It appears that reports about LaLiga planning to file lawsuits against users of pirate IPTV services are inaccurate. While a court in Barcelona did grant LaLiga authorization to obtain subscriber identities from five major ISPs, according to our interpretation of court documents, LaLiga has not identified any subscribers, not even by their IP addresses. Surprisingly, LaLiga may lack evidence that any subscriber engaged in wrongdoing, prompting ISPs to be instructed to locate such evidence.

It seems like Javier Tebas Medrano, the president of LaLiga, Spain’s premier football league, faces a significant challenge in dealing with IPTV piracy, much like his counterparts in the Premier League and Serie A. Despite existing blocking injunctions, rumors of a crackdown on users of pirate IPTV services persist. These rumors gained traction when Medrano posted a portion of a court document to X on Monday, sparking speculation and misunderstanding among viewers. Here, we present the translated post from Spanish and the relevant text from the court order.

Medrano shared a statement from the Superior Court of Justice of Catalonia, which outlines the outcome of LaLiga’s legal action following a piracy investigation. According to Medrano, the court order will enable LaLiga to collect IP addresses associated with the transmission of illegal content. These IP addresses will be sent to major Spanish ISPs, including Telefónica, Vodafone, Orange, MásMóvil, and Digi. As per the court’s instructions, the ISPs will match these IP addresses with the corresponding subscriber accounts and provide LaLiga with the personal details of those subscribers.

The highlighted Spanish text specifies the information that ISPs must provide:

1) IP address assigned to the user when accessing the server that facilitated the sharing of unlawful audiovisual content.
2) Name and surname of the holder of the internet access service contract.
3) Postal address of the internet line installation and billing details.
4) Identification document (NIF, NIE, or other) related to the information of the IP address of the server connected to, port of the server connected to, and time of the request (GMT+0).

What This Case Does Not Encompass

The legal action undertaken by LaLiga does not pertain to individuals who watch or subscribe to pirate IPTV services, nor does it involve those who access unauthorized streams of LaLiga matches through unlicensed websites.

The court order was issued by Commercial Court Number 8 of Barcelona, presided over by Judge Javier Ramos De La Peña. La Liga Nacional De Fútbol Profesional (LaLiga) is the applicant in this case.

In such applications, ISPs are sometimes regarded as “no fault” defendants. While five major ISP brands are mentioned, the order includes many more ISPs, including those providing mobile internet access:

• Orange Espagne Sau
• Vodafone Ono Sau
• Masmovil Ibercom Sa
• Digi Spain Telecom Slu
• Telefonica De España Sau
• Telefonica Moviles España Sau
• Orange España Virtual Slu
• Vodafone – Espana Sau

According to the Judge’s description in the order, the case revolves around piracy of content, outlined as follows:

Specifically, it concerns audiovisual content offered live and with exclusive access to residential customers and public establishments on pay television, with customers of the Movistar Plus+ satellite service being the only ones with access for their exclusive consumption, through a satellite dish, decoder terminal, and customer card.

LaLiga’s legal action focuses on allegations of Movistar Plus+ content being accessed illegally through ‘card-sharing.’ This involves the unauthorized transmission of decryption codes from a legitimate viewing card over the internet to unauthorized set-top boxes. In simpler terms, legitimate subscribers to Movistar Plus+ receive a viewing card allowing access to scrambled satellite signals on authorized set-top boxes. However, in card-sharing schemes, decryption codes from legal cards are redistributed online to unauthorized users for a fee. These users, with non-official set-top boxes, pay to access these codes, decrypting satellite signals without a legitimate subscription. The court’s order addresses two main groups: those sharing decryption codes online for a fee and those paying to access these codes without a legitimate subscription.

One of the forms of unlawful access is the so-called “Cardsharing,” which uses the protocols “CCCam and IKS,” presupposing the participation in the piracy network, on one hand, of [1] users who paid for conditional access to a satellite connection, offering them on the internet for illicit profit, and, on the other hand, of [2] users who acquire satellite connection equipment enabled to access original card codes without authorization.

