For years, a mysterious figure has been stealing books before their release. Is it espionage? Revenge? Or a complete waste of time?

From Vulture:

On the morning of March 1, 2017, Catherine Mörk and Linda Altrov Berg were in the offices of Norstedts, a book publisher in Sweden, when they received an unusual email. A colleague in Venice was asking for a top-secret document: the unpublished manuscript of the forth-coming fifth book in Stieg Larsson’s “Millennium” series. The books, which follow hacker detective Lisbeth Salander, have sold more than 100 million copies. David Lagercrantz, another Swedish writer, had taken over the series after Larsson’s death, and his latest — The Man Who Chased His Shadow (later The Girl Who Takes an Eye for an Eye )— was expected to be one of the publishing events of the year.

Norstedts was guarding the series closely. Lagercrantz wrote his first “Millennium” book on a computer with no connection to the internet and delivered the manuscript on paper, at which point Norstedts mailed a single copy to each of the book’s international publishers. With the new title, Norstedts wanted to streamline the process — Lisbeth Salander’s publisher, they figured, should be able to protect itself from hackers and thieves. Mörk and Altrov Berg, who handle foreign rights at Norstedts, consulted with other publishers of blockbuster books. The translators working on one of Dan Brown’s follow-ups to The Da Vinci Code, for instance, were required to work in a basement with security guards clocking trips to the bathroom. Norstedts decided to try sharing the new “Millennium” book via Hushmail, an encrypted-email service, with passwords delivered separately by phone. Everyone would have to sign an NDA.

The unusual email came from Francesca Varotto, the book’s Italian-edition editor, and arrived shortly after Norstedts sent out the manuscript:

Dear Linda and Catherine,

I hope you are well. Could you please re-send me the link to the manuscript of The Man Who Chased His Shadow?

Thank you!



Minutes later, and a few blocks away from Norstedts headquarters in Stockholm, Magdalena Hedlund, the agent representing the book, received a similar email from Varotto. It was strange that Varotto had lost something so valuable, but she and Hedlund were old friends, and the email struck a familiar tone. Plus everyone was scrambling: The book was set for release in 27 countries simultaneously, and the translators had to get started. Hedlund sent her friend the link to the manuscript.

Varotto replied instantly. “I’m sorry M,” she wrote. Varotto said that her password was “disabled/expired.” Could Hedlund send a new one?

Back at Norstedts, Mörk also received an email from Varotto. “Sorry Catherine,” the message read. “Could you please give me the Hushmail code?” Altrov Berg dashed off a separate message to Varotto, asking if everything was okay.

Suddenly, her phone rang. “Why are you sending me this?” Varotto asked. Altrov Berg explained what was happening. Varotto was confused. She hadn’t sent any emails to Norstedts all day.

With Varotto on the phone, the two Norstedts employees scrolled through the messages. The emails looked like ones Varotto would send: The text used the same font, and the signature at the end was styled just like hers. Then, with Varotto still on the line, Mörk got yet another email asking for the password.

They scanned the messages again. Only now did Varotto notice that the signature listed her old job title; she had been promoted two months earlier. The subject line also misspelled the name of her companyFinally, they realized the email address wasn’t hers at all: The domain had been changed from to

Everyone deleted the emails. What other malicious tricks were lurking inside? The IT department at Marsilio Editori began investigating and found that the fraudulent domain had been created the day before through GoDaddy. It was registered to an address in Amsterdam and a Dutch phone number. When an employee tried calling, it went straight to a recording: “Thank you for calling IBM.”

The “Millennium” team was in a panic. The thief didn’t yet have the password, as far as they knew, but was clearly determined to get it. Publishers around the world depend on a best seller like this, and an online leak of the manuscript could derail its release.

But the book’s publication came and went without a hitch. The manuscript never reappeared. What was Fake Francesca Varotto after? Much more than Lisbeth Salander’s best-selling exploits, it turned out. On the same day as the “Millennium” emails, Fake Francesca asked someone else in publishing for an early look at Lot, Bryan Washington’s story collection, as well as a debut novel about an accountant who becomes a fortune teller. Even stranger, the thief had other identities. Later that day, a fake Swedish editor went to the Wylie Agency in London to request a copy of Louise Erdrich’s just-announced novel, and someone pretending to be Peter van der Zwaag, a Dutch editor, asked a colleague in New York for the same fortune-teller book. Fake Peter then introduced his new assistant to request that she be added to a private mailing list filled with confidential publishing information. The assistant followed up with a friendly note: “It’s so busy and overwhelming now with the London Book Fair, isn’t it?” The assistant didn’t exist.

