale price, with each device priced at 14 Jordanian Dinars, consistent with the company’s online promotions.
Conversation screenshot
Yousef mentioned that when he worked at a café that broadcast World Cup football matches using illegal decryption receivers, employees from beIN Sports would come to disable the device during the games. However, the café was always ready with backup devices to replace the disabled device.
In Tunisia, beIN Sports Group obtained an urgent court order to combat the piracy of its sports channels, aiming to prevent the theft of major European league match broadcasts and other exclusive international tournaments.
According to BeIN Sports, some “Sigma Conseil” studies indicate that over 80 percent of consumers in Tunisia watch pirated sports and entertainment television content.
The group took similar action in Egypt and announced the closure of nine illegal piracy websites by Egyptian security agencies and the Ministry of Foreign Affairs. Two website operators were arrested, and their internet domains, IT assets, and hardware were seized.
beIN Sports has taken several measures to combat television broadcast piracy in Jordan. Local law enforcement in Jordan has conducted raids on piracy companies and confiscated illegal IPTV broadcasting devices being sold. These actions are part of a series of measures to prevent such companies from profiting off, of copyrighted material.
These devices illegally access or hack into high-quality broadcasts from beIN channels and pose a threat to uninformed consumers. Despite this, dozens of counterfeit brands continue to sell their decryption devices in retail stores in plain sight, with little legal action taken against them.
