Cloudflare's latest transparency report for the first half of 2025 reveals significant shifts in how the company addresses abuse, particularly around unauthorized streaming and copyright infringement. The report reflects both technological innovation and increased collaboration with rightsholders to combat sophisticated streaming operations while maintaining the company's commitment to protecting legitimate websites.
The Streaming Abuse Challenge
Cloudflare's free plan—designed to protect static websites from cyberattacks—has always restricted video streaming due to bandwidth costs. While most customers respect these limitations, bad actors increasingly attempt to misconfigure services to stream copyrighted content, often using AI tools to hide their behavior.
Unauthorized streamers present a dual threat: they violate intellectual property rights while simultaneously impacting performance, costs, and reliability for legitimate Cloudflare users. This shared concern has created opportunities for partnerships between Cloudflare, rightsholders, and policymakers.
Technical Response and Collaboration
In H1 2025, Cloudflare worked closely with major rightsholders on several initiatives:
API for Streamlined Reporting
Cloudflare provided rightsholders with an API for faster, more efficient abuse reporting. This technical integration, combined with feedback mechanisms to improve report quality, enabled the company to respond to streaming reports at scale.
Dramatic Increase in Actions
The collaboration yielded significant results:
- DMCA reports for hosted services jumped from ~11,000 in H2 2024 to ~125,000 in H1 2025
- Cloudflare actioned 54,000 reports (versus 1,000 in the previous period)
- An additional 21,000 hosting accounts were terminated based on identified patterns of abusive behavior
AI-Powered Pattern Detection
Beyond individual reports, Cloudflare used information from rightsholders to enhance technical tools for identifying unauthorized streaming across non-hosted services. This pattern-based approach allows the company to prevent thousands of similar streaming attempts before they're individually identified as infringing.
These machine learning systems represent a broader shift toward AI-powered abuse detection. As bad actors use AI to create sophisticated phishing campaigns or distribute streaming traffic to evade detection, Cloudflare applies its own AI capabilities to detect and mitigate abuse at scale.
The Blocking Debate
While collaborating on technical solutions, Cloudflare maintains concerns about legally-mandated blocking as an approach to copyright enforcement. The report highlights Spain's LaLiga as a notorious example of overblocking, where IP address blocking during matches causes "severe Internet outages across Spain" affecting countless unrelated websites.
Cloudflare argues that infrastructure-layer blocking is often:
- Overbroad: Affecting legitimate content alongside targeted material
- Non-transparent: Lacking sufficient government oversight
- Ineffective: Determined users find ways to circumvent restrictions
The company believes removing illegal content at the source remains the most effective approach.
Geoblocking Implementation
Despite these concerns, Cloudflare has begun complying with certain blocking orders that satisfy human rights principles around proportionality, due process, free expression, and transparency.
In H1 2025, the company saw a marked increase in European blocking orders from Belgium, France, and Italy. Cloudflare responded by geoblocking access through its CDN and security services in the relevant countries.
Cloudflare also began implementing UK court orders through a voluntary agreement with rightsholders, geoblocking websites identified as dedicated to copyright infringement. These pages return a 451 status code (indicating legal blocking).
Notably, Cloudflare maintains its refusal to block through its public DNS resolver (1.1.1.1), arguing such demands contradict an open Internet and would require building tools contrary to the resolver's design.
Transparency Evolves
The H1 2025 report continues Cloudflare's decade-long commitment to transparency reporting, with recent format changes making the reports more comprehensive and understandable. The company publishes these reports twice annually, covering legal requests for customer information and abuse reports.
As Cloudflare has grown, its approach to transparency has evolved to reflect new services and capabilities. The streaming abuse focus in this report demonstrates how the company adapts its reporting to address emerging challenges.
TL;DR
- Cloudflare's H1 2025 transparency report shows 10x increase in DMCA actions (54,000 vs 1,000) through rightholder collaboration
- API integration and AI pattern detection enabled real-time response to streaming abuse
- 21,000 additional hosting accounts terminated based on identified abuse patterns
- Cloudflare began geoblocking implementation in response to European court orders while refusing DNS resolver blocking
- Report highlights concerns about overbroad IP blocking (e.g., Spain's LaLiga causing nationwide outages)
- Technical solutions and information sharing prioritized over blunt infrastructure-layer blocking