Vultr: Difference between revisions
m remove category |
m improve references with additional information |
||
| Line 18: | Line 18: | ||
==Consumer-protection profile== | ==Consumer-protection profile== | ||
===Privacy<ref>https://www.vultr.com/legal/privacy/</ref>=== | ===Privacy<ref>{{Cite web |date=18 September 2024 |title=Legal: Privacy |url=https://www.vultr.com/legal/privacy/ |access-date=15 Mar 2025 |website=Vultr}}</ref>=== | ||
* Vultr collects industry standard information necessary to provide the service such as registration information, billing information, and IP addresses. | *Vultr collects industry standard information necessary to provide the service such as registration information, billing information, and IP addresses. | ||
* Vultr also collects usage data when interacting with their services. This does not include the user's data stored on their servers. | *Vultr also collects usage data when interacting with their services. This does not include the user's data stored on their servers. | ||
* Vultr uses cookies to collect information when the user visits their website. | *Vultr uses cookies to collect information when the user visits their website. | ||
* Information Vultr collects is used to improve their services and shared with third-parties for marketing purposes including targeted advertisements. | *Information Vultr collects is used to improve their services and shared with third-parties for marketing purposes including targeted advertisements. | ||
===Transparency=== | ===Transparency=== | ||
* Vultr has had major issues regarding their transparency in the past. [citation needed] | *Vultr has had major issues regarding their transparency in the past. [citation needed] | ||
* Vultr's compliance to information security best practices, verified routinely by external audits, has earned the company multiple industry-recognized certifications & attestations such as [https://secureframe.com/hub/soc-2/what-is-soc-2 SOC 2 Type II] and [https://www.iso.org/standard/27001 ISO 27001].<ref>https://www.vultr.com/legal/compliance/</ref><ref>https://blogs.vultr.com/Announcing-Vultrs-New-ISO-Certifications</ref> | *Vultr's compliance to information security best practices, verified routinely by external audits, has earned the company multiple industry-recognized certifications & attestations such as [https://secureframe.com/hub/soc-2/what-is-soc-2 SOC 2 Type II] and [https://www.iso.org/standard/27001 ISO 27001].<ref>{{Cite web |title=Security and Compliance |url=https://www.vultr.com/legal/compliance/ |access-date=15 Mar 2025 |website=Vultr}}</ref><ref>{{Cite web |date=20 Jun 2024 |title=Announcing Vultr's New ISO Certifications |url=https://blogs.vultr.com/Announcing-Vultrs-New-ISO-Certifications |access-date=15 Mar 2025 |website=Vultr}}</ref> | ||
* As explained below, Vultr is quite suspicious due to the rights it claimed to have in the past over user content, and the license it gave itself to manage that data, which users store on Vultr's servers. Right now, the wording of those policies is unclear. | *As explained below, Vultr is quite suspicious due to the rights it claimed to have in the past over user content, and the license it gave itself to manage that data, which users store on Vultr's servers. Right now, the wording of those policies is unclear. | ||
==Consumer-protection incidents== | ==Consumer-protection incidents== | ||
| Line 35: | Line 35: | ||
===Vultr amends its terms of service (2024)=== | ===Vultr amends its terms of service (2024)=== | ||
Initially, Vultr's [[terms of service]] (TOS) declared the following content policy for users in clause 5.1<ref name="tos_2016">https://web.archive.org/web/20160419054251/https://www.vultr.com/legal/tos/</ref> | Initially, Vultr's [[terms of service]] (TOS) declared the following content policy for users in clause 5.1<ref name="tos_2016">{{Cite web |title=Legal |url=https://www.vultr.com/legal/tos/ |url-status=live |archive-url=https://web.archive.org/web/20160419054251/https://www.vultr.com/legal/tos/ |archive-date=19 Apr 2016 |access-date=15 Mar 2025 |website=Vultr}}</ref> | ||
<blockquote> | <blockquote> | ||
| Line 41: | Line 41: | ||
</blockquote> | </blockquote> | ||
