Statement is from https://xcancel.com/OriginalFunko/status/1866255848366039468#m
From: https://xcancel.com/BrandShieldltd/status/1866161489528180988#m
Edit, bonus panel! What scum.
You must log in or register to comment.
Fuck all the corpo fucks involved here with their plausible deniability attempt. If you truly felt any remorse, you’d talk about how you’ll disengage this AI chum service, or demand that requests are extremely precise or hyper targeted at specific direct issues. This story of blanket action helps the big company with monkey and always hurts the little guy that gets swept up in their ravenous wake.
Also, educate the next month of your online presence you boosting the brand you wronged with your reach. But you won’t do shit, you aren’t remorseful.
Personally I want to see the criminal shield removed for corporations. All C-Level executives become personally liable for any illegal actions, malfeasance, slander/liable, or injurious action perpetrated or instigated by the company with the ONLY defense being proving, beyond a shadow of a doubt (not just reasonable doubt) that an actor within or without the company caused the action with the express intent of harming the C-Level executives, either specific or generally.
Fuck corporate personhood. Fuck people making a LLC and doing whatever the fuck they want under the guise of the company then the company declares bankruptcy while they run off like a cartoon character with bags of money. Leadership liability and culpability should be the norm, not the exception.
Aren’t C-Suite already liable for illegal actions? I know for sure that it’s that way in Germany, and I cannot imagine it to be different in the U.S.
Nope, they are covered most of the time by what is known as the “corporate veil”.
Better explained than I can do here: https://federal-lawyer.com/when-can-a-ceo-be-held-personally-liable/
Essentially, unless they are personally doing it, they are protected. Embezzle millions and you go to jail, poison a water supply, kill thousands, give birth defects, cancer, and a myriad of other health issues to a community at large and only the corporation is liable/culpable.
It would be a real shame if abuse@dtnt.com (the domain registrar of brandshield.com) were to get a bunch of reports about scams and illegal activity found on the website. Bonus points for copying legal@dtnt.com.
Oh, I’m here for it.
I’m very interested in what the offending page looked like. itch.io in the first reports seemed to suggest it was a false positive, without outright saying so. Both Funko and BrandShield are quiet about it, but between the lines you can infer they think the AI tool’s report was legitimate.
It looks like this is the one:
https://funkofusion.itch.io/funko-fusion
- It closely copies the branding of Funko Fusion by 10:10 Games.
- The title and account have been pulled.
Both match Leaf’s description:
[…] some person made a fan page for an existing Funko Pop video game (Funko Fusion), with links to the official site and screenshots of the game.
[…] I had removed the page and disabled the account.
I notice it doesn’t include the word “sorry”.
It’s really just “this thing happened” and nothing else, as if they’re reporting on events where they’re just innocent bystanders. Instead of saying what they did, it’s “hey, we didn’t do [detail]”.
Is it a legal liability thing to avoid using specific words? It’s hard to imagine it being bad PR to “properly” apologize (at least compared to releasing a non-apology apology statement).
I would imagine that admitting fault is a bad look when it comes to fighting the lawsuit that inevitably comes after. Hard to claim you’re not liable when you’ve made a statement saying it’s your fault.
Yes, theoretically Itch could sue them for lost revenue
In USA yes. In Canada we made a law about exempting “sorry” specifically, not even joking lol.
Fuck Funko Pops.
Fuck BrandShield.
I accuse them both of causing itch.io to go down and it is their fault.
Corporate doing corporate shit. And then asking why people hate corporations and their CEOs.
People used to think so highly of CEOs, that they must be doing something right if they got to where they are. They must be smarter and have all the answers.
Now people are realizing CEOs are just rich scumbags.
Yep, I’m sure most of them just bought their positions there to have power over society.
Why is it so hard just to say “this was not out intention, we recognize it was bad, and we are sorry.”
There’s a lot of words here for a non-apology.
Lawsuit liability.
Why do a decent thing when you have money on your side
Fuck Funko and fuck their shitty CEO.
