1. A company can arbitrarily do whatever it wants within the confines of the law. Additionally a company's chief executive and/or leadership team can do whatever it wants so long is it is not in breach of their bylaws and/or they have the support of the board.
2. A company which is publicly traded is beholden to public perception if it affects current and future shareholders views on share price and health of the company. If shareholders believe being associated with potentially illegal activity means Cloudflare could be open to lawsuits, then leadership kicks off that activity. Leadership can't give an honest answer on this because it would admit they were worried about being complicit in illegal activity. This is why you see the response of 'we don't believe this is our responsibility, we're just a neutral entity' PR spin.
To return to OP's post, Cloudflare directly benefits by letting DDoS-for-hire operators use their service. They've been informed of this, this post is one of many on the topic. If you go a few comments back in my comment history you'll note I mentioned Cloudflare also pulled down sex worker sites in the fallout from SESTA being enacted. Why didn't they make the same argument then? Unlike SESTA at the time the caselaw on CFAA supports that DDoS-for-hire is illegal activity, going back a little over 10 years with plenty of prosecutions. The US prosecutor handbook on it was updated around 2010 to add it https://www.justice.gov/criminal/file/442156/download, the last time I remember anyone trying to claim it was legitimate protest was back in 2013 when some Anonymous indictments were handed out. Cloudflare also responds to DMCA takedowns even though they don't host the content, why would they do that if there's no liability?
Lets break it down a little more then: If my business is damaged because my website gets DDoS'd by a protected service Cloudflare knows will make me require the purchase of a service like theirs, why wouldn't I name them as a conspirator in a legal complaint?
No comments yet.
