| ▲ | enricotal a day ago |
| Also another Italian here. For context, the "Piracy Shield" mentioned in the order is basically a legislative hacksaw authorized by the regulator (AGCOM) primarily to protect Serie A football rights. Soccer rules Italy more than the Vatican.. It’s a mess technically: it mandates ISPs and DNS providers to block IPs/domains within 30 minutes of a report, with zero judicial oversight. It’s infamous locally for false positives—it has previously taken down Google Drive nodes and random legitimate CDNs just because they shared an IP with a pirate stream. The NUCLEAR threat regarding the 2026 Winter Olympics (Milano-Cortina) is the real leverage here. He’s bypassing the regulator and putting a gun to the government’s head regarding national prestige and infrastructure security. My personal take idea likely outcome: Cloudflare wins. EU Law: The order almost certainly violates the Digital Services Act (DSA) regarding general monitoring obligations and country-of-origin principles.
Realpolitik: The Italian government can't risk the Olympics infrastructure getting DDoS'd into oblivion because AGCOM picked a fight they can't win. They will likely settle for a standard, court-ordered geo-block down the road, but the idea of Cloudflare integrating with a broken 30-minute takedown API is dead on arrival. |
|
| ▲ | ta9000 a day ago | parent | next [-] |
| > The NUCLEAR threat regarding the 2026 Winter Olympics (Milano-Cortina) is the real leverage here. He’s bypassing the regulator and putting a gun to the government’s head regarding national prestige and infrastructure security. Kind of wild that a private company has that kind of power, both in terms of being one of the few that can offer this service and they can make threats at this level. |
| |
| ▲ | gpm a day ago | parent | next [-] | | I have to say I'm curious over whether that's actually leverage or a massively miscalculated threat that is just going to push the Italian population and politicians firmly against cloudflare. I'm pretty sure if you tried that here (Canada) it would do the latter. | | |
| ▲ | DangitBobby a day ago | parent | next [-] | | Would a regulating body in Canada do this, though? And if so, hopefully Cloudflare would say fuck you just the same as they did Italy. It's nice to see someone actually taking a principled stand for once. | | |
| ▲ | gpm a day ago | parent [-] | | If our politicians were stupid enough to pass a law telling them to - I sure hope so - we live in a place with the rule of law not the rule of whatever Joe at the CRTC thinks should happen. Regulators exist to enforce the will of parliament... Would our politicians pass a law this unfortunate... I hope not... but I don't really have that much faith in them. The current government probably wouldn't, but governments change. Referencing the Trump administration - the people going around threatening, deporting, arresting, taking money from, etc people as a consequence for speech they don't like - as the standard for free speech makes this far from a principled stand by cloudflare. They took their moral high ground and sunk it. This isn't about speech for them, just money. | | |
| ▲ | DangitBobby a day ago | parent [-] | | You're free to believe all that. "Rule of Law" loses all meaning when corruption takes root. We don't like that "for my friends, everything, for everyone else, the law" shit. Things can be morally wrong and still legal, and the law itself can intentionally enforce immorality. It's your civic duty to determine when upholding the law degrades you and every else more than following it does. Also I feel like threatening to take your toys and go home when they don't play fair is a totally valid response. | | |
| ▲ | gpm a day ago | parent | next [-] | | "for my friends, everything, for everyone else, the law" is a weird description, when that's not the problem with this law at all. There's no question of selective enforcement going on here. The problem is lack of due process, not that. It's a great description of one of the main tactics the administration he is asking for help uses though. Which again goes to Cloudflare entirely abandoning the moral high ground here. Threatening to leave is "totally valid" in that it's their right to leave, but it's also not something that a sovereign country that cares about staying sovereign should give any respect to. The only response to a foreign corporation saying that that maintains your independence is "you can't quit, you're fired." Otherwise you just become beholden to the corporation providing you "charity". | |
| ▲ | atmosx 20 hours ago | parent | prev [-] | | > It's your civic duty to determine when upholding the law degrades you and every else more than following it does. That’s a lot more complicated. What happens if a foreign power takes over Canada and changes the law? What is the state law goes against the laws stated by your religion? It’s a thin line, better not deal in absolutes. | | |
| ▲ | eecc 20 hours ago | parent [-] | | If a foreign power takes over your country and changes the laws in ways that conflict with the previous constitution, there’s a break in sovereignty continuity so your options are: 1. Pledge to the new authority and move on
2. Keep your word on your previous pledge and resist |
|
|
|
| |
| ▲ | anakaine a day ago | parent | prev | next [-] | | I have to doubt that it would push the populace against the company when the company is actually both providing good (free protection, DDOS mitigation, CyberSec) and supporting appropriate judicial process to make decisions. | | |
| ▲ | gpm a day ago | parent [-] | | Political threats of withdrawing from an event in an explicit attempt to pressure the country is the opposite of supporting appropriate judicial process. | | |
