The Flipside To Figuring Out What Content Do You Block: Cloudflare's Project Galileo Focuses On Who It Should Protect
from the case-studies dept
There has been so much discussion lately about the impossibility of doing content moderation well, but it’s notable that the vast majority of that discussion focuses on what content to ban or to block entirely. I do wish there was more talk about alternatives, some of which already exist (from things like demonetization to refusing to algorithmically promote — though, for the most part, these solutions just seem to annoy people even more). But there is something of a flipside to this debate which applies in perhaps somewhat more rare circumstances: what content or speakers to specifically protect.
I’m thinking of this, in particular, as Cloudflare has announced the 5th anniversary of its (until now, mostly secretive) Project Galileo offering, in which the company provides free security to around 600 organizations which are likely targets of attacks from well resourced attackers:
Through the Project, Cloudflare protects?at no cost?nearly 600 organizations around the world engaged in some of the most politically and artistically important work online. Because of their work, these organizations are attacked frequently, often with some of the fiercest cyber attacks we?ve seen.
Since it launched in 2014, we haven’t talked about Galileo much externally because we worry that drawing more attention to these organizations may put them at increased risk. Internally, however, it’s a source of pride for our whole team and is something we dedicate significant resources to. And, for me personally, many of the moments that mark my most meaningful accomplishments were born from our work protecting Project Galileo recipients.
The promise of Project Galileo is simple: Cloudflare will provide our full set of security services to any politically or artistically important organizations at no cost so long as they are either non-profits or small commercial entities. I’m still on the distribution list that receives an email whenever someone applies to be a Project Galileo participant, and those emails remain the first I open every morning.
At a first glance, this might not seem like much of a story at all: internet company does something good to protect those at risk doesn’t necessarily seem that interesting at first, especially during a moment in time when everyone is so focused on attacking every internet company for bringing about all the evils of the world. However, I do think there are some very important lessons to be learned here, and some of them very much apply to the debates about content moderation. In some sense, Project Galileo is like the usual content moderation debates, but in reverse.
I was particularly interested in how Cloudflare chose which organizations to protect, and spoke with the company’s CEO, Matthew Prince last week to get a more in-depth explanation. As he explained, they partnered up with a wide variety of trustworthy organizations (including EFF, Open Technology Institute, the ACLU, Access Now, CDT, Mozilla, Committee to Protect Journalists and the Freedom of the Press Foundation, among others), and would let those organizations nominate organizations which might be at risk or if organizations approached Cloudflare about being included in Project Galileo, Cloudflare could run their application by those trusted partners. What started with 15 partner organizations has now nearly doubled to 28.
Of course, such a system likely wouldn’t work well in the other direction (figuring out what accounts to ban or otherwise punish) as people would undoubtedly flip out and attack them — as many did a few years ago when Twitter announced its Trust and Safety Council of partner organizations that it relied on for advice on how it handled its trust and safety questions. Many critics of Twitter and its policies have continued to falsely insist that the organizations in this list are some sort of Star Chamber making decisions on who is allowed to use Twitter and who is not — so any move to actually have such a system in place would likely be met with resistance.
However, there is something interesting about having a more thorough process involving outside experts, than just trusting a company to make these decisions entirely internally. It’s obviously somewhat different with Cloudflare, in part because it’s providing underlying security services that are not as upfront as the various social media sites, and also because it’s about picking out who to “protect” rather than who to block. But it is worth looking at and thinking about all of the different challenges there are when it comes to content moderation that go beyond what most people normally talk about.
For what it’s worth, this is also quite important as more and more politicians around the globe are gearing up to “regulate” content moderation in one way or another. It’s one thing to say that social media sites should be required by law to block certain accounts (or to not block certain accounts), but think about how any of those laws might also apply to services like Project Galileo, and you can see why there should be caution in rushing in with regulatory solutions. The approach taken with something like Project Galileo ought to be entirely different than the process of determining whether or not a platform has decided to remove Nazi propagandists. But it’s doubtful that those proposing new regulations are thinking that far ahead, and I worry that some new proposals may sweep up Project Galileo in a manner where it may become more difficult for Cloudflare to continue to run such a program.