In June 2021, Vultr rewrote large portions of its TOS, moving clause 5.1 to 15(c), and adding the following content policy under clause '''12.1(a)'''<ref name="tos_2021">https://web.archive.org/web/20210729200233/https://www.vultr.com/legal/tos/#tos_12</ref> which would become highly controversial: | In June 2021, Vultr rewrote large portions of its TOS, moving clause 5.1 to 15(c), and adding the following content policy under clause '''12.1(a)'''<ref name="tos_2021">{{Cite web |title=Legal Section 12: User Content |url=https://www.vultr.com/legal/tos/#tos_12 |url-status=live |archive-url=https://web.archive.org/web/20210729200233/https://www.vultr.com/legal/tos/#tos_12 |archive-date=29 Jul 2021 |access-date=15 Mar 2025 |website=Vultr}}</ref> which would become highly controversial: | ||
<blockquote> | <blockquote> | ||
| Line 47: | Line 47: | ||
</blockquote> | </blockquote> | ||
In addition to this, a new statement appeared in the ''Terms of Service Highlights'' which strongly implies that users implicitly "agree" to any existing or new terms every time they use Vultr's services:<ref name="tos_2021"/> | In addition to this, a new statement appeared in the ''Terms of Service Highlights'' which strongly implies that users implicitly "agree" to any existing or new terms every time they use Vultr's services:<ref name="tos_2021" /> | ||
<blockquote> | <blockquote> | ||
| Line 55: | Line 55: | ||
Regardless of this remark, Vultr occasionally asks users to reaffirm their subjugation to those terms. | Regardless of this remark, Vultr occasionally asks users to reaffirm their subjugation to those terms. | ||
In March 2024, Vultr asked users to accept its new terms, including clause 12.1(a) mentioned above.<ref name="vultr_blog">https://blogs.vultr.com/a-note-about-vultrs-terms-of-service</ref> This sparked an outrage among users, who hadn't noticed the 12.1(a) policy until 2024, 3 years after its debut (this is typical for a [[EULA roofie]]). The most notable complaint came from a [https://www.reddit.com/r/selfhosted/comments/1bouuv7/warning_vultr_a_major_cloud_provider_is_now/ Reddit post] claiming that Vultr has rights to use user data for the purposes of training artificial intelligence.<ref>https://www.reddit.com/r/selfhosted/comments/1bouuv7/warning_vultr_a_major_cloud_provider_is_now/</ref> In response to the criticism, Vultr's legal team altered clause 12.1(a) the next day (after the post) to delete the offending paragraph.<ref>https://web.archive.org/web/20240328233729/https://www.vultr.com/legal/tos/#tos_12</ref> | In March 2024, Vultr asked users to accept its new terms, including clause 12.1(a) mentioned above.<ref name="vultr_blog">{{Cite web |date=29 Mar 2024 |title=A Note About Vultr's Terms of Service |url=https://blogs.vultr.com/a-note-about-vultrs-terms-of-service |access-date=15 Mar 2025 |website=Vultr}}</ref> This sparked an outrage among users, who hadn't noticed the 12.1(a) policy until 2024, 3 years after its debut (this is typical for a [[EULA roofie]]). The most notable complaint came from a [https://www.reddit.com/r/selfhosted/comments/1bouuv7/warning_vultr_a_major_cloud_provider_is_now/ Reddit post] claiming that Vultr has rights to use user data for the purposes of training artificial intelligence.<ref>{{Cite web |last=u/WyvernCo |date=27 Mar 2024 |title=Warning: Vultr (a major cloud provider) is now claiming full perpetual commercial rights over all hosted content |url=https://www.reddit.com/r/selfhosted/comments/1bouuv7/warning_vultr_a_major_cloud_provider_is_now/?rdt=64600 |access-date=15 Mar 2025 |via=Reddit}}</ref> In response to the criticism, Vultr's legal team altered clause 12.1(a) the next day (after the post) to delete the offending paragraph.<ref>{{Cite web |title=Legal Section 12: User Content |url=https://www.vultr.com/legal/tos/#tos_12 |url-status=live |archive-url=https://web.archive.org/web/20240328233729/https://www.vultr.com/legal/tos/#tos_12 |archive-date=28 Mar 2024 |access-date=15 Mar 2025 |website=Vultr}}</ref> | ||
The user backlash also provoked an official response from Vultr in which the company wrote:<ref name="vultr_blog"/> | The user backlash also provoked an official response from Vultr in which the company wrote:<ref name="vultr_blog" /> | ||
