Tackling online piracy is a complicated endeavor that often begins with efforts to identify the operators of infringing sites and services. This is also where the first hurdles show up.

Many pirates keep their identities concealed. This applies to the operators of sites and services as well as their users.

This relative anonymity is a nuisance to anti-piracy groups, including the RIAA and MPA. While most online services refuse to voluntarily hand over user details, legal tools can help rightsholders move forward.

In recent years, DMCA subpoenas have established themselves as a key anti-piracy enforcement tool. These requests don’t require any oversight from a judge and are typically signed off by a court clerk. This makes them ideal to swiftly identify online pirates.

DMCA Subpoenas at Risk

Both the RIAA and MPA have used these subpoenas to identify owners of pirate sites and individual infringers. The groups would like DMCA subpoenas, as detailed in DMCA §512(h) , to remain in their toolbox but there are concerns that a recent court order could hinder their effectiveness.

The case in point doesn’t involve the RIAA or MPA. It’s a dispute between several independent film companies and Internet provider Cox. The latter successfully objected to a DMCA subpoena which sought to obtain the personal details of numerous alleged BitTorrent pirates.

The main contention in this case is whether DMCA subpoenas apply to residential Internet providers. Cox argued against, describing itself as a mere conduit provider benefiting from the DMCA’s §512(a) safe harbor, which does not require ISPs to take anything down, because the ISP doesn’t store content.

^{For background, a brief summary of the four types of ISPs under 17 U.S.C. § 512.}

^{– §512(a): transitory digital network communications; services that merely pass on bits and bytes
– §512(b): system caching; services that temporarily store (cache) data
– §512(c): storage of information on systems; services that host data
– §512(d): information location tools; services that connect users to online locations (e.g. social media, search engines)}

Last year, the court agreed with Cox’s reasoning and quashed the subpoena. The order concluded that DMCA subpoenas typically don’t apply to DMCA §512(a) services, but do apply to other providers that store or link to infringing content directly.

The film companies, including Capstone Studios and Millennium Funding, didn’t give up. After the motion for reconsideration failed, they filed an appeal at the Ninth Circuit Court of Appeals. Among other things, the appeal argued that Cox also falls under DMCA §512(d), as it can remove or disable ‘references or links’ to infringing content.

In addition, the rightsholders also argue that DMCA subpoenas apply to § 512(a) service providers. Therefore, they say, a DMCA subpoena should be valid for Cox.

MPA and RIAA Want to be Heard

The language of the DMCA can be complex at times and open to interpretation. The film companies hope that they can force a breakthrough via the court of appeals, but an adverse ruling that further restricts the scope of DMCA subpoenas is possible too.

The risk of an adverse ruling clearly has the MPA and RIAA worried. They often use these subpoenas to request information from third-party services such as Cloudflare, social media companies, and domain registrars.

The trade groups previously shared their thoughts in an amicus brief. They didn’t take sides in the dispute, but pointed out that the lower court’s ruling was too broad. Specifically, they questioned the part suggesting that IP addresses may never function as links, within the context of the section 512(d) safe harbor.

MPA and RIAA instead argued that section 512(d) services, which could cover reverse proxy providers such as Cloudflare, can link to pirate websites through IP-addresses.

If the district court’s order stands, the validity of MPA and RIAA DMCA subpoenas may be in question. For this reason, the group urged the court to limit its findings to the evidence at hand, without the contested and presumably unneeded IP-address interpretation.

To further reiterate this position, MPA and RIAA asked for speaking time at a hearing scheduled for June. They request 10 minutes of the court’s time, while keeping the available time for the other parties at 15 minutes each.

“MPA and RIAA invest substantial resources to combat online piracy, including through the use of section 512(h) subpoenas. Because infringers hide under aliases and behind proxies, section 512(h) subpoenas are a key tool to combat online infringement and protect the legitimate creative industries,” the groups inform the court.

“Amici intend to use their time to advocate for reversal or a narrow ruling, preventing unintended consequences for subpoenas and issues not before this Court that could have unintended consequences on the carefully-crafted compromise reflected in the DMCA.”

The court has yet to rule on this request. While the movie companies don’t object, Cox doesn’t want to extend the hearing by ten minutes, but wants the MPA and RIAA to use the film companies’ time instead.

‘Trolls’

Where the MPA and RIAA call for a more narrow and restricted ruling, an additional third-party has submitted an amicus brief that extends far beyond the legal intricacies of the DMCA’s section 512.

That submission comes from Charles Muszynski, who has been embroiled with movie companies and their attorneys for several years. Their dispute started when the movie companies targeted LiquidVPN , which had been purchased by one of Muszynski’s companies.

That particular legal battle is over, but follow-up litigation in international courts continues to this day. According to Muszynski, the movie companies are of a “copyright troll” group that operates a “criminal racketeering and money laundering sham” that he likens to the criminal Prenda Law operation.

These allegations are not immediately relevant for the DMCA subpoena argument. But, for the matter at hand, Muszynski’s amicus brief concurs and adopts the arguments that were previously made by the Electronic Frontier Foundation (EFF) in this case.

EFF also used the “troll” terminology, albeit in a different context and without directly referring to the movie companies. EFF urged the court not to allow copyright holders to issue §512(h) subpoenas to ISPs who simply transmit data, as this could trigger more coercive settlement requests against internet subscribers.

The amicus curiae briefs from both EFF and Muszynski are still listed as pending, so it’s still unknown whether they will be considered by the Court of Appeals. That said, with many eyes on this case, it’s clear that there’s a lot at stake in the upcoming hearing, and in the ruling that will eventually follow.

—

A copy of the MPA and RIAA’s request to participate in the oral hearing is available here (pdf) . Muszynski’s amicus curiae brief is available here (pdf)

From: TF , for the latest news on copyright battles, piracy and more.

Tackling online piracy is a complicated endeavor that often begins with efforts to identify the operators of infringing sites and services. This is also where the first hurdles show up.

