Filing lawsuits against internet users who allegedly shared copyrighted content online without permission, has led to countless cash settlements over the years and for some, a lucrative business model in its own right.

There’s also no shortage of cases going wrong for all kinds of reasons . A recent case in Canada, seeking “extraordinary equitable relief” upon which cases like this either live or die, collapsed in dramatic fashion at the very first hurdle, and went further downhill from there.

Background to a Familiar Claim

Hellboy Productions, Inc. filed its statement of claim at Federal Court in Toronto on March 4, 2025. The basis for the claim was very familiar, having made hundreds of appearances in cases previously filed at courts in Canada, the United States, United Kingdom, Scandinavia, and beyond.

The movie in question, Hellboy: The Crooked Man , fits the profile for an appearance in a settlement lawsuit. Hellboy movies have never performed well at the box office and after generating just $1.4m worldwide , the latest outing continued the trend.

While many fans of the Hellboy brand still wanted to watch The Crooked Man , average reviews of 4.5/10 most likely dampened enthusiasm for paying to do so. That can lead to activity on pirate sites for as long as it lasts and in this instance, long enough for the copyright holder to capture ~2,400 IP addresses linked to three Canadian ISPs – Telus, Cogeco, and Bell.

Turning IP Addresses into Names and Physical Addresses

In common with the UK, Ireland, and Australia, unmasking alleged pirates in Canada typically requires the plaintiffs to obtain a Norwich Pharmacal order , or simply Norwich order for short. Obtained from a court, Norwich orders compel a third party, who for various reasons have become unwittingly involved in someone else’s wrongdoing, to disclose information (usually documents/records) that can help a plaintiff identify an alleged infringer.

In this case, the claimant (Hellboy Productions, Inc.) alleges that infringers used internet connections provided by Telus, Cogeco, and Bell to pirate the movie. If served with a Norwich order, the ISPs would be required to match the IP addresses and timestamps provided by the plaintiffs, to activity logs that identify the corresponding account holders.

Once in the hands of the movie company, this information triggers a process to contact as many account holders as possible, on the assumption that they (or someone close) are infringers, and therefore liable to pay compensation for any damages caused. The amount tends to vary but whether the demand was CAD 1,000 or more, the potential revenue from 2,400 subscribers would easily exceed worldwide box office sales.

At least, if all went to plan.

Does the Claimant Have a Bona Fide Claim?

In an order and reasons issued last week, Case Management Judge John C. Cotter notes that Telus did not oppose the order requested by the movie company, while the positions of Cogeco and Bell are simply unknown. The absence of ISPs doesn’t mean that a claimant automatically wins, however.

“A lack of opposition from an ISP is not sufficient on its own to grant the motion. The Court must be satisfied that the applicable test has been met. This is important given the privacy interests of the unidentified alleged wrongdoers,” Judge Cotter explains.

Before those interests are weighed against those of the rightsholder, the plaintiff must show that it has a bone fide claim for copyright infringement and can show, on balance, that the alleged infringers used the ISPs’ services to infringe its rights.

According to the Judge, the plaintiffs failed to produce sufficient evidence to show either.

Insufficient Grounds for Asserting Copyright Ownership

“An analysis of the merits of the claim in this case includes some minimal analysis of whether copyright subsists in the Work, and whether the plaintiff has standing to assert a claim for copyright infringement. In the context of this case, the issue of standing is whether plaintiff is the owner of the copyright in the Work, which is asserted in paragraph 4 of the statement of claim,” Judge Cotter writes. (see screenshot above)

“The plaintiff’s evidence did not include a certificate of copyright registration. The plaintiff’s evidence on copyright subsistence and ownership is limited to the following in the Law Clerk Affidavit (which is the same for each of the three motions):”

Showing the company name in the credits above means that the plaintiff relied on presumptions available under Section 34.1 of the Copyright Act that a) copyright subsists in the work and b) since its name appears in the credits as the maker of the movie, it should be presumed that the plaintiff is indeed the maker.

According to Judge Cotter, those presumptions do not apply when the plaintiff has requested a Norwich order. Section 34.1(1) sets out a precondition for the engagement of the presumptions.

In this matter, the 2,400+ plus defendants are currently anonymous and without knowing who they are, it’s impossible to show that a defendant had “put the existence or title of the copyright in issue.”

Unable to trigger the precondition, no reliance could be placed on the presumptions available under Section 34.1. The Judge dismissed the evidence shown in the Law Clerk Affidavit as “at best, hearsay evidence for which the source is not specified,” and with no copyright certificate there was no way to prove ownership. Moreover, there was no evidence to show that copyright subsists in the movie.

With no bona fide copyright claim, the Judge dismissed all three motions for Norwich orders. He then addressed a few additional issues in need of an airing.

Evidence Should Be Organized, Easily Understood, Easy to Verify

In his order and reasons, Judge Cotter emphasizes that the Court is entitled to demand the “best available evidence” when granting the “extraordinary equitable relief of a Norwich order.”

While failure to establish copyright ownership proved fatal for all three motions, the image of the movie credits page also fell short of the expected standard. The Judge also criticized evidence presented in the affidavit of Thomas Nowak, the CEO of anti-piracy/BitTorrent monitoring company Maverickeye UG, the supplier of evidence in this case and scores of others in the past.

Showing that Telus, Cogeco, or Bell is the ISP for the alleged infringers was a requirement to obtain a Norwich order. Deficiencies in the example below and a series of issues detailed on pages 17-21 of Judge Cotter’s order, led to the conclusion that the plaintiff had failed to show that, while also failing to meet the evidence standard expected by the Court.

Deficiencies in the example above and a series of others detailed elsewhere, plus the failure to show ownership of the copyright it aimed to enforce, meant the plaintiff’s requests for Norwich orders were denied. As a result, the anonymous alleged infringers remain anonymous, but for how long is unknown.

Despite significant criticism, dismissal of the plaintiff’s motions, and denial of its request for an award of costs, Judge Cotter notes that his order does not preclude further motions by the plaintiff.

As sure as day follows night, those motions will arrive, only the timing is in doubt.

The original claim can be found here (pdf) , Judge Cotter’s order is available here ( pdf )

From: TF , for the latest news on copyright battles, piracy and more.

Filing lawsuits against internet users who allegedly shared copyrighted content online without permission, has led to countless cash settlements over the years and for some, a lucrative business model in its own right.

There’s also no shortage of cases going wrong for all kinds of reasons . A recent case in Canada, seeking “extraordinary equitable relief” upon which cases like this either live or die, collapsed in dramatic fashion at the very first hurdle, and went further downhill from there.

