I'm the last person to defend Cloudflare. They do a fair bit of crappy things (treat TOR poorly amongst them).
But, we do have freedom of speech in the US. And while that doesn't mean everyone has to give you a platform for that speech, it does mean a content provider needs to decide between being a judge or allowing everything.
Sure, Neo-Nazis seem like an easy case - nobody likes Nazis. But, what about people calling for a boycott of Israel? Or what about critical political speech? Should Cloudflare (or anyone) be in the business of making judgements about those kinds of content and if they're allowed or not?
I think the more important issue in here is that Cloudflare forward the personal information of anyone who complains about the site to the site owner. Other major providers don't do this, and it's not clear that people filing complaints know what they're getting into.
> CloudFlare will notify the site owner and, where appropriate, the web hosting provider for the site in question.
That being said, it's in body sized font, in a huge block of text, and if I wasn't looking for it, I wouldn't see it.
So, it's "stated" but probably not very clear that abuse reports may be forwarded. As a webmaster/previous ISP, I expect (again, prior knowledge here) that abuse complaints will be forwarded. But, does the average person? Probably not.
My $0.02 - Cloudflare states it, but they need to make it much more clear if they intend to keep the policy, or possibly revise the policy. However, bad UI seems a weak reason to vilify them.
----
Edit: Actually, they state it twice - including right before the submit button in larger font size. It's pretty hard to miss.
You sure "nobody" likes Nazis?
They sure seem to be enjoying a nationalist resurgence lately for nobody liking them.
Even the President wont expressly disavow them anymore. :(
The use of improper SSL termination and re-captchas that take sometimes up to 20 minutes to complete (for one CAPTCHA, fuck you Google!) are much more atrocious abuses than the existence of some hate speech on sites they host. I'd much rather see them address those actual problems than read about some bitchiness that they won't censor their content. I actually agree with Cloudflare on this. Yes, the Daily Stormer might be an easy site to assess and block (I don't know, I've never visited), but once you're in the business of censorship, the censorship wing of the organization will eat up tons of resources and is guaranteed to turn away customers. See any major Internet company for plenty of examples of this. It seems to me that by not engaging with this stupidity, they are making a wise business decision.
Cloudflare is one of the worst companies there is. They weaken the security of the web. They block Tor users from using many popular websites. They host websites that offer the same DDOS services they will charge you for protection from. The day Cloudflare dies, which should have been the day Cloudbleed was discovered, will become an annual holiday for the Internet.
That seems like quite a bit of an exaggeration. CloudFlare is great for a lot of reasons, and they have their faults just like every other company out there.
Cloudflare also has an added appeal to sites such as The Daily Stormer. It turns over to the hate sites the personal information of people who criticize their content. For instance, when a reader figures out that Cloudflare is the internet company serving sites like The Daily Stormer, they sometimes write to the company to protest. Cloudflare, per its policy, then relays the name and email address of the person complaining to the hate site, often to the surprise and regret of those complaining.
This has led to campaigns of harassment against those writing in to protest the offensive material. People have been threatened and harassed.
Really, Cloudflare? It's one thing to provide a CDN service for these these sites; turning over this information is completely different.
Ok, so I went to the Cloudfare abuse form [0] to see the specifics.
It asks for a whole lot of information (including full name and email address) and at the bottom states:
"By submitting this report, you consent to the above information potentially being released by CloudFlare to third parties such as the website owner, the responsible hosting provider, law enforcement, and/or entities like Chilling Effects."
It's pretty clear therefore that they mean all of information provided and not just the reason for the complaint.
Good point, I only looked at the text in the grey box at the right, not at the bottom, where it is clearer. (Box e.g. for "Violent Threats" or "General" says
CloudFlare will notify the site owner and, where appropriate, the web hosting provider for the site in question.
By submitting a report, you agree to submitted data potentially being released by CloudFlare to third parties, such as Chilling Effects.
To be fair, forwarding abuse reports to the client is standard practice in the hosting industry.
There's been some debate about this in the past (efnet getting upset with Hetzner for example), but I think the general consensus is that it's not really the job of the hosting company to go out of their way to protect abuse reporters.
It's also important to understand that most abuse mail that isn't DMCA spam will be automated mail informing you of compromised machines on your network, it very much makes sense to automatically forward all this mail to the client.
What? AWS and GoDaddy are not terribly expensive. GoDaddy is incredibly common. I don't know about Rackspace. Together they make up a large chunk of the Internet as we know it.
AWS and Rackspace are terribly expensive, GoDaddy is huge in the domain space but not particularly big in hosting, besides shared-.
Why not look at the likes of OVH, Hetzner, Voxility, Colocrossing and so on. Or maybe try Level3, their business may be a bit different but they're HUGE and certainly forward abuse reports.
It's got everything to do with having a bunch of humans handling your abuse reports. It's also one of the reasons why IP reputation is so important to these hosts.
Are you mind bendingly high? Where did the DMCA thing come from?
The comment is about people sending complaints to cloudflare and cloudflare sending their information to the site being complained about...
This has absolutely ZERO to do with copyright.
But, we do have freedom of speech in the US. And while that doesn't mean everyone has to give you a platform for that speech, it does mean a content provider needs to decide between being a judge or allowing everything.
Sure, Neo-Nazis seem like an easy case - nobody likes Nazis. But, what about people calling for a boycott of Israel? Or what about critical political speech? Should Cloudflare (or anyone) be in the business of making judgements about those kinds of content and if they're allowed or not?