| ▲ | tonyhart7 21 hours ago | parent | next [-] | | so you want cloudflare to pay fines that 2x revenue of italy customer while also demand cloudflare for services it provides ????? not counting that the fines also outrageous, 2% global revenue and IP+Domain block for global despite it only Italy request it ???? | |
| ▲ | concinds 20 hours ago | parent | prev [-] | | Is this some weird variant of the right-wing claim that freedom of association is “censorship”? Why would a government be entitled to free shit? | | |
| ▲ | tsimionescu 17 hours ago | parent [-] | | No one is entitled to free shit, but anyone who says "I'll stop giving you free shit unless you do X" is not giving you free shit, they're engaging in barter. And bartering to try to change a law, just like paying to change a law, is obvious and illegal corruption. |
|
|
| |
| ▲ | rerdavies a day ago | parent | prev | next [-] | | Pretty sure, speaking as a Canadian, that the Canadian government would not be able to implement that kind of legislation. And that if they did, I would 100% back Cloudflare. | |
| ▲ | petre a day ago | parent | prev [-] | | Not a fan of Cloudfare but why should it be responsible for providing pro bono services to the Italian government during the winter olympics? If one gets drunk at the pub and threatens the staff after being served free drinks, they get thrown out. Why should this be any different? In Spain they also have similar laws made specifically for UEFA and the broadcasters' mafia. | | |
| ▲ | yorwba 20 hours ago | parent [-] | | The services aren't pro bono if they're only offered in exchange for getting a law modified. And if you offer people free stuff and then turn around and demand something in return, they're going to get upset and like you less than if you had never offered the free stuff in the first place. | | |
| ▲ | toyg 7 hours ago | parent [-] | | There was no exchange implied... before this sentence. Cloudflare might well be justified in feeling that the other side altered the deal, so to speak. |
|
|
| |
| ▲ | asa400 a day ago | parent | prev | next [-] | | This is one of the consequences of outsourcing this (and other capabilities) to the private sector. Many governments simply don’t have the skill and political will to invest in these kinds of capabilities, which puts them at the mercy of private actors that do. Not saying this is good or bad, just trying to describe it as I see it. | | |
| ▲ | miki123211 a day ago | parent [-] | | Governments just can't come to grips with how much money software engineers make. Paying a contractor $x million? Yeah no problem, projects are projects, they cost what they cost. Does that $x million pay for 5x fewer people than it would in construction or road repair? We don't know, we don't care, this is the best bid we got for the requirements, and in line with what similar IT projects cost us before. Paying a junior employee $100k? "We can't do that, the agency director has worked here for 40 years, and he doesn't make that much." Variants of this story exist in practically every single country. You can make it work with lower salaries through patriotism, but software engineers in general are one of the less patriotic professions out there, so this isn't too easy to do. | | |
| ▲ | tsimionescu 17 hours ago | parent | next [-] | | > Paying a junior employee $100k? "We can't do that, the agency director has worked here for 40 years, and he doesn't make that much." I can assure you that junior software engineers in Italy or anywhere else in the EU make nowhere near that amount of money. In fact, few of even the most senior software engineers make that amount of money anywhere in the EU (in Switzerland or the UK they might see such salaries, at the higher tiers). | | |
| ▲ | alberto-m 4 hours ago | parent | next [-] | | > in Switzerland they might see such salaries, at the higher tiers Putting UK and Switzerland in the same pot is wrong, the pay scales are totally different. 100k$ is 80k CHF which is entry level salary for a SWE. The difference between Switzerland and US is at senior level (reaching 160k CHF is much more difficult than reaching 200k$). | |
| ▲ | miki123211 11 hours ago | parent | prev | next [-] | | The figures I gave were in-line with the US (as that's what most of this audience understands), but if you scale everything by a certain factor, the entire principle holds basically anywhere. | | |
| ▲ | tsimionescu 11 hours ago | parent [-] | | Not really. US programming salaries are much higher than most other engineering and specialist positions, which makes it harder for the government to hire good programmers. However, programming salaries here in the EU are much more in line with other specialist salaries, which the government already hires many of. So there is no significant problem in hiring programmers at competitive rates for government work. The bigger problem, and the reason this doesn't usually happen, is just ideological opposition to state services, preferring to contract out this type of work instead of building IT infrastructure in-house. |
| |
| ▲ | Nextgrid 15 hours ago | parent | prev [-] | | And they get exactly what they pay for. There's zero reason for a competent professional to stick around with that kind of pay any longer than strictly necessary (aka until their own gig or freelancing takes off). | | |
| ▲ | angry_octet 14 hours ago | parent [-] | | Many people don't want to live in America. I know that if you're American that sounds crazy. |
|
| |
| ▲ | Nextgrid 15 hours ago | parent | prev | next [-] | | Not just governments, that same kind of greed exists in private companies too. The only way to make good money while being an employee is to have your buddy spin up a "vendor" offering overpriced bullshit and shill it within your company. In exchange, you also spin up a "vendor" and your buddy shills it at his company. | | |
