On Mon, May 1, 2017 at 4:52 PM, Razer <[1]g2s@riseup.net> wrote:

     I assume the upstream
     provider for the local ISP is AOL which would explain why the only
     time
     we were ever notified about a 'torrentviolator' was in regard to
     Warner
     content,

   Warner in particular, are very keen on monitoring torrents, and pay
   various third parties to monitor swarms and extract IP addresses of
   anyone sharing their content. The third party contractors then look at
   who owns the relevant block, and sends a notification to that ISP (it's
   normally automated).
   It's less likely to be because AOL was upstream than it is simply a
   product of the fact that Warner are absolutely shit-hot on trying to
   keep on top of their content being shared (for all the good it does).
   They don't notice and catch everyone, but IME they've got a far better
   detection rate than other publishers.
   --
   Ben Tasker
   [2]https://www.bentasker.co.uk

References

   1. mailto:g2s@riseup.net
   2. https://www.bentasker.co.uk/