I was assuming that it's a loss-leader sort of business strategy at play before reading your comment. Do you care to share any insights/references to support this claim?
Gotcha. Yeah, I mean all of these platforms are certainly juicy targets for room 641A [0] shenanigans. I just wondered if there had been some public leaks or something which we might not all be aware of yet.
I'd also point out the following from Cloudflare CEO Matthew Prince's wiki page [1]:
> "Prince co-founded Unspam Technologies, which supported the development of Project Honey Pot [2], an open source data collection software created by Prince and Lee Holloway designed to gather information on IP addresses used by email-address harvesting services."
> In 2008, the Department of Homeland Security (DHS) contacted Unspam Technologies, asking, "Do you have any idea how valuable the data you have is?" The DHS' email served as the impetus for Cloudflare, a technology company Prince co-founded with Holloway and fellow Harvard Business School graduate Michelle Zatlyn the following year
> The DHS' email served as the impetus for Cloudflare
Emphasis mine. I love Cloudflare, their tech is amazing, but to bury our heads in the sand that it wasn't started from day one to be a government spying program would be extremely naive.
Again, an offhand comment about an email from the DHS is given all the weight in the world while a direct statement from Cloudflare is nitpicked to death.
US based companies (like china and europe based ones) are not allowed to talk about it, when state actors implementing their spying tools. It is just naive to think that cloudflare doesn't give access to state agencies. As others have said, it is more likely that cloudflare as a company is entirely built around the idea to provide a singe point of surveillance to US agencies.
Love the double standard here. An offhand comment about an email from the DHS is considered strong evidence that Cloudflare was "started from day one to be a government spying program" while anything Cloudflare could say to deny it is brushed off as not strong enough.
>> At CloudFlare, we have never been approached to participate in PRISM or any other similar program […because we approached them]
>> To date, CloudFlare has never received an order from the Foreign Intelligence Surveillance Act (FISA) court […because they never had to ask in the first place]
My paranoia was cemented by the book When Google Met Wikileaks. Silicon Valley types do not have to be coerced to share data with 3 letter agencies, they have aligned incentives to ensure American dominance. Which is fine with me, as an American, but I won’t pretend there’s some rivalry where Cloudflare won’t comply without a court order.
But the presence of https://en.wikipedia.org/wiki/PRISM well over 10 years ago should be sufficient.