When protecting broadcast rights becomes digital collateral damage
Spainās internet infrastructure has become a battleground where the pursuit of piracy enforcement clashes with fundamental digital rights. LaLiga, Spainās premier football league, has deployed an aggressive anti-piracy campaign thatās repeatedly knocked millions of users offline, transforming weekend football matches into nationwide connectivity crises.
The October 2025 Blackout
The most recent incident occurred on October 18-20, 2025, when LaLigaās enforcement orders triggered widespread internet outages across Spain. Major ISPs including Movistar, Vodafone, and Orange implemented broad IP blocks targeting Cloudflare infrastructure, cutting off access to thousands of legitimate websites, gaming platforms, and essential online services.
The impact was immediate and severe. Proton VPNāthe Swiss privacy-focused service that has consistently fought for user privacy and encryption rightsāreported a 200% surge in free signups from Spain as users scrambled to restore their internet access. For three days, routine online activities became impossible without VPN circumventionāa digital lockout affecting millions who had nothing to do with piracy.
How Shared Infrastructure Became a Weapon
The core problem lies in how modern internet infrastructure works. Cloudflare, like most content delivery networks, uses shared IP addresses where thousands of unrelated websites exist behind a single IP. When LaLiga identifies a pirate stream using Cloudflareās network and orders that IP blocked, every other site sharing that address goes dark.
According to LaLigaās own figures, approximately 3,000 IP addresses are blocked during every weekend of football matches. But these arenāt surgical strikesātheyāre carpet bombs that catch legitimate businesses, government services, and even emergency resources in the blast radius.
The collateral damage has included:
- Gaming platforms: Players of Blue Protocol: Star Resonance, an MMORPG launched globally in October, found their āStartā button completely disappeared for Spanish users- Essential services: Google Fonts was blocked in May 2025, breaking countless websites including Google Calendar and YouTube for Digi and Vodafone customers- Business infrastructure: Payment platforms, institutional sites, and small business websites went offline without warning
Cloudflare CEO Matthew Prince didnāt mince words about the danger: āThe strategy of blocking broadly through ISPs based on IPs is bonkers because so much content, including emergency services content, can be behind any IP. The collateral damage is vast and is hurting Spanish citizens from accessing critical resources.ā
Prince warned that itās āonly a matter of time before a Spanish citizen canāt access a life-saving emergency resourceā due to these blanket blocks.
The Legal Framework Behind the Chaos
This isnāt a case of overzealous enforcement operating in a legal gray area. Spanish courts have explicitly authorized these measures, creating a legal framework that prioritizes commercial broadcast rights over internet accessibility.
The timeline tells a troubling story:
December 2024: A Spanish judge authorized LaLiga and TelefĆ³nica (owner of Movistar Plus+) to implement rapid, dynamic IP blocking for anti-piracy purposes
February 2025: LaLiga launched its first major blocking action, triggering immediate disruptions
February 15, 2025: Rather than acknowledging the overblocking problem, LaLiga doubled down with an inflammatory statement accusing Cloudflare of āactively enabling illegal activities such as human trafficking, prostitution, pornography, counterfeiting, fraud, and scams.ā The league claimed to have identified child pornography on two Cloudflare IPs, despite the fact that Cloudflare provides infrastructure for millions of legitimate sites
February 19, 2025: Cloudflare and Spanish cybersecurity organization RootedCON filed legal appeals, warning that the blocking measures were ādisproportionateā and affecting millions of users accessing legitimate websites
February 23, 2025: LaLiga president Javier Tebas dismissed the complaints, claiming only ā4 nerdsā were affected and that only piracy and criminal sites were blockedāa claim contradicted by widespread user reports and technical evidence
March 26, 2025: Commercial Court No. 6 of Barcelona dismissed the appeals from Cloudflare and RootedCON, ruling they hadnāt provided sufficient evidence of damage. This decision cleared the way for LaLiga to expand its enforcement with few legal constraints
May 2025: The blocking campaign continued to escalate, with Cloudflare filing an appeal to Spainās Constitutional Court
The Commercial Incentives Behind the Blocks
Understanding why these ISPs participate so readily requires following the money. The major ISPs implementing these blocks arenāt neutral partiesāthey have significant financial stakes in LaLiga broadcasts:
- TelefĆ³nica/Movistar: Retained domestic broadcasting rights through 2026/27 season in a deal worth ā¬1.29 billion. TelefĆ³nica Audiovisual Digital operates Movistar Plus+ and jointly obtained the original blocking injunction with LaLiga- Vodafone: Offers LaLiga matches through a deal with DAZN on Vodafone TV- Orange/DIGI: Sell access to LaLiga matches through their respective TV platforms
These arenāt just ISPs following court ordersātheyāre broadcast partners with billions in revenue at stake, implementing blocks that happen to affect their competitors and independent internet services.
The Pattern of Infrastructure-Level Censorship
Spainās LaLiga crisis exemplifies a dangerous global trend: the weaponization of internet infrastructure for content control. Rather than pursuing individual copyright violators, rightsholders are increasingly targeting the fundamental systems that make the internet work.