Not worth thinking about any further. I wish itch.io the best in their lawsuit.
The fact that a legit website could be taken down just by a big corporation claim, without any further third party or gubernamental investigation. Is indeed frightening.
Nintendo people: First time?
deleted by creator
DMCA used to be used very very rarely because it carries(carried?) significant penalties for using it like a club. Now it’s just being used like a club and it’s quite obvious there’s no penalty.
I don’t believe that it was a malicious misuse. Most likely some fuckwit moron at Funko or Brandshield didn’t understand the difference between the hosting platform and the registrar and sent the takedown request to the wrong place out of negligence.
Using AI driven software is willful negligence. Software can’t take responsibility so the human operating it needs to take responsibility for the consequences of it. They took down the entire thing they need to face consequences. The hosting provider should also face consequences for overly broad responses to take down requests.
Using AI driven software is willful negligence.
Not necessarily. Neural nets are excellent at fuzzy matching tasks and make for great filters – but nothing more. If you hook one up to a crawler you get a fairly effective way of identifying websites that match certain criteria. You can then have people review those matches to see if infringement happened. It’s basically a glorified search tool.
Of course if you skip the review step you’re doing the equivalent of running a Google search for your brand name and DMCAing all of the search results. That would be negligent.
There is no indication that Funko/BrandShield did that, however. They say that infringing content was found and we have strong indications that a now-deleted Itch project did contain official screenshots of Funko Fusion so the infringement threshold might have been met. Their takedown request was apparently made in good faith.
Now, why the entire domain was taken down, that is the question. It might be a miscommunication or they might’ve mailed the hosting provider directly. I can imagine everything from human error to faulty processes as the root cause here. What I don’t believe is that they made a high-level decision to nuke Itch.
Who needs to face the consequences depends on who screwed up here. For now we’ll have to make do with both Funko and BrandShield taking a PR hit.
Now, why the entire domain was taken down, that is the question.
They emailed their registrar. Registrar deals only with domains. It’s like telling asassin to deal with person and then act surprised after person was killed.
They didnt issue a DMCA takedown request, which has a legally prescribed back and forth for removing copyrighted, or assumed copyrighted material.
They instead told the registar itch.io was committing phishing/fraud crimes. The registar clearly knee jerked on being told the domain was engaged in illegal acts, but it was Funko and their vendor Brandshield that lied about that in the first place.
Yes, I didn’t know about the fraud allegation when I posted. That definitely shouldn’t have happened. Funko should’ve known better than to pull shit like that and it’ll be interesting to see if Itch sues over this.
My point about AI tools remains, though.
Doesn’t matter, compensation is in order.
If a company uses tools that act poorly, or does not invest in training staff appropriately, it is a decision they make to optimize their business.
When they fail, they should have to learn what the costs of those mistakes are. A tweet is not enough.
Sure, I don’t disagree, that’s not what I’m saying. All three offending parties could/should be held responsible, depending on how the takedown request was delivered.
nobody is this stupid
Except you wouldn’t ever dare build any kind of automated system for fear of this exact situation. Remove the fear part and financially you wouldn’t NOT build this system.
Exactly, they know how often their AI fails and they understand the damages you incur from fake phishing accusations. They combined the two, and used exploits to make the registrar panic.
Yeah i jumped to the conclusion, read the article and kept the additional incorrect info in my premise.
“Funko did not request a takedown of the @itchio platform.”
Man, I fucking hate corpo-speak like this.
Yes, you didn’t personally make the request against itchio… But you hired this company to enforce “brand protection” and that’s what they did. So you did actually request the takedown, but you just did so by authorizing another party to make such requests on your behalf.
This is like a military General saying “hey I didn’t commit any warcrimes, I just gave the orders to my men to commit warcrimes!”
Translation: “we didn’t think this predatory behavior would affect our bottom line, and we deeply regret that it has.”
Hey, so if BrandShield is being honest, what’s Itch’s registrar? What do they have to say? 🍿 This keeps getting deeper.
