_______ __ _______
| | |.---.-..----.| |--..-----..----. | | |.-----..--.--.--..-----.
| || _ || __|| < | -__|| _| | || -__|| | | ||__ --|
|___|___||___._||____||__|__||_____||__| |__|____||_____||________||_____|
on Gopher (inofficial)
URI Visit Hacker News on the Web
COMMENT PAGE FOR:
URI Vultr is now claiming full perpetual commercial rights over all hosted content
jenkstom wrote 1 day ago:
My law professor told me to never sign a contract I didn't modify in
some way, so I usually change these to be something I like better
before hitting accept.
dang wrote 1 day ago:
Follow-up:
A Note About Vultr's Terms of Service -
URI [1]: https://news.ycombinator.com/item?id=39865941
Jolliness7501 wrote 1 day ago:
On top of all this you can't access your account without accepting new
ToS. After login web page show full window modal form with one button
"confirm" so you can't reject it. I'm sure most of HN readers can
handle this minor obstacle ;-)
After I asked vultr for access to my account without acceptance of new
ToS they wrote me back legal slur suggesting I may host questionable
content:
>(...) you take the necessary measures to protect minors from accessing
harmful material on your website.
>(...) requirements apply to you, including removing any infringing
content and safeguarding minors.
and threaten me with "law enforcement agencies"
Bravo, bravo...
hacker_88 wrote 1 day ago:
The Name
rchaud wrote 1 day ago:
Way too many companies see hosted content from paying customers as free
real estate they can copy and sell to others training AI datasets.
Vultrs indeed.
yesbut wrote 1 day ago:
Gross
Zetobal wrote 1 day ago:
Well at least the name is fitting.
HelloNurse wrote 1 day ago:
Section 15c in the ToS seems different from the quote in the article:
As between You and Vultr, Vultr acknowledges that it claims no
proprietary rights in or to Your Content. You hereby grant to Vultr a
non-exclusive, worldwide and royalty-free license to copy, make
derivative works, display, perform, use, broadcast and transmit on and
via the Internet Your Content, solely for the benefit of You and to
enable Vultr to perform its obligations under these Terms.
codetrotter wrote 1 day ago:
> I am now investigating alternatives for hosting FreeBSD and OpenBSD
systems. Preferably that take custom installs.
Hetzner. I am a customer of them. I run FreeBSD on the servers I rent.
The way that I got it installed was I did the following on each of the
servers:
1. I booted the Hetzner Linux based recovery image on each of the
servers. You can do this from the âRobotâ web ui that Hetzner gives
you access to for managing your servers.
2. Then I used dd to write an mfsBSD image to one of the HDDs and then
rebooted
3. I then sshed into the server now running mfsBSD and then I used that
to install FreeBSD.
Gud wrote 1 day ago:
I was a vultr user for years. Iâve spent thousands of dollars on
their services.
When I was setting up my email server I requested to have port 25
opened, but instead of getting it opened I got some copy pasta reply
from some senior director, how it canât be doneâ¦
I moved to Hetzner, after 1 month and after the first bill was paid, I
requested the same port opened and immediately it was opened.
keepamovin wrote 1 day ago:
This is caused by a misunderstanding of legalese. Unfortunately there's
no easy cure for this. But I do suggest a dose of ChatGPT to provide
perspective (tho, in a nod to pedants and pearl-clutchers, I must
concede that you should not sell everything you own, abandon your
worldly cares and trust your entire legal stack to ChatGPT, just in
case you were instigated to do so by my prior sentence).
The quoted sentence is literally just licensing Vultr to actually serve
your content. It may seem baroque but this is the reality of
engineering back-translated into legalese to comply with centuries of
common law precedent. So, excuse our byzantine APIs but that's how
we've always done things around here, so sayeth the lawyerfolken.
My experience with Vultr has been excellent. Very affordable pricing
for on demand PAYG VMs and bandwidth. Good service, and as responsive
service as you can expect from a small customer team.
Abundant reliability (not to conflagrate any Linodials, but the
reliability of their systems appears better than that now-spawn-of
Akamai).
auggierose wrote 1 day ago:
Don't know anything about the topic, but the name of the service is
"Vultr". When people tell you who they are, believe them.
sph wrote 1 day ago:
This entire saga could be reframed as "5-day old Reddit account wildly
misinterprets Vultr ToS, causing drama-thirsty social media users to
spread it far and wide, generating the company a ton of negative
press." â Vultr has released a statement explaining, they clarified
their point yet the news is still going around the block.
Here's a moderator comment on the original post: [1] Those Terms and
Conditions could have been clearer, but no one has betrayed anybody, no
one is stealing your hosted content and nobody would have said anything
if its was not for a redditor with far too much time in their hands
trying to interpret legalese, badly.
Disclaimer: I have never used Vultr, I do not care what happens to them
because of this, but everybody would benefit from taking every
drama-du-jour with a pinch of salt, especially when it comes from a new
reddit account.
URI [1]: https://old.reddit.com/r/selfhosted/comments/1bouuv7/warning_v...
itsTyrion wrote 12 hours 52 min ago:
really? it was captured like quoted:
URI [1]: https://web.archive.org/web/20240305043015/https://www.vultr...
chmod775 wrote 1 day ago:
> trying to interpret legalese, badly.
Where I live you cannot enter a contract that you cannot be expected
to have understood. In fact TOS that are not written in clear
understandable language are generally considered to be invalid by
courts.
If that many people are misunderstanding the TOS, that's a bad sign.
vasco wrote 1 day ago:
Nobody likes legalese so leadership teams just ask legal and ship it.
But there's another way, you can just write what you actually want.
You can say "we want to be able to use the text content of any post
in tool X to train a model".
Yes, you'll need to update your ToS more often if you just say what
you want to do instead of "bulletproofing" something forever by
making it so abstract it applies to anything in perpetuity - but if
you want that, the price you pay is that people will sometimes call
you out on it, misinterpretation or not.
nkrisc wrote 1 day ago:
Thatâs what happens when your TOS are written for lawyers but then
ask non-lawyers to accept them to create an account.
It was a fiasco of their own making.
s_dev wrote 1 day ago:
>if its was not for a redditor with far too much time in their hands
trying to interpret legalese, badly.
>Those Terms and Conditions could have been clearer
Sounds like the issue was exactly because the ToS wasn't clear which
is not the fault of a redditor.
Eisenstein wrote 1 day ago:
If a ToS is going to be a contract, it has to be interpretable by the
person hitting 'agree', no? If someone is confused about what it
means and reaches out to the company and they respond by locking the
user out of their account which they use to generate their
livelihood, it has stopped being an 'oopsie' and become a 'we don't
care about our customers, we only care what they give us and will use
strangely worded legalese and extortion to get it'.
The response of 'why would they ever assume bad intention by a
startup tech company which pivoted recently to focus on AI offerings'
crocodile tears just makes it worse.
At this point, barring the existence of an impeccable and
long-running reputation, if you assume that any place you store your
data is not going to screw you the moment they can to make a buck,
then you are hopelessly naive.
ksec wrote 1 day ago:
>If a ToS is going to be a contract, it has to be interpretable by
the person hitting 'agree', no?
That is why other counterpart would also hire a lawyer.
sherburt3 wrote 21 hours 7 min ago:
I don't think most people would be able to afford an emotional
support lawyer
jtbayly wrote 1 day ago:
Get a life. You canât go through an average day without using a
dozen services that youâd have to hire a lawyer to interpret
their TOS.
If you want to hire a full-time personal counsel, go for it.
The rest of us insist on something else. Understandable
agreements is something that should be forced on all companies
unless we can perhaps win the fight against TOS being legally
enforceable in the first place. That would be the best world.
_pi wrote 1 day ago:
The issue of legalese in ToS is the same issue of "bad code" or
"bad engineering". The law is just another system, another
conceptual language of communication, except one filled with
way more vaguaries, edge cases and grey areas than any software
we make.