Link to the rest at Vulture and thanks to DM for the tip.

How to Fight E-book Piracy

From Publishers Weekly:

How often do you worry about your paycheck getting stolen? Probably not too often, because we have strong laws that deter and punish theft of money, banking systems in place to protect you and track down the thief, and law enforcement that will step in to help.

But authors don’t have this security when their royalties are siphoned off by e-book pirates. Day after day, authors find stolen copies of their books on multiple platforms and pirate websites, and there is nothing they can do about it. The Digital Millennium Copyright Act (DMCA), the law that regulates copyright liability on the internet, allows authors, publishers, and copyright holders to send takedown notices in response to copyright infringement. Pirate sites, however, whose operations are usually based outside the U.S., ignore the takedown notices, and companies that provide online services in the U.S. (such as web hosting services, search engines, social media sites, and user-generated content sites like YouTube) take down only the e-books posted at the specific URLs listed in a given notice, leaving other pirated copies online and doing little to prevent new ones from being posted, even by the same users. As a result, piracy flourishes unabated, diverting income from authors’ pockets to those of pirates.

. . . .

In July, the Authors Guild organized a lawsuit against a notorious Ukraine-based network of piracy sites called Kiss Library. The named plaintiffs in the suit are 12 Authors Guild members, as well as Amazon Publishing and Penguin Random House, whose generous financial support made the lawsuit possible. Kiss Library, which operates,,, and other websites, illegally sells pirated e-books at very cheap prices. Its sites were designed to look like legitimate online bookstores, complete with elaborate descriptions of how they help authors, while they actually exploit authors by drawing unwary readers away from legitimate, royalty-earning copies. Going into the lawsuit, we were fully aware of the costs and challenges, including the improbability of getting restitution for authors, let alone delivering sturdy consequences for the sites’ operators. Our primary goals were simple: to shut down the criminal enterprise and to raise awareness about the challenges that authors and publishers face in combating rampant online piracy.

Our lawsuit against Kiss Library illustrates the importance of cooperation from third parties in fighting piracy, particularly that of internet service providers (ISPs), payment processing services, and other utilities that pirate sites rely on to operate. An earlier temporary restraining order directed domain registrars to disable Kiss Library’s domains, taking the sites offline, and ordered payment processors Kiss Library used to freeze their assets. Two weeks ago, the court converted the restraining order into a preliminary injunction, allowing our lawyers to obtain and investigate records relating to the individuals involved in operating the site from their ISPs. Additional sites that were distributing pirated comics and cartoons as part of the larger Kiss Library scheme have also been identified and disabled as a result of discovery and the injunction.

Link to the rest at Publishers Weekly

Grisham, Child, Amazon, PRH Headline Lawsuit of KISS Library for Piracy

From Publishers Weekly:

Twelve of the Authors Guild’s biggest names are serving as marquee plaintiffs on a new court action filed Tuesday (July 7) along with Amazon Publishing and Penguin Random House in Seattle at the US District Court for the Western District of Washington. The complaint names Kiss Library as a “book piracy entity” and asks that “its operators be enjoined from illegally copying, distributing, and selling works written or published by the plaintiffs.”

Plaintiffs from the Authors Guild include its president, Doug Preston, and members and board members Lee Child, Sylvia Day, John Grisham, CJ Lyons, Jim Rasenberger, TJ Stiles, RL Stine, Monique Truong, Scott Turow, Nicholas Weinstock, and Stuart Woods.

The problem this legal action is meant to address is easy to find. On Reddit, a user writes, “I found a site called ‘KISS Library’ selling one of my ebooks that I had uploaded to Amazon. However, they are selling it for more than Amazon, and they are selling it in EPUB and PDF. Is this site somehow partnering with Amazon, or is this book piracy? Has anyone heard of this site?”

As that message from a year ago indicates, many authors have heard of the site and have been struggling to deal with what is widely seen by writers as a relentless piracy mill.

In its media messaging today, the Guild writes that KISS Library–doing business as,, and other domain names–”is a pirate online bookstore based in Ukraine.”

The outfit, according to the Guild’s staff, illegally sells pirated ebooks at discounted prices to unsuspecting American consumers. “The defendants dress their sites up to make them look like sophisticated, legitimate sites,” the Guild reports, “intentionally deceiving consumers who are unaware that authors, publishers and legitimate booksellers are being denied their legal share of the sales price.”