Why ask the registrar to take down a subdomain of a website?
Those subdomains are not managed or controlled by the registrar, so all the registrar can do is either take down the entire domain or ask their client to take down the subdomain. In this case they asked their client, who took down the subdomain, after which the registrar took down the domain anyhow :D
For a single isolated offence, Brandshield’s first action should have been to report the copyright infringement to itch.io and ask for a takedown of that content, instead they went directly to the registrar and falsely claimed that itch.io was a fraud & phishing site. I suspect that they falsely claim that it’s about phishing and fraud, because otherwise registrars will not take down the site unless there is systematic copyright infringement (like a torrent site). And I suspect that brandshield goes directly to the registrar with their complaint, since that is easier to automate than finding the right contact info on a website.
So my take is that: The registrar was in the wrong for taking down the domain after itch.io removed the problematic subdomain. Brandshield is scum. And Funko is in the wrong for using brandshield.
No real need for further answers from itch.io, nothing new has come to light.
Those subdomains are not managed or controlled by the registrar
I might be getting the terminology wrong, I’ve not had to work too closely with the specifics of subdomains in my career, lol. But you can definitely have
blah.itch.iopoints to a different IP thanitch.ioand that’s done through DNS. So if they suspectedblah.itch.ioto be a phishing site imitating Funko’s site, it makes sense that they’d report it to the people controlling that.And yeah, it looks like Itch does use sub domains for user pages instead of URL paths. https://xk.itch.io/ So if some user’s page was trying to imitate Funk’s site then I could see this line of thought. I’d need to see the page that was supposedly imitating and what it was imitating to really make a judgement call though.
Registrar is 1API.NET which uses Verisign.
DNS is currently configured to cloudflare (maybe as a result of this fubar scenario?). blah.itch.io would be pointed in DNS not from the TLD registrar in this scenario.
Contacting itch.io directly would be the first step long before going the registrar route as they obviously manage DNS on their end and not the registrar end.
If it had been phishing, then going to the registrar would have been the right call, because you want to take that down asap. But according to itch.io it wasn’t, instead it was a a real fansite that was linking to the real website of funko’s game (according to itch.io). Something which most media companies allow since it’s basically free publicity and goodwill, but if they did want it taken down for copyright reasons, then a DMCA takedown request send to itch.io would have been the correct first action.
In the response statement by Brandshield, Brandshield does not deny having send a takedown request for phishing to the registrar (confirming that they did), nor do they dispute itch.io’s statement that it wasn’t a phishing site (confirming that they know that it wasn’t), instead they only speak about “infringement”.
So now we know that Brandshield is knowingly making false accusations that have potentially serious consequences for their victims. And it’s not going to be the first time that they’ve done this, but even this high publicity case will probably not have any legal consequences for brandshield, so it looks like they will continue getting away with it. Unfortunately they’re not alone, it often seems like the entire DMCA industry is rotten.
So now we know that Brandshield is knowingly making false accusations that have potentially serious consequences for their victims.
They said their platform is “AI driven” which could very easily imply this was an automated process with no human making a decision. It’s still bad, but a different kind of bad than “knowingly” making a decision.
You can’t create an automated machine, let it run loose without supervision and then claim to not be responsible for what the machine does.
Maybe just maybe this was the very first instance of their ai malfunctioning (which I don’t believe for a second), in which case the correct response of Brandshield would have been to announce that they would temporarily suspend the activities of this particular program & promise to implement improvements so that it would not happen again. Brandshield has done neither of these, which tells me that it’s not the first time and also that Brandshield has no intention of preventing it from happening again in the future.
I’m not trying to exonerate them of any blame, I’m just saying “knowingly” implies a human looking at something and making a decision as opposed to a machine making a mistake.
