There’s a balance to be struck here but Cloudflare is truly the most miserable entity I have to work with from an abuse perspective. They’re not necessarily “ignoring” warrants but most phishing doesn’t get reported with a legal takedown request. In those cases, Cloudflare will be almost intentionally obtuse. I’m happy to outline the misery of a host working with Cloudflare but it’s not necessarily important to this. TLDR; Cloudflare takes steps that don’t make sense for its “we’re not responsible” stance while also having zero automation in the year of our lord 2024.
I suppose everything could be a legal request but that just makes the whole process so infinitely worse for NGOs like Spamhaus and only serves to make lawyers excited that their consultation fees are going up. I see that the laziest pathway is “Youtube-like strikes” which is misery as well but they could just shift to investigating accounts receiving a high volume of reports as potential fraud or abuse actors since it is a drag on their services and these accounts are not paying or are paying with stolen credit cards.
Ultimately, I don’t disagree with you that much but there’s a lot of room for CF to improve their management of fraud & abuse without becoming a trash platform or invalidating legal protections. Happy to get into the weeds on this a bit more since it’s a lil’ bit close to home. 😅
I think this is squarely in the charter of the FTC but who knows with the courts any longer. We just saw them strike down a ruling by the EPA to enact health measures under the requirements of the Civil Rights Act.