Clearly, one of the most interesting elements of this effort at litigation is that Amazon Publishing is working in concert with the United States’ premiere author-advocacy organization, the Guild, and the largest of the Big Five publishers, Penguin Random House. While the retail powerhouse is not always spoken of by many in publishing with fondness, this is a moment in which a common enemy, piracy, has brought together authors, big book business, and the biggest of sales points.

In a statement issued by an Amazon spokesperson to Publishing Perspectives, we read, “Combatting piracy requires collaboration across the industry and Amazon Publishing is glad to join together with Penguin Random House and members of the Authors Guild in this suit against book piracy entity KISS Library.

“We are committed to holding bad actors accountable.”

Link to the rest at Publishing Perspectives

PG says three cheers! Make that 153 cheers!

PG thinks bringing back the days of chaining prisoners in their cells and recruiting rats to run around on the floor is an appropriate punishment for book pirates.

He does draw the line at beheading, however.

Except for repeat offenders.

Authors, Publishers Condemn The ‘National Emergency Library’ As ‘Piracy’

From National Public Radio:

Last week, when the Internet Archive announced its “National Emergency Library,” expanding access to more than a million digitized works, the group explained the move as a goodwill gesture in the time of coronavirus.

With so many brick-and-mortar libraries forced to close their doors, in other words, the group was opening up its lending program: Now, instead of its usual policy of just one digital copy per reader for a 14-day period, many frustrated readers could borrow copies of the same book during the same time — and could do so through the end of June or the end of the global pandemic, whichever came sooner.

But there’s one major issue that several media outlets, including NPR, failed to mention in covering the decision: Many writers and publishers say the website, even before the creation of this National Emergency Library, has been sharing full digital copies of their books without their permission.

“With mean writing incomes of only $20,300 a year prior to the crisis, authors, like others, are now struggling all the more — from cancelled book tours and loss of freelance work, income supplementing jobs, and speaking engagements,” the Authors Guild, a professional group that provides legal assistance to writers, said in a statement released Friday.

“And now they are supposed to swallow this new pill, which robs them of their rights to introduce their books to digital formats as many hundreds of midlist authors do when their books go out of print, and which all but guarantees that author incomes and publisher revenues will decline even further.”

The guild said that last year alone it sent the organization hundreds of takedown notices on behalf of the writers it represents, citing the Digital Millennium Copyright Act. The 1998 law lays a framework for preventing users from creating digital copies of copyrighted material and circulating it without the copyright holder’s permission.

“Acting as a piracy site — of which there already are too many — the Internet Archive tramples on authors’ rights by giving away their books to the world,” the guild added.

The Science Fiction Writers of America has previously objected to the Internet Archive’s “infringement.” And the Association of American Publishers, in a statement of its own Friday, condemned the move as “a cynical play to undermine copyright, and all the scientific, creative, and economic opportunity that it supports.”

Link to the rest at National Public Radio

The OP says that The Internet Archive does seem to respond to DMCA Takedown Notices.

Italian Book and Newspaper Publishers Reveal Scale of Piracy

From Publishing Perspectives:

As Much as 23 Percent of the Market Impacted

Calling for a government intervention, the Association of Italian Publishers (Associazione Italiana Editori, AIE) and the Federation of Italian Newspaper Publishers (Federazione Italiana Editori Giornali, FIEG) have presented results of newly commissioned study on the impact of piracy in the Italian market.

. . . .

“This data reveals the need for the imposition of strong law enforcement and the education of users who are not always fully aware of the effects of their behavior.”

AIE and FIEG are reporting an annual loss of some €528 million (US$585 million) to the books industry and an aggregate of €1.3 billion when news publishing is added in, accounting for as much as 23 percent of the market, exclusive of exports and educational content.

. . . .

Some of the most interesting revelations in the report have to do with who the researchers can identify are the pirati, the pirates.

As is often the case–and a part of what makes combatting the problem so difficult–the culprits are everyday users, many of them unaware of how damaging their fondness for free or cheap content can be.

Some 36 percent of users–more than one in three Italians older than 15, the researchers found–carried out at least one act of piracy with a work of published content in the last year.

  • One in four users are estimated to have downloaded an illegal ebook or audiobook free of charge at least once
  • Seventeen percent of those surveyed said they’ve received at least one ebook from a friend or family member
  • Eight percent said they’d been given at least one photocopied book by a friend or acquaintance
  • Seven percent of respondents said they’d bought at least one photocopied book in the last year

In the university setting, the issue is more dramatic, with some 80 percent of university students committing at least one act of piracy–involving either physical or digital content–in the last year. And 81 percent of professional respondents–including attorneys, notaries, accountants, engineers, and architects–said they’d committed at least on act of piracy in the past year.