<blockquote> | <blockquote> | ||
| Line 65: | Line 65: | ||
Despite Vultr's vow that access to the user's content is solely for security purposes, the wording of their TOS did not reflect this sentiment, and was widely criticized as a gross failure in transparency, or more cynically, as a stealthy attempt to seize the rights to users' personal data for any purpose, without consent. | Despite Vultr's vow that access to the user's content is solely for security purposes, the wording of their TOS did not reflect this sentiment, and was widely criticized as a gross failure in transparency, or more cynically, as a stealthy attempt to seize the rights to users' personal data for any purpose, without consent. | ||
As of January 2025, the older 15(c) clause remains in force:<ref>https://web.archive.org/web/20250124095655/https://www.vultr.com/legal/tos/#tos_15</ref> | As of January 2025, the older 15(c) clause remains in force:<ref>{{Cite web |title=Legal Section 15: Intellectual Property Rights |url=https://www.vultr.com/legal/tos/#tos_15 |url-status=live |archive-url=https://web.archive.org/web/20250124095655/https://www.vultr.com/legal/tos/#tos_15 |archive-date=24 Jan 2025 |access-date=15 Mar 2025 |website=Vultr}}</ref> | ||
<blockquote> | <blockquote> | ||
| Line 76: | Line 76: | ||
<references /> | <references /> | ||
[[Category:Vultr]] | |||
[[Category: | |||
Latest revision as of 10:40, 15 March 2025
| Basic information | |
|---|---|
| Founded | 2014 |
| Type | Private |
| Industry | Cloud Computing |
| Official website | https://vultr.com/ |
As quoted from their website:
“ Vultr, founded in 2014, is on a mission to empower developers and businesses by simplifying the deployment of infrastructure via its advanced cloud platform. Vultr is strategically located in 32 datacenters around the globe and provides frictionless provisioning of public cloud, storage and single-tenant bare metal.
Vultr has made it our priority to offer a standardized highly reliable high performance cloud compute environment in all of the cities we serve. Launching a cloud server environment in 32 cities around the globe has never been easier. ”
Among those cloud services are storage, servers, and databases.
Consumer-protection profile[edit | edit source]
Privacy[1][edit | edit source]
- Vultr collects industry standard information necessary to provide the service such as registration information, billing information, and IP addresses.
- Vultr also collects usage data when interacting with their services. This does not include the user's data stored on their servers.
- Vultr uses cookies to collect information when the user visits their website.
- Information Vultr collects is used to improve their services and shared with third-parties for marketing purposes including targeted advertisements.
Transparency[edit | edit source]
- Vultr has had major issues regarding their transparency in the past. [citation needed]
- Vultr's compliance to information security best practices, verified routinely by external audits, has earned the company multiple industry-recognized certifications & attestations such as SOC 2 Type II and ISO 27001.[2][3]
- As explained below, Vultr is quite suspicious due to the rights it claimed to have in the past over user content, and the license it gave itself to manage that data, which users store on Vultr's servers. Right now, the wording of those policies is unclear.
Consumer-protection incidents[edit | edit source]
Vultr amends its terms of service (2024)[edit | edit source]
Initially, Vultr's terms of service (TOS) declared the following content policy for users in clause 5.1[4]
“As between You and Vultr, Vultr acknowledges that it claims no proprietary rights in or to the content (including without limitation, text, software, music, sound, audio visual works, motion pictures, photographs, animation, video and graphics) supplied by You for use on Your web site ("Your Content"). You hereby grant to Vultr a non-exclusive, worldwide and royalty-free license to copy, make derivative works, display, perform, use, broadcast and transmit on and via the Internet Your Content, solely for the benefit of You and to enable Vultr to perform its obligations hereunder.”