Companies like they do not want to pay for "good engineering"
don't want to pay for "understandable contracts".
yencabulator wrote 1 day ago:
Except paying lawyers $400+/h rarely results in
"understandable contracts".
The legal industry is self-creating this issue because that
makes their services more necessary.
ksec wrote 1 day ago:
>The legal industry is self-creating this issue because
that makes their services more necessary.
I guess that is similar to software industry creating
insane complexity to make their job more necessary.
_pi wrote 1 day ago:
It certainly is an example of the agency problem.
However the company itself doesn't want to allocate
resources regardless of the actual cost.
Because regardless at your $/hr, a contract that protects
the company in the same way and is understandable by the
user takes MORE HOURS, than one that just protects the
company and fuck the user.
Lots of these lawyers at companies with internal council
could do this are a resource that is over utilized already.
There's no room for more hours.
Eisenstein wrote 1 day ago:
Then don't blame the customer for misinterpreting it when it
is done terribly.
Freak_NL wrote 1 day ago:
From the article in The Register:
> "It's clearly causing confusion for some portion of users. We
recognize that the average user doesn't have a law degree," Kardwell
said.
Making a mistake by stuffing their terms of use with vague
boilerplate legalese which could apply to anything is one thing, not
taking responsibility for that mistake and clearly stating "we made a
mistake" instead just means they ended up rubbing in the stain.
People are forgiving of mistakes; hubris, not so much.
As others have pointed out: that line of text was not harmless, and
whether you have a law degree or not is not the issue there. It was
not malicious in intent, but it was wrong and overreaching
nonetheless.
sam_goody wrote 1 day ago:
> It was not malicious in intent
We do not know if it was malicious in intent or not.
It is entirely possible that they felt that they could allow all of
their private servers to be crawled by whoever was willing to pay -
perhaps with terms to make it palatable (only be used for LLM
weights, no human will see it, content may not be regurgitated
wholesale, etc).
It could be that this change in the ToS was made to cover their
backs. In fact - they may actually have already crawled all of the
servers.
They claim this was not their intent. But when it comes to abusing
PII that is hovered up by providers, I have been burned too often
to assume a mistake.
Caveat Emptor
petesergeant wrote 1 day ago:
> generating the company a ton of negative press
I mean, I've heard of them now, and hadn't before, and had assumed by
the name it was some dumb Buzzfeed-like site. Possibly they'll get
some extra business out of it.
tgsovlerkhgsel wrote 1 day ago:
The good thing about this outrage is that it creates a downside to just
slapping piles of bullshit into your ToS. Hopefully, this will make
companies more careful with what they write there, leading to shorter,
more understandable, and less user-hostile terms.
rezonant wrote 1 day ago:
"Betrayed"? This is so sensational for what amounts to a
misunderstanding of a sentence in legal terms that is just long enough
for customers (well, Reddit at least) to lose the context. But not for
a court, "for purposes of providing the Services to you" is an
important part that you shouldn't gloss over just because it's at the
end of the sentence.
"Just"? A blog post written this week for terms that have been there
since 2021?
mort96 wrote 1 day ago:
A hosting provider suddenly gave themselves a license to do anything
they want with the stuff you put on their server. How is that not a
betrayal? You trusted them to host your stuff without, for example,
re-selling it. They broke that trust.
rezonant wrote 1 day ago:
They didn't do that, that's the rub.
Even if Services included the actual hosting service (it doesn't in
this case, see tons of other commenters quoting the definition for
Services in this agreement), it still wouldn't give them a license
to use your stuff beyond what's necessary to provide hosting to
you.
mort96 wrote 1 day ago:
And anything they do with the content can be explained away as
"necessary to provide the service". That's the problem: they're
not constraining themselves in any way. They need money to
provide the service, so why couldn't they decide that taking art
I put on my server and selling it to people is "necessary to
provide the service"? It seems like they could at any time decide
that their pricing is unsustainable, so monetising customer
content is "necessary to provide the service".
And what if they, say, introduce a new generative machine
learning feature into the Service which necessitates training on
customer content?
If this was truly just about giving themselves the right to do
what's technically necessary to provide the service, then 1)
doesn't that mean that they were operating illegally before? and
2) they would've just given themselves the rights to do the
specific things they need, not literally anything they could want
as long as it can be argued to be "necessary to provide the
service"
q3k wrote 1 day ago:
> And anything they do with the content can be explained away
as "necessary to provide the service". That's the problem:
they're not constraining themselves in any way. They need money
to provide the service, so why couldn't they decide that taking
art I put on my server and selling it to people is "necessary
to provide the service"? It seems like they could at any time
decide that their pricing is unsustainable, so monetising
customer content is "necessary to provide the service".
That's not how contract interpretation works.
ahaseeb wrote 1 day ago:
There's no way this can get enforced
bradley13 wrote 1 day ago:
I hadn't heard of Vultr before, so out of curiosity I had a look. I am
actually in the market for some lower-end cloud services.
- On their homepage, they list "Cloud Compute - starting at
$2.50/month". However, you can't actually look at any details without
creating a "free" account. Annoying.
- So I created an account. The first thing that pops up is "enter a
payment method". What was that about being a "free account"?
- You can click away from that and go to "Deploy New Instance".
Choosing the cheapest options and disabling all the automatically
selected extras, the lowest possible price seems to be twice that
advertised "starting at" price.
Ok, I looked around. Now I would like to delete that account I had to
create. No such option. Asking Google, apparently you can only delete
an account by submitting a support ticket.
My first impressions are not particularly positive...
FredPret wrote 1 day ago:
To get the 2.50 deal, you need a VPS that is, I think, in NYC and
runs a certain Linux distribution, I think Debian. Everything else is
$5 and up.
AYBABTME wrote 1 day ago:
Free compute attracts bitcoin miners. Payment methods are a sort of
proof that the user is less likely to be abusive, or at least it's
much easier to deduplicate accounts by preventing reuse of payment
methods across free accounts. In these cases, nothing will be
charged, the payment method is just a way of delegating trust to the
financial system for having authenticated a human being.
joshspankit wrote 1 day ago:
If thatâs the problem for them, should at least be communicated
to potential customers before they put in their payment info.
But, realistically, they should simply change the onboarding
process in order to avoid that issue transparently. Allow free
signup and access but require a payment method to spin up a server,
for example. Or showing all the features+benefits+pricing without
signup.
dom96 wrote 1 day ago:
Something similar happened to me. I was in a hurry so I even put some
money in my account, then the $2.50/mo offering was nowhere to be
found. I'm guessing they have limited numbers of these and only make
them available sometimes... definitely a case of false advertising.
redman25 wrote 1 day ago:
The cheapest instances are only in specific regions I think and they
are ipv6 only. Iâve been happy with them as a hosting platform.
rezonant wrote 1 day ago:
> However, you can't actually look at any details without creating a
"free" account. Annoying.
Are these not details? [1] I found this by spelunking deeply into...
the main menu where there's a Pricing option. I'm not a Vultr
customer and I don't have an account with them.
I was curious and I made an account. And the "enter credit card"
thing you complain about is just part of the onboarding flow, along
with things like "set up your profile". Is it so crazy that you might
want a fast track to put your card in for a hosting service? It's all
optional anyway.
Ignoring that (I didn't enter a credit card), there's a prominent
Deploy button you can hit.
The issue you see about pricing is that they only offer that cheap
price in some data centers. Atlanta has it, but the current default
selection of Miami does not. They could definitely do better to make
this obvious since they are advertising that minimum, but this is not
at all surprising to me who has used tons of cloud provisioning UIs.
I don't think it's reasonable to expect the same pricing in all
regions, no one actually does that.
Once Atlanta is selected, they also auto select a better compute
class by default ("AMD High Performance"). Setting that to "Regular
Cloud Compute" gets you down to that $2.50/mo price.