Speaking in the morning’s session for the research effort, however, IPSOS president Nando Pagnoncelli said the general public, for the most part is not unaware that piracy is illegal.

Some 84 percent of those older than 15 told researchers this, he said. But 66 percent said that piracy is unlikely to be discovered and punished by authorities, and 39 percent said that they don’t consider piracy to be serious enough to prosecute.

. . . .

And he also made the point, frequently heard now in piracy discussions, that ensuring easy legitimate access to content is important, the “abundance over scarcity” context in which it’s believed that piracy is less attractive because users don’t have to resort to illicit means to attain content they want.

Link to the rest at Publishing Perspectives

Small Claims Copyright ‘CASE Act’ Passes US House of Representatives

From Publishing Perspectives:

The Association of American Publishers (AAP) has released a statement late today (October 22), applauding the US House of Representatives resounding passage of the CASE Act, as it’s known, the Copyright Alternative in Small-Claims Enforcement act.

As Publishing Perspectives readers know, this is the legislation that, in the language of the Copyright Alliance, “creates a voluntary small claims board within the US Copyright Office that will provide copyright owners with an alternative to the expensive process of bringing copyright claims, including infringement and misrepresentation under 512(f), in federal court.

“This new board, called the Copyright Claims Board (CCB), would allow recovery in each case of up to US$30,000 in damages total, with a cap of US$15,000 in statutory damages per work infringed.”

. . . .

In its statement, the AAP cheers the CASE Act on, writing, “Going into the Senate, the CASE Act enjoys an impressive range of support from major organizations on all sides of the political spectrum, including the US Chamber of Commerce, the AFL-CIO, the American Conservative Union, the American Bar Association, among many others.

. . . .

The Washington-based Copyright Alliance—an advocacy nonprofit for the promotion and preservation of the value of copyright—has also issued a statement today, hailing the House’s vote.

In that statement, the alliance’s CEO, Keith Kupferschmid, points out that there have been critics of the CASE Act, notably the Electronic Frontier Foundation, this bill would re-ignite the nationwide problem of copyright trolling, just as the federal courts are beginning to address this abusive practice.”

Link to the rest at Publishing Perspectives

Malware Crosses the Streams

From Copyright Alliance:

Illicit streaming devices make accessing pirated works easy and convenient. But do they also make it easier for hackers to access your devices and sensitive information?

In recent years, a number of companies have entered the streaming device market to allow consumers to access content from their favorite streaming and online services on their home entertainment systems and other devices—think Roku, Amazon’s Fire TV Stick, and Google’s Chromecast. Along with these, a host of third-party set top box manufacturers and app developers have emerged around the Kodi ecosystem. Kodi itself is a noninfringing, open source media player. But because of its openness, it has been used as a platform for pirates, who either develop apps that provide access to infringing content or distribute “fully loaded” set top boxes that come preloaded with illegitimate apps. A recent Sandvine study found that almost 10% of homes in North America use one of these devices.

By using these devices to pirate creative works, consumers are undermining the ability of creators to earn a livelihood and the ability of entrepreneurs and companies to continue to invest in the creation of the types of works that make these devices so attractive in the first place. But new research shows that these devices may also expose consumers to immediate harm: malware.

In Fishing in the Piracy Stream: How the Dark Web of Entertainment is Exposing Consumers to Harm, Digital Citizens Alliance (DCA), working with researchers at Dark Wolfe, found that illicit streaming devices expose consumers to a much higher risk of malware. The research builds off an earlier report from DCA, Digital Bait, which detailed the relationship between pirate site operators and malware vendors. That report described how pirated works act as an attractive draw for malware vendors, and found that 1 in 3 pirate websites expose consumers to malware.

Since that report, consumers have increasingly shifted toward streaming—and the use of streaming devices. And so, DCA wanted to see if malware has also followed this shift. DCA partnered with Dark Wolfe to study the ten most popular piracy apps in this ecosystem over the course of six weeks.

They found that it had. And because the devices are hooked up to a home network, users have essentially “escorted” malware distributors past their network security. As the report notes, “The malware looks for a pathway to any connected device, putting an entire home network at risk. Expanding the infection vectors (the pathways from an attacker’s computer into connected devices on a user’s network – such as a child’s tablet, a newer refrigerator or a computer) increases the likelihood of data theft.”

Link to the rest at Copyright Alliance