Sweden, the historic cradle of digital piracy since the golden age of The Pirate Bay, is experiencing a historic moment in the fight against illegal streaming.
A recent operation by Scandinavian authorities did not stop at striking the leaders of a large criminal organization, but uncovered the veil of anonymity that protected thousands of end customers.
The investigation uncovered a detailed database containing the names of nearly five thousand paying users, who now risk having their data entered into court files, foreshadowing a legal scenario that could soon become much harsher for those who use these services.
Nordicplay, IPTV dismantled and nearly 5,000 users identified
At the center of the investigation is the dismantling of Nordicplay, a major reseller belonging to the network Nordic One, an organization estimated to control about half of the illegal IPTV market in Sweden.
Authorities have charged two men, a 43-year-old identified as the principal suspect and a 55-year-old accomplice, with the accusation of serious accounting fraud.
Unlike the usual cases, where the main charge concerns copyright infringement, in this case the investigators’ strategy followed the money trail.
The illicit activity generated profits for about 34 million Swedish kronor (approximately 3.3 million euros), revenues that were hidden from the tax authorities through a network of shell companies.
The organization’s fatal mistake was the heavy use of Swish, a Swedish mobile payment system that is extremely popular but, crucial for the investigations, directly linked to users’ digital identity and tax ID.
The blacklist: users exposed
Analysis of the electronic devices seized from the main suspect opened a Pandora’s box. Investigators, examining computers and smartphones, initially found over 20,000 contacts.
Cross-referencing these data with the records of financial transactions, the police were able to identify with certainty 4,886 subscribers who made direct payments for the purchase of illegal packages.
Sara Lindbäck, a jurist with Rights Alliance (the local alliance for copyright protection), stressed the gravity of the situation for the users involved. While direct charges for the customers are not currently planned, their privacy has been compromised.
Lindbäck has hypothesized that law enforcement may use this data for preventive and deterrent action, similar to what has already happened in investigations into drug trafficking: directly contacting people on the list to inform them that their data has surfaced in a criminal investigation.
The goal is to raise awareness that funding IPTV means sending money directly to organized crime.
Heavy fines on the horizon?
Currently, Sweden sits in a legislative gray area where buying and watching pirated streams is not explicitly punished with direct penalties for the consumer, unlike selling. However, the scenario is set to change in the near future.
The Swedish Minister of Culture, Parisa Liljestrand, announced a bill aimed at filling this regulatory gap. The reform, if approved, will make simply consuming pirated IPTV services illegal, allowing authorities to impose hefty fines directly on subscribers.
The implementation of the new rules is scheduled for July 1, 2026. Until then, the users identified in the Nordicplay operation may avoid immediate criminal penalties, but the episode serves as a stern warning.
In addition to legal implications, experts warn about cybersecurity risks. Entrusting their personal and banking data to criminal organizations exposes users to far greater dangers than the simple interruption of the service.
International studies confirm that lists of customers of illegal services are often reused for targeted phishing campaigns or financial scams, turning savings on the TV subscription into a potentially much higher cost to personal security.