Many pirates keep their identities concealed. This applies to the operators of sites and services as well as their users.

This relative anonymity is a nuisance to anti-piracy groups, including the RIAA and MPA. While most online services refuse to voluntarily hand over user details, legal tools can help rightsholders move forward.

In recent years, DMCA subpoenas have established themselves as a key anti-piracy enforcement tool. These requests don’t require any oversight from a judge and are typically signed off by a court clerk. This makes them ideal to swiftly identify online pirates.

DMCA Subpoenas at Risk

Both the RIAA and MPA have used these subpoenas to identify owners of pirate sites and individual infringers. The groups would like DMCA subpoenas, as detailed in DMCA §512(h) , to remain in their toolbox but there are concerns that a recent court order could hinder their effectiveness.

The case in point doesn’t involve the RIAA or MPA. It’s a dispute between several independent film companies and Internet provider Cox. The latter successfully objected to a DMCA subpoena which sought to obtain the personal details of numerous alleged BitTorrent pirates.

The main contention in this case is whether DMCA subpoenas apply to residential Internet providers. Cox argued against, describing itself as a mere conduit provider benefiting from the DMCA’s §512(a) safe harbor, which does not require ISPs to take anything down, because the ISP doesn’t store content.

^{For background, a brief summary of the four types of ISPs under 17 U.S.C. § 512.}

^{– §512(a): transitory digital network communications; services that merely pass on bits and bytes
– §512(b): system caching; services that temporarily store (cache) data
– §512(c): storage of information on systems; services that host data
– §512(d): information location tools; services that connect users to online locations (e.g. social media, search engines)}

Last year, the court agreed with Cox’s reasoning and quashed the subpoena. The order concluded that DMCA subpoenas typically don’t apply to DMCA §512(a) services, but do apply to other providers that store or link to infringing content directly.

The film companies, including Capstone Studios and Millennium Funding, didn’t give up. After the motion for reconsideration failed, they filed an appeal at the Ninth Circuit Court of Appeals. Among other things, the appeal argued that Cox also falls under DMCA §512(d), as it can remove or disable ‘references or links’ to infringing content.

In addition, the rightsholders also argue that DMCA subpoenas apply to § 512(a) service providers. Therefore, they say, a DMCA subpoena should be valid for Cox.

MPA and RIAA Want to be Heard

The language of the DMCA can be complex at times and open to interpretation. The film companies hope that they can force a breakthrough via the court of appeals, but an adverse ruling that further restricts the scope of DMCA subpoenas is possible too.

The risk of an adverse ruling clearly has the MPA and RIAA worried. They often use these subpoenas to request information from third-party services such as Cloudflare, social media companies, and domain registrars.

The trade groups previously shared their thoughts in an amicus brief. They didn’t take sides in the dispute, but pointed out that the lower court’s ruling was too broad. Specifically, they questioned the part suggesting that IP addresses may never function as links, within the context of the section 512(d) safe harbor.

MPA and RIAA instead argued that section 512(d) services, which could cover reverse proxy providers such as Cloudflare, can link to pirate websites through IP-addresses.

If the district court’s order stands, the validity of MPA and RIAA DMCA subpoenas may be in question. For this reason, the group urged the court to limit its findings to the evidence at hand, without the contested and presumably unneeded IP-address interpretation.

To further reiterate this position, MPA and RIAA asked for speaking time at a hearing scheduled for June. They request 10 minutes of the court’s time, while keeping the available time for the other parties at 15 minutes each.

“MPA and RIAA invest substantial resources to combat online piracy, including through the use of section 512(h) subpoenas. Because infringers hide under aliases and behind proxies, section 512(h) subpoenas are a key tool to combat online infringement and protect the legitimate creative industries,” the groups inform the court.

“Amici intend to use their time to advocate for reversal or a narrow ruling, preventing unintended consequences for subpoenas and issues not before this Court that could have unintended consequences on the carefully-crafted compromise reflected in the DMCA.”

The court has yet to rule on this request. While the movie companies don’t object, Cox doesn’t want to extend the hearing by ten minutes, but wants the MPA and RIAA to use the film companies’ time instead.

‘Trolls’

Where the MPA and RIAA call for a more narrow and restricted ruling, an additional third-party has submitted an amicus brief that extends far beyond the legal intricacies of the DMCA’s section 512.

That submission comes from Charles Muszynski, who has been embroiled with movie companies and their attorneys for several years. Their dispute started when the movie companies targeted LiquidVPN , which had been purchased by one of Muszynski’s companies.

That particular legal battle is over, but follow-up litigation in international courts continues to this day. According to Muszynski, the movie companies are of a “copyright troll” group that operates a “criminal racketeering and money laundering sham” that he likens to the criminal Prenda Law operation.

These allegations are not immediately relevant for the DMCA subpoena argument. But, for the matter at hand, Muszynski’s amicus brief concurs and adopts the arguments that were previously made by the Electronic Frontier Foundation (EFF) in this case.

EFF also used the “troll” terminology, albeit in a different context and without directly referring to the movie companies. EFF urged the court not to allow copyright holders to issue §512(h) subpoenas to ISPs who simply transmit data, as this could trigger more coercive settlement requests against internet subscribers.

The amicus curiae briefs from both EFF and Muszynski are still listed as pending, so it’s still unknown whether they will be considered by the Court of Appeals. That said, with many eyes on this case, it’s clear that there’s a lot at stake in the upcoming hearing, and in the ruling that will eventually follow.

—

A copy of the MPA and RIAA’s request to participate in the oral hearing is available here (pdf) . Muszynski’s amicus curiae brief is available here (pdf)

From: TF , for the latest news on copyright battles, piracy and more.

Tackling online piracy is a complicated endeavor that often begins with efforts to identify the operators of infringing sites and services. This is also where the first hurdles show up.

Many pirates keep their identities concealed. This applies to the operators of sites and services as well as their users.

This relative anonymity is a nuisance to anti-piracy groups, including the RIAA and MPA. While most online services refuse to voluntarily hand over user details, legal tools can help rightsholders move forward.

