|
One thing I don't see covered here - cost. Specifically, the cost of providing DDoS protection vs the cost of processing every complaint and evaluating if the complaint is legitimate. At Cloudflare's scale, providing service to one additional site costs exactly $0. It's actually beneficial because it spreads their fixed costs (hardware, staff) over more customers. Great (for Cloudflare and the site). But that only works if they don't have to do any marginal work for each site. Actually investigating each new website, going through potentially each page on the website, making a judgement call on if there is sufficient moderation to allow it or they shouldn't - it could take several hours or days of a skilled worker for each website. Just putting an example out there - how long would it take you to evaluate if reddit.com adheres to all the terms in Cloudflare's TOS? There's a different standard for user generated content, but it gets a pass if there's a good faith attempt to moderate the site. This stuff is actually hard. If they actually had to process every complaint, regardless of where it came from, the economics of their business might not make sense. And of course, they open themselves up to false positives. They might ban a forum that looks dodgy but ends up being a leukaemia support group, which spawns yet another #dropCloudflare. And lastly, if they're going to listen to outrage from Twitter, they don't have a leg to stand on if they receive lawful requests from sovereign governments in Turkey, Saudi Arabia etc. They hoped to sidestep all of these issues - money, false positives and state sponsored takedown requests by saying "we don't take down anyone for any reason". Well, it didn't work out. |