I made an automaton. I set the parameters in such a way that there is a large variability of actions that my automaton can take. My parameters do not pre-empt my automaton from taking certain illegal actions. I set my automaton loose. After some time it turns out that my automaton has taken an illegal action against a specific person. Did I know that my automaton was going to commit a illegal action against that specific person? No, I did not. Did I know that my automaton was sooner or later going to commit certain illegal actions? Yes I did, because those actions are within the parameters of the automaton. I know my automaton is capable of doing illegal actions and given enough incidences there is an absolute certainty that it will do those illegal actions. I do not need to interact with my automaton in any way to know that some of it’s actions will be illegal.
The problem here is that’s a weird response for them to go straight to the registrar.
If somebody posts copyrighted content on YouTube the offended party goes to YouTube don’t ask the registrar to do anything. Contacting the registrar is the last resort not the first step.
If only we had a few more Luigi, these corpo-shit would think twice
They really like to show off how much power they have and how self defense is, indeed, justified.
They do and undo like there’s no consequences whatsoever.
They always talk about how giving coverage leads to copycats. Typically that has meant me getting pissed at the over coverage of mass shootings, but now I’m sitting here waiting like… Okay? Any day now? Maybe not.
2025: the REAL year of Luigi.
There are lots of finger-pointing here. Funko said the takedown was done by their partner, BrandShield. BrandShield said it was a URL-specific (or is it subdomain?) takedown, not the whole domain. The registrar, Iwantmyname, responded said takedown by taking down the WHOLE domain.
I think Funko shouldn’t have trusted AI to do legal-related stuff. BrandShield is a stupid idea born from the AI-hype. It’s stupid and shouldn’t have existed. Iwantmyname is just as incompetent if not more–they haven’t even released any public statement about this. Their customer support are also slow to response apparently.
Itch.io should move domain registrar. Funko should stop using BrandShield, it only damages their brand more.
Also what’s up with Funko calling someone’s mom lol. that’s stupid
I also think that this is why AI won’t replace our jobs. I’ve seen many instances where technologies replaces jobs, but this ain’t it
The Idea to use AI to detect possible copyright infringements isnt even that bad. Its gets bad when you trust the AI to be able to tell things apart. If the alerts from the AI aren’t reviewed by humans it is doomed to fail.
Well put, they can’t just palm it off on the third party. You hired them and green lit the action.
URL-specific and they go to the registrar? What can they do, they don’t manage the hosting
Also: brand shield says they only wanted the url gone but you don’t get that when talking to the registrar. Registrar are all or nothing, so clearly they knew they were doing this
I think this is a very important point. Why would you talk to a registrar of the domain to get a specific page offline. This doesn’t make sense.
The question is are they really that incompetent, or are they really that malicious? Add in mislabeling the report as fraud instead of infringement, I lean towards them being malicious, but I guess that could also be gross incompetence. Either way, Brandshield looks terrible.
yup. someone is lying here
I think Iwantmyname may be the worst player in this story.
Everyone else kind of did what they were expected to do:
- Itch provides a platform for user generated content and took down some questionable content when asked.
- Funko is an IP based toy company and asked a tech company to protect their IP online
- BrandShield is a fucking cancer of a service that acted aggressively to protect its client’s interests
But:
- Iwantmyname is meant to provide a domain name registration service, it’s a cutthroat industry where often times customer service is viewed as an unnecessary cost, but itch was their client and they should have been helping itch respond to the notice in a manner that allowed it to continue to exist. Instead they were willing to shut it down without any real dialog.
The rest might be decent business partners if you are looking for their kind of service but Iwantmyname isn’t to be trusted.
While the registrar should have made more to understand the situation before acting, it’s important to keep in mind that according to itch.io, the request was not a DMCA takedown but an accusation of “fraud and fishing”. There’s probably a very large legal exposure for a registrar to let criminal website use their service if they are made aware of it, so reducing their liability is probably their highest priority.
BrandShield is inexcusable for using such a claim as a first step.
Agree, though I would not use the word “decent” about BrandShield or Funko. Being harmfully lazy and immoral legally and according to contract is still harmfully lazy and immoral.