In recent years, DMCA subpoenas have established themselves as a key anti-piracy enforcement tool. These requests don’t require any oversight from a judge and are typically signed off by a court clerk. This makes them ideal to swiftly identify online pirates.

DMCA Subpoenas at Risk

Both the RIAA and MPA have used these subpoenas to identify owners of pirate sites and individual infringers. The groups would like DMCA subpoenas, as detailed in DMCA §512(h) , to remain in their toolbox but there are concerns that a recent court order could hinder their effectiveness.

The case in point doesn’t involve the RIAA or MPA. It’s a dispute between several independent film companies and Internet provider Cox. The latter successfully objected to a DMCA subpoena which sought to obtain the personal details of numerous alleged BitTorrent pirates.

The main contention in this case is whether DMCA subpoenas apply to residential Internet providers. Cox argued against, describing itself as a mere conduit provider benefiting from the DMCA’s §512(a) safe harbor, which does not require ISPs to take anything down, because the ISP doesn’t store content.

^{For background, a brief summary of the four types of ISPs under 17 U.S.C. § 512.}

^{– §512(a): transitory digital network communications; services that merely pass on bits and bytes
– §512(b): system caching; services that temporarily store (cache) data
– §512(c): storage of information on systems; services that host data
– §512(d): information location tools; services that connect users to online locations (e.g. social media, search engines)}

Last year, the court agreed with Cox’s reasoning and quashed the subpoena. The order concluded that DMCA subpoenas typically don’t apply to DMCA §512(a) services, but do apply to other providers that store or link to infringing content directly.

The film companies, including Capstone Studios and Millennium Funding, didn’t give up. After the motion for reconsideration failed, they filed an appeal at the Ninth Circuit Court of Appeals. Among other things, the appeal argued that Cox also falls under DMCA §512(d), as it can remove or disable ‘references or links’ to infringing content.

In addition, the rightsholders also argue that DMCA subpoenas apply to § 512(a) service providers. Therefore, they say, a DMCA subpoena should be valid for Cox.

MPA and RIAA Want to be Heard

The language of the DMCA can be complex at times and open to interpretation. The film companies hope that they can force a breakthrough via the court of appeals, but an adverse ruling that further restricts the scope of DMCA subpoenas is possible too.

The risk of an adverse ruling clearly has the MPA and RIAA worried. They often use these subpoenas to request information from third-party services such as Cloudflare, social media companies, and domain registrars.

The trade groups previously shared their thoughts in an amicus brief. They didn’t take sides in the dispute, but pointed out that the lower court’s ruling was too broad. Specifically, they questioned the part suggesting that IP addresses may never function as links, within the context of the section 512(d) safe harbor.

MPA and RIAA instead argued that section 512(d) services, which could cover reverse proxy providers such as Cloudflare, can link to pirate websites through IP-addresses.

If the district court’s order stands, the validity of MPA and RIAA DMCA subpoenas may be in question. For this reason, the group urged the court to limit its findings to the evidence at hand, without the contested and presumably unneeded IP-address interpretation.

To further reiterate this position, MPA and RIAA asked for speaking time at a hearing scheduled for June. They request 10 minutes of the court’s time, while keeping the available time for the other parties at 15 minutes each.

“MPA and RIAA invest substantial resources to combat online piracy, including through the use of section 512(h) subpoenas. Because infringers hide under aliases and behind proxies, section 512(h) subpoenas are a key tool to combat online infringement and protect the legitimate creative industries,” the groups inform the court.

“Amici intend to use their time to advocate for reversal or a narrow ruling, preventing unintended consequences for subpoenas and issues not before this Court that could have unintended consequences on the carefully-crafted compromise reflected in the DMCA.”

The court has yet to rule on this request. While the movie companies don’t object, Cox doesn’t want to extend the hearing by ten minutes, but wants the MPA and RIAA to use the film companies’ time instead.

‘Trolls’

Where the MPA and RIAA call for a more narrow and restricted ruling, an additional third-party has submitted an amicus brief that extends far beyond the legal intricacies of the DMCA’s section 512.

That submission comes from Charles Muszynski, who has been embroiled with movie companies and their attorneys for several years. Their dispute started when the movie companies targeted LiquidVPN , which had been purchased by one of Muszynski’s companies.

That particular legal battle is over, but follow-up litigation in international courts continues to this day. According to Muszynski, the movie companies are of a “copyright troll” group that operates a “criminal racketeering and money laundering sham” that he likens to the criminal Prenda Law operation.

These allegations are not immediately relevant for the DMCA subpoena argument. But, for the matter at hand, Muszynski’s amicus brief concurs and adopts the arguments that were previously made by the Electronic Frontier Foundation (EFF) in this case.

EFF also used the “troll” terminology, albeit in a different context and without directly referring to the movie companies. EFF urged the court not to allow copyright holders to issue §512(h) subpoenas to ISPs who simply transmit data, as this could trigger more coercive settlement requests against internet subscribers.

The amicus curiae briefs from both EFF and Muszynski are still listed as pending, so it’s still unknown whether they will be considered by the Court of Appeals. That said, with many eyes on this case, it’s clear that there’s a lot at stake in the upcoming hearing, and in the ruling that will eventually follow.

—

A copy of the MPA and RIAA’s request to participate in the oral hearing is available here (pdf) . Muszynski’s amicus curiae brief is available here (pdf)

From: TF , for the latest news on copyright battles, piracy and more.

Since early February, Spain has faced unprecedented yet avoidable nationwide disruption to previously functioning, entirely legitimate online services.

A court order obtained by top-tier football league LaLiga in partnership with telecommunications giant Telefonica, authorized ISP-level blocking across all major ISPs to prevent public access to pirate IPTV services and websites.

In the first instance, controversy centered on Cloudflare, where shared IP addresses were blocked by local ISPs when pirates were detected using them, regardless of the legitimate Cloudflare customers using them too.