The Judge’s comment regarding IP addresses raises important considerations. It suggests that IP addresses can be detected to identify both the servers supplying the decryption codes and the users receiving these codes. This implies that the court may have the means to trace the source and recipients of the illegal transmission of decryption codes over the internet.

The basic element for identifying connections on the Internet, the IP address, can be detected both to show the identification of servers and the connections of users participating in the piracy platform.

In the realm of digital piracy, let’s delve into a captivating analogy akin to a digital cat-and-mouse chase. Picture this: one computer acting as a clandestine movie vendor, offering illicit cinematic delights for download, while another serves as a covert dispenser of decryption codes for card-sharing endeavors. Both are players in this underground world, easily identified by the vigilant eyes of anti-piracy companies. With a simple request or a cunning subscription, these guardians of copyright can pinpoint their digital hideouts, logging their every move.

But alas, the plot thickens when we shift our gaze to the shadowy figures on the receiving end. Those partaking in the thrill of pirated downloads or surreptitiously obtaining codes do so with a veil of anonymity. They dance through the digital ether, evading the grasp of those seeking to uncover their identities. It’s a tantalizing game of wits, where the elusive downloaders leave nary a trace, making them as slippery as eels in a digital sea.

Ah, but fear not, for we shall illuminate this clandestine world with the flicker of understanding. Let us unveil a hastily-drawn diagram, a digital treasure map if you will, revealing why the IP addresses of card-sharing servers lie within easy reach, while those of the elusive customers remain shrouded in mystery.

In the digital labyrinth of piracy, let’s unravel the intricate web of satellite signals and encrypted transmissions. At the helm of this clandestine operation lies a legitimate viewing card, a key to unlock the encrypted treasures beamed from the satellite above. But beware, for not all who possess this key tread the path of righteousness.

Enter the realm of card-sharing, where the extracted codes, akin to digital contraband, traverse the vast expanse of the internet. Like whispers in the wind, they pass through routers and modems, leaving behind traces that can be traced back to their source. Here, in the heart of the internet, lies the nexus of piracy—the card-sharing servers.

But fear not, for lurking in the shadows are the sentinels of copyright, the anti-piracy investigators. Armed with cunning and guile, they infiltrate the clandestine networks, subscribing to the very services they seek to dismantle. With keen eyes and digital prowess, they pinpoint the IP addresses of these nefarious servers, ready to strike.

Yet, amidst this digital dance, a curious conundrum emerges. While LaLiga holds the keys to the servers, the identities of those who partake in this illicit trade remain shrouded in mystery. Like phantoms in the night, they flit through the digital ether, leaving nary a trace. It’s a puzzling predicament—IP addresses without faces, codes without culprits.

Thus, the stage is set for a digital fishing expedition, where the bounty sought is not fish, but the elusive identities of those who partake in piracy. Armed with court orders and legal machinations, LaLiga casts its net, hoping to ensnare the unwitting participants in this digital game of cat and mouse. But will they catch their prey, or will the shadows of anonymity prevail? Only time will tell in this digital odyssey of piracy and pursuit.

La Liga provides in its request the IP addresses and port of the servers, as well as the time of the request, data that has been obtained legitimately. With this starting data, it is possible, after issuing the requirement contained in art. 256.1.11* LEC to the internet service providers listed in the request, to complete the identification of the users of their services participating in the scheme….

That seems to lead to just one conclusion. LaLiga has the IP addresses, port details, and potentially other information related to the card-sharing servers, but may be working on the mere assumption that users of the five ISPs accessed those servers at specific times, but has no evidence to prove it – yet.

If that’s actually the case, and there isn’t some extra dimension to this that hasn’t been revealed or is being hidden, LaLiga may be doing something that to our knowledge has never been done before.

The court order seems to require the five ISPs to go through their IP address logs – not to identify the names and addresses of subscribers behind known/suspected infringing IP addresses – but to identify infringement itself.

When the ISPs match card-sharing server IP addresses with IP addresses that appear in subscribers’ activity logs, that may be the first time that any evidence of potential infringement has been surfaced against any user in this case thus far.

There may be other explanations but with veteran file-sharing defense lawyer David Bravo posting memes to X, he may be already counting the money.