Except for one more thing, they default select Backups for it, and
that's another $1/mo.
They could do better about this stuff but it's barely something to
get upset about. Before you spin up the server, the final price is
listed right there in both hourly and monthly units, which is better
than AWS does.
URI [1]: https://www.vultr.com/pricing/
carride wrote 1 day ago:
> The issue you see about pricing is that they only offer that
cheap price in some data centers. Atlanta has it, but the current
default selection of Miami does not. They could definitely do
better to make this obvious since they are advertising that
minimum, but this is not at all surprising to me who has used tons
of cloud provisioning UIs. I don't think it's reasonable to expect
the same pricing in all regions, no one actually does that.
They have a one year free-tier you can sign-up for during your
trial. I am on that plan now. Still I always forget to search
different regions when attempting to launch a free VM, so there is
some delay until I remember to choose Atlanta.
1oooqooq wrote 1 day ago:
The site is broken until you pay something on your account,
including 2factor auth.
doesn't inspire much confidence.
rezonant wrote 1 day ago:
That's not true. The pricing page I link does not require an
account, and after you create an account, you can access the
actual provisioning UI without entering a credit card. I just did
it.
The two factor is a check that you actually control the email you
purport to own, it's a perfectly fine thing to do. Are you
arguing against two factor by default? Are you arguing that a
service shouldn't validate email addresses? Seems especially
important for a service that can be used for hacking or DDOS
attacks, no?
tmtvl wrote 1 day ago:
Parent is saying 2FA is broken until you pay something into
your account.
rezonant wrote 20 hours 20 min ago:
That's also not true, two factor works before putting in a
credit card, as I've said in a related post. I completed an
email based two factor request when I did my test and I still
have not given them a credit card.
arcanemachiner wrote 1 day ago:
- They're a pretty large cloud services provider (frequently spoken
of in the same breath as Digital Ocean and Linode, last I checked).
- Dark patterns are bullshit but are hardly unique to them.
- They probably require a credit card to cut down on scams.
- Your loss as a potential customer will certainly go unnoticed, and
life will go on for all parties involved.
closewith wrote 1 day ago:
Digital Ocean now and Linode in the past have been considered
viable providers at the companies I've worked with. Never have I
ever heard the same about this company.
> Your loss as a potential customer will certainly go unnoticed,
and life will go on for all parties involved.
Do you have an interest in this company or something? Oddly passive
aggressive comment.
arcanemachiner wrote 1 day ago:
No financial ties, just annoyed by the mob that comes out of the
woodwork to pick apart every shitty dark pattern as if that's
evidence that this company is overtly malicious, instead of just
being stuck in the middle of an accidental PR nightmare.
rightbyte wrote 8 hours 51 min ago:
> shitty dark pattern as if that's evidence that this company
is overtly malicious
It is proof of that though. Becouse employing dark patterns is
being overtly malicious for us who "see through" dark patterns.
Dark patterns mostly work due to the victim not understanding
them, so it makes sense to point them out.
nickersonm wrote 1 day ago:
Vultr is pretty well known amongst the small technically
innovative "cloud" hosting companies, and IMO has better
offerings than DO. They also have a peering agreement with
Backblaze and Cloudflare; no transfer costs between any of the
three.
ugjka wrote 1 day ago:
Vultr is way too expensive
juped wrote 1 day ago:
Sometimes I feel like I'd be okay with all terms of service and privacy
policies changing to "We can do what we want, and you can do nothing,
forever" just so we never have to deal with Reddit's finest legal minds
attempting to read them.
That's a silly exaggeration, of course. But you've certainly lost your
right to make fun of admiralty-fringe style legal theories if you give
things like this any credence.
alpha123123 wrote 1 day ago:
> A Reddit post incorrectly took portions of our Terms of Service out
of context, which only pertain to content provided to Vultr on our
public mediums (community-related content on public forums, as an
example) for purposes of rendering the needed services â e.g.,
publishing comments, posts, or ratings. This is separate from a
userâs own, private content that is deployed on Vultr services.
> In order to simplify and further clarify our ToS, we are removing the
following sentence from Section 12.1(a) of our ToS
URI [1]: https://www.vultr.com/news/A-Note-About-Vultrs-Terms-of-Servic...
franciscop wrote 1 day ago:
This doesn't seem to be true though. In the Terms of Service[1],
"User Content" is defined as this in 12.a:
> (a) You are responsible for the information, text, opinions,
messages, comments, audio visual works, motion pictures, photographs,
animation, videos, graphics, sounds, music, software, Apps, and any
other content or material that You or your end users submit, upload,
post, host, store, or otherwise make available (âMake Availableâ)
on or through the Services (collectively, âYour Content,â
âContentâ or âUser Contentâ)
What is the "Services" then? It's explained here (first
paragraph[1]):
> The Terms explain how you are permitted to use the services
provided by and through our platform and website(s) (main url located
at www.vultr.com) as well as all of our associated internet and
online properties [...] Collectively, the Site, the Materials, and
the services provided therein are referred to as the âServicesâ.
Is a website I host in Vultr an "associated online property"? When I
upload or modify some of my website content through vultr.com, does
it become User Content? This is very over-reaching on purpose (as
most legalese tends to be) but not in a good way, I wouldn't want to
have to go to court to prove that their non-binding blog post is
correct and the binding legal terms are incorrect, neither should I
nor anyone.
URI [1]: https://www.vultr.com/legal/tos/
rendaw wrote 1 day ago:
What exactly was out of context? Per [1] > The Terms explain how you
are permitted to use the services provided by and through our
platform and....
Platform = hosting.
There's no small text, there's no restrictions, there's no
qualification. It said nothing about "public mediums" or "for
purposes of rendering the needed services".
URI [1]: https://web.archive.org/web/20240203121820/https://www.vultr...
berkut wrote 1 day ago:
I mean, it does read badly, and maybe the worst should be assumed, but
at the same time:
> You hereby grant to Vultr a non-exclusive, worldwide and royalty-free
license to copy, make derivative works, display, perform, use,
broadcast and transmit on and via the Internet Your Content, solely for
the benefit of You and to enable Vultr to perform its obligations under
these Terms.
Given Vultr has a distributed CDN service, could not the "copy",
"display", "broadcast" and "transmit" parts be charitably interpreted
as part of that agreement? i.e. them serving your content via the CDN?
Edit: it looks like they've updated it already from what the blog post
quotes it as?
Animats wrote 1 day ago:
Not only are those terms overreaching, they are copied from elsewhere.
Search with Google for "a non-exclusive, perpetual, irrevocable,
royalty-free, fully paid-up, worldwide license (including the right to
sublicense through multiple tiers)" and you get quite a few hits.
Mostly from small businesses.
Primrose Schools, Rita's Ice, Small's Sliders, Transom Capital, and
quite a few other small companies use exactly those words. The first
three are franchisors, and the last one is a private equity company.
None are in the social media business, for which that clause is clearly
intended.
Do all those companies use the same low-budget legal drafting service?
joshxyz wrote 1 day ago:
i also opened a ticket about it and support rep responded about it
being addressed.
it's still hilarious and absurd for them to lose some customers on
something like this, they provide top notch service that competes very
well with digitalocean linode scaleway etc.
ChrisArchitect wrote 1 day ago:
Update:
Cloud host Vultr rips user data ownership clause from ToS after web
outrage [1] ( [2] )
URI [1]: https://www.theregister.com/2024/03/28/vultr_content_controver...
URI [2]: https://news.ycombinator.com/item?id=39857680
timetraveller26 wrote 1 day ago:
We are in the kind of future that the fear of being trained by AI makes
people abandond services if they show any suspicion
fabianholzer wrote 1 day ago:
Nomen est omen, it seems?
fsck_vultr wrote 2 days ago:
If you have a valid API key, this still works. If you delete node in
the dev tools, you can see the page behind it - but it still comes back
on the next page.
barryfarling wrote 2 days ago:
Would anyone work with these people after they did this? They pivoted
because they got caught, not because they are trust worthy. They
clearly thought a lot, in concert with counsel, about how they could
try to steal people's IP. Geniuses thought no one would read the TOS.
stackskipton wrote 2 days ago:
Worth noting that Vultr has responded and modified their TOS to remove
those terms.
