Cloudflare as a Pre-DMCA Authority

So some issues/questions about Cloudflare and their DMCA policy.

When I do a DNS lookup for a domain name that is using Cloudflare, the record shows Cloudflare and there is no way to find out the host of the site or otherwise trace real IP of the domain.

Cloudflare says they are not a host, yet they handle DMCA’s in a similar way to a host. If they “accept” your DMCA they then provide you with the host, and then you have to file a second DMCA with the host.

Is there a legal precedent for have a pre-DMCA authority?

If they accept DMCAs, shouldn’t they stop allowing the content to be served being the processor of the DMCA?

If they fail to act on a DMCA should I send a message to Cloudflare’s ISP?

We’re very similar to Akamai’s policies and procedures. We are not a hosting provider and have no way of removing content from a website. We don’t host content for any site that is in our network.

We don’t accept DMCAs per se. If the complaint is filed with the proper requirements for a valid DMCA complaint, then we will release the hosting provider so you can contact the host.

So are you saying that Cloudflare’s responsibility is simply to see if the dmca notice is formatted correctly? Somehow the hosts aren’t capable of doing this even though that have departments dedicated to this? If you are willing to accepts a complaint, why is it not passed on to the host? This is what a company like Softlayer does which also offers a competing product.

Am I correct that you are acting as a pre-DMCA certification authority for Warez sites and also [URL=“”]spam tool distribution sites knowingly? Is Cloudflare is fully aware they are protecting these sites, and making it harder for anyone to do anything to protect themselves? File hosting sites with illegal downloads, and spam tools that are used to spam forums like this one seem to be protected by cloudflare as you read those posts. The main people not being protected are the copyright holders who cannot file a normal DMCA complaint as would be the case with any large host like hostgator, softlayer, godaddy, etc, etc.

Akamai does not seem to block someone from knowing the content publisher whois information and further states “For permanent resolution, we strongly recommend making your complaint known to the content publisher directly.” You do not make such a statement on your DMCA page. Furthermore, I don’t think Akamai is known for protecting warez and spam sites.

Also note that google cache’s content and does allow removal from their site through a DMCA notice even though they too only cache the content temporarily.

I sure hope you care enough about copyright holders that you would not want to make it more difficult for them to make a claim just to protect clients of yours. How would you feel if all the programming done to build cloudflare that people spent years of their lives writing was released to the public on illegal filesharing sites? Furthermore, what if hundreds or thousands of urls were involved and a large investment of time was needed to fill out cloudflare’s web form which only allows one domain at a time, only to to then have to cross reference all the email replies from cloudflare with the URLs and then resend them?

Whether you want to admit it or not, Cloudflare is a great service for a warez site or other malicious site and an extra burden on legitimate copyright holders driving up labor costs due to Cloudflare’s policies.

From this Gigacom article:

Although it is a security company … CloudFlare actually counts a number of antiestablishment and arguably nefarious groups as users. LulzSec, along with various other hacktivist sites, is a CloudFlare user…Prince said CloudFlare has worked closely with law enforcement to deny protection to child pornography sites

So if it’s not kiddiepr0n, it’s OK.

Essentially, Prince explains, when network services such as CloudFlare receive valid complaints under the DMCA, they must expose the host domain so takedown actions can commence. The problem is that cybercriminals are aware of this law, and they are increasingly making bogus requests against legitimate sites.

So, in future, Cloudflare may not even disclose the host because your request “could” be bogus.