When legal action by Cloudflare failed, in part due to a judge’s insistence that no evidence of damage to third parties had been proven before the court, joint applicants LaLiga and Telefonica continued with their blocking campaign. It began affecting innocent third parties early February and hasn’t stopped since.

Vercel Latest Target

US-based Vercel describes itself as a “complete platform for the web.” Through the provision of cloud infrastructure and developer tools, users can deploy code from their computers and have it up and running in just seconds. Vercel is not a ‘rogue’ hosting provider that ignores copyright complaints, it takes its responsibilities very seriously .

Yet it became evident last week that blocking instructions executed by Telefonica-owned telecoms company Movistar were once again blocking innocent users, this time customers of Vercel.

As the thread on X continued, Vercel CEO Guillermo Rauch was asked whether Vercel had “received any requests to remove illegal content before the blocking occurs?”

Vercel Principal Engineer Matheus Fernandes answered quickly.

Additional users were soon airing their grievances; ChatGPT blocked regularly on Sundays, a whole day “ruined” due to unwarranted blocking of AI code editor Cursor, blocking at Cloudflare, GitHub, BunnyCDN, the list goes on.

Vercel Slams “Unaccountable Internet Censorship”

In a joint statement last week, Vercel CEO Guillermo Rauch and Principal Engineer Matheus Fernandes cited the LaLiga/Telefonica court order and reported that ISPs are “blocking entire IP ranges, not specific domains or content.”

Among them, the IP addresses 66.33.60.129 and 76.76.21.142, “used by businesses like Spanish startup Tinybird, Hello Magazine, and others operating on Vercel, despite no affiliations with piracy in any form.”

This isn’t a narrowly scoped takedown. LaLiga is a private organization triggering IP-wide blocks that impact critical infrastructure, developers, and businesses—without review, due process, or transparency. These blocks are primarily enforced during LaLiga matchdays, typically on weekends and select weekdays, when live broadcasts occur.

ISP-level blocking of individual sites is common. Typically, this is done by inspecting the Server Name Indication (SNI) header during the TLS handshake. SNI contains the hostname in plaintext before encryption, allowing ISPs to block specific domains while leaving other traffic on the same IP untouched, even while the actual traffic is encrypted.

But that’s not what’s happening here. Spanish ISPs are blocking entire IPs, ignoring SNI and making no effort to distinguish between hosts. Any website or service behind a blocked IP is taken offline, regardless of its legitimacy.

What started as an anti-piracy measure has become an unaccountable form of internet censorship. There’s no distinction between targeted enforcement and mass collateral damage. IPs are being blocklisted wholesale.

Like all platforms working with user-uploaded content, Vercel receives external complaints concerning potential copyright infringement. Vercel’s latest transparency report reveals that during the latest reporting period it received 1,015 DMCA notices and restricted content in response to 1,001 of them. For additional perspective, Vercel has six million users and has a dedicated dispute resolution program, should that be necessary in respect of any complaint.

Vercel Now in Contact With LaLiga

The details concerning this latest blocking disaster and the many others since February, are unavailable to the public. This lack of transparency is consistent with most if not all dynamic blocking programs around the world. With close to zero transparency, there is no accountability when blocking takes a turn for the worse, and no obvious process through which innocent parties can be fairly heard. While these negatives are a real concern, it appears that tech-savvy Spaniards are embracing the challenge.

In our previous report we highlighted several coding projects that aim to counter the blocking issues in various ways. The hayahora.futbol project is especially impressive; it gathers evidence of blocking events, including dates, which ISPs implemented blocking, how long the blocks remained in place, and which legitimate services were wrongfully blocked.

While clearly unhappy with how the company has been treated, Vercel says it’s now working with LaLiga .

“We remain committed to providing fast, secure infrastructure for modern web applications. Likewise, we expect enforcement efforts to do the same: targeted, transparent, and technically sound. We are in contact with La Liga and are collaborating to remove illegal content in accordance with the court order. We’re exploring mitigation strategies to restore access for Spanish users and continue to advocate for an open and permissionless web,” Vercel concludes.

The Changing Role of ISPs

ISPs were traditionally the first to push back against site blocking but in Spain, all of those now involved have commercial interests in the content being blocked. They agreed to the terms of the blocking order, and they weren’t subjected to it against their will; that’s why the court approved it.

Yet when LaLiga is portrayed as the driving force behind events playing out in Spain, very little attention is paid to the significant help it needs to make blocking happen. The reasons why that help continues to arrive – despite known and repeated overblocking incidents – may raise questions as part of the wider net neutrality debate.

On one hand, LaLiga, Telefonica, and the interested ISPs, are protecting their rights in live LaLiga match broadcasts against rampant piracy under extremely difficult conditions. Yet on the other, they’re blocking IP addresses that their sophisticated anti-piracy departments know are also used by innocent companies and their customers trying to conduct legitimate business in Spain. There are suggestions that may yet run into trouble .

That leads us to RootedCON, the cybersecurity group that previously attempted to end LaLiga’s blocking campaign with an appeal to the court. Like Cloudflare, the bid failed but motivation to examine other potential opportunities remains high.

Previously dismissed as “geeks” by LaLiga, others consider the term “hackers” more descriptive. It also adds more spice to the recent mention that there may be a release of “technical tools to piss people off” as an interim (but entirely legal) anti-blocking measure.

From: TF , for the latest news on copyright battles, piracy and more.

Since early February, Spain has faced unprecedented yet avoidable nationwide disruption to previously functioning, entirely legitimate online services.

A court order obtained by top-tier football league LaLiga in partnership with telecommunications giant Telefonica, authorized ISP-level blocking across all major ISPs to prevent public access to pirate IPTV services and websites.

In the first instance, controversy centered on Cloudflare, where shared IP addresses were blocked by local ISPs when pirates were detected using them, regardless of the legitimate Cloudflare customers using them too.

When legal action by Cloudflare failed, in part due to a judge’s insistence that no evidence of damage to third parties had been proven before the court, joint applicants LaLiga and Telefonica continued with their blocking campaign. It began affecting innocent third parties early February and hasn’t stopped since.