URI [1]: https://www.vultr.com/news/A-Note-About-Vultrs-Terms-of-Servic...
pierat wrote 1 day ago:
Yeah, and they'll add it back in 2 or 3 weeks once this round of
furor dies down.
Then it'll be some 'to gain access to your site you must agree....'
crap.
I'm really hating what the Internet has turned into.
neoecos wrote 2 days ago:
So... it was a legalese
YeBanKo wrote 1 day ago:
From their statement: "We recognize that the average user doesn't
have a law degree" or in other words "you are too stupid" to
understand words. Isn't it a bit of catch-22, we put an agreement
for you to sign and accept[understanding is implied], but we also
understand that you are too stupid to understand it.
Also how is perpetual irrevocable links to commercialize your
content in any way they want is required for providing the service?
You hereby grant to Vultr a non-exclusive, *perpetual*,
*irrevocable*, royalty-free, fully paid-up, worldwide license
(including the right to sublicense through multiple tiers) to use,
reproduce, process, adapt, publicly perform, publicly display,
modify, *prepare derivative works*, publish, transmit and
distribute each of your User Content, or any portion thereof, in
any form, medium or distribution method now known or hereafter
existing, known or developed, and *otherwise use and commercialize
the User Content in any way that Vultr deems appropriate*, without
any further consent, notice and/or compensation to you or to any
third parties, *for purposes of providing the Services to you*._
jiveturkey wrote 1 day ago:
Note the part that even you, an apparently not stupid person, are
failing to recognize:
> for purposes of providing the Services to you
It's not about being too stupid. Legalese is very specific, not
lay language, and you always should refer to your legal counsel
for interpretation.
An example that always comes to mind is "hostile workplace". It
has a very, very specific legal definition that is different from
a lay understanding of such. It's not hard for pitchforks to be
raised when the rabble misinterprets a legal term.
Let's be clear. I'm not saying Vultr has done nothing wrong or
hasn't overreached here. I'm only responding to your comment in
general terms.
infamouscow wrote 1 day ago:
Their statement is a utter nonsense and should be treated with as
much respect as verbal diarrhea.
They're running a business, and in business these kinds of
asinine decisions hurt the bottom line.
Fuck them. Move to a different VPS host. I won't be doing
business with them ever again, nor do I have the time to re-read
their ToS at some point in the future.
inhumantsar wrote 1 day ago:
was reading the comments before the article again. never heard
of Vultr and assumed by the terms that it was some kind of
niche social network. those terms are basically identical to
Reddit's so it would make sense.
but a *VPS host*? that's absurd. it's like someone there asked
ChatGPT for a new TOS without telling it what the TOS would be
for.
YeBanKo wrote 1 day ago:
Ah, these pop ups to accept new T&S can be obnoxious. You even
may not be able to access control panel without accepting it.
willio58 wrote 1 day ago:
We need regulation around this sooo bad. Nobody reads TOS, or at
least 99.9999% of people don't because it's simply too much. It's
unreasonable to expect people to read these long documents and
understand what they mean. We need requirements of high-level
overviews in very plain language. Slimming this stuff down and
removing BS lawyer fluff is the only way in my eyes.
ipaddr wrote 1 day ago:
Email them your own TOS. If they continue service after
notification they can be held to those TOS.
squarefoot wrote 1 day ago:
> Nobody reads TOS, or at least 99.9999% of people don't because
it's simply too much.
Huge opportunity for a service using AI that does, then reports
on a public site businesses using shady language or hiding traps,
possibly assigning a score.
ahaseeb wrote 1 day ago:
Yeah - Probably just explaining any contract on a higher level
and if there'a red flag etc
SkyPuncher wrote 1 day ago:
I agree. It honestly feels like these could be boiled down to
about 30 âstandardâ options.
Terr_ wrote 1 day ago:
In a way it's a failure of precedent rather than regulation,
since ideally the judge would throw some of these contracts out
the same as if they had special clauses in microscopic font.
edgoode wrote 2 days ago:
If youâre looking for a new GPU cloud because of this, weâve put
all these providers in on place, console, and API so you can find a new
one for your needs at [1] * Iâm one of the founders
URI [1]: https://shadeform.ai
whalesalad wrote 2 days ago:
What are the best VPS' these days who stay out of your hair and protect
users?
jamesnorden wrote 2 days ago:
BuyVM (Frantech) is a good one, you can get a lot of cheap storage
"blocks" even on the lowest plan, if you wish.
Havoc wrote 2 days ago:
Think he recently sold the company
adamredwoods wrote 2 days ago:
I could not find anything similar in Linode (Akamai) TOS: [1] Nor does
AWS, that I could find, except with the PartyRock created apps: [2]
Both of the above TOS explain intent, for example, to monitor data
services for metrics. Vultr's clause (12.1) does not explain intent.
The phrase "for purposes of providing services" is a vague intent.
URI [1]: https://www.linode.com/legal/
URI [2]: https://aws.amazon.com/service-terms/
bombcar wrote 2 days ago:
7.3 of Linode might be it.
Cloudflare #2 certainly is it:
URI [1]: https://www.cloudflare.com/website-terms/
adamredwoods wrote 2 days ago:
Someone else noted Cloudflare:
>> You and your End Users (as such term is defined in the Privacy
Policy) will retain all right, title and interest in and to any
data, content, code, video, images or other materials of any type
that you or your End Users transmit to or through the Services
(collectively, âCustomer Contentâ) in the form provided to
Cloudflare. Subject to the terms of this Agreement, you hereby
grant us a non-exclusive, fully sublicensable, worldwide,
royalty-free right to collect, use, copy, store, transmit, modify
and create derivative works of Customer Content, in each case to
the extent necessary to provide the Services.
but doesn't state as Vultr did: "and otherwise use and
commercialize the User Content in any way that Vultr deems
appropriate" and Cloudflare uses the term "to the extent necessary"
which to me seems more specific than a vague wording of "for
providing services".
I'm not a lawyer, I'm interpreting this to the best of my
abilities. In general, if something feels odd, it's best to back
away.
kijin wrote 1 day ago:
Cloudflare's license grant is quite appropriate because the whole
point of a CDN is to make copies of your content and cache them
closer to your users. Cloudflare also provides numerous tools
that modify, and create derivative works of, your code and images
on the fly.
Vultr on the other hand is just a bunch of compute/storage
resources hooked up to pipes. They have a rudimentary CDN
offering, but that's about it.
YeBanKo wrote 2 days ago:
Why is this submission flagged?
dang wrote 2 days ago:
We can only guess why users flag things, but in this case I'd guess
it was because the submitted link ( [1] ) just redirects to a login
screen: [2] .
Googling the title leads to [3] , which I guess is the same content?
We can change the URL to that above.
Edit: oh, and I see several other commenters in the thread were
already linking to that URL.
URI [1]: https://old.reddit.com/r/selfhosted/s/3CgRd01Ypw
URI [2]: https://old.reddit.com/r/selfhosted/login/?dest=https%3A%2F%...
URI [3]: https://old.reddit.com/r/selfhosted/comments/1bouuv7/warning...
mindslight wrote 2 days ago:
That new URL still just goes to a login screen. I believe this is
due to recent reddit policy change.
> whoa there, pardner! Your request has been blocked due to a
network policy. Try logging in or creating an account here to get
back to browsing.
It seems that reddit has now followed Xitter with requiring logins
to drive engagement numbers, effectively rejecting the open web.
