This talking point is tired. They would just pay $100/month for ddos-guard. I don't understand why Cloudflare should be forced to screen customers by default or held to a standard that no other Internet business is. Why not go up the chain and start protesting outside Verisign HQ?

Cloudflare likes using their extensive knowledge of everything on the internet for marketing purposes. When it comes to their customers they suddenly know nothing. I think calling it out until they change either side of that is reasonable.

While malicious traffic is a threat, so is the internet police going after political content. I think Cloudflare made some mistakes here in the past and indeed it was for content that you hardly can garner sympathy for. But the important thing is that they are not a gatekeeper and that is very fine with me.

> I don't understand why Cloudflare should be forced to screen customers by default

It's very common for reputable hosting company's to KYC/KYB.

It's good for them & also good for their legit customers.

It's not good for their legit customers that are politically unpopular. Porn/Adult hosting services get a lot of trouble for this exact reason.

What you're describing is the modern (digital) version of "sin tax".

Where government identified categories like smoking, alcohol, pornography - are defined by governments to be potentially harmful to its citizens. So as a hosting company, you're in a weird spot because it's not clear if you can/cannot do business with those types of companies.

Yes but there's no law requiring this and it raises their bounce rate. I don't see any evidence that if law enforcement asked them to shut down a domain that they wouldn't. DDoS as a service existed long before Cloudflare and in its simplest form just requires messaging someone on a forum with a target.