All of this communication typically takes place over encrypted TLS. I don't see how you can determine what is "illegal" or what is not illegal without some sort of TLS intercept going on, which no one is going to stand for.

Identifying content without introspection is just going to not work at all. This being said, it may be within your means to block "pirate" sites based on DNS or destination IP, but I wouldn't remotely approach that in a preemptive way. That's just censorship pure and simple.

If you actually got a court order to block a site, that's a different story but I would not do this in a preemptive way.

-john

On Mon, Feb 10, 2025 at 12:59 PM Mike Hammett <nanog@ics-il.net> wrote:

I've never paid much attention to the abilities to filter traffic because I didn't care what my customers were doing until which time a lawful order told me to care.

Someone recently asked me that since there was only one legal way in a particular country to consume television service over IP, was there any way to block the "illegal" streams. I put "illegal" in quotes because some of it really is the pirated crap, but some is likely just watching Netflix, Prime, Hulu, etc. over a VPN.

With the tooling I have, no, I can't block that stuff. Well, at least not with any precision. I'd certainly miss a bunch and there would be a bunch of collateral damage. However, I also know that I'm not using overly sophisticated tooling or methods to achieve this.

Are there platforms out there that can accomplish this with any precision?

No, I don't know what constitutes "TV" in that jurisdiction, nor do I ask this group to weigh in on that. Are YouTube, Vimeo, and Rumble "TV"? Are Netflix and Prime "TV"?

-----
Mike Hammett
Intelligent Computing Solutions
http://www.ics-il.com

Midwest-IX
http://www.midwest-ix.com