Extractive screw turning was probably inevitable with the naive
central-server design of webapps, but going through the destruction
part of creative destruction still sucks.
dang wrote 1 day ago:
Hmm the new URL doesn't do that for me; whereas the previous URL
did. If the links sometimes do that and sometimes don't, it's
going to be hard to figure out what to do, short of banning the
site. Boo.
YeBanKo wrote 2 days ago:
Maybe itâs too late, but I think it would make sense to update
the link.
dang wrote 2 days ago:
Yes, I did.
maronato wrote 2 days ago:
âYou hereby grant to Vultr a non-exclusive, perpetual, irrevocable,
royalty-free, fully paid-up, worldwide license (including the right to
sublicense through multiple tiers) to use, reproduce, process, adapt,
publicly perform, publicly display, modify, prepare derivative works,
publish, transmit and distribute each of your User Content, or any
portion thereof, in any form, medium or distribution method now known
or hereafter existing, known or developed, and otherwise use and
commercialize the User Content in any way that Vultr deems appropriate,
without any further consent, notice and/or compensation to you or to
any third parties, for purposes of providing the Services to you.â
Section 12,
URI [1]: https://www.vultr.com/legal/tos/
adamredwoods wrote 2 days ago:
I'm not a lawyer, I don't know what that means, but it is disturbing
enough to make me leave. If they don't want me to leave, they should
clarify their intent.
Part 12.1: User Content
URI [1]: https://www.vultr.com/legal/tos/
gruez wrote 2 days ago:
It is clarified
>You hereby grant to Vultr a non-exclusive, perpetual, irrevocable,
royalty-free, fully paid-up, worldwide license (including the right
to sublicense through multiple tiers) to use, reproduce, process,
adapt, publicly perform, publicly display, modify, prepare derivative
works, publish, transmit and distribute each of your User Content, or
any portion thereof, in any form, medium or distribution method now
known or hereafter existing, known or developed, and otherwise use
and commercialize the User Content in any way that Vultr deems
appropriate, without any further consent, notice and/or compensation
to you or to any third parties, for purposes of providing the
Services to you.
Emphasis mine. They have a perpetual license, but only for the
purpose of providing services to you. This is a clause and many TOS,
presumably to avoid copyright suits.
adamredwoods wrote 2 days ago:
I could not find anything similar in Linode (Akamai) TOS: [1] Nor
does AWS, that I could find, except with the PartyRock created
apps:
URI [1]: https://www.linode.com/legal/
URI [2]: https://aws.amazon.com/service-terms/
gruez wrote 2 days ago:
That's why I said "many", not "most". Here's what I turned up in
a few minutes of searching: [1] >2.5 Customer Content and Network
Data
>2.5.1
>You and your End Users (as such term is defined in the Privacy
Policy) will retain all right, title and interest in and to any
data, content, code, video, images or other materials of any type
that you or your End Users transmit to or through the Services
(collectively, âCustomer Contentâ) in the form provided to
Cloudflare. Subject to the terms of this Agreement, you hereby
grant us a non-exclusive, fully sublicensable, worldwide,
royalty-free right to collect, use, copy, store, transmit, modify
and create derivative works of Customer Content, in each case to
the extent necessary to provide the Services. [2] >10.2 Permitted
Uses and Customer License Grant. Zoom will only access, process
or use Customer Content for the following reasons (the
âPermitted Usesâ): (i) consistent with this Agreement and as
required to perform our obligations and provide the Services;
(ii) in accordance with our Privacy Statement; (iii) as
authorized or instructed by you; (iv) as required by Law; or (v)
for legal, safety or security purposes, including enforcing our
Acceptable Use Guidelines. You grant Zoom a perpetual, worldwide,
non-exclusive, royalty-free, sublicensable, and transferable
license and all other rights required or necessary for the
Permitted Uses. [3] >3.1 Customer Data. Customer and its
licensors own the Customer Data, including all Intellectual
Property Rights therein. No ownership rights in the Customer Data
are transferred to Notion by this Agreement. Customer hereby
grants Notion a worldwide, non-exclusive, irrevocable,
royalty-free, fully-paid, sublicensable (to Notionâs
third-party service providers) license to host, store, transfer,
display, perform, reproduce, modify, create derivative works of,
and distribute Customer Data in connection with its provision of
the Services to Customer. [...] [4] >You hereby grant us a
worldwide, royalty-free and non-exclusive license to use,
display, publish, reproduce, distribute, and make derivative
works of such Content to provide Services and as otherwise
permitted under these Terms and our Privacy Policy; and, [5] >5.2
CUSTOMER OWNERSHIP. As between the parties, Customer and its
licensors will retain all right, title, and interest in
>and to all IPR in Customer Data and Customer Technology.
Customer grants to ServiceNow a royalty-free, fully paid,
non-exclusive,
>non-transferrable (except under Section 11.1), worldwide, right
to use Customer Data and Customer Technology solely to provide
>and support the Software.
URI [1]: https://www.cloudflare.com/en-in/terms/
URI [2]: https://explore.zoom.us/en/terms/
URI [3]: https://www.notion.so/notion/Master-Subscription-Agreeme...
URI [4]: https://huggingface.co/terms-of-service
URI [5]: https://www.servicenow.com/content/dam/servicenow-assets...
adamredwoods wrote 2 days ago:
I will argue that each of these examples you've listed has a
clearer intent listed. "for purposes of providing the Services"
versus "solely to provide and support the Software".
None of them go so far as to say: "and otherwise use and
commercialize the User Content in any way that Vultr deems
appropriate"
Again, I'm not a lawyer, nor looking to become one, so anything
that seems unusual, should be taken with caution in order to
protect myself and my IP. I've seen what companies have done to
independent developers, and I don't want to suffer a similar
fate, only because I couldn't interpret TOS accurately.
maronato wrote 2 days ago:
Services is a very generic term for anything they offer. They can,
for example, offer a free non optional AI tool that allows you to
ask questions about the data in your database.
My non-lawyer understanding of the policy is that, for the purpose
of providing you with this service, they have the right to use your
entire database to train and test the tool. They can even make a
contract with OpenAI and sell your data to them for the purposes of
building the AI service.
And itâs perpetual and irrevocable, so they can keep their models
trained with your data if you decide to leave.
supriyo-biswas wrote 2 days ago:
I wish people stopped posting threads from Reddit, because they are
either full of unverifiable claims (like a post from some time ago that
claimed a coworker was messing around with their computer for the last
five years), or in this case, outrage sought for the sake of outrage
and disregarding the context due to which it has arisen.
In this case, I believe this is due to the introduction of their CDN
product, though it would also apply to their object storage product as
well.
soraminazuki wrote 2 days ago:
And while weâre at it, people should automatically disregard what
others say because human beings are known to be dishonest. See the
problem?
Your blanket claim regarding unverifiability is especially astounding
because this one is easily verifiable. The evidence is right here,
for everyone to see. [1] Speaking of unverifiable claims,
> In this case, I believe this is due to the introduction of their
CDN product
Thatâs pure guessing. More importantly, it doesnât change the
egregiousness of this ToS is even if thatâs the case.
Also,
> disregarding the context due to which it has arisen
There is absolutely no context in which screwing over customers like
that is okay.
URI [1]: https://www.vultr.com/legal/tos/
cozzyd wrote 2 days ago:
Keep calm and carrion
not-duckie wrote 2 days ago:
i just migrated to vultr cause of minial api and interface. really hate
it when stakeholders make founders take foolish decision :/. guess I'll
use linode or something now
retox wrote 2 days ago:
The language seems have been added mid-2021, so it's not new.
lincm83hey wrote 2 days ago:
I mean, if anybody's surprised, their name is literally a dehydrated
version of the word "vulture"
hobotime wrote 3 days ago:
This is a standard clause so you can't sue them for providing pirated
stuff when you our your users placed it on their servers.
That's why is proceeded by "for purposes of providing the Services to
you"
Nothing here... move away from the fake outrage.