Still, in this era when everyone is so focused on the bad stuff online and how to stop it, it’s at least worth acknowledging a cool project from Cloudflare to note the good stuff online and how to protect it.
Filed Under: computer security, content moderation, project galileo, protection, security
Companies: cloudflare
Comments on “The Flipside To Figuring Out What Content Do You Block: Cloudflare's Project Galileo Focuses On Who It Should Protect”
Cloudflare hosts some pretty disgusting websites it certainly wouldn’t if Section 230 weren’t around. Like many who do the same, they’re very smug in thinking the legal climate will never change.
History won’t smile on this company.
Re:
I despise sites like Stormfront and the ideologies they spew. But if a company such as CloudFlare wants to host them, it should have the right to do so.
Re: Re: Re:
FWIW, the original commenter is wrong (again). Cloudflare provides services for sites, including protecting against DDoS attacks and the like, or doing CDN services, but it does not serve as a webhost.
There’s an important distinction, and it’s troubling to think that anyone would target 3rd party service providers who are not actually hosting a site over the content of those sites.
Re: Re: Re:
I appreciate the clarification.
Re: Re: Re: Re:
The "FWIW" is odd.
However, that’s probably just a slip. Cloudflare, as I reference below, actually does protect pirates and other questionable sites.
Techdirt uses it, along with some "sex" sites that I tried to list here, but was blocked, your mighty filters for once worked. In other words, Cloudflare protects sites that even YOU don’t want to be associated with!
Re: Re: Re:2 Re:
Does TD use cloud flare because the volume of garbage you post looks like a DDOS attack from a technical point of view?
Re: Re: Re:3 Re:
Well, it’s enough to trip TD’s automated "This IP gets flagged for spamming a lot, so submissions from it should now be shunted to the waiting list" system.
Re: Re: Re:2
Ohnoes, not sex! Anything but sex! Won’t someone think of all the violence?!
Re: Re: Re:3 Re:
Reminds me of the old comedy sketch from the 70s about two musical canines:
Dogs: sax and violins.
Supposedly they had difficulties getting past the FCC censors.
Re: Re: Re:2 Re:
"Cloudflare, as I reference below, actually does protect pirates and other questionable sites."
They do, because they’re neutral platform with no editorial control over the content of the sites they provide services for. You might as well be attacking your ISP for letting you view whatever random fetish sites you tried to inflict on us.
"along with some "sex" sites that I tried to list here, but was blocked"
Well done! you worked out that spam filters actually block spam. Now, try not posting spam and see how you get on.
"In other words, Cloudflare protects"
Erm, that was most likely Techdirt’s own spam filters that blocked you, not anything to do with Cloudflare.
Seriously, the reason you’re mocked here is that you have no idea how any of the technologies you attack actually work.
Re: Re: Re:3 Re:
Seriously, the reason you’re mocked here is that you have no idea how any of the technologies you attack actually work.
Hardly the only reason – Blue is also an affirmed racist, lair and hatemonger.
Re: Re: Re: Re:
FWIW, the original commenter is wrong (again). Cloudflare provides services for sites, including protecting against DDoS attacks and the like, or doing CDN services, but it does not serve as a webhost.
Except its name turns up as HOSTserver for many of its sites, making it a proxy/republisher that allows the site to hide its true location.
There’s an important distinction, and it’s troubling to think that anyone would target 3rd party service providers who are not actually hosting a site over the content of those sites.
see above.
You like "mean things?" Hope your kids die of cancer.
Re: Re: Re:2 Re:
“Except its name turns up as HOSTserver for many of its sites”
No it doesn’t. Learn how the internet works before activating impotent rage mode.
Re: Re: Re:3 A strange fetish if so, but it takes all kinda I guess
Way too late for that. Pathetic, hypocritical and impotent public displays of anger is apparently their default state(I mean, that or their fetish, which would be odd to be sure but not the strangest I’ve seen, so…)
Re: Re: Re:2 Re:
Seriously – what is wrong with you?
Re: Re:
Cloudflare hosts some pretty amazing websites it certainly wouldn’t if Section 230 weren’t around.
Then lucky thing we have CDA 230!!
