[greyface-]

> This requires proving the users intent

Companies are permitted to deny service to anyone at any time for any (non-protected) reason. They typically don't have to justify service terminations to a court of law. Who would they be required to prove user intent to, and why?

[cstrahan]

I don't think you parsed their message correctly. It's not about litigation.

Re-posting a bit of the service terms for easy reference:

> 51.3. You may not use Amazon Lightsail in a manner intended to avoid incurring data fees from other Services [...]

As you point out, they may terminate your service without any justification in a court of law. So how do they go about terminating the offenders? Well, one trivial way (from a technology and/or policy perspective): terminate everyone's service! If you blindly terminate everyone's service, that will certainly prevent anyone abusing LightSail.

But that's, uh, not good for business. So they probably want to terminate the service of only those people actually abusing it. But how do you do that?

You'd have to look at each account's usage and do something to determine if that traffic is or isn't a means of avoiding data fees from other services. In other words, you'd have to determine the intent of that traffic. Or, put yet another way: "this requires proving the users intent".

If doing so was as trivial as detecting any traffic between LightSail and the other services, they'd just prevent such connections in the first place. So how can AWS tell if some traffic between services is legitimate or not? The unspoken premise of the person you're replying to is that this probably isn't feasible for AWS to catch any and all people abusing LightSail in this way, with the conclusion being that you can (in practice) probably get away with it unnoticed.

[greyface-]

We disagree on the definition of "prove". I would not object to the claim if it had used "determine" or "detect" instead of "prove".

That said, detection is easy. Look for users who spin up a Lightsail instance and use close to 100% of its bandwidth quota before spinning it down. Sort by number of such instances, and tell all users above some cutoff that in your sole discretion you believe they have violated your TOS, and are terminating their service. Doing so is completely legally defensible.

[cstrahan]

I hear you.

> We disagree on the definition of "prove". I would not object to the claim if it had used "determine" or "detect" instead of "prove".

I do find that a bit odd, though. If I consult the Merriam Webster dictionary, I see precisely one entry under "prove" that says anything related to law and/or courts:

> to establish the existence, truth, or validity of (as by evidence or logic)

> "prove a theorem"

> "the charges were never proved in court"

Even there, the only mentioning of court is in the example sentence, rather than the definition itself -- naturally, we want our court system to be based in reasoning rather than whim.

Additionally, the meaning of "prove" given by this definition is exactly what the study of formal logic sets out to codify, and given that this is hacker news (where many are interested/involved in computer science and/or formal logic itself), it seems counterproductive to ascribe some legal meaning to the word "prove" here, as it would (to my mind, at least) be quite unlikely for others to do so.

[sangnoir]

GP here - feel free to replace "prove" with determine because that's what I meant. My point was that it is really hard for Amazon to detect data exfiltration when its disguised as some other run-of-the mill service. Amazon can cancel anyone's service at anytime, but they can't afford to piss off legitimate customers with capricious, undeserved bans due to false positives. Regardless of where AWS draws the line to separate abuse from legit usage,it will always be possible to skirt underneath it. The crux of my argument is that AWS will tolerate false negatives over false positives.

[usr1106]

I always assumed that your free quota is proportional to the time you pay. Even the price is not the advertised fixed $3.5, you pay less in months with 30 days than in months with 31 days.

I have not checked my cost and usage reports every time I have some experimental instance for a shorter time, so I am not sure. Just from the general knowledge that AWS is permanently counting every fraction of a peanut. But as the submission shows, exceptions to the rule can exist.