EVa5I7bHFq9mnYK wrote 2 days ago:
So are they afraid that Warner uploads Dune 2 torrent to their
servers and immediately sues them for distribution? And to protect
against that, they reserve the right to create Dune 3 out of it using
Sora and distribute that themselves?
Havoc wrote 2 days ago:
> This is a standard clause so you can't sue them for providing
pirated stuff
Rubbish. That wouldnât require an explicit and broad right to
commercialise and profit from your content
The small portion dealing with piracy isnât what the uproar is a
out
hattchett wrote 3 days ago:
I look at it like this, if your data is on the internet, anyone can do
anything they want with it, period.
mekster wrote 1 day ago:
Time to go back hosting your own hardware.
groestl wrote 3 days ago:
Not legally.
2Gkashmiri wrote 3 days ago:
Let's do one thing, host Nintendo content and since vultr now has
commercial rights over "my uploads" let's see how Nintendo bites them
in the ass. This can be done and dusted in a few days given enough
traction
mekster wrote 1 day ago:
Why would Nintendo do anything unless Vultr deliberately makes money
from those contents.
2Gkashmiri wrote 1 day ago:
Uh ... Nintendo is historically pretty litigious. Remember the time
when a man built a paper Mario for his son and Nintendo tried to
sue him?
pull_my_finger wrote 3 days ago:
Everyone (maybe rightfully) up in arms, but I imagine you would need an
agreement like this is they were finally getting on board with
something like elastic compute. Everytime they spin up a new machine on
your behalf they're essentially redistributing all the files on that
machine. I understand everyones gun shy, but I've been using Vultr for
years and I'm much less suspicious of them than the likes of
google/amazon. I've personally never had an issue with them, but I
definitely think it's a healthy response to go fight or flight when
you're essentially signing all your rights away.
YeBanKo wrote 2 days ago:
> commercialize the User Content in any way that Vultr deems
appropriate
How does this maps to adding another node in the compute
Also, why perpetual?
They are essentially data processor, they act on your behalf and
should not do things with data that you have not asked for.
thecodeassassin wrote 2 days ago:
This is not boilerplate, otherwise every cloud provider would have
this and they do not. This problem can be solved by much less broad
terms.
boutell wrote 2 days ago:
"prepare derivative works"? Also a hard no.
jasonjayr wrote 3 days ago:
Sure, but "Irrevocable?" That's a hard no.
hattchett wrote 3 days ago:
This passage is a clause from a legal agreement, typically found in the
terms of service for a platform or service provider like Vultr. It
outlines the rights you, as a user, are granting to Vultr regarding any
content you create or upload while using their services. Let's break it
down for clarity:
Non-exclusive: Vultr does not have exclusive rights to your content.
You can grant similar rights to others.
Perpetual: The rights you grant are everlasting.
Irrevocable: You cannot take back these rights once they are granted.
Royalty-free: Vultr does not have to pay you for the use of your
content.
Fully paid-up: No future payments will be required from Vultr to you
for the use of your content.
Worldwide license: Vultr can use your content anywhere in the world.
Right to sublicense through multiple tiers: Vultr can grant these
rights to other parties, who can then grant them to further parties,
and so on.
To use, reproduce, process, adapt, publicly perform, publicly display,
modify, prepare derivative works, publish, transmit, and distribute
your content: Vultr can do just about anything with your content,
including modifying it and sharing it, in any current or future media
or format.
In any way that Vultr deems appropriate: Vultr has the discretion to
use your content however it sees fit.
Without any further consent, notice, and/or compensation to you or to
any third parties: Vultr does not need to ask for your permission,
inform you, or pay you or anyone else to exercise these rights.
For purposes of providing the Services to you: The clause often
stipulates that these rights are granted to Vultr so they can operate,
improve, and promote their services effectively.
This type of clause is common in the terms of service for online
platforms and services. It essentially allows the service provider to
operate their platform efficiently, showcase user-generated content,
and adapt and improve services without needing to seek permission from
users each time they need to handle content. Itâs important for users
to understand these terms, as they significantly affect how one's
content can be used and shared by the service provider.
groestl wrote 3 days ago:
[typically found in the terms of service] [Let's break it down for
clarity] [This type of clause is common in the terms of service for
online platforms] [Itâs important for users]
This comment reeks like ChatGPT generated content, tbh.
donmcronald wrote 3 days ago:
> typically found in the terms of service for a platform or service
provider like Vultr
> showcase user-generated content
What? Am I unaware of some service they offer? I don't want an
infrastructure provider doing anything with my content. They
shouldn't even have access to anything that's not publicly accessible
unless someone needs one-off access to help with a support incident.
It's not "content" for a lot of customers. It's private, proprietary
information. What if someone is using Vultr to host an app for a
company that requires an NDA from the webdev? Are they stuck in
limbo as of right now?
The Vultr account owner might not even be the owner of the data
hosted in the account. The whole thing is crazy. How are there
people here defending this as "normal"?
red-iron-pine wrote 3 days ago:
legal discovery software, man. we'll see if those lawyers can still
demand 400/hr in the future.
ChatGPT may eat those legal disco companies, too
hattchett wrote 3 days ago:
Yup
freitzkriesler2 wrote 3 days ago:
Fitting for a company named vulture.
vxxzy wrote 3 days ago:
Well, time to move away from Vultr. Luckily I don't have too much over
there other than some small projects.
j16sdiz wrote 3 days ago:
The cause is retrained by
"... for purposes of providing the Services to you."
if you take the narrowest read, it would allow them to store or cache
them. That's it.
SuperNinKenDo wrote 2 days ago:
To speak Laconically: If.
TomSwirly wrote 3 days ago:
The phrase "in any way that Vultr deems appropriate" does not
encourage a narrow read.
It is a wildcard that allows them to do whatever they want with the
data and then argue, "We deemed it appropriate."
diggan wrote 3 days ago:
Not sure it says what you think/want it to say:
> You are responsible for the information, text, opinions, messages,
comments, audio visual works, motion pictures, photographs, animation,
videos, graphics, sounds, music, software, Apps, and any other content
or material that
That's the prefix to your first paragraph, meaning you as the user is
responsible for that, not that Vultr is responsible for that.
Your second paragraph is explicitly about "for purposes of providing
the Services to you" which it'd be really hard to argue that "using
your user's uploaded photo for Vultr's marketing promotion" is for the
purpose of providing a service to you, so I don't think you have to be
afraid of that.
I'm sure Vultr's terms and conditions contain horrible shit, just like
any other terms and conditions. But I don't think those two paragraphs
highlight anything more nefarious than usual.
TomSwirly wrote 3 days ago:
You missed the "in any way that Vultr deems appropriate" clause. This
is a classic weasel phrase which means they can do as they please.
"Why did you sell my data to an AI company?" "We deemed it
appropriate."
There is also the sublicensing clause, which means they can sell it
to anyone, and "process, adapt, [...] modify, prepare derivative
works", which has nothing to do with hosting, but allows them to
change your data and reuse it for any purpose they "deem
appropriate".
diggan wrote 3 days ago:
> You missed the "in any way that Vultr deems appropriate" clause.
This is a classic weasel phrase which means they can do as they
please.
No, I didn't, but you again missed the full context. Neither of
those terms can be considered in isolation, so again:
> You hereby grant to Vultr a non-exclusive [...] in any way that
Vultr deems appropriate [...] for purposes of providing the
Services to you
So unless it's for the purpose of providing you the service, it
doesn't matter what Vultr "deems" appropriate.
Feel free to check this with a lawyer if you feel unsure.
TomSwirly wrote 3 days ago:
I did not miss the full context.
"Deemed" in particular doesn't require any sort of reasoning or
argument for the company to make any decision it likes. And
"appropriate" is not a synonym for "necessary".
"Why did you sell my data?" "We deemed it appropriate for the
purposes of providing the Services to you."
