Yes, writing ToS for a Cloud provider is hard. Someone mixed a few documents and this mess happened, get over it, Vultr doesn’t have the size nor the resources to go over your VPS storage looking for interesting data.
This is the first time there’s an issue with Vultr and their explanation is perfectly reasonable. If this was happening with Oracle or Amazon I would be worried indeed but not with this smaller company that most likely just fucked up without any malicious intent.
On top of all this you can’t access your account without accepting new ToS. After login web page show full window modal form with one button “confirm” so you can’t reject it. I’m sure most of HN readers can handle this minor obstacle ;-) After I asked vultr for access to my account without acceptance of new ToS they wrote me back legal slur suggesting I may host questionable content:
(…) you take the necessary measures to protect minors from accessing harmful material on your website.
(…) requirements apply to you, including removing any infringing content and safeguarding minors.
Right, it's just the side-bar makes the distinction between "online services" and "self-hosted" so I wasn't sure.
A place to share alternatives to popular_ online services_ that can be self-hosted without giving up privacy or locking you into a service you don’t control.
The portion of the ToS that people were worried about had been in place for years and had nothing to do with server intellectual property. They are removing it to avoid future confusion.
I don’t disagree that it was poorly worded, but the amount of people jumping to the worst possible conclusions on this is concerning. What happened to Hanlon’s Razor?
the amount of people jumping to the worst possible conclusions on this is concerning.
I mean it is more or less accepted in this day and age that most services are selling your data. Virtually every single one of them are doing it. So it’s a reasonable assumption, I think.
Takes a long time to write a proper response for all the GDPR stuff. The responses surprisingly don’t change all that much whether or not I do, so I might as well save me the trouble.
Many are, but as far as I know, no hosting provider has ever tried something like what was claimed (which is why it made such news).
It seems like many people didn’t even verify that portion of ToS was new (checking web archive), or wait for Vultr’s response before closing their accounts.
Even after the official response, it feels like people stuck to their original assumptions and felt justified moving services?
Companies, and specifically the people in them, make mistakes. What matters is their reaction. I’m scratching my head to think what Vultr could do better in this case (other than creating a time machine to avoid the initial screw up).
They could have written a privacy policy that states unequivocally, and in no uncertain terms, that they don’t sell user data. That should be a top priority for any VPS, because it’s almost the only reason they exist.
What response are you expecting, exactly? There’s lots of competition out there and data privacy is an extremely sensitive topic. It’s not the kind of mistake you can recover from. They screwed up, they lost customers, end of story.
Also personally I don’t believe for a second that it was a mistake. The hell it was. Any lawyer worth their salt would have pointed out the issue right away. Either they wrote it without a lawyer or they wrote it on purpose.
Very glad I took a step back and didn’t make a knee jerk reaction to this. I’m responsible for recommending providers to clients and managing their k8s clusters. We use Linode, DigitalOcean and Vultr and had just set up a cluster on Vultr which would have been embarrassing to then have had to recommend moving. And the region we needed that cluster in the other providers don’t cover. The response from Vultr has been good I think. And that goes with the level of support we’ve had from them which has been really good.
I still don’t like how flippant they’ve been in every public communication. I read the ToS. It’s short for a ToS, everyone should read it. They claim it was taken “out of context,” but there wasn’t much context to take it out of. The ToS didn’t make this distinction they’re claiming, there was no separation of Vultr forum data from cloud service data. It was just a bad, poorly written ToS, plain and simple.
They haven’t taken an ounce of responsibility for that, and have instead placed the blame on “a Reddit post” (when this was being discussed in way more detail on other tech forums, Vultr even chimed in on LowEndTalk).
As for this:
Section 12.1(a) of our ToS, which was added in 2021, ends with “for purposes of providing the Services to you.” This is intended to make it clear that any rights referenced are solely for the purposes of providing the Services to you.
This means nothing. A simple “we are enhancing your user experience by mining your data and giving you a better quality service” would have covered them on this.
We only got an explanation behind the ToS ransom dialog after their CMO whined in a CRN article. That information should have been right in the dialog on the website.
In both places, they’ve actively done vague things to cause confusion, and are offended when people interpret it incorrectly.
If this is their attitude to a clear self-inflicted fuckup, then that’s plenty reason for me to avoid them and their services. It’s not like their services were distinct in any way… just a dime in a dozen cloud provider.
Well. I have a few servers there. Suppose I will move them. Nothing that isn’t easy to move. I can probably find something cheaper on LEB. I just like vultr UI. A lot of the cheaper places make it feel like the early 00s.
Edit: I now understand the faux pas of linking a reddit thread on Lemmy. I merely wanted to provide the background that Rossman himself links in his video description. Personally, I can’t be arsed watching an op-ed video if there is a text discussion available. Different strokes I guess.
On another level, I wanted to point out that the way news travel to Lemmy is apparently more circuitous than to Reddit. If we have to wait for stuff to filter down through other channels to here, then Lemmy becomes irrelevant as a news source.
I don’t offer a solution, I can only point out that in this particular case we’re two days behind the source debate, and discussing a YouTube rando’s take rather than the meat and potatoes of it.
So it sounds like Vultr isn’t doing anything nefarious at all.
Someone apparently actually read the terms and services for the first time a few days ago and misunderstood them since they were saying it was in reference to the Vuktr website not your servers.
And either way, they removed the offended lang to clear it up.
This seems like a knee jerk mob reaction more than anything.
There is no evidence that they’ve done anything with anyone’s data.
This seems like a knee jerk mob reaction more than anything.
I mean every ToS and privacy policy I’ve ever read is obscenely vague and convoluted, with the exception of the ones that are like “yeah we don’t sell your data”.
Add comment