Vercel Latest Target

US-based Vercel describes itself as a “complete platform for the web.” Through the provision of cloud infrastructure and developer tools, users can deploy code from their computers and have it up and running in just seconds. Vercel is not a ‘rogue’ hosting provider that ignores copyright complaints, it takes its responsibilities very seriously .

Yet it became evident last week that blocking instructions executed by Telefonica-owned telecoms company Movistar were once again blocking innocent users, this time customers of Vercel.

As the thread on X continued, Vercel CEO Guillermo Rauch was asked whether Vercel had “received any requests to remove illegal content before the blocking occurs?”

Vercel Principal Engineer Matheus Fernandes answered quickly.

Additional users were soon airing their grievances; ChatGPT blocked regularly on Sundays, a whole day “ruined” due to unwarranted blocking of AI code editor Cursor, blocking at Cloudflare, GitHub, BunnyCDN, the list goes on.

Vercel Slams “Unaccountable Internet Censorship”

In a joint statement last week, Vercel CEO Guillermo Rauch and Principal Engineer Matheus Fernandes cited the LaLiga/Telefonica court order and reported that ISPs are “blocking entire IP ranges, not specific domains or content.”

Among them, the IP addresses 66.33.60.129 and 76.76.21.142, “used by businesses like Spanish startup Tinybird, Hello Magazine, and others operating on Vercel, despite no affiliations with piracy in any form.”

This isn’t a narrowly scoped takedown. LaLiga is a private organization triggering IP-wide blocks that impact critical infrastructure, developers, and businesses—without review, due process, or transparency. These blocks are primarily enforced during LaLiga matchdays, typically on weekends and select weekdays, when live broadcasts occur.

ISP-level blocking of individual sites is common. Typically, this is done by inspecting the Server Name Indication (SNI) header during the TLS handshake. SNI contains the hostname in plaintext before encryption, allowing ISPs to block specific domains while leaving other traffic on the same IP untouched, even while the actual traffic is encrypted.

But that’s not what’s happening here. Spanish ISPs are blocking entire IPs, ignoring SNI and making no effort to distinguish between hosts. Any website or service behind a blocked IP is taken offline, regardless of its legitimacy.

What started as an anti-piracy measure has become an unaccountable form of internet censorship. There’s no distinction between targeted enforcement and mass collateral damage. IPs are being blocklisted wholesale.

Like all platforms working with user-uploaded content, Vercel receives external complaints concerning potential copyright infringement. Vercel’s latest transparency report reveals that during the latest reporting period it received 1,015 DMCA notices and restricted content in response to 1,001 of them. For additional perspective, Vercel has six million users and has a dedicated dispute resolution program, should that be necessary in respect of any complaint.

Vercel Now in Contact With LaLiga

The details concerning this latest blocking disaster and the many others since February, are unavailable to the public. This lack of transparency is consistent with most if not all dynamic blocking programs around the world. With close to zero transparency, there is no accountability when blocking takes a turn for the worse, and no obvious process through which innocent parties can be fairly heard. While these negatives are a real concern, it appears that tech-savvy Spaniards are embracing the challenge.

In our previous report we highlighted several coding projects that aim to counter the blocking issues in various ways. The hayahora.futbol project is especially impressive; it gathers evidence of blocking events, including dates, which ISPs implemented blocking, how long the blocks remained in place, and which legitimate services were wrongfully blocked.

While clearly unhappy with how the company has been treated, Vercel says it’s now working with LaLiga .

“We remain committed to providing fast, secure infrastructure for modern web applications. Likewise, we expect enforcement efforts to do the same: targeted, transparent, and technically sound. We are in contact with La Liga and are collaborating to remove illegal content in accordance with the court order. We’re exploring mitigation strategies to restore access for Spanish users and continue to advocate for an open and permissionless web,” Vercel concludes.

The Changing Role of ISPs

ISPs were traditionally the first to push back against site blocking but in Spain, all of those now involved have commercial interests in the content being blocked. They agreed to the terms of the blocking order, and they weren’t subjected to it against their will; that’s why the court approved it.

Yet when LaLiga is portrayed as the driving force behind events playing out in Spain, very little attention is paid to the significant help it needs to make blocking happen. The reasons why that help continues to arrive – despite known and repeated overblocking incidents – may raise questions as part of the wider net neutrality debate.

On one hand, LaLiga, Telefonica, and the interested ISPs, are protecting their rights in live LaLiga match broadcasts against rampant piracy under extremely difficult conditions. Yet on the other, they’re blocking IP addresses that their sophisticated anti-piracy departments know are also used by innocent companies and their customers trying to conduct legitimate business in Spain. There are suggestions that may yet run into trouble .

That leads us to RootedCON, the cybersecurity group that previously attempted to end LaLiga’s blocking campaign with an appeal to the court. Like Cloudflare, the bid failed but motivation to examine other potential opportunities remains high.

Previously dismissed as “geeks” by LaLiga, others consider the term “hackers” more descriptive. It also adds more spice to the recent mention that there may be a release of “technical tools to piss people off” as an interim (but entirely legal) anti-blocking measure.

From: TF , for the latest news on copyright battles, piracy and more.

Since early February, Spain has faced unprecedented yet avoidable nationwide disruption to previously functioning, entirely legitimate online services.

A court order obtained by top-tier football league LaLiga in partnership with telecommunications giant Telefonica, authorized ISP-level blocking across all major ISPs to prevent public access to pirate IPTV services and websites.

In the first instance, controversy centered on Cloudflare, where shared IP addresses were blocked by local ISPs when pirates were detected using them, regardless of the legitimate Cloudflare customers using them too.

When legal action by Cloudflare failed, in part due to a judge’s insistence that no evidence of damage to third parties had been proven before the court, joint applicants LaLiga and Telefonica continued with their blocking campaign. It began affecting innocent third parties early February and hasn’t stopped since.