What's your legal refutation to this under US law?
(In the EU, this whole clause would possibly be unenforceable
from the start, but I know a lot less about EU law.)
lcnmrn wrote 3 days ago:
I need new hosting service for Subreply. Any good providers?
65 wrote 2 days ago:
DigitalOcean App Platform is pretty good. Easy to use.
Havoc wrote 3 days ago:
Thatâs one way to ensure your company only hosts worthless shit.
I doubt the random blogs etc had much AI training value in the first
place so this very much feels like an own goal
chrisjj wrote 3 days ago:
Corrected link:
URI [1]: https://old.reddit.com/r/selfhosted/comments/1bouuv7/warning_v...
VonNaturAustre wrote 2 days ago:
Thanks!
doctor_eval wrote 3 days ago:
Thatâs remarkable. Iâm a huge fan of vultr and I donât want to
believe that this has been done in bad faith, but of course long
experience sadly suggests otherwise.
That said, due to the type of service they provide, vultr customers
like myself donât necessarily even have the right to grant them the
rights that they claim here. If I run a SaaS and people are uploading
photos for work (eg photos of property damage for the purposes of
identifying and repairing it), those photos are not my property and
must not become public. The idea that this could ever be OK is batshit
insane.
So I hope/suspect this policy is going to be reverted pretty quickly,
since it seems quite incompatible with their core business.
No way can I risk my customers data being âpublicly displayedâ!
lompad wrote 3 days ago:
That particular Vulture certainly won't fly in the EU.
Without a simple summarization for end users you can't just hide
"unexpected" things in ToS-updates. And, well, a cloud-hoster deciding
randomy to own your content hosted on servers you pay for is certainly
neither expected nor typical.
Good luck enforcing anything of that, vultr.
madsbuch wrote 3 days ago:
From one of the Reddit commenters:
> Edit: As an EU customer, and having called my lawyer really quickly,
we don't even think that this is legal / would hold up in court in the
EU. Also they'd have been required to summarise the TOS changes as by
our local law.
While companies can write whatever they want in their TOS, I would wary
using the rights I just gave to myself. It can be devastating.
sam_goody wrote 1 day ago:
If Vultr thinks they have the rights, they will use my data.
The odds that they will ever be found out, that if found out they
will be successfully sued, and that if that happens I will be made
whole for whatever damage I have suffered, are slim.
The clause implies it is in their mind that they can play these
games.
Better use a competitor that explicitly claims that you are renting
the server for .. yourself.
I don't use Google Compute, but wonder if their terms are better. It
would not surprise me at all if you allow Google to crawl all of your
Compute instances and combine that with data from their many other
sources (Chrome, Chrome OS, Android services, DNS servers, analytics,
usage on their properties such GMaps/Youtube, etc.)
vsnf wrote 3 days ago:
I'm conflicted on comments like that. On one hand, companies make
mistakes otherwise they'd never lose in court, but they do from time
to time. On the other hand, Vultr has their own lawyers, presumably
higher paid and better armed than an individual would have access to,
so how confident can one be that their personal lawyer has a better
legal theory than the corporate lawyers?
yreg wrote 3 days ago:
It's not even about how much paid/skilled they are.
The new ToS were surely a big project with tens of hours (or more)
of research done for it.
The redditor's lawyer just picked up a phone and offered some gut
response. My lawyer friends are happy to share their thoughts, but
they usually tell me that they need to do research to provide
reliable guidance.
doctor_eval wrote 3 days ago:
Well I think the Reddit commentator is probably right, but these
TOS significantly increase the risk of using Vultr, regardless of
the legality in whichever jurisdiction.
The problem is that if Vultr really thinks it can exercise these
rights, then there is a risk that proprietary information stored on
their servers will be made public -- despite what EU or any other
laws might say.
It doesn't really matter if you can take them to court if Vultr
causes a data leak that results in the loss all your customers. And
most of us don't have the resources to be able to do that anyway.
All of that said. I've found Vultr really good to work with and I
am crossing my fingers, though not assuming, that this is a
mistake.
I've raised a ticket with them, and I'll give them a couple of
weeks before I make plans to pull out. Fortunately I'm still in
stealth mode and have zero customers, so I can afford to wait. I'd
be absolutely freaking out right now if I had live customers.
madsbuch wrote 3 days ago:
I think this is insightful.
What a company write in their TOS is an indication of what they
intend to do. Broad scopes also means broad intentions (like
startups).
You could read into that, that Vultr is intending to break the
law in the EU, however little there is to do about it.
Its a liability for the customers knowing this. But it is also a
liability for Vultr who will see it more difficult to establish
in the EU, should that ever be wanted.
lompad wrote 3 days ago:
Happens a lot, mostly when US Companies with a majority of their
customers in the US make changes without thinking about other
countries/ taking them seriously.
Additionally, ToS really don't count for much in the EU, they're
usually not enforcable anyway, if there's anything out of the
ordinary at all. There's a whole lot of stuff in ToS nobody is ever
going to be able to enforce at all.
They probably expected to fly under the radar, without making sure
it's even okay everywhere. Well, that's not going to happen I
guess.
ehnto wrote 3 days ago:
I suppose it doesn't make a material difference if it's
enforceable, since if you have personal data on their platform
right now you have to assume it's been accessed or consumed in
some form.
They obviously had an inent to start using the data for
something, and given what I know about tech businesses, I
wouldn't assume they only started once the ToS change was made. I
would consider my data compromised.
traceroute66 wrote 3 days ago:
I'm not seeking to defend Vultr here, but perhaps people need to think
about this in a sensible manner.
Given the way of today's internet, with GPT-bots crawling your stuff
without your permission to use in their services, and with
search-engines crawling and generally providing means of content
removal that have limited effect .... what else are Vultr supposed to
do ?
If you are granting them permission to, for example, "display" your
content. Then there's not much they can do if you cancel your Vultr
account but your content remains part of the GPT training material ?
citruscomputing wrote 3 days ago:
I run my private nextcloud server on vultr. Everything is behind a
login wall. They absolutely do not have my permission to use my years
of notes, legal documents, calendar information, and photos (most of
which have never been posted publicly) in any way!
> what else are Vultr supposed to do ?
Continue providing the services they do, with reasonable terms, or
die. No, you can't just up and take all my photos and sell them to
some AI training dataset because you wanted more money. Sorry!
mekster wrote 1 day ago:
Maybe it's time that basement servers should be the norm for self
hosters.
I bought a HardKermel x64 servers and happy that I have no ToS to
worry about. I can send encrypted back ups to utilize any cloud out
there without a concern.
Could've tried Pi but some docker packages don't run on Arm.
neoecos wrote 2 days ago:
What are you planning to do? I'm in the same situation, but without
accepting the terms i'm no even able to "delete" my server/account.
(already backing up things to move away)
groestl wrote 3 days ago:
"commercialize the User Content in any way that Vultr deems
appropriate" is not at all related to CYA wrt crawlers.
GrumpySloth wrote 3 days ago:
How does it apply to VPS instances? Do they snapshot them and scan the
filesystem for content?
Iâll be migrating to Hetzner in any case.
EVa5I7bHFq9mnYK wrote 2 days ago:
I once asked Hetzner, do they have protections in place against a
rogue employee peeking at data inside my servers, as I was worried
about some sensitive data stored in there. Their response was: "If
you are asking that question, you are probably mining crypto, so
we'll ban you".
yogorenapan wrote 1 day ago:
Similar experience with Hetzner. They seem to be extremely
ban-happy. I get banned when I first sign up for no particular
reason other than I tend to have my VPN on. After emailing support
and providing identification, I still got banned after changing my
billing to use privacy.com
aitchnyu wrote 1 day ago:
Yikes. How do we make an informed choice for a not ban-happy
provider, especially since Indian id cards seem to be rejected?
yogorenapan wrote 1 day ago:
I suppose you could stick with AWS or Azure. I ended up using
the VPS that sponsors mailcow (eth-services.de) which is
slightly more expensive by a few cents
arcastroe wrote 2 days ago:
If this is the case, is there a way to protect against it? Is there a
way to keep the data encrypted? Thinking along the lines of bitlocker
on windows.