Re: Re: Re:
"Gary" meant to write:
Re: Re: Re: Re:
The suspicious poster above me meant to write:
Good thing we have CDA 230 or I would not have a comment section to post in.
Re: Re: Re: Or we could just call you an ignorant motherfucker
And you ment to write:
I am an easily offended shitheel who lacks basic pattern recognition skills and lack the mental stability to understand that I have major mental health issues that I should be taking care of instead of obsessing over a site for over a decade that I claim no one reads but has nearly unlimited power and influence and I also love run on sentences because I am in addition to everything else a massive twat.
Re: Re: Re: Re:
"leftist troublemakers"
You know, the reason why right-wing extremists can post their toxic shit is also due to 230, right?
It’s always funny to see someone advocating for the removal of the very rights they use to make the request.
Re: Re: Re:2 Re:
PaulT,
Blue is an unrepentant neo-nazi and wants the removal of all the lesser folks. Why should it surprise you when he wants to advocate that he should have more rights than others?
Re: Re: Re:3 Re:
Oh I’m not surprised…
Re: Re: Re:2 Re:
afaik, troublemakers come in all flavors.
Apparently that poster thinks troublemakers other than leftist are completely acceptable troublemakers.
Hypocrites also come in all flavors.
Re: Re: Re:
So you resort to editing comments and then responding to them.
Fucking with people’s lives and reputations is bad karma. Courts aren’t the only way to deal with it (no, this is not a suggestion of lawbreaking at least not by me).
Re: Re: Re: Re:
“Hope your kids die of cancer.”
How’s your karma bro?
Re: Re: Re:
You’re right, it’s not a suggestion. It’s a threat.
Re: Re:
History didn’t smile on the RIAA either but that hasn’t stopped you yet has it, Herrick?
Re: Re:
"Cloudflare hosts"
It’s fun how you’re wrong in 2 words.
"it certainly wouldn’t if Section 230 weren’t around"
You’re actually right there. Since they have absolutely no editorial control, since their business is simple providing CDN services for other sites, the company could not possibly exist without 230.
Re: Re: Re:
Cloudflare is listed as the HOST SERVER for websites, which makes them a proxy, not just a conduit.
Some of the content they enable is downright disgusting, and if legal for them to publish, only because they think Section 230 can save them. That’s a big bet they’re making.
They’re a good poster child for why 230 needs to go.
Re: Re: Re: Bring it on motherfucker
Re: Re: Re: Re:
“Cloudflare is listed as the HOST SERVER for websites, which makes them a proxy, not just a conduit”
No, they’re listed as the dns target. Also proxyband hoy are not the same thing.
Holding them liable for the content they provide service for won’t change a damn thing btw. They simply provide services to enable sites to be more resilient to ddos attacks and local internet issues. Get rid of them, and you will just end up with the same end content being a bit less reliable. Hardly worth the millions of jobs you’d risk in the process of holding people responsible for things they haven’t done.
Re: Re: Re:2 Re:
“ Also proxyband hoy are”
Erm autocorrect with Spanish keyboard activate is weird…
Proxies and hosts are very much not the same thing. If you learned a bit of the tech you criticise you’d know that
Re: Re: Re:3 Re:
I know that tech inside and out from about 30(!) years’ experience (OK, only 25 for HTTP). And I have to say that the difference between a caching proxy and a host is pretty tenuous… and probably completely irrelevant from an ethical point of view.
If you’re deliberately participating in delivering specific content, having chosen that particular content at least to the level that you know this or that site is controversial for this or that reason, then what difference does it make?
I could equally apply your argument to paid hosting. If a better host won’t carry some content, then it’ll still find hosting on a worse one. And , "btw", for controversial content, Cloudflare isn’t about "a bit less reliable". It can be the difference between "reasonably available" and "essentially unavailable".
The difference between me and the grandparent is that I believe Cloudflare, and paid hosts, and whoever else, probably including large social media platforms, should NOT discriminate on content at all.
Re: Re: Re:4
Hi. You’ve expressed the opinion that a service such as Twitter or a paid content host should carry content its admins may not want to host. Please provide the reasoning behind this opinion so I can better understand it.
KNEW you'd defend CrimeFlare some day!