Background to a Familiar Claim

Hellboy Productions, Inc. filed its statement of claim at Federal Court in Toronto on March 4, 2025. The basis for the claim was very familiar, having made hundreds of appearances in cases previously filed at courts in Canada, the United States, United Kingdom, Scandinavia, and beyond.

The movie in question, Hellboy: The Crooked Man , fits the profile for an appearance in a settlement lawsuit. Hellboy movies have never performed well at the box office and after generating just $1.4m worldwide , the latest outing continued the trend.

While many fans of the Hellboy brand still wanted to watch The Crooked Man , average reviews of 4.5/10 most likely dampened enthusiasm for paying to do so. That can lead to activity on pirate sites for as long as it lasts and in this instance, long enough for the copyright holder to capture ~2,400 IP addresses linked to three Canadian ISPs – Telus, Cogeco, and Bell.

Turning IP Addresses into Names and Physical Addresses

In common with the UK, Ireland, and Australia, unmasking alleged pirates in Canada typically requires the plaintiffs to obtain a Norwich Pharmacal order , or simply Norwich order for short. Obtained from a court, Norwich orders compel a third party, who for various reasons have become unwittingly involved in someone else’s wrongdoing, to disclose information (usually documents/records) that can help a plaintiff identify an alleged infringer.

In this case, the claimant (Hellboy Productions, Inc.) alleges that infringers used internet connections provided by Telus, Cogeco, and Bell to pirate the movie. If served with a Norwich order, the ISPs would be required to match the IP addresses and timestamps provided by the plaintiffs, to activity logs that identify the corresponding account holders.

Once in the hands of the movie company, this information triggers a process to contact as many account holders as possible, on the assumption that they (or someone close) are infringers, and therefore liable to pay compensation for any damages caused. The amount tends to vary but whether the demand was CAD 1,000 or more, the potential revenue from 2,400 subscribers would easily exceed worldwide box office sales.

At least, if all went to plan.

Does the Claimant Have a Bona Fide Claim?

In an order and reasons issued last week, Case Management Judge John C. Cotter notes that Telus did not oppose the order requested by the movie company, while the positions of Cogeco and Bell are simply unknown. The absence of ISPs doesn’t mean that a claimant automatically wins, however.

“A lack of opposition from an ISP is not sufficient on its own to grant the motion. The Court must be satisfied that the applicable test has been met. This is important given the privacy interests of the unidentified alleged wrongdoers,” Judge Cotter explains.

Before those interests are weighed against those of the rightsholder, the plaintiff must show that it has a bone fide claim for copyright infringement and can show, on balance, that the alleged infringers used the ISPs’ services to infringe its rights.

According to the Judge, the plaintiffs failed to produce sufficient evidence to show either.

Insufficient Grounds for Asserting Copyright Ownership

“An analysis of the merits of the claim in this case includes some minimal analysis of whether copyright subsists in the Work, and whether the plaintiff has standing to assert a claim for copyright infringement. In the context of this case, the issue of standing is whether plaintiff is the owner of the copyright in the Work, which is asserted in paragraph 4 of the statement of claim,” Judge Cotter writes. (see screenshot above)

“The plaintiff’s evidence did not include a certificate of copyright registration. The plaintiff’s evidence on copyright subsistence and ownership is limited to the following in the Law Clerk Affidavit (which is the same for each of the three motions):”

Showing the company name in the credits above means that the plaintiff relied on presumptions available under Section 34.1 of the Copyright Act that a) copyright subsists in the work and b) since its name appears in the credits as the maker of the movie, it should be presumed that the plaintiff is indeed the maker.

According to Judge Cotter, those presumptions do not apply when the plaintiff has requested a Norwich order. Section 34.1(1) sets out a precondition for the engagement of the presumptions.

In this matter, the 2,400+ plus defendants are currently anonymous and without knowing who they are, it’s impossible to show that a defendant had “put the existence or title of the copyright in issue.”

Unable to trigger the precondition, no reliance could be placed on the presumptions available under Section 34.1. The Judge dismissed the evidence shown in the Law Clerk Affidavit as “at best, hearsay evidence for which the source is not specified,” and with no copyright certificate there was no way to prove ownership. Moreover, there was no evidence to show that copyright subsists in the movie.

With no bona fide copyright claim, the Judge dismissed all three motions for Norwich orders. He then addressed a few additional issues in need of an airing.

Evidence Should Be Organized, Easily Understood, Easy to Verify

In his order and reasons, Judge Cotter emphasizes that the Court is entitled to demand the “best available evidence” when granting the “extraordinary equitable relief of a Norwich order.”

While failure to establish copyright ownership proved fatal for all three motions, the image of the movie credits page also fell short of the expected standard. The Judge also criticized evidence presented in the affidavit of Thomas Nowak, the CEO of anti-piracy/BitTorrent monitoring company Maverickeye UG, the supplier of evidence in this case and scores of others in the past.

Showing that Telus, Cogeco, or Bell is the ISP for the alleged infringers was a requirement to obtain a Norwich order. Deficiencies in the example below and a series of issues detailed on pages 17-21 of Judge Cotter’s order, led to the conclusion that the plaintiff had failed to show that, while also failing to meet the evidence standard expected by the Court.

Deficiencies in the example above and a series of others detailed elsewhere, plus the failure to show ownership of the copyright it aimed to enforce, meant the plaintiff’s requests for Norwich orders were denied. As a result, the anonymous alleged infringers remain anonymous, but for how long is unknown.

Despite significant criticism, dismissal of the plaintiff’s motions, and denial of its request for an award of costs, Judge Cotter notes that his order does not preclude further motions by the plaintiff.

As sure as day follows night, those motions will arrive, only the timing is in doubt.

The original claim can be found here (pdf) , Judge Cotter’s order is available here ( pdf )

From: TF , for the latest news on copyright battles, piracy and more.

Filing lawsuits against internet users who allegedly shared copyrighted content online without permission, has led to countless cash settlements over the years and for some, a lucrative business model in its own right.

There’s also no shortage of cases going wrong for all kinds of reasons . A recent case in Canada, seeking “extraordinary equitable relief” upon which cases like this either live or die, collapsed in dramatic fashion at the very first hurdle, and went further downhill from there.

Background to a Familiar Claim

Hellboy Productions, Inc. filed its statement of claim at Federal Court in Toronto on March 4, 2025. The basis for the claim was very familiar, having made hundreds of appearances in cases previously filed at courts in Canada, the United States, United Kingdom, Scandinavia, and beyond.

