• Announcements

    • MannDude

      Current state of vpsBoard   02/04/2017

      Dear vpsBoard members and guests:

      Over the last year or two vpsBoard activity and traffic has dwindled. I have had a change of career and interests, and as such am no longer an active member of the web hosting industry.

      Due to time constraints and new interests I no longer wish to continue to maintain vpsBoard. The web site will remain only as an archive to preserve and showcase some of the great material, guides, and industry news that has been generated by members, some of which I remain in contact to this very day and now regard as personal friends.

      I want to thank all of our members who helped make vpsBoard the fastest growing industry forum. In it's prime it was an active and ripe source of activity, news, guides and just general off-topic banter and fun.

      I wish all members and guests the very best, whether it be with your business or your personal projects.

      -MannDude
DomainBop

PayPal Demands That Seafile Monitor Customers Uploaded Files

11 posts in this topic

PayPal is apparently turning into big brother and demanded that Seafile monitor files that customers upload to its hosted Seafile service as a condition for accepting PayPal.  SeaFile refused and so PayPal will no longer be an option for Seafile services as of tomorrow June 19.

The big question is will PayPal start demanding that other cloud storage providers like Dropbox and hosted OwnCloud, (or regular webhosts or openstack object storage providers for that matter) monitor their customer's files, or is this an isolated incident where some idiot at PayPal confused SeaCloud, a file storage/sync provider, with file sharing sites like YouTube ?

+1 to Seafile for telling PayPal to go eff themselves.

source: https://seafile.de/en/important-infos-about-app-seafile-de-and-licensing-purchases-through-our-web-shops/

Quote

 

From tomorrow, Sunday June 19th 2016 we are no longer allowed to accept payments via PayPal. PayPal has demanded that we monitor data traffic as well as all our customers’ files for illegal content. They have also asked us to provide them with detailed statistics about the files types of our customers sync and share on https://app.seafile.de

Since complying with this demand would violate German / European data protection laws (and also be morally wrong in our opinion) we have declined to comply with this demand.

PayPal has notified us on June 14th that we have time until June 19th to remove PayPal as a payment method and all mentions of PayPal from our web sites.

For this reason we have to terminate all PayPal subscriptions for any purchases onhttps://shop.seafile.de and https://shop.seafile.com during the course of the day.

Please don’t worry about your data or your cloud account. We will not close any accounts. We will also continue our service on https://app.seafile.de – just without PayPal payments.

We are currently looking into other payment providers and hope to find a solution for the issue as soon as possible. Until we found one, you can keep using your existing cloud account. It’s just not possible to order new ones at the moment.

We apologize for any inconvenience this has caused you.

The backstory

We were first notified about a “violation of the PayPal terms” on June 2nd 2016. PayPal sent us 16 questions to answer about the details of our business plan. These questions seemed to target file sharing or torrent services. We tried to answer them as good as we could and also tried to explain to PayPal that we are not a file sharing or torrent service but offer a file sync and share service similar to Dropbox.

After answering all their questions as good as we could but clearly stating that we do not monitor our customers’ data and that doing so would violate German / European data protection laws we had to wait for two weeks to receive an answer.

PayPal’s answer reached us on June 14th stating to solve the current “conflict” we would have to remove PayPal as a payment method. Now, in our opinion this doesn’t resolve this so called “conflict” at all so we tried once again to speak to PayPal and explain our situation. The PayPal service representative we had on the phone was very surprised about the whole situation and told us that this would likely be some kind of misunderstanding. Since other sync and share services are allowed to offer PayPal, there should be no reason why we should be treated differently.

But on the next day someone from PayPal’s brand risk management team called us to confirm the original decision and said we indeed have to remove PayPal as a payment method until June 19th. That other similar services are allowed to use PayPal doesn’t matter to them. That some of them even use Seafile also doesn’t matter. PayPal makes these types of decisions on a case by case basis and in our case have decided to not allow us to use PayPal any longer. This decision is final and cannot be appealed or cross checked by a second reviewer.

 

 

4 people like this

Share this post


Link to post
Share on other sites

I don't know to be honest.  I know there's always two sides of the story and whatnot, but if this is true then this is absolutely ridiculous.  

I'd be interested in hearing Paypal's reasoning behind it. 