Vercel Latest Target

US-based Vercel describes itself as a “complete platform for the web.” Through the provision of cloud infrastructure and developer tools, users can deploy code from their computers and have it up and running in just seconds. Vercel is not a ‘rogue’ hosting provider that ignores copyright complaints, it takes its responsibilities very seriously .

Yet it became evident last week that blocking instructions executed by Telefonica-owned telecoms company Movistar were once again blocking innocent users, this time customers of Vercel.

As the thread on X continued, Vercel CEO Guillermo Rauch was asked whether Vercel had “received any requests to remove illegal content before the blocking occurs?”

Vercel Principal Engineer Matheus Fernandes answered quickly.

Additional users were soon airing their grievances; ChatGPT blocked regularly on Sundays, a whole day “ruined” due to unwarranted blocking of AI code editor Cursor, blocking at Cloudflare, GitHub, BunnyCDN, the list goes on.

Vercel Slams “Unaccountable Internet Censorship”

In a joint statement last week, Vercel CEO Guillermo Rauch and Principal Engineer Matheus Fernandes cited the LaLiga/Telefonica court order and reported that ISPs are “blocking entire IP ranges, not specific domains or content.”

Among them, the IP addresses 66.33.60.129 and 76.76.21.142, “used by businesses like Spanish startup Tinybird, Hello Magazine, and others operating on Vercel, despite no affiliations with piracy in any form.”

This isn’t a narrowly scoped takedown. LaLiga is a private organization triggering IP-wide blocks that impact critical infrastructure, developers, and businesses—without review, due process, or transparency. These blocks are primarily enforced during LaLiga matchdays, typically on weekends and select weekdays, when live broadcasts occur.

ISP-level blocking of individual sites is common. Typically, this is done by inspecting the Server Name Indication (SNI) header during the TLS handshake. SNI contains the hostname in plaintext before encryption, allowing ISPs to block specific domains while leaving other traffic on the same IP untouched, even while the actual traffic is encrypted.

But that’s not what’s happening here. Spanish ISPs are blocking entire IPs, ignoring SNI and making no effort to distinguish between hosts. Any website or service behind a blocked IP is taken offline, regardless of its legitimacy.

What started as an anti-piracy measure has become an unaccountable form of internet censorship. There’s no distinction between targeted enforcement and mass collateral damage. IPs are being blocklisted wholesale.

Like all platforms working with user-uploaded content, Vercel receives external complaints concerning potential copyright infringement. Vercel’s latest transparency report reveals that during the latest reporting period it received 1,015 DMCA notices and restricted content in response to 1,001 of them. For additional perspective, Vercel has six million users and has a dedicated dispute resolution program, should that be necessary in respect of any complaint.

Vercel Now in Contact With LaLiga

The details concerning this latest blocking disaster and the many others since February, are unavailable to the public. This lack of transparency is consistent with most if not all dynamic blocking programs around the world. With close to zero transparency, there is no accountability when blocking takes a turn for the worse, and no obvious process through which innocent parties can be fairly heard. While these negatives are a real concern, it appears that tech-savvy Spaniards are embracing the challenge.

In our previous report we highlighted several coding projects that aim to counter the blocking issues in various ways. The hayahora.futbol project is especially impressive; it gathers evidence of blocking events, including dates, which ISPs implemented blocking, how long the blocks remained in place, and which legitimate services were wrongfully blocked.

While clearly unhappy with how the company has been treated, Vercel says it’s now working with LaLiga .

“We remain committed to providing fast, secure infrastructure for modern web applications. Likewise, we expect enforcement efforts to do the same: targeted, transparent, and technically sound. We are in contact with La Liga and are collaborating to remove illegal content in accordance with the court order. We’re exploring mitigation strategies to restore access for Spanish users and continue to advocate for an open and permissionless web,” Vercel concludes.

The Changing Role of ISPs

ISPs were traditionally the first to push back against site blocking but in Spain, all of those now involved have commercial interests in the content being blocked. They agreed to the terms of the blocking order, and they weren’t subjected to it against their will; that’s why the court approved it.

Yet when LaLiga is portrayed as the driving force behind events playing out in Spain, very little attention is paid to the significant help it needs to make blocking happen. The reasons why that help continues to arrive – despite known and repeated overblocking incidents – may raise questions as part of the wider net neutrality debate.

On one hand, LaLiga, Telefonica, and the interested ISPs, are protecting their rights in live LaLiga match broadcasts against rampant piracy under extremely difficult conditions. Yet on the other, they’re blocking IP addresses that their sophisticated anti-piracy departments know are also used by innocent companies and their customers trying to conduct legitimate business in Spain. There are suggestions that may yet run into trouble .

That leads us to RootedCON, the cybersecurity group that previously attempted to end LaLiga’s blocking campaign with an appeal to the court. Like Cloudflare, the bid failed but motivation to examine other potential opportunities remains high.

Previously dismissed as “geeks” by LaLiga, others consider the term “hackers” more descriptive. It also adds more spice to the recent mention that there may be a release of “technical tools to piss people off” as an interim (but entirely legal) anti-blocking measure.

From: TF , for the latest news on copyright battles, piracy and more.

For major companies like Nintendo, tackling online piracy isn’t just about punishing individual infringers; it’s about strategic deterrence.

Filing lawsuits against casual gamers who may have made an isolated mistake is not a good look and could potentially backfire. Nintendo understands that and carefully picks its battles.

The case against Jesse Keighin, better known under his gaming handle “EveryGameGuru”, exemplifies this approach. Filed in a Colorado federal court last November, Nintendo’s complaint lists many alleged wrongdoings, including pre-release game streaming using pirated ROMs and distribution of circumvention tools.

Add in the public exposure through streaming platforms such as YouTube, Discord, and Twitch, and it’s not difficult to see why Nintendo singled out this defendant.

Absent and Undeterred Defendant

Facing a lawsuit from a multibillion-dollar company can be a frightening prospect. In this case, however, the defendant seemed undeterred, based on public messages that appeared online.