I found out some time back why Techdirt uses Cloudflare: it’s phony security (not secure from Cloudflare to client, still allows MITM attack) and a tool for pirates and scammers to obscure location.
http://crimeflare.net:82/cfssl.html
Note the clue in site name. At top is: "In other words, nothing can be done about the ISIS sites, carders, booters, gamblers, escorts, phishers, malware, and copyright infringers that CloudFlare protects."
Also answers a question that I posed (and ignored) in 2015: on page says that an "ssl" certificate # means Techdirt pays Cloudflare. — Yup, there it is!
techdirt.com ssl392180 (page says current May 27, 2017)
Cloudflare is not only accused of helping pirates, there’s a court ruling:
Cloudflare’s Cache Can `Substantially Assist’ Copyright Infringers, Court Rules
"[I]f Cloudflare’s logic were accepted, there would be no web content too illegal, or dangerous, to justify termination of its services. While Cloudflare may do amazing things for internet security, the Court would have a hard time accepting that Cloudflare’s security features give it license to assist in any online activity," Judge Wu writes.
https://torrentfreak.com/cloudflares-cache-can-substantially-assist-copyright-infringers-court-rules-180314/
Re: KNEW you'd defend CrimeFlare some day!
First link is to a site that is … barely better than Time Cube. I have zero reason to take it seriously, as, like you, it fails to provide substantive evidence to support its wild assertions.
Second link is valid, though worth noting that the case it references never went to trial. It got settled, instead, and honestly we’re better off for it. We don’t need the grossly long arm of copyright maximalists extending into shutting down security features.
None of which has any relevance to Project Galileo or the principles of content moderation. You had a chance to be relevant to an article topic, but you’ve once again fucked it all up.
Re: Re:
Or censoring distasteful yet legally protected speech. (For all the whining Ol’ Blue Balls does vis-á-vis corporate censorship, copyright never factors into his argument. Funny, that.)
Re: Re: Re: Re:
Or censoring distasteful yet legally protected speech.
Until the speech targets someone they like.
Re: Re: Re:2
If someone I like/agree with fucks up on social media by breaking the TOS and the suspension/ban isn’t obvious bullshit, well, tough shit for that someone.
Re: Re: KNEW you'd defend CrimeFlare some day!
"First link is to a site that is … barely better than Time Cube"
I’ll take your word for it, I bet it’s fun though. But, I’ll repeat what I just said – port 82? I don’t think I’ve ever seen a site not hosted on ports 80, 443 or 8080. Is the guy that paranoid about CDN that he refuses to use the agreed standards that have existed since the web was invented?
Re: Re: Re: KNEW you'd defend CrimeFlare some day!
the port is really just arbitrary. it is convention to use port 80 etc. for web traffic, but you can run it on any port you want. this can cause various issues such as harder discovery, local or isp firewall blocking, and misfired traffic, but is perfectly feasible. i generally only do this when testing proxies or developing multiple sites and languages, and then just listening to local host, but it should likely be obvious that people do all kinds of strange things for innumerable reasons.
Re: Re: Re:2 KNEW you'd defend CrimeFlare some day!
Well… the port is technically arbitrary, as in you can use any port you want in your config. But, if you don’t adopt agreed standards it can cause all sorts of problems in production.
"this can cause various issues such as harder discovery, local or isp firewall blocking, and misfired traffic"
Exactly. So, why would someone wish to put a public website on ports outside of the accepted standards for web traffic. Especially since the point of the site is apparently to whine about a particular company. Wouldn’t someone trying to get word out about whatever "crimes" are being committed want to make their site more and not less available?
EDIT: I thought I’d do a quick check in case there was anything normally used on that port and apparently it’s something to do with a TOR browser. So, in other words, our paranoid local nutjob has been hanging around on sites operated by other paranoid nutjobs and, thinks he’s scored a coup by finding something that’s still fully visible on the standard public web. Never mind…
Re: KNEW you'd defend CrimeFlare some day!
Erm.. you’re always full of shit as ever and I’m not going to click on random sites but… why has the person who runs whatever insane conspiracy site you links to first chosen to specifically host his website on port 82 rather than the standard 80? Are web standards evil now or something?