The movie in question, Hellboy: The Crooked Man , fits the profile for an appearance in a settlement lawsuit. Hellboy movies have never performed well at the box office and after generating just $1.4m worldwide , the latest outing continued the trend.

While many fans of the Hellboy brand still wanted to watch The Crooked Man , average reviews of 4.5/10 most likely dampened enthusiasm for paying to do so. That can lead to activity on pirate sites for as long as it lasts and in this instance, long enough for the copyright holder to capture ~2,400 IP addresses linked to three Canadian ISPs – Telus, Cogeco, and Bell.

Turning IP Addresses into Names and Physical Addresses

In common with the UK, Ireland, and Australia, unmasking alleged pirates in Canada typically requires the plaintiffs to obtain a Norwich Pharmacal order , or simply Norwich order for short. Obtained from a court, Norwich orders compel a third party, who for various reasons have become unwittingly involved in someone else’s wrongdoing, to disclose information (usually documents/records) that can help a plaintiff identify an alleged infringer.

In this case, the claimant (Hellboy Productions, Inc.) alleges that infringers used internet connections provided by Telus, Cogeco, and Bell to pirate the movie. If served with a Norwich order, the ISPs would be required to match the IP addresses and timestamps provided by the plaintiffs, to activity logs that identify the corresponding account holders.

Once in the hands of the movie company, this information triggers a process to contact as many account holders as possible, on the assumption that they (or someone close) are infringers, and therefore liable to pay compensation for any damages caused. The amount tends to vary but whether the demand was CAD 1,000 or more, the potential revenue from 2,400 subscribers would easily exceed worldwide box office sales.

At least, if all went to plan.

Does the Claimant Have a Bona Fide Claim?

In an order and reasons issued last week, Case Management Judge John C. Cotter notes that Telus did not oppose the order requested by the movie company, while the positions of Cogeco and Bell are simply unknown. The absence of ISPs doesn’t mean that a claimant automatically wins, however.

“A lack of opposition from an ISP is not sufficient on its own to grant the motion. The Court must be satisfied that the applicable test has been met. This is important given the privacy interests of the unidentified alleged wrongdoers,” Judge Cotter explains.

Before those interests are weighed against those of the rightsholder, the plaintiff must show that it has a bone fide claim for copyright infringement and can show, on balance, that the alleged infringers used the ISPs’ services to infringe its rights.

According to the Judge, the plaintiffs failed to produce sufficient evidence to show either.

Insufficient Grounds for Asserting Copyright Ownership

“An analysis of the merits of the claim in this case includes some minimal analysis of whether copyright subsists in the Work, and whether the plaintiff has standing to assert a claim for copyright infringement. In the context of this case, the issue of standing is whether plaintiff is the owner of the copyright in the Work, which is asserted in paragraph 4 of the statement of claim,” Judge Cotter writes. (see screenshot above)

“The plaintiff’s evidence did not include a certificate of copyright registration. The plaintiff’s evidence on copyright subsistence and ownership is limited to the following in the Law Clerk Affidavit (which is the same for each of the three motions):”

Showing the company name in the credits above means that the plaintiff relied on presumptions available under Section 34.1 of the Copyright Act that a) copyright subsists in the work and b) since its name appears in the credits as the maker of the movie, it should be presumed that the plaintiff is indeed the maker.

According to Judge Cotter, those presumptions do not apply when the plaintiff has requested a Norwich order. Section 34.1(1) sets out a precondition for the engagement of the presumptions.

In this matter, the 2,400+ plus defendants are currently anonymous and without knowing who they are, it’s impossible to show that a defendant had “put the existence or title of the copyright in issue.”

Unable to trigger the precondition, no reliance could be placed on the presumptions available under Section 34.1. The Judge dismissed the evidence shown in the Law Clerk Affidavit as “at best, hearsay evidence for which the source is not specified,” and with no copyright certificate there was no way to prove ownership. Moreover, there was no evidence to show that copyright subsists in the movie.

With no bona fide copyright claim, the Judge dismissed all three motions for Norwich orders. He then addressed a few additional issues in need of an airing.

Evidence Should Be Organized, Easily Understood, Easy to Verify

In his order and reasons, Judge Cotter emphasizes that the Court is entitled to demand the “best available evidence” when granting the “extraordinary equitable relief of a Norwich order.”

While failure to establish copyright ownership proved fatal for all three motions, the image of the movie credits page also fell short of the expected standard. The Judge also criticized evidence presented in the affidavit of Thomas Nowak, the CEO of anti-piracy/BitTorrent monitoring company Maverickeye UG, the supplier of evidence in this case and scores of others in the past.

Showing that Telus, Cogeco, or Bell is the ISP for the alleged infringers was a requirement to obtain a Norwich order. Deficiencies in the example below and a series of issues detailed on pages 17-21 of Judge Cotter’s order, led to the conclusion that the plaintiff had failed to show that, while also failing to meet the evidence standard expected by the Court.

Deficiencies in the example above and a series of others detailed elsewhere, plus the failure to show ownership of the copyright it aimed to enforce, meant the plaintiff’s requests for Norwich orders were denied. As a result, the anonymous alleged infringers remain anonymous, but for how long is unknown.

Despite significant criticism, dismissal of the plaintiff’s motions, and denial of its request for an award of costs, Judge Cotter notes that his order does not preclude further motions by the plaintiff.

As sure as day follows night, those motions will arrive, only the timing is in doubt.

The original claim can be found here (pdf) , Judge Cotter’s order is available here ( pdf )

From: TF , for the latest news on copyright battles, piracy and more.

The most enduring questions in the online piracy debate loosely center on what causes it, who is to blame, who can be held liable for it, and what can be done to address it.

Depending on variables including who asks and who answers, answers to these questions can differ quite wildly and are often subject to change. The one constant is that rightsholders’ answers ultimately carry more weight.

They select targets for direct enforcement and identify third parties in a position to assist, or at least, who could be compelled to do so if necessary.

Having a lasting impact at the top end of the piracy supply chain is notoriously difficult. However, move a short distance downstream, placing continuous pressure on intermediaries can eventually pay off. Many can and should do more to fight piracy, the commentary goes, while the remainder are guilty of not doing enough.

Once content cascades down to the masses, ISPs face potential liability, and consumers are blamed for fueling an illegal market. In fact, anti-piracy challenges at this end of the supply chain are so numerous, one might conclude that problems exist almost nowhere else.

The Silent Crisis Costing Billions

For the past several years, site-blocking measures have attempted to build a barrier between pirate sites/services and pirate consumers. These are usually implemented by local ISPs, and in terms of location, could not be further away from the original pirate source.