Instead of trying to avoid a legal disaster, Keighin apparently went on the offensive, with no sign of giving in . Quite the contrary.

“You might run a corporation. I run the streets,” Keighin wrote to Nintendo’s legal team at some point, warning that they should have done more research on him before taking action.

The defendant reportedly destroyed evidence and evaded Nintendo’s attempts to serve him personally. Due to these complications, the court eventually allowed service via email and the home addresses of his mother, grandmother, and partner.

When that didn’t yield a response in court either, the game giant requested an entry of default, so it could move the case forward without an official defense.

Nintendo Seeks Default Judgment

In a motion for default judgment, Nintendo explains that the defendant willfully streamed pirated copies of pre-release games to his followers. These streams were tagged as “EARLY RELEASE” or “FIRST LOOK,” but without authorization from Nintendo.

“At least fifty times in the last two years, Defendant streamed gameplay of pirated copies of at least ten different Nintendo games—all before those titles were released,” Nintendo writes.

“By streaming games prior to their publication, Defendant normalizes and encourages prerelease piracy, signaling to viewers that they too should pirate and play the game now, without waiting for its release or paying for it.”

In addition to directly infringing the copyrights of games including “Mario & Luigi: Brothership”, the defendant also shared links to the Nintendo Switch emulators Ryujinx, Yuzu, Suyu, and Sudachi on social media. By doing so, Nintendo says he effectively trafficked in circumvention devices.

Nintendo also accuses Keighin of circumventing technical protection measures himself, in violation of the DMCA, as well as using hacked hardware to play pirated games.

“Defendant often used an emulator but also used a hacked Nintendo Switch, demonstrating that he decrypted and accessed without authorization the prerelease games he streamed,” Nintendo writes.

$17,500 and a Broad Injunction

The legal paperwork includes ten titles that the defendant allegedly infringed, willfully. In theory, this can lead to up to $1.5 million in statutory damages for copyright infringement alone, but the game company requests a substantially lower amount.

Here, Nintendo requests damages for only one of the ten games and says that $10,000 is an appropriate award. After ignoring previous warnings for close to two years, this should help deter future wrongdoings.

For circumvention of technological protection measures and trafficking in circumvention technology, the game giant requests damages of $5,000 and $2,500 respectively. This brings the total damages amount to $17,500.

In addition to the monetary damages, Nintendo also seeks a broad permanent injunction against Keighin, which would apply worldwide. If granted, this injunction will prohibit the defendant from any infringing activities going forward, including the use of emulators.

These restrictions apply to existing emulators such as Yuzu or Ryujinx, but also those not yet named. Similarly, the injunction would apply to existing Nintendo games and games that do not yet exist. Meanwhile, all infringing hardware and software need to be destroyed.

The court has yet to grant Nintendo’s motion, but it’s notable that the company has not requested the maximum amount in compensation. Instead, it hopes to send a deterrent message to Keighin and other alleged pirates, to stop pirating and streaming Nintendo games.

Whether this strategy will pay off remains to be seen. Thus far, “EveryGameGuru” hasn’t been very receptive to Nintendo’s outreach. That said, this legal action also puts others on notice that Nintendo doesn’t appreciate pre-release streams or advertising of ‘rogue’ emulators.

—

A copy of Nintendo’s motion for default judgment against Keighin, filed at the U.S. District Court for the District of Colorado last Friday, is available here (pdf)

From: TF , for the latest news on copyright battles, piracy and more.

For major companies like Nintendo, tackling online piracy isn’t just about punishing individual infringers; it’s about strategic deterrence.

Filing lawsuits against casual gamers who may have made an isolated mistake is not a good look and could potentially backfire. Nintendo understands that and carefully picks its battles.

The case against Jesse Keighin, better known under his gaming handle “EveryGameGuru”, exemplifies this approach. Filed in a Colorado federal court last November, Nintendo’s complaint lists many alleged wrongdoings, including pre-release game streaming using pirated ROMs and distribution of circumvention tools.

Add in the public exposure through streaming platforms such as YouTube, Discord, and Twitch, and it’s not difficult to see why Nintendo singled out this defendant.

Absent and Undeterred Defendant

Facing a lawsuit from a multibillion-dollar company can be a frightening prospect. In this case, however, the defendant seemed undeterred, based on public messages that appeared online.

Instead of trying to avoid a legal disaster, Keighin apparently went on the offensive, with no sign of giving in . Quite the contrary.

“You might run a corporation. I run the streets,” Keighin wrote to Nintendo’s legal team at some point, warning that they should have done more research on him before taking action.

The defendant reportedly destroyed evidence and evaded Nintendo’s attempts to serve him personally. Due to these complications, the court eventually allowed service via email and the home addresses of his mother, grandmother, and partner.

When that didn’t yield a response in court either, the game giant requested an entry of default, so it could move the case forward without an official defense.

Nintendo Seeks Default Judgment

In a motion for default judgment, Nintendo explains that the defendant willfully streamed pirated copies of pre-release games to his followers. These streams were tagged as “EARLY RELEASE” or “FIRST LOOK,” but without authorization from Nintendo.

“At least fifty times in the last two years, Defendant streamed gameplay of pirated copies of at least ten different Nintendo games—all before those titles were released,” Nintendo writes.

“By streaming games prior to their publication, Defendant normalizes and encourages prerelease piracy, signaling to viewers that they too should pirate and play the game now, without waiting for its release or paying for it.”

In addition to directly infringing the copyrights of games including “Mario & Luigi: Brothership”, the defendant also shared links to the Nintendo Switch emulators Ryujinx, Yuzu, Suyu, and Sudachi on social media. By doing so, Nintendo says he effectively trafficked in circumvention devices.

Nintendo also accuses Keighin of circumventing technical protection measures himself, in violation of the DMCA, as well as using hacked hardware to play pirated games.

“Defendant often used an emulator but also used a hacked Nintendo Switch, demonstrating that he decrypted and accessed without authorization the prerelease games he streamed,” Nintendo writes.