"on page says that an "ssl" certificate # means Techdirt pays Cloudflare"
Yes, as ever you’re a genius. You found publicly available information provided by Techdirt and that means you’re now some kind of sleuth and deserve a cookie. Go get it while the adults talk.
"Cloudflare’s Cache Can `Substantially Assist’ Copyright Infringers, Court Rules"
Yeah, judges can sometimes be as technically ignorant as you, it’s a real problem.
Remember those internet lawyers who said calling someone "racist" wasn’t defamatory but opinion?
Tell that to Oberlin college, who just lost $11 million (and might lose $33 million) over the same thing. If they say that’s a tortious-interference judgment, well tortious-interference doesn’t apply without an underlying tort violation, such as defamation.
Re: Re:
Oberlin college? Not familiar…
But I checked it out and that does seem like a bad verdict. But a bad decision does not change the law, nor does it mean that it’s right to expose more people to risk if similar attacks, as your opposition to section 230 demands
Re: Re: Re:
No, it was a well-deserved verdict that will stand appeal (though they might get damages reduced by an amount greater than the legal fees to appeal it). In a gross example of "punching down", ridiculous accusations and threats were supported by the university, assuming the "free speech" of the students would protect any action they took. But not in a case of defamation, which seems pretty clear here.
Or maybe the jury was just a bunch of unenlightened rubes who think there’s a difference between "speech" and "raging mobs of protesters, death and arson threats and interference with business operations".
As a practical matter, whatever you think of the members of the jury (who should, probably, be doxxed, threatened and have their employers and relatives called), it should not be hard to empanel a jury of people willing to make a like distinction anywhere in the country.
Re: Re: Re: Re:
As a practical matter, whatever you think of the members of the jury (who should, probably, be doxxed, threatened and have their employers and relatives called)
Or, and I’m just spitballing here, suggestions like that could not be made, as crossing well over the line of acceptable behavior.
Already got one nut in the comment sections making ‘vague’ totally-not-threats, don’t need more of the same.
Re: Re: Re:
Here is a bit more detail about that case. I’m sure you’ll be shocked to hear that it wasn’t nearly as simple as "calling someone racist."
Re: Re: Re:
Wasn’t that faster than just posting back "citation please?"
"Cloudflare, as I reference below, actually does protect pirates and other questionable sites."
They do, because they’re neutral platform with no editorial control over the content of the sites they provide services for.
They have editorial control to the extent they allow the site to run through their servers. They just THINK they’re immune to this under Section 230.
Those who can’t find justice via libel laws have other alternatives if push comes to shove, and no this is not advocating breaking the law.
Re: one more impotent threat for the pile
Any day now, any day now…
Re: Re:
They have editorial control the same way the post office have control over what’s sent in a parcel. Are you arguing that the post office need to screen every parcel before they deliver it? Last time I checked that’s actually illegal
Also I don’t give a shit if libel laws fail. Not finding the justice you think you deserve does not mean you get to attack people who had no part in creating the content you oppose
Re: Re:
They have the same editorial control as the mobile phone companies do over text messages, and that is none as they provide a paid for service, and do not look at the content.
According to your demands, neither you or anybody should be able to be able to communicate unless some third party looks at and approves all communication.
Re: Re: Re:
To extend the post office analogy – his hate boner is for PO Boxes. He seems to think that not only should the box owners be directly liable for the contents of those boxes, but that stopping those boxes from existing means that no objectionable material will ever be sent by post.
I just hope that people with actual power realise he’s as stupid as the rest of us understand he is.
Re: Re: Re:
According to your demands, neither you or anybody should be able to be able to communicate unless some third party looks at and approves all communication.
That is John’s great idea in a nutshell. Consistent with his scammer business model.
Re: Re: Re:
According to your demands, neither you or anybody should be able to be able to communicate unless some third party looks at and approves all communication.
Well, I guess that means Jhon is okay if I just clicked this "report" button next to his comment…
Re: Re:
Just fighting words, Jhon, right?
Re: Re:
Sounds like a threat.
Sounds like bullshit.
Re: Re: Re:
Sounds like bullshit.
What else do you expect from someone who (claims) to write self-help books?
Jhon is the sort of person that would tell people to drink bleach to cure their ills, then sue his critics.