The Herculean task of building the equivalent of anti-piracy firewalls around ISPs globally is considered necessary, especially in light of an ongoing “silent crisis” that reportedly costs the content industries billions of dollars.

Late August, cloud technology company Velocix cited an estimate from Parks Associates, which predicted cumulative revenue losses of $113 billion for streaming video providers by the end of 2027.

“What’s often overlooked is that a substantial portion of this pirated content is served using legitimate CDN infrastructure,” Velocix continued. “Some platforms report that up to 30% of their CDN traffic is being consumed by unauthorized users, draining network capacity, degrading service quality, and silently eating into service margins.”

The phenomenon is called ‘CDN Leeching’ and while some describe it as a new threat, for some time consumers have been reporting pirate streams of such great quality, they could even pass for the real deal. There’s a very good reason for that; they come from the same source, and only legality sets them apart.

From the rightsholders’ perspective, the situation could hardly be any worse. After producing or buying content, and building a distribution platform to deliver it to the masses, unauthenticated users escape with pristine content at close to zero cost, from an extremely reliable source, which also picks up the tab for the bandwidth consumed.

The Triple Threat

A report published late 2022 by content security company Viaccess-Orca was one of the first to publicly acknowledge what had been known privately for some time.

“Starting around the tail end of 2020, our experts started noticing a new technique being used for the first time: CDN Leeching. Due to its complexities, it has spread comparatively slowly throughout the pirate community since,” the company reported.

“But, as we start to approach the first in a new cycle of large, global sporting events, we are seeing more and more incidents of it occurring. What’s more, these are increasingly coupled with sophisticated front-end operations that, to all intents and purposes, look like legitimate streaming providers with subscriber offers, discounts, advertising, and more. The trend is concerning.”

These quotes are almost three years old, and they describe a problem that was already at least two years old at the time. In 2023, Viaccess-Orca described CDN Leeching as a ‘Triple Threat’ based on the following;

1) Subscriptions loss: Users choose pirate services instead of legitimate platforms.
2) Increased Expense: Pirates access streams from the CDN, but pay for nothing.
3) Service impacts: Pirates consume resources allocated to legitimate customers.

To a background of sports rightsholders warning of an existential threat, how is CDN Leeching carried out, and more importantly, why is it still possible in 2025?

Piracy-as-a-Service

Reports on why consumers need to stop financing criminal streaming services are as common as commentary explaining why intermediaries, including ISPs, DNS providers, and domain registrars, need to step up and take the piracy problem much more seriously. The lack of open discussion on what is clearly a major contributor to the piracy ecosystem is unusual, to say the least.

Anti-piracy companies promote their products and solutions as one might expect, but it’s beyond clear that as a topic for open discussion, rightsholders prefer to talk about other things. There’s no mention in public-facing anti-piracy campaigns, for example, and even when platforms that rely on CDN Leeching are discussed in public, the focus is the services they offer rather than the source of the content upon which they rely.

Under the umbrella term ‘Piracy-as-a-Service’, these platforms are very cheap or even free to access and are more functional and better looking than their legitimate counterparts. For those interested in making the transition from viewer to pirate site operator, a full platform package makes the switch worryingly easy.

Worryingly Easy vs. Regular Worry

With all content piped in (including via CDN Leeching) and the necessary admin/billing/support panels included, anyone can start their own subscription service and begin selling access to others. Verimatrix suggests the price is around ~$45,000 to get started with the potential to make 90% profit moving forward. Maybe other potential outcomes shouldn’t be immediately ruled out.

It’s not unreasonable to assume that a payment of ~$45,000 to an anonymous internet stranger will not always go according to plan. Even if the transaction did live up to expectations, generating $45,000 to break even in a year requires 375 customers paying $10 each per month from Day One.

According to Verimatrix, the going rate for lifetime access starts at $75, with regular access costing as little as $1 per month. That sounds like 1000 customers and a break even celebration almost four years later. Assuming that the ecosystem makes it that far, of course.

Recent comments by the MPA and ACE suggest this general area is considered a top priority. It certainly sounds serious enough to warrant special attention, not unsurprising either, given that the barrier to entry is so low.

“Your grandma’s dog could be trained to do it,” Maria Malinkowitschas at Verimatrix concludes.

Recent reports from various anti-piracy/cybersecurity companies reveal the basics of CDN Leeching, techniques/methods used, and the reasons why it can be difficult to stop. Details of particularly serious and persistent exploits published elsewhere have been excluded (Full original statements linked under the company names cited at the end of each quote)

[Pirates] typically reverse engineer video applications (e.g., browsers) to understand how to access and extract the CDN content, enabling them to distribute pirated material more efficiently. CDN access serves as an entry point for pirates to obtain copyrighted content. ( Irdeto )

Stolen tokens & keys: When authentication tokens or encryption keys are intercepted, they can be reused to access video streams. Open access points: Misconfigured CDN endpoints or caching policies can expose content to anyone who knows where to look. Referrer spoofing: Attackers disguise requests to appear as if they come from trusted domains. ( Velocix )

Device diversity and compatibility challenges: A wide array of devices for accessing video content, with its own specifications, security capabilities and operating systems, presents a significant challenge in terms of ensuring compatibility across the industry for streaming video providers. As users seek seamless access to content on their preferred devices, the pressure to address compatibility issues compounds, sometimes leading to unauthorized means of access when official support is lacking. ( Irdeto )

Pirates hijack legitimate CDNs by hotlinking or proxying origin URLs, piggybacking on bandwidth OTTs pay for, while degrading QoS, inflating bills, and muddying audience analytics. What allows this to happen? Static tokens, loose referrer settings, shared keys across events, and weak origin shielding. ( ICC )

DRM Exploitation: The media and entertainment industry is currently facing serious challenges with content protection and cybersecurity, the most pressing of which is the exploitation of software-native Digital Rights Management (DRM). This technical vulnerability allows pirates to bypass DRM protections, leading to unauthorized access and distribution of content. This not only undermines revenue streams but also the integrity of content distribution. ( Verimatrix )

Feature Exploitation: An example is where operators need to allow consumers to continue watching content across multiple devices that share an IP address. This consumer demand for content portability creates a loophole that pirates can exploit. Unsecure apps without solid code obfuscation expose valuable DRM license files that pirates will hack to extract the keys and then create their own license files for illicit distribution. ( Nagra )

From: TF , for the latest news on copyright battles, piracy and more.

The most enduring questions in the online piracy debate loosely center on what causes it, who is to blame, who can be held liable for it, and what can be done to address it.

Depending on variables including who asks and who answers, answers to these questions can differ quite wildly and are often subject to change. The one constant is that rightsholders’ answers ultimately carry more weight.