In June 2021, Vultr rewrote large portions of its TOS, moving clause 5.1 to 15(c), and adding the following content policy under clause 12.1(a)[5] which would become highly controversial:
“You hereby grant to Vultr a non-exclusive, perpetual, irrevocable, royalty-free, fully paid-up, worldwide license (including the right to sublicense through multiple tiers) to use, reproduce, process, adapt, publicly perform, publicly display, modify, prepare derivative works, publish, transmit and distribute each of your User Content, or any portion thereof, in any form, medium or distribution method now known or hereafter existing, known or developed, and otherwise use and commercialize the User Content in any way that Vultr deems appropriate, without any further consent, notice and/or compensation to you or to any third parties, for purposes of providing the Services to you.”
In addition to this, a new statement appeared in the Terms of Service Highlights which strongly implies that users implicitly "agree" to any existing or new terms every time they use Vultr's services:[5]
“Each time you access and/or use the Services, you agree to be bound by these Terms and any Additional Terms that apply to you.”
Regardless of this remark, Vultr occasionally asks users to reaffirm their subjugation to those terms.
In March 2024, Vultr asked users to accept its new terms, including clause 12.1(a) mentioned above.[6] This sparked an outrage among users, who hadn't noticed the 12.1(a) policy until 2024, 3 years after its debut (this is typical for a EULA roofie). The most notable complaint came from a Reddit post claiming that Vultr has rights to use user data for the purposes of training artificial intelligence.[7] In response to the criticism, Vultr's legal team altered clause 12.1(a) the next day (after the post) to delete the offending paragraph.[8]
The user backlash also provoked an official response from Vultr in which the company wrote:[6]
“We value the feedback we receive from our customers, and we want to assure you that Vultr claims no rights to your content. Vultr has never claimed any rights to, used, accessed, nor allowed access to or shared your content, other than as may be required by law or for security purposes.”
Despite Vultr's vow that access to the user's content is solely for security purposes, the wording of their TOS did not reflect this sentiment, and was widely criticized as a gross failure in transparency, or more cynically, as a stealthy attempt to seize the rights to users' personal data for any purpose, without consent.
As of January 2025, the older 15(c) clause remains in force:[9]
“As between You and Vultr, Vultr acknowledges that it claims no proprietary rights in or to Your Content. You hereby grant to Vultr a non-exclusive, worldwide and royalty-free license to copy, make derivative works, display, perform, use, broadcast and transmit on and via the Internet Your Content, solely for the benefit of You and to enable Vultr to perform its obligations under these Terms.”
Note that the wording of this statement closely mimics Vultr's original 5.1 clause predating 2021. Despite the reassuring tone of this license, it remains unclear what "solely for the benefit of You" means in this context, since that phrase does not appear anywhere else in the TOS.
References[edit | edit source]
- ↑ "Legal: Privacy". Vultr. 18 September 2024. Retrieved 15 Mar 2025.
- ↑ "Security and Compliance". Vultr. Retrieved 15 Mar 2025.
- ↑ "Announcing Vultr's New ISO Certifications". Vultr. 20 Jun 2024. Retrieved 15 Mar 2025.
- ↑ "Legal". Vultr. Archived from the original on 19 Apr 2016. Retrieved 15 Mar 2025.
- ↑ 5.0 5.1 "Legal Section 12: User Content". Vultr. Archived from the original on 29 Jul 2021. Retrieved 15 Mar 2025.
- ↑ 6.0 6.1 "A Note About Vultr's Terms of Service". Vultr. 29 Mar 2024. Retrieved 15 Mar 2025.
- ↑ u/WyvernCo (27 Mar 2024). "Warning: Vultr (a major cloud provider) is now claiming full perpetual commercial rights over all hosted content". Retrieved 15 Mar 2025 – via Reddit.
- ↑ "Legal Section 12: User Content". Vultr. Archived from the original on 28 Mar 2024. Retrieved 15 Mar 2025.
- ↑ "Legal Section 15: Intellectual Property Rights". Vultr. Archived from the original on 24 Jan 2025. Retrieved 15 Mar 2025.