$17,500 and a Broad Injunction

The legal paperwork includes ten titles that the defendant allegedly infringed, willfully. In theory, this can lead to up to $1.5 million in statutory damages for copyright infringement alone, but the game company requests a substantially lower amount.

Here, Nintendo requests damages for only one of the ten games and says that $10,000 is an appropriate award. After ignoring previous warnings for close to two years, this should help deter future wrongdoings.

For circumvention of technological protection measures and trafficking in circumvention technology, the game giant requests damages of $5,000 and $2,500 respectively. This brings the total damages amount to $17,500.

In addition to the monetary damages, Nintendo also seeks a broad permanent injunction against Keighin, which would apply worldwide. If granted, this injunction will prohibit the defendant from any infringing activities going forward, including the use of emulators.

These restrictions apply to existing emulators such as Yuzu or Ryujinx, but also those not yet named. Similarly, the injunction would apply to existing Nintendo games and games that do not yet exist. Meanwhile, all infringing hardware and software need to be destroyed.

The court has yet to grant Nintendo’s motion, but it’s notable that the company has not requested the maximum amount in compensation. Instead, it hopes to send a deterrent message to Keighin and other alleged pirates, to stop pirating and streaming Nintendo games.

Whether this strategy will pay off remains to be seen. Thus far, “EveryGameGuru” hasn’t been very receptive to Nintendo’s outreach. That said, this legal action also puts others on notice that Nintendo doesn’t appreciate pre-release streams or advertising of ‘rogue’ emulators.

—

A copy of Nintendo’s motion for default judgment against Keighin, filed at the U.S. District Court for the District of Colorado last Friday, is available here (pdf)

From: TF , for the latest news on copyright battles, piracy and more.

For major companies like Nintendo, tackling online piracy isn’t just about punishing individual infringers; it’s about strategic deterrence.

Filing lawsuits against casual gamers who may have made an isolated mistake is not a good look and could potentially backfire. Nintendo understands that and carefully picks its battles.

The case against Jesse Keighin, better known under his gaming handle “EveryGameGuru”, exemplifies this approach. Filed in a Colorado federal court last November, Nintendo’s complaint lists many alleged wrongdoings, including pre-release game streaming using pirated ROMs and distribution of circumvention tools.

Add in the public exposure through streaming platforms such as YouTube, Discord, and Twitch, and it’s not difficult to see why Nintendo singled out this defendant.

Absent and Undeterred Defendant

Facing a lawsuit from a multibillion-dollar company can be a frightening prospect. In this case, however, the defendant seemed undeterred, based on public messages that appeared online.

Instead of trying to avoid a legal disaster, Keighin apparently went on the offensive, with no sign of giving in . Quite the contrary.

“You might run a corporation. I run the streets,” Keighin wrote to Nintendo’s legal team at some point, warning that they should have done more research on him before taking action.

The defendant reportedly destroyed evidence and evaded Nintendo’s attempts to serve him personally. Due to these complications, the court eventually allowed service via email and the home addresses of his mother, grandmother, and partner.

When that didn’t yield a response in court either, the game giant requested an entry of default, so it could move the case forward without an official defense.

Nintendo Seeks Default Judgment

In a motion for default judgment, Nintendo explains that the defendant willfully streamed pirated copies of pre-release games to his followers. These streams were tagged as “EARLY RELEASE” or “FIRST LOOK,” but without authorization from Nintendo.

“At least fifty times in the last two years, Defendant streamed gameplay of pirated copies of at least ten different Nintendo games—all before those titles were released,” Nintendo writes.

“By streaming games prior to their publication, Defendant normalizes and encourages prerelease piracy, signaling to viewers that they too should pirate and play the game now, without waiting for its release or paying for it.”

In addition to directly infringing the copyrights of games including “Mario & Luigi: Brothership”, the defendant also shared links to the Nintendo Switch emulators Ryujinx, Yuzu, Suyu, and Sudachi on social media. By doing so, Nintendo says he effectively trafficked in circumvention devices.

Nintendo also accuses Keighin of circumventing technical protection measures himself, in violation of the DMCA, as well as using hacked hardware to play pirated games.

“Defendant often used an emulator but also used a hacked Nintendo Switch, demonstrating that he decrypted and accessed without authorization the prerelease games he streamed,” Nintendo writes.

$17,500 and a Broad Injunction

The legal paperwork includes ten titles that the defendant allegedly infringed, willfully. In theory, this can lead to up to $1.5 million in statutory damages for copyright infringement alone, but the game company requests a substantially lower amount.

Here, Nintendo requests damages for only one of the ten games and says that $10,000 is an appropriate award. After ignoring previous warnings for close to two years, this should help deter future wrongdoings.

For circumvention of technological protection measures and trafficking in circumvention technology, the game giant requests damages of $5,000 and $2,500 respectively. This brings the total damages amount to $17,500.

In addition to the monetary damages, Nintendo also seeks a broad permanent injunction against Keighin, which would apply worldwide. If granted, this injunction will prohibit the defendant from any infringing activities going forward, including the use of emulators.

These restrictions apply to existing emulators such as Yuzu or Ryujinx, but also those not yet named. Similarly, the injunction would apply to existing Nintendo games and games that do not yet exist. Meanwhile, all infringing hardware and software need to be destroyed.

The court has yet to grant Nintendo’s motion, but it’s notable that the company has not requested the maximum amount in compensation. Instead, it hopes to send a deterrent message to Keighin and other alleged pirates, to stop pirating and streaming Nintendo games.

Whether this strategy will pay off remains to be seen. Thus far, “EveryGameGuru” hasn’t been very receptive to Nintendo’s outreach. That said, this legal action also puts others on notice that Nintendo doesn’t appreciate pre-release streams or advertising of ‘rogue’ emulators.

—

A copy of Nintendo’s motion for default judgment against Keighin, filed at the U.S. District Court for the District of Colorado last Friday, is available here (pdf)

From: TF , for the latest news on copyright battles, piracy and more.