They select targets for direct enforcement and identify third parties in a position to assist, or at least, who could be compelled to do so if necessary.

Having a lasting impact at the top end of the piracy supply chain is notoriously difficult. However, move a short distance downstream, placing continuous pressure on intermediaries can eventually pay off. Many can and should do more to fight piracy, the commentary goes, while the remainder are guilty of not doing enough.

Once content cascades down to the masses, ISPs face potential liability, and consumers are blamed for fueling an illegal market. In fact, anti-piracy challenges at this end of the supply chain are so numerous, one might conclude that problems exist almost nowhere else.

The Silent Crisis Costing Billions

For the past several years, site-blocking measures have attempted to build a barrier between pirate sites/services and pirate consumers. These are usually implemented by local ISPs, and in terms of location, could not be further away from the original pirate source.

The Herculean task of building the equivalent of anti-piracy firewalls around ISPs globally is considered necessary, especially in light of an ongoing “silent crisis” that reportedly costs the content industries billions of dollars.

Late August, cloud technology company Velocix cited an estimate from Parks Associates, which predicted cumulative revenue losses of $113 billion for streaming video providers by the end of 2027.

“What’s often overlooked is that a substantial portion of this pirated content is served using legitimate CDN infrastructure,” Velocix continued. “Some platforms report that up to 30% of their CDN traffic is being consumed by unauthorized users, draining network capacity, degrading service quality, and silently eating into service margins.”

The phenomenon is called ‘CDN Leeching’ and while some describe it as a new threat, for some time consumers have been reporting pirate streams of such great quality, they could even pass for the real deal. There’s a very good reason for that; they come from the same source, and only legality sets them apart.

From the rightsholders’ perspective, the situation could hardly be any worse. After producing or buying content, and building a distribution platform to deliver it to the masses, unauthenticated users escape with pristine content at close to zero cost, from an extremely reliable source, which also picks up the tab for the bandwidth consumed.

The Triple Threat

A report published late 2022 by content security company Viaccess-Orca was one of the first to publicly acknowledge what had been known privately for some time.

“Starting around the tail end of 2020, our experts started noticing a new technique being used for the first time: CDN Leeching. Due to its complexities, it has spread comparatively slowly throughout the pirate community since,” the company reported.

“But, as we start to approach the first in a new cycle of large, global sporting events, we are seeing more and more incidents of it occurring. What’s more, these are increasingly coupled with sophisticated front-end operations that, to all intents and purposes, look like legitimate streaming providers with subscriber offers, discounts, advertising, and more. The trend is concerning.”

These quotes are almost three years old, and they describe a problem that was already at least two years old at the time. In 2023, Viaccess-Orca described CDN Leeching as a ‘Triple Threat’ based on the following;

1) Subscriptions loss: Users choose pirate services instead of legitimate platforms.
2) Increased Expense: Pirates access streams from the CDN, but pay for nothing.
3) Service impacts: Pirates consume resources allocated to legitimate customers.

To a background of sports rightsholders warning of an existential threat, how is CDN Leeching carried out, and more importantly, why is it still possible in 2025?

Piracy-as-a-Service

Reports on why consumers need to stop financing criminal streaming services are as common as commentary explaining why intermediaries, including ISPs, DNS providers, and domain registrars, need to step up and take the piracy problem much more seriously. The lack of open discussion on what is clearly a major contributor to the piracy ecosystem is unusual, to say the least.

Anti-piracy companies promote their products and solutions as one might expect, but it’s beyond clear that as a topic for open discussion, rightsholders prefer to talk about other things. There’s no mention in public-facing anti-piracy campaigns, for example, and even when platforms that rely on CDN Leeching are discussed in public, the focus is the services they offer rather than the source of the content upon which they rely.

Under the umbrella term ‘Piracy-as-a-Service’, these platforms are very cheap or even free to access and are more functional and better looking than their legitimate counterparts. For those interested in making the transition from viewer to pirate site operator, a full platform package makes the switch worryingly easy.

Worryingly Easy vs. Regular Worry

With all content piped in (including via CDN Leeching) and the necessary admin/billing/support panels included, anyone can start their own subscription service and begin selling access to others. Verimatrix suggests the price is around ~$45,000 to get started with the potential to make 90% profit moving forward. Maybe other potential outcomes shouldn’t be immediately ruled out.

It’s not unreasonable to assume that a payment of ~$45,000 to an anonymous internet stranger will not always go according to plan. Even if the transaction did live up to expectations, generating $45,000 to break even in a year requires 375 customers paying $10 each per month from Day One.

According to Verimatrix, the going rate for lifetime access starts at $75, with regular access costing as little as $1 per month. That sounds like 1000 customers and a break even celebration almost four years later. Assuming that the ecosystem makes it that far, of course.

Recent comments by the MPA and ACE suggest this general area is considered a top priority. It certainly sounds serious enough to warrant special attention, not unsurprising either, given that the barrier to entry is so low.

“Your grandma’s dog could be trained to do it,” Maria Malinkowitschas at Verimatrix concludes.

Recent reports from various anti-piracy/cybersecurity companies reveal the basics of CDN Leeching, techniques/methods used, and the reasons why it can be difficult to stop. Details of particularly serious and persistent exploits published elsewhere have been excluded (Full original statements linked under the company names cited at the end of each quote)

[Pirates] typically reverse engineer video applications (e.g., browsers) to understand how to access and extract the CDN content, enabling them to distribute pirated material more efficiently. CDN access serves as an entry point for pirates to obtain copyrighted content. ( Irdeto )

Stolen tokens & keys: When authentication tokens or encryption keys are intercepted, they can be reused to access video streams. Open access points: Misconfigured CDN endpoints or caching policies can expose content to anyone who knows where to look. Referrer spoofing: Attackers disguise requests to appear as if they come from trusted domains. ( Velocix )

Device diversity and compatibility challenges: A wide array of devices for accessing video content, with its own specifications, security capabilities and operating systems, presents a significant challenge in terms of ensuring compatibility across the industry for streaming video providers. As users seek seamless access to content on their preferred devices, the pressure to address compatibility issues compounds, sometimes leading to unauthorized means of access when official support is lacking. ( Irdeto )

Pirates hijack legitimate CDNs by hotlinking or proxying origin URLs, piggybacking on bandwidth OTTs pay for, while degrading QoS, inflating bills, and muddying audience analytics. What allows this to happen? Static tokens, loose referrer settings, shared keys across events, and weak origin shielding. ( ICC )

DRM Exploitation: The media and entertainment industry is currently facing serious challenges with content protection and cybersecurity, the most pressing of which is the exploitation of software-native Digital Rights Management (DRM). This technical vulnerability allows pirates to bypass DRM protections, leading to unauthorized access and distribution of content. This not only undermines revenue streams but also the integrity of content distribution. ( Verimatrix )

Feature Exploitation: An example is where operators need to allow consumers to continue watching content across multiple devices that share an IP address. This consumer demand for content portability creates a loophole that pirates can exploit. Unsecure apps without solid code obfuscation expose valuable DRM license files that pirates will hack to extract the keys and then create their own license files for illicit distribution. ( Nagra )

From: TF , for the latest news on copyright battles, piracy and more.