Re: Re: Re: Re:
Oh not at all, he doesn’t have the spine for that. He wouldn’t say that people should do it, just that someone could do it and probably get away with it, and then when he found someone dumber than him who actually did do it he’d play innocent and say that despite his words he’d never suggested that someone actually do it.
Honestly, his latest pathetic passive-aggressive shtick of ‘I’m not saying I would do it, just pointing out someone could do it…’ isn’t fooling anyone, and if he was actually capable of more than laughably empty threats it might be worth concern. He isn’t though, so laughs and flags are all he gets.
Re: Re: Re:2
stochastic terrorism — noun — the use of mass communications to incite random actors to carry out violent or terrorist acts that are statistically predictable but individually unpredictable
Re: Re: Re:3 Re:
So they are literally using terrorist tactics in their trolling now… if they weren’t already a repulsive, pathetic individual that might surprise me, but as it stands that strikes me as entirely within their character.
FIRST RULE
Stick to the SUBJECT.
For all the comments, I would say about 1/4 dont stick to the subject. Even if you have something to say about someone, Explain to them whats the difference..
THe Internet started with no rules, and it was pretty good, Except for the idea of BUYER BEWARE. Its not that you Cant see the product, its that you Cant handle it, feel it, test it.. And know that you can return it. Get it fixed if needed.
Having Forums, isnt easy, and even a comment site as this has its problems, Sometimes.
I suggest/warn persons that THIS isnt heaven, and neither is our world. Dont expect to make this WHAT IS NOT in the world. It is a representation Of ourselves.
The net Only brings out WHAT is here, what we have buried into our society.. What we HIDE from ourselves, its a GIANT MIRROR..
But the big problem is those that want to Make the world better, but (I THINK) those persons have dreams and fantasy of what they THINK the world should be. And NOT what the world is.
The battles here, are the battles we have in our own world..
From the Corps, that take advantage of us tot he Governments that want to Control us. and restrict us.
the Internet if Left to its OWN, can become wonderful and Drastic..Full of all the Good and BAD in the world.
If you want protection, you will PAY for it. IF you want the GOV. to protect you, you better be willing to GIVE UP your rights and the Temptations you may enjoy.
I will not go into those that enjoy religion, as to many think that they SHOULD be My brothers/sisters/mothers/fathers/Aunts/uncles/… keeper. And I love Christians that dont know that there are over 40 diff groups of Christians..
to many want to change things, but Cant see the trees. Cant see what CAN be done with what is happening. ‘Backpage’ was one of the casualties. Dot.com, and many others are in the middle of this and so are some that Just want to give Information, that MIGHT make lives better..
There will only be 1 recourse. That the internet, creates its own NAtion and works as one. Or all these groups and Ideals will start to TRY and take advantage.
Content moderation is easy, until you start trying to use it as a tool for censorship (aka "I don’t want people thinking things that I don’t agree with").
Re: Re:
Which is a cute soundbite, but meaningless until you quantify it.
Are spam filters a form of censorship?
If an account is a bot that just writes a post consisting of the word "COCK" every thirty seconds, is banning that account censorship?
What if it’s not a bot? What if it’s an army of individual shitposters, each individually copy-pasting "COCK" and posting every thirty seconds? If a moderator bans all those accounts, is that censorship?
I think those are all pretty clear examples of reasonable moderation. No content is being censored; only spam and disruptive, off-topic shitposting.
Those are examples I think most people can probably agree on. But they’re intentionally extreme examples. Other examples are less black-and-white, much more subjective and open to interpretation.
What if, instead of "COCK", there’s a network of dudes posting "MAGA" every thirty seconds? Is that disruptive shitposting, or does the political content change its value? Does it depend on the topic of the conversation? Should it, say, be allowed in a political conversation but not a conversation describing the specs of AMD’s new graphics cards? Should there be a time limit? If somebody posts "MAGA" once, should that be treated differently than if they post it repeatedly every thirty seconds?
Each of those questions implies a subjective value judgement. And I’m still positing some pretty simple cases here.
Re: Re:
That’s a strange sentence. How you define content to be moderated as NOT people saying what you don’t agree with? Even if you’re dealing with outright spam or direct personal attacks, that’s still based on a difference of opinion.