Cloudflare, the Silicon Valley based company that provides online protection for websites against cyber-attacks (among other services) has been in the news–yet again–because they finally fired 8Chan as a client, removing the protective wrapping that had allowed the website so closely associated with hate speech and racist rants to exist on the internet. 8Chan has become the vehicle of choice for the mentally deranged and disaffected social misfits who have perpetrated a number of killings, including the mass murders at a mosque in Christchurch New Zealand and the shooting of mainly Mexican shoppers at a Walmart in El Paso, TX. But this blog is not about 8Chan (which is a topic unto itself), but rather about Cloudflare, its enabler.
Without Cloudflare, 8Chan could not easily exist because it would quickly be subjected to DDOS “distributed denial of service” attacks from internet vigilantes opposed to their message. Cloudflare props up and allows websites like 8Chan, or the right-wing website Daily Stormer (another client that it eventually cut loose) to function. Of course Cloudflare is not the only game in town, and even though they have removed their services from these websites, the offensive content has not disappeared from the internet. Cloudflare also provides anonymizing services that allows its clients to hide their real identity on the web, becoming virtually untraceable. This provides a layer of protection that makes it virtually impossible to take legal action against sites providing illicit services. Cloudflare’s role in enabling illicit activity is well-documented and explained in an excellent blog post on the website WebSchauder.
Cloudflare is a new kind of internet intermediary, not a platform but an enabler. But like a platform, the question arises as to what extent it should bear responsibility for the content that it enables, whether this content consists of racist or hate speech sites that appear to encourage violent anti-social acts, such as those that occurred in Christchurch or El Paso, or sites that facilitate or actively engage in copyright-infringing activity. Filmmaker and copyright blogger Ellen Seidler posted a perceptive commentary in January of this year titled, “Piracy’s scofflaws – All roads lead through Cloudflare?”. In the blog post, she pointed out that “illegal piracy sites do their best to hide while Cloudflare helps keep them in business”. Cloudflare is not obliged to provide services to anyone; it does so for profit, not altruistic reasons, and if providing services to hate-mongering racist sites hurts their image or their business, they are fully entitled to terminate services. Their terms of use make that clear, allowing them to terminate users of their network at their sole discretion. But they seem to agonize over the decision to sever their relationship with bad actors, as if to choose not to provide services to undesirable sites that promote illegal behaviour is a form of censorship.
In a blog published to explain its decision to cease doing business with 8Chan, Cloudflare CEO Matthew Prince commented that, “We continue to feel incredibly uncomfortable about playing the role of content arbiter and do not plan to exercise it often.” His commentary continued that Cloudflare’s mission is “to help build a better internet”, and it is not fair to impose upon it the responsibility of deciding which content is good or bad. Oh, the hand-wringing! That is the standard cop-out of the internet intermediaries, platforms or enablers, who like to hide behind freedom of speech arguments to avoid taking action against sites that promote everything from racial hate, murder and terrorism to theft of content and piracy. After all, to do so might damage their business model.
Whether it is the owner of 8Chan claiming that his website is just an “empty piece of paper for writing on”, or Cloudflare providing technical support (until El Paso finally tipped the scales) to keep disreputable websites online, or any of the other internet intermediaries claiming to see, hear and speak no evil, I am tired of hearing the argument from digital businesses that they are mere conduits and that if they made choices, this would undermine democracy. In this myopic world-view, they are supported by the cyber-libertarians of the internet world, the Electronic Frontier Foundation, who argued (with respect to Cloudflare’s decision to end its business relationship with the Daily Stormer) that “we must also recognize that on the Internet, any tactic used now to silence neo-Nazis will soon be used against others, including people whose opinions we agree with.” Protecting free speech cannot be used as the excuse to protect every dark corner of the internet.
But let’s give some due credit to Cloudflare. After the atrocities committed in El Paso, Poway CA, and Christchurch that were promoted through 8Chan, they had every right to decide to discontinue providing services to the website. Unfortunately, they are far less vigorous when it comes to cutting off their services to sites that promote piracy and distribute pirated content, once again hiding behind the “innocent conduit” argument. That argument is becoming threadbare and is increasingly being challenged. Recently in Italy, the Commercial Court of Rome ordered Cloudflare to terminate the accounts of several pirate sites, as well as reveal the personal details of the site owners and their hosting companies, based on a complaint from Italian broadcaster RTI. The plaintiff argued that Cloudflare had knowledge of the infringements perpetrated by its clients and if it failed to take action, it could be held liable, and subject to a fine of Euros1000 per day.
Cloudflare tried to argue that the Italian court did not have jurisdiction since the company was US-based, but the Court was not buying this argument. This is the same argument used by Google to try to fight court rulings in Canada and New Zealand that required it to filter search results. It didn’t work in Canada, while in New Zealand the Minister of Justice is currently considering his options. If you are going to do business in a jurisdiction, be prepared to comply with local law.
Internet enablers have a key role in the digital ecosystem but as private companies (not regulated utilities) they have the right to choose who they work with. If they continue to provide their services to all and sundry, hate sites as well as plain vanilla operations, promoters of piracy as well as fully legitimate sites, it surely says something about that company’s ethics and values. Trying to cloak these decisions in the language of “freedom of the internet” as an excuse to accept any and all revenue is simply trying to duck any responsibility for one’s conscious choices.
Cloudflare finally brought itself to do the right thing regarding 8Chan. One can only hope that one day it will be as ethical when it comes to deciding not to do business with content pirates and scammers.
© Hugh Stephens, 2019. All Rights Reserved.
This post has been updated to make explicit reference to Cloudflare’s anonymizing services, and providing a link to an article on this topic found on the website WebShauder.
Hugh Stephens Blog 
One thought on “Cloudflare the Enabler: It Needs To Make Some Hard Choices”