| What's the censorship policy? Is this going to be content-neutral, like Cloudflare was when fronting ISIS websites? Or is this going to be fine-until-bad-PR, like when Cloudflare decided to stop hosting The Daily Stormer? There is a special kind of lock-in when it comes to object storage, as generally you use something like this when the data is too big to store another copy of locally
or at another provider. It's not like you can easily maintain provider independence, and if Cloudflare decides one day that some of your UGC in a bucket isn't something they want to host, what happens then? Is the data lost forever because your account is nuked? Is there a warning or grace period? I am hesitant to put any large amount of data into a service without a crystal clear statement on this, so that I can know up front whether or not a business needs to maintain a second, duplicate object store somewhere else for business continuity. If Cloudflare in practice is going to nuke the account the moment your site ends up hosting something objectionable, this DR requirement (a second provider that also stores all objects) needs to be factored into a customer's costs. (It may be that the bandwidth savings still make it worth it to use Cloudflare even with double storage.) |
It's a mistake to rely on a clear statement when you can't afford to lose your data. Stuff happens all the time... mistakes, malware, an expired credit card, etc. Independently of the provider you decide to use, I'm not sure if a backup is optional in your case.