GrumpySloth wrote 2 days ago:
No. VM snapshots include RAM as well, so the decryption key can be
copied from there. The decrypted data can also be intercepted when
you decrypt it.
Without the pipe dream of efficient homomorphic encryption you
canât protect your data from a hostile VPS provider.
groestl wrote 3 days ago:
Have all my stuff there (bare metal), can recommend.
docc wrote 3 days ago:
same, using it for years. Its great
tedeh wrote 3 days ago:
I'm guessing they're about to make some kind of generative-AI play and
need access to more data.
Havoc wrote 2 days ago:
It was added before data for AI became big
itronitron wrote 3 days ago:
I could see a company claiming they need AI in order to provide their
service to their users.
groestl wrote 3 days ago:
Or they used AI to generate their new TOS and didn't proofread...
itronitron wrote 3 days ago:
... and the AI was trained on data belonging to Vultr users, who
happen to be lawyers...
throwaway1o24 wrote 3 days ago:
They appear to be appropriately named
exe34 wrote 2 days ago:
Nominative determinism. Unlike OpenAI. I suppose it's a form of
carcinization for corporations.
dig1 wrote 3 days ago:
You are probably looking for this summary [1]:
https://www.vultr.com/legal/tos/
Section 12:
You hereby grant to Vultr a non-exclusive, perpetual, irrevocable,
royalty-free, fully paid-up, worldwide license (including the right to
sublicense
through multiple tiers) to use, reproduce, process, adapt, publicly
perform, publicly display, modify, prepare derivative works, publish,
transmit
and distribute each of your User Content, or any portion thereof,
in any form, medium or distribution method now known or hereafter
existing, known
or developed, and otherwise use and commercialize the User Content
in any way that Vultr deems appropriate, without any further consent,
notice and/or
compensation to you or to any third parties, for purposes of
providing the Services to you.
URI [1]: https://old.reddit.com/r/selfhosted/comments/1bouuv7/warning_v...
singleshot_ wrote 1 day ago:
> perpetual
> without compensation
Truly exquisite contract drafting, gentlemen.
amluto wrote 1 day ago:
I find text like this especially odd â itâs entirely implausible
that Vultrâs customers actually have the right to grant this
license.
Imagine the copyright infringement case Getty Images v. Vultr:
âYour honor, Joe Shmo LLC gave us an eternal right to do anything
we want with this image that is watermarked âGetty Imagesâ, so
Getty canât sue us.â
Maybe we need a provision in context law that directly penalizes
anyone who writes a ludicrous provision into a contract.
funcDropShadow wrote 3 days ago:
On top Vultr gives all the liabilities to the v̶i̶c̶t̶i̶m̶ ...
customer:
> As between you and us, you own your User Content and you have full
responsibility for all User Content you make or submit, including its
legality, reliability and appropriateness, while using the Services.
juitpykyk wrote 3 days ago:
> for purposes of providing the Services to you
This seems the key part
Terr_ wrote 1 day ago:
"Selling copies of your genome to partners enables us to affordably
provide the service, therefore you agreed to it."
gregw2 wrote 3 days ago:
I am not a lawyer but I have seen startups distort/rationalize
legal language as their tech services evolve to grandfather new
situations into old language.
I donât know if vultr language is worse than others, but my
concern would be that someone selling you out can squeeze a lot in
that clause for a long time, particularly if you never find out.
Arguably thatâs in bad faith, butâ¦
Say that to provide the Services to you, vultr has to supplement
its income by (old school) selling your videos to a dvd publishing
company, or (newer) creating their own streaming tv channel, or
providing them to an AI model training company, or providing them
to an âaffiliateâ advertising-serving broker who slurps your
created content and slaps one or more segmentation labels about
your content (âkinkâ, âreligion(X)â, âgamerâ) tied to
your email which it then resells to world+dog?
Ie is selling you out part of what vultr needs to do to provides
the Services to you?
I find it very hard to trust companies based solely on their legal
language when that language is viewed from an adversarial position.
But I am not lawyer to know what kinds of âmisreadingsâ are
âbeyond the paleâ/not legally defensible.
groestl wrote 3 days ago:
"an adversarial position" is the only position you should assume
when interpreting legal texts. After all, if push comes to shove,
your the actual adversary. And in any other case the legal text
is not needed.
singleshot_ wrote 1 day ago:
Assume that immediately after executing any contract, the
counterparty will be purchased by the Devil. Draft accordingly
within reason.
emmanueloga_ wrote 3 days ago:
Does it change anything? Paraphrasing:
"Vultr [will own] [all of your] User Content [and do whatever Vultr
wants with] the User Content [...] for the purposes of providing
the Services to you."
You could read that as: "if you want to work with us we will own
all of your user content".
rad_gruchalski wrote 1 day ago:
The question is: how would your lawyer read it.
pera wrote 3 days ago:
They want permission to commercialise my content "for purposes of
providing the Services to" me?
First time I hear such requirement
res0nat0r wrote 2 days ago:
This verbiage is standard for almost all internet/service
providers, it's language to allow them to display your content on
their behalf.
juitpykyk wrote 3 days ago:
They offer services like store fronts. This might require them to
sell your stuff and accept credit cards on your behalf.
URI [1]: https://www.vultr.com/marketplace/apps/woocommerce/
pera wrote 3 days ago:
Ah I was not aware of this, I guess it makes sense then? They
could make this section of the ToS specific to their
marketplace/store front products
DougBTX wrote 3 days ago:
Thatâs an easy one: the company exists to provide The Services,
revenue from commercialising the content supports the company.
groestl wrote 3 days ago:
That's the basis for any business model where you are the
product.
cookiemonsieur wrote 3 days ago:
> That's the basis for any business model where you are the
product.
True but most times, when you are the product, the service is
free. In this case you pay for the service.
lincm83hey wrote 2 days ago:
They do offer relatively inexpensive solutions, though. And
LinkedIn is a good example of a business whose revenues are
largely made from sharing and harvesting data from both paid
and free users for the benefit of some of those paying users,
and some third parties, too.
Vultr is just even cheekier than LinkedIn.
Who's to say if they'll actually act on this, but them
setting themselves up to legally do this is all a bit gross.
funcDropShadow wrote 3 days ago:
Then look at the TOS of Whatsapp, Facebook, and Instagram.
pera wrote 3 days ago:
Yeah sorry I meant in the context of cloud providers
wodenokoto wrote 3 days ago:
So they have a perpetual right to your contend, for as long as they
are providing you a service.
Either way you read it, it seems like poor wording.
andy_ppp wrote 3 days ago:
Perpetual means continuing forever, so why would it end at the
end of the services?
wodenokoto wrote 3 days ago:
If you ask your parents if you can stay up late to finish your
homework essay, it should follow that you only gain that right
until the essay is finished.
If you ask if you can stay up late for the rest of your life,
it should follow that you gain that right for the rest of your
life.
If you ask for both at the same time, in the same sentence, you
might grow up to write TOS for vultr.
postepowanieadm wrote 3 days ago:
They don't need a licence, and a very wide one, to do this.
_flux wrote 3 days ago:
That's probably not a legal opinion they paid for.
tempaccount420 wrote 3 days ago:
Knowing lawyers, it was probably sloppily copied from another
ToS they (or not even them) wrote.
progbits wrote 3 days ago:
URI [1]: https://old.reddit.com/r/selfhosted/comments/1bouuv7/warning_v...
RadixDLT wrote 3 days ago:
wrong link
meblum wrote 3 days ago:
URI [1]: https://www.reddit.com/r/selfhosted/comments/1bouuv7/warning...
DIR <- back to front page