LaLiga wanted sanctions. She got a wake-up call: the massive blocking of IP addresses breaks more things than it fixes.
In February 2026, the Commercial Court of Cordoba granted LaLiga and Telefónica Audiovisual Digital precautionary measures against NordVPN and Proton VPN. The two VPN providers were to block IP addresses identified as sources of illegal broadcasting of Spanish championship matches. A dynamic mechanism allowed the league to transmit updated lists without going back to court. NordVPN and ProtonVPN had not even been heard before the decision. Three months later, LaLiga returned to court to demand financial sanctions, arguing that NordVPN had failed to comply with the order.
How the fight against piracy made GitHub and Cloudflare inaccessible in Spain
On May 19, the Córdoba court rejected LaLiga’s request. NordVPN put forward two technical arguments that hit the mark. First, pirate IP addresses change constantly (often within a few hours), and the lists provided by the league no longer corresponded to reality at the time of the blocking. Then, blocking at the IP address level causes massive overblocking of legitimate services that share the same infrastructure.
The list of collateral damage documented in Spain is dizzying: Cloudflare, Vercel, GitHub, Dockermade inaccessible or intermittent for Spanish users during match windows. More than 3,000 perfectly legitimate sites were affected on certain weekends. Developers, small businesses and civil society organizations found themselves deprived of essential tools because LaLiga targeted shared IP addresses. The judge found that there was a “genuine technical dispute” and deemed the sanctions unjustified.
NordVPN recognizes the legitimacy of the fight against piracy, but drives home the point: the means used must be “proportionate, technically reliable and respectful of all people who depend on the same shared infrastructure”. The widespread blocking of IP addresses imposed on VPNs “fails on each of these points”.
France copies Spanish model and tests real-time blocking at Roland-Garros
The European anti-piracy strategy now works in layers. First the ISPs, ordered to block domain names. Then public DNS resolvers (Google DNS, Cloudflare DNS), to prevent circumvention. Then VPNs, considered the last link in the chain. In France, the Paris court ruled seven simultaneous decisions in March 2026 ordering the blocking of 35 pirate sites via ISPs, DNS and five VPN providers (NordVPN, ProtonVPN, CyberGhost, ExpressVPN, Surfshark). Each escalation is presented as a targeted measure. Each produces greater collateral damage than the previous one.
ARCOM launched a real-time IP address blocking systemcurrently tested at Roland-Garros. The system is directly inspired by the Spanish model: the rights holders report the flows, ARCOM orders the blocking to the ISPs during the broadcast. Safeguards exist (white list, limited blocking windows, liability of rights holders in the event of a false positive), but the Spanish experience shows that safeguards are not always sufficient when the blocking mechanism is faster than verification.
In Spain, Congress approved a (non-binding) initiative on April 30 calling for reform of the law to introduce a principle of proportionality. In France, the government hopes to make its system fully operational for the 2030 World Cup. One slows down, the other accelerates. Piracy continues to migrate.
👉🏻 Follow tech news in real time: add 01net to your sources on Google, and subscribe to our WhatsApp channel.
Source :
NordVPN