As we documented in our analysis of the Great Internet Lockdown, this pattern of infrastructure-level censorship is accelerating worldwide. The UK saw Cloudflare begin geo-blocking pirate sites at the CDN level in 2025, catching even VPN usersāthe first time a major content delivery network participated in such blocking. That same regulation drove a 1,400% surge in UK VPN signups as citizens fought to maintain internet access.
Meanwhile, internet censorship is rising globally in 103 countries, with research analyzing 21 billion measurements revealing that once countries implement censorship infrastructure, they rarely roll it back. Instead, censorship tends to expand over time, covering more content, more platforms, and more users.
Spainās approach takes this further by making the blocks so broad theyāre essentially unavoidable without using a VPNāwhich itself is becoming a target for restrictions. Several US states are now pushing legislation to ban or restrict VPN usage under the guise of age verification compliance, with Wisconsin advancing bills that would criminalize VPN traffic to adult sites.
What This Means for Digital Rights
The Spanish situation reveals how easily āanti-piracyā measures can become tools of mass digital disruption when divorced from proportionality requirements. Several alarming precedents are being set:
Collective punishment: Thousands of innocent websites and millions of users are treated as acceptable collateral damage in pursuing a few pirate streams
Pre-emptive blocking: ISPs block first, ask questions never. Thereās no notification system for affected sites, no appeals process for legitimate services caught in the crossfire
Judicial deference: Courts have consistently sided with rightsholders, dismissing technical arguments about proportionality and collateral damage
Commercial conflicts of interest: The ISPs implementing blocks are the same companies selling competing broadcast services
Normalization of infrastructure attacks: What starts as ājust blocking pirate streamsā establishes precedent for targeting any content at the infrastructure level
The VPN Response and What It Reveals
The 200% surge in VPN signups during the October outage isnāt just a statisticāitās a referendum on the legitimacy of the blocking regime. When millions of ordinary users need to route their traffic through encrypted tunnels just to access legitimate websites, the enforcement system has failed.
VPNs have become essential digital infrastructure in Spain, not for privacy-conscious power users or pirates, but for anyone who needs reliable internet access during football weekends. Students completing assignments, businesses processing transactions, developers accessing cloud servicesāall now depend on VPN circumvention to work around blocks targeting their ISPās infrastructure.
This mass adoption of VPN technology undermines the stated goal of the blocking campaign. Pirates simply connect to VPNs and continue streaming, while legitimate users bear the burden of added complexity, cost, and slower connection speeds.
RootedCONās Call to Action
In October 2025, frustrated by the continuing crisis, Spanish cybersecurity organization RootedCON released a legal template enabling affected users and businesses to sue the telecommunications companies implementing the blocks. They also launched āHay Ahora Futbolā (Is There Football Now), a tracking site where users can check if their services are affected by current blocks.
RootedCON outlined three escalation paths for Spanish citizens:
- Elevate the case to Spainās Constitutional Court (difficult but potentially precedent-setting)2. File individual lawsuits against LaLiga and president Javier Tebas if your business has been affected (moderate difficulty)3. File mass complaints with the European Commission (easiest and potentially most effective given EU digital rights frameworks)
The organization also encourages making noise on social media and documenting every incident of legitimate service disruption.
The EU Dimension
Spainās blocking regime exists in tension with European Union principles of proportionality and digital rights. The EUās Digital Services Act and broader framework for internet regulation emphasize targeted, proportionate measuresānot the kind of broad infrastructure blocking Spain has authorized.
Cloudflareās appeal to the Spanish Constitutional Court may eventually reach European courts, where the conflict between national copyright enforcement and EU digital rights protections will be tested. The outcome could set precedent for how aggressively member states can deploy infrastructure-level blocking.
What Comes Next
Despite mounting public frustration, technical evidence of massive overblocking, and warnings from infrastructure providers, thereās no indication Spainās courts will reconsider the authorization for these blanket blocks. LaLiga continues to frame each weekendās disruptions as victories in its anti-piracy campaign, while millions of users reach for VPNs as essential digital lifelines.
The question isnāt whether LaLigaās enforcement campaign worksāpirate streams continue to proliferateābut whether a democratic society should tolerate this kind of collateral damage in pursuit of commercial broadcast rights.
Spainās internet crisis offers a warning to other nations considering similar approaches: when you give rightsholders the power to block internet infrastructure, youāre not just targeting pirates. Youāre creating a system where the open internet itself becomes collateral damage in corporate enforcement campaigns, where millions of users lose access to legitimate services, and where VPNs transform from privacy tools into basic necessities.
The football matches will end. The precedents being set for internet control will endure.
Related Reading:
- The Great Internet Lockdown: How Payment Processors, Government Regulations, and Activist Groups Are Reshaping the Digital Landscape- The Quiet Erosion: How Nearly Half the World Is Experiencing Increased Internet Censorship- Proton Mailās Legal Battle for Privacy: Challenging Australiaās eSafety Regulator- The Age Verification Compliance Nightmare: How Businesses Can Navigate Americaās Patchwork of Conflicting State Laws