| ▲ | Imustaskforhelp 12 hours ago | parent [-] | | This might explain why there are sooooooooo many vps providers/cloud providers, this might be one valid reason as to why. I am sure that this might not be the only reason but still, its a valid reason for many. Do you know of companies/people which do this and how widespread this practise is? To me it still feels like malicious compliance tho for what its worth. | | |
| ▲ | Nextgrid 12 hours ago | parent [-] | | I said this in jest as a reaction to what post-tax SWE salaries in Europe top out at, all while the same companies have no problem burning insane money on vendors. There is zero incentive to do good work as an employee as it won't be compensated anywhere near what even a shoddy vendor gets paid. But given the rise of many SaaSes selling exactly the same thing every full-stack web framework used to provide for free - think Auth0, Okta, etc, it may very well be happening. |
|
| |
| ▲ | debugnik 16 hours ago | parent | prev [-] | | > Paying a junior employee $100k? In Southern Europe? More like $30k gross. |
|
| |
| ▲ | jkman 15 hours ago | parent | prev | next [-] | | How is revoking pro bono work you volunteered 'wild'? Should offering services lock you into indentured servitude? | |
| ▲ | retr0rocket a day ago | parent | prev | next [-] | | [dead] | |
| ▲ | isodev a day ago | parent | prev [-] | | > Kind of wild that a private company has that kind of power Also kind of wild that it’s a private US company pushing their current political views on another sovereign state. Cloudflare as a political tool of leverage is a level of dystopia we really should try not to unlock. | | |
| ▲ | johncolanduoni a day ago | parent | next [-] | | They're threatening to take their ball and go home. If they move all of their operations out of Italy, under what principle does Italy demand they block content globally? Should Wikipedia remove their page on Tiananmen Square because the Chinese government demands it (which they would, if they thought it would work)? | | | |
| ▲ | nl a day ago | parent | prev | next [-] | | What are the exact political views the Cloudflare is pushing here? That it is unreasonable for Italian soccer rights owners to try to use Cloudflare to enforce their broadcast restrictions with 30 minutes notice? That it is unreasonable not to have a appeal right for these restrictions? That the technical solution demanded is technically infeasible? Not sure that these are political views at all. | |
| ▲ | msh a day ago | parent | prev | next [-] | | i think it’s quite normal and always have been normal for companies to leave countries when the regulative environment goes against them. | |
| ▲ | SkiFire13 18 hours ago | parent | prev | next [-] | | I can assure you that a lot of Italians agree with Cloudflare on this topic. | | |
| ▲ | iamkonstantin 16 hours ago | parent [-] | | I think the parent is trying to say that whatever issues Italy may have internally, it's not up to Cloudflare to comment or enact solutions on their own. |
| |
| ▲ | staplers a day ago | parent | prev [-] | | a private US company pushing their current political views on another sovereign state
This has always been the case in the western world, even before America itself existed. Some use the US govt (CIA) as leverage but often will just do it themselves. |
|
|
|
| ▲ | atmosx 20 hours ago | parent | prev | next [-] |
| > but the idea of Cloudflare integrating with a broken 30-minute takedown API is dead on arrival. Why? Technically it’s very easy. Wha if JDV asked CloudFlare to implement this on a different occasion? Would it be dead on arrival? |
|
| ▲ | Nextgrid 15 hours ago | parent | prev | next [-] |
| A system like this could actually work as long as every takedown request involves posting a significant bond into a holding account and where the publisher can challenge the block and claim the bond if the block is ruled illegal. This achieves the advantages of quick blocking while deterring bad behavior, and provides cost-effective recourse for publishers that get blocked, since the bond would cover the legal fees of challenging the block (lawyers can take those cases on contingency and get paid on recovery of the bond). |
| |
| ▲ | mercutio2 11 hours ago | parent [-] | | This is one of the very few non-money-laundering use cases for crypto. I would support a “5 cents per unsolicited email” email system, in a similar way. If you make it a mildly enjoyable $5/hour task to read the first sentence or two of your spam folder, the overall internet would be better. |
|
|
| ▲ | torginus 19 hours ago | parent | prev | next [-] |
| I don't get how censorship of this kind is even technically feasible? I can rent a vpn on AWS, then connect to a stream hosted in Kazakhstan. You can't take down a website there, and you certainly can't rangeban AWS ips. |
| |
|
| ▲ | xinayder a day ago | parent | prev | next [-] |
| Italy can also buy the bluff and you know, partner with an EU company to provide them the service Cloudflare would offer "for free". |
| |
| ▲ | pyvpx a day ago | parent [-] | | There is no “EU” company with remotely the same network capacity or capability, in general | | |
| ▲ | xinayder a day ago | parent [-] | | BunnyCDN is a good contender for the network. They can find another provider for cybersec. | | |
| ▲ | lgeek 21 hours ago | parent [-] | | BunnyCDN don't run their own network, most of their servers are hosted at DataPacket(.com), but they use some other hosting companies too. DataPacket has a very large network though and is kind of, sort of EU-based. AFAIK most operations are in Czechia, but the company is registered in UK. And there's also the Luxembourg-based Gcore. |
|
|
|
|
| ▲ | immibis a day ago | parent | prev [-] |
| Can someone report a bunch of government websites and legal streaming services and see what happens? |
| |
| ▲ | kavaruka a day ago | parent [-] | | Only right owners can report websites, the Piracy Shield is essentially a tool in the hands of “Serie A Soccer League” and DAZN. | | |
|