The most enduring questions in the online piracy debate loosely center on what causes it, who is to blame, who can be held liable for it, and what can be done to address it.

Depending on variables including who asks and who answers, answers to these questions can differ quite wildly and are often subject to change. The one constant is that rightsholders’ answers ultimately carry more weight.

They select targets for direct enforcement and identify third parties in a position to assist, or at least, who could be compelled to do so if necessary.

Having a lasting impact at the top end of the piracy supply chain is notoriously difficult. However, move a short distance downstream, placing continuous pressure on intermediaries can eventually pay off. Many can and should do more to fight piracy, the commentary goes, while the remainder are guilty of not doing enough.

Once content cascades down to the masses, ISPs face potential liability, and consumers are blamed for fueling an illegal market. In fact, anti-piracy challenges at this end of the supply chain are so numerous, one might conclude that problems exist almost nowhere else.

The Silent Crisis Costing Billions

For the past several years, site-blocking measures have attempted to build a barrier between pirate sites/services and pirate consumers. These are usually implemented by local ISPs, and in terms of location, could not be further away from the original pirate source.

The Herculean task of building the equivalent of anti-piracy firewalls around ISPs globally is considered necessary, especially in light of an ongoing “silent crisis” that reportedly costs the content industries billions of dollars.

Late August, cloud technology company Velocix cited an estimate from Parks Associates, which predicted cumulative revenue losses of $113 billion for streaming video providers by the end of 2027.

“What’s often overlooked is that a substantial portion of this pirated content is served using legitimate CDN infrastructure,” Velocix continued. “Some platforms report that up to 30% of their CDN traffic is being consumed by unauthorized users, draining network capacity, degrading service quality, and silently eating into service margins.”

The phenomenon is called ‘CDN Leeching’ and while some describe it as a new threat, for some time consumers have been reporting pirate streams of such great quality, they could even pass for the real deal. There’s a very good reason for that; they come from the same source, and only legality sets them apart.

From the rightsholders’ perspective, the situation could hardly be any worse. After producing or buying content, and building a distribution platform to deliver it to the masses, unauthenticated users escape with pristine content at close to zero cost, from an extremely reliable source, which also picks up the tab for the bandwidth consumed.

The Triple Threat

A report published late 2022 by content security company Viaccess-Orca was one of the first to publicly acknowledge what had been known privately for some time.

“Starting around the tail end of 2020, our experts started noticing a new technique being used for the first time: CDN Leeching. Due to its complexities, it has spread comparatively slowly throughout the pirate community since,” the company reported.

“But, as we start to approach the first in a new cycle of large, global sporting events, we are seeing more and more incidents of it occurring. What’s more, these are increasingly coupled with sophisticated front-end operations that, to all intents and purposes, look like legitimate streaming providers with subscriber offers, discounts, advertising, and more. The trend is concerning.”

These quotes are almost three years old, and they describe a problem that was already at least two years old at the time. In 2023, Viaccess-Orca described CDN Leeching as a ‘Triple Threat’ based on the following;

1) Subscriptions loss: Users choose pirate services instead of legitimate platforms.
2) Increased Expense: Pirates access streams from the CDN, but pay for nothing.
3) Service impacts: Pirates consume resources allocated to legitimate customers.

To a background of sports rightsholders warning of an existential threat, how is CDN Leeching carried out, and more importantly, why is it still possible in 2025?

Piracy-as-a-Service

Reports on why consumers need to stop financing criminal streaming services are as common as commentary explaining why intermediaries, including ISPs, DNS providers, and domain registrars, need to step up and take the piracy problem much more seriously. The lack of open discussion on what is clearly a major contributor to the piracy ecosystem is unusual, to say the least.

Anti-piracy companies promote their products and solutions as one might expect, but it’s beyond clear that as a topic for open discussion, rightsholders prefer to talk about other things. There’s no mention in public-facing anti-piracy campaigns, for example, and even when platforms that rely on CDN Leeching are discussed in public, the focus is the services they offer rather than the source of the content upon which they rely.

Under the umbrella term ‘Piracy-as-a-Service’, these platforms are very cheap or even free to access and are more functional and better looking than their legitimate counterparts. For those interested in making the transition from viewer to pirate site operator, a full platform package makes the switch worryingly easy.

Worryingly Easy vs. Regular Worry

With all content piped in (including via CDN Leeching) and the necessary admin/billing/support panels included, anyone can start their own subscription service and begin selling access to others. Verimatrix suggests the price is around ~$45,000 to get started with the potential to make 90% profit moving forward. Maybe other potential outcomes shouldn’t be immediately ruled out.

It’s not unreasonable to assume that a payment of ~$45,000 to an anonymous internet stranger will not always go according to plan. Even if the transaction did live up to expectations, generating $45,000 to break even in a year requires 375 customers paying $10 each per month from Day One.

According to Verimatrix, the going rate for lifetime access starts at $75, with regular access costing as little as $1 per month. That sounds like 1000 customers and a break even celebration almost four years later. Assuming that the ecosystem makes it that far, of course.

Recent comments by the MPA and ACE suggest this general area is considered a top priority. It certainly sounds serious enough to warrant special attention, not unsurprising either, given that the barrier to entry is so low.

“Your grandma’s dog could be trained to do it,” Maria Malinkowitschas at Verimatrix concludes.

Recent reports from various anti-piracy/cybersecurity companies reveal the basics of CDN Leeching, techniques/methods used, and the reasons why it can be difficult to stop. Details of particularly serious and persistent exploits published elsewhere have been excluded (Full original statements linked under the company names cited at the end of each quote)

[Pirates] typically reverse engineer video applications (e.g., browsers) to understand how to access and extract the CDN content, enabling them to distribute pirated material more efficiently. CDN access serves as an entry point for pirates to obtain copyrighted content. ( Irdeto )

Stolen tokens & keys: When authentication tokens or encryption keys are intercepted, they can be reused to access video streams. Open access points: Misconfigured CDN endpoints or caching policies can expose content to anyone who knows where to look. Referrer spoofing: Attackers disguise requests to appear as if they come from trusted domains. ( Velocix )

Device diversity and compatibility challenges: A wide array of devices for accessing video content, with its own specifications, security capabilities and operating systems, presents a significant challenge in terms of ensuring compatibility across the industry for streaming video providers. As users seek seamless access to content on their preferred devices, the pressure to address compatibility issues compounds, sometimes leading to unauthorized means of access when official support is lacking. ( Irdeto )

Pirates hijack legitimate CDNs by hotlinking or proxying origin URLs, piggybacking on bandwidth OTTs pay for, while degrading QoS, inflating bills, and muddying audience analytics. What allows this to happen? Static tokens, loose referrer settings, shared keys across events, and weak origin shielding. ( ICC )

DRM Exploitation: The media and entertainment industry is currently facing serious challenges with content protection and cybersecurity, the most pressing of which is the exploitation of software-native Digital Rights Management (DRM). This technical vulnerability allows pirates to bypass DRM protections, leading to unauthorized access and distribution of content. This not only undermines revenue streams but also the integrity of content distribution. ( Verimatrix )

Feature Exploitation: An example is where operators need to allow consumers to continue watching content across multiple devices that share an IP address. This consumer demand for content portability creates a loophole that pirates can exploit. Unsecure apps without solid code obfuscation expose valuable DRM license files that pirates will hack to extract the keys and then create their own license files for illicit distribution. ( Nagra )

From: TF , for the latest news on copyright battles, piracy and more.

After obtaining a court order that granted permission to block pirate streaming services, top-tier football league LaLiga faced a dilemma.

Many of its targets were using Cloudflare’s reverse proxy service, which in basic terms allows a webhost’s IP address to remain private while one of Cloudflare’s IP address is exposed to site users. Since hundreds of sites can share the same Cloudflare IP address, blocking one pirate site would end up blocking them all.

Since no compromise could be reached with Cloudflare, LaLiga went ahead with its blocking campaign, which included blocking Cloudflare’s shared IP addresses .

Courts Unsympathetic,

After the blocking campaign began in earnest, complaints calling for the courts to take action to prevent collateral damage were rejected on various grounds. In June, the Mixed Parliamentary Group, at the request of Néstor Rego Candamil, the deputy of the Galician Nationalist Bloc (BNG), presented a Non-Legislative Proposal (PNL) in an attempt to build momentum.

The proposal explained the shared-IP address situation at Cloudflare and went on to describe what can go wrong on match day.

“The BNG believes the State Government must take action on this issue in response to the repeated blocking of thousands of websites. Failure to do so would constitute a dereliction of duty, leaving them in private hands, which act solely for their own benefit and, without regard, hand them over to third parties,” the proposal continued.

A summary of the three main requests in the proposal:

1. Blocking must be performed precisely, targeting domain names and DNS only
2. Establish protocols for hosts to shut down sites and/or hand over operator details
3. Disallow IP address blocking to prevent blocking of innocent sites .

Proposal Put to the Vote on Wednesday

Presented by the Mixed Group at the request of BNG, the proposal to ensure accurate, collateral damage-free blocking of exclusively pirate sites, received 6 votes in favor, 17 against, and 12 abstentions.

Despite the Socialist Group’s ( Grupo Socialista ) abstention, a representative said that the blocking measures comply with requirements, ensure that the clubs and broadcasters can protect their rights, and have safeguards to protect legitimate access to the internet for citizens and companies.

The Popular Party and Vox groups rejected the proposal outright, stating that it disregards the damage suffered by football clubs and therefore puts the economy in jeopardy.

A spokesperson for Vox said the government doesn’t get involved when matters are under the eye of the judiciary, adding, “I don’t know if you’re defending piracy.”

Proposal Rejected

The Economy, Trade and Digital Transformation Committee of Congress rejected the non-legislative proposal. In a statement Thursday, LaLiga described that as support for its anti-piracy strategy, including IP address blocking.

In line with comments made by the Popular Party and Vox groups, LaLiga also expressed concern that the proposal failed to address “both the critical impact of audiovisual fraud on the country’s social and economic infrastructure and the origin of this issue, including the actors who profit from this illegal business.”

LaLiga’s statement makes no mention of the internet users the proposal aimed to protect. Instead, it restates its position that all blocking “is proportional, targeted, and time-limited, being enforced only during matches….in strict compliance with the relevant court order.”

Cloudflare Animosity Continues

LaLiga also had further sharp words for Cloudflare, mostly along the same lines as those made earlier in the year which appeared to mark the end of civil discussion, assuming that had ever been the case. There’s clearly a huge difference of opinion in respect of how Cloudflare views its obligations and what LaLiga believes they should be.

At an event in Italy last week , José Ignacio Carrillo de Albornoz, Global Content Protection Manager at LaLiga, said that collaboration is the key to success and that partnerships with other companies are proving effective.

Mentioning no company in particular, he noted that “Not all intermediaries are willing to cooperate,” before revealing a new angle to LaLiga’s strategy and a likely source of future friction.

“We’ve decided to seek legal injunctions globally,” he said.

With a direct reference to European Union Regulation 2015/2120 , de Albornoz said that ISPs can block ‘certain types of traffic’ in compliance with a court order.

“We have done so, and it’s proven very effective. Collaboration is the key.”

From: TF , for the latest news on copyright battles, piracy and more.

After obtaining a court order that granted permission to block pirate streaming services, top-tier football league LaLiga faced a dilemma.

Many of its targets were using Cloudflare’s reverse proxy service, which in basic terms allows a webhost’s IP address to remain private while one of Cloudflare’s IP address is exposed to site users. Since hundreds of sites can share the same Cloudflare IP address, blocking one pirate site would end up blocking them all.

Since no compromise could be reached with Cloudflare, LaLiga went ahead with its blocking campaign, which included blocking Cloudflare’s shared IP addresses .

Courts Unsympathetic,

After the blocking campaign began in earnest, complaints calling for the courts to take action to prevent collateral damage were rejected on various grounds. In June, the Mixed Parliamentary Group, at the request of Néstor Rego Candamil, the deputy of the Galician Nationalist Bloc (BNG), presented a Non-Legislative Proposal (PNL) in an attempt to build momentum.

The proposal explained the shared-IP address situation at Cloudflare and went on to describe what can go wrong on match day.

“The BNG believes the State Government must take action on this issue in response to the repeated blocking of thousands of websites. Failure to do so would constitute a dereliction of duty, leaving them in private hands, which act solely for their own benefit and, without regard, hand them over to third parties,” the proposal continued.

A summary of the three main requests in the proposal:

1. Blocking must be performed precisely, targeting domain names and DNS only
2. Establish protocols for hosts to shut down sites and/or hand over operator details
3. Disallow IP address blocking to prevent blocking of innocent sites .

Proposal Put to the Vote on Wednesday

Presented by the Mixed Group at the request of BNG, the proposal to ensure accurate, collateral damage-free blocking of exclusively pirate sites, received 6 votes in favor, 17 against, and 12 abstentions.

Despite the Socialist Group’s ( Grupo Socialista ) abstention, a representative said that the blocking measures comply with requirements, ensure that the clubs and broadcasters can protect their rights, and have safeguards to protect legitimate access to the internet for citizens and companies.

The Popular Party and Vox groups rejected the proposal outright, stating that it disregards the damage suffered by football clubs and therefore puts the economy in jeopardy.

A spokesperson for Vox said the government doesn’t get involved when matters are under the eye of the judiciary, adding, “I don’t know if you’re defending piracy.”

Proposal Rejected

The Economy, Trade and Digital Transformation Committee of Congress rejected the non-legislative proposal. In a statement Thursday, LaLiga described that as support for its anti-piracy strategy, including IP address blocking.

In line with comments made by the Popular Party and Vox groups, LaLiga also expressed concern that the proposal failed to address “both the critical impact of audiovisual fraud on the country’s social and economic infrastructure and the origin of this issue, including the actors who profit from this illegal business.”

LaLiga’s statement makes no mention of the internet users the proposal aimed to protect. Instead, it restates its position that all blocking “is proportional, targeted, and time-limited, being enforced only during matches….in strict compliance with the relevant court order.”

Cloudflare Animosity Continues

LaLiga also had further sharp words for Cloudflare, mostly along the same lines as those made earlier in the year which appeared to mark the end of civil discussion, assuming that had ever been the case. There’s clearly a huge difference of opinion in respect of how Cloudflare views its obligations and what LaLiga believes they should be.

At an event in Italy last week , José Ignacio Carrillo de Albornoz, Global Content Protection Manager at LaLiga, said that collaboration is the key to success and that partnerships with other companies are proving effective.

Mentioning no company in particular, he noted that “Not all intermediaries are willing to cooperate,” before revealing a new angle to LaLiga’s strategy and a likely source of future friction.

“We’ve decided to seek legal injunctions globally,” he said.

With a direct reference to European Union Regulation 2015/2120 , de Albornoz said that ISPs can block ‘certain types of traffic’ in compliance with a court order.

“We have done so, and it’s proven very effective. Collaboration is the key.”

From: TF , for the latest news on copyright battles, piracy and more.

After obtaining a court order that granted permission to block pirate streaming services, top-tier football league LaLiga faced a dilemma.

Many of its targets were using Cloudflare’s reverse proxy service, which in basic terms allows a webhost’s IP address to remain private while one of Cloudflare’s IP address is exposed to site users. Since hundreds of sites can share the same Cloudflare IP address, blocking one pirate site would end up blocking them all.

Since no compromise could be reached with Cloudflare, LaLiga went ahead with its blocking campaign, which included blocking Cloudflare’s shared IP addresses .

Courts Unsympathetic,

After the blocking campaign began in earnest, complaints calling for the courts to take action to prevent collateral damage were rejected on various grounds. In June, the Mixed Parliamentary Group, at the request of Néstor Rego Candamil, the deputy of the Galician Nationalist Bloc (BNG), presented a Non-Legislative Proposal (PNL) in an attempt to build momentum.

The proposal explained the shared-IP address situation at Cloudflare and went on to describe what can go wrong on match day.

“The BNG believes the State Government must take action on this issue in response to the repeated blocking of thousands of websites. Failure to do so would constitute a dereliction of duty, leaving them in private hands, which act solely for their own benefit and, without regard, hand them over to third parties,” the proposal continued.

A summary of the three main requests in the proposal:

1. Blocking must be performed precisely, targeting domain names and DNS only
2. Establish protocols for hosts to shut down sites and/or hand over operator details
3. Disallow IP address blocking to prevent blocking of innocent sites .

Proposal Put to the Vote on Wednesday

Presented by the Mixed Group at the request of BNG, the proposal to ensure accurate, collateral damage-free blocking of exclusively pirate sites, received 6 votes in favor, 17 against, and 12 abstentions.

Despite the Socialist Group’s ( Grupo Socialista ) abstention, a representative said that the blocking measures comply with requirements, ensure that the clubs and broadcasters can protect their rights, and have safeguards to protect legitimate access to the internet for citizens and companies.

The Popular Party and Vox groups rejected the proposal outright, stating that it disregards the damage suffered by football clubs and therefore puts the economy in jeopardy.

A spokesperson for Vox said the government doesn’t get involved when matters are under the eye of the judiciary, adding, “I don’t know if you’re defending piracy.”

Proposal Rejected

The Economy, Trade and Digital Transformation Committee of Congress rejected the non-legislative proposal. In a statement Thursday, LaLiga described that as support for its anti-piracy strategy, including IP address blocking.

In line with comments made by the Popular Party and Vox groups, LaLiga also expressed concern that the proposal failed to address “both the critical impact of audiovisual fraud on the country’s social and economic infrastructure and the origin of this issue, including the actors who profit from this illegal business.”

LaLiga’s statement makes no mention of the internet users the proposal aimed to protect. Instead, it restates its position that all blocking “is proportional, targeted, and time-limited, being enforced only during matches….in strict compliance with the relevant court order.”

Cloudflare Animosity Continues

LaLiga also had further sharp words for Cloudflare, mostly along the same lines as those made earlier in the year which appeared to mark the end of civil discussion, assuming that had ever been the case. There’s clearly a huge difference of opinion in respect of how Cloudflare views its obligations and what LaLiga believes they should be.

At an event in Italy last week , José Ignacio Carrillo de Albornoz, Global Content Protection Manager at LaLiga, said that collaboration is the key to success and that partnerships with other companies are proving effective.

Mentioning no company in particular, he noted that “Not all intermediaries are willing to cooperate,” before revealing a new angle to LaLiga’s strategy and a likely source of future friction.

“We’ve decided to seek legal injunctions globally,” he said.

With a direct reference to European Union Regulation 2015/2120 , de Albornoz said that ISPs can block ‘certain types of traffic’ in compliance with a court order.

“We have done so, and it’s proven very effective. Collaboration is the key.”

From: TF , for the latest news on copyright battles, piracy and more.