1 person likes this

Share this post


Link to post
Share on other sites

Can't monitor stuff.  That's just immoral digging into crap and then viewing to confirm.

Had to be about piracy.

 

1 person likes this

Share this post


Link to post
Share on other sites

German illegal content USA illegal content or Dutch illegal content? Different things for each so what would it be? In Germany anything Nazi is usually illegal but fine in  the USA.

Share this post


Link to post
Share on other sites

What is seafile and what is it known for / what is its reputation? ie is it like aws but for pirates?

Share this post


Link to post
Share on other sites
1 hour ago, vampireJ said:

What is seafile and what is it known for / what is its reputation? ie is it like aws but for pirates?

Seafile is file syncing/storage software (with features similar to Dropbox, Google Drive, or OwnCloud).  The software is offered in two versions: a free community version (open source) and a paid Professional version (the Pro version of the software has a few more features and uses a proprietary license).    Seafile has end-to-end client side encryption and is generally considered much more secure than OwnCloud.

Seafile is available as either self-hosted or SaaS (Seafile's SaaS service uses the pro version).  

Prometeus uses the free open source version of the software to power their IWsea Cloud Storage product.  

 

1 person likes this

Share this post


Link to post
Share on other sites

 

Quote

 

Update 2016/06/22

Yes, our PayPal account has been re-instated. PayPal called us this afternoon to apologize for the frustration and inconvenience that restricting our PayPal account has caused us. They said they made a mistake in our case. We are not a “high risk business” and sufficiently explained our business model to them when they asked us.

Theoretically we could accept PayPal payments again. But the whole situation has left a bad after taste. It just felt very wrong when we had to cancel all existing subscriptions last Saturday. We appreciate PayPal for apologizing and being so honest about the fact that they’ve made a mistake. But the whole incident has shattered our trust in PayPal. We just can’t imagine how we should be able to trust PayPal again after what has happened. That’s why we are currently still looking into alternatives.

 

In the words of Seafile's CEO in an interview with Fortune, it took a public outcry to get PayPal to realize their mistake :)

Quote

 

“In my opinion, they realized all the waves it caused and they’re trying to do some damage control. They wouldn’t have changed their mind if so many people weren’t yelling. I appreciate the gesture on their part, but for us the trust is gone.”

http://fortune.com/2016/06/22/paypal-seafile-monitoring/

 

I'm sure that she is wrong about PayPal just doing damage control because it looks like the 9 people on PayPal's board of directors include some very fine individuals who are noted for looking out for the interests of small business and the little guy.  Most importantly, PayPal's board includes an individual, Dave Dorman who is a noted fierce champion of privacy rights: 

Upstanding Citizens on PayPal's Board of Directors:

David W. Dorman (former CEO of AT&T, one of the first things he did as AT&T CEO was to enter into an illegal agreement to start secretly handing over customer metadata to the NSA around 2003-2004 which resulted in EFF filing a lawsuit, Hepting v. ATT, against ATT for violations of customer privacy in 2006)

John J. Donahoe (former eBay CEO, during his 7 years at the helm he tried to change the company's focus from being a marketplace of small sellers to a marketplace where large retailers could unload their crap while small sellers were treated as second class citizens and got crapped on)

Jonathan Christodoro, head of Icahn Capital (which has a long history of  buying stakes in companies and laying off tens of thousands of American workers.  On the plus side for movie lovers, Carl Icahn was one of the inspirations for the character Gordon Gecko)  

David M. Moffett  (was CEO of secondary mortgage lender Freddie Mac when the mortgage crisis hit in 2008. Mom and Pop on Main Street got screwed during the housing crisis, and Dave's friends got bailed out)

 

 

2 people like this

Share this post


Link to post
Share on other sites
1 hour ago, DomainBop said:

 

In the words of Seafile's CEO in an interview with Fortune, it took a public outcry to get PayPal to realize their mistake :)

I'm sure that she is wrong about PayPal just doing damage control because it looks like the 9 people on PayPal's board of directors include some very fine individuals who are noted for looking out for the interests of small business and the little guy.  Most importantly, PayPal's board includes an individual, Dave Dorman who is a noted fierce champion of privacy rights: 

Upstanding Citizens on PayPal's Board of Directors:

David W. Dorman (former CEO of AT&T, one of the first things he did as AT&T CEO was to enter into an illegal agreement to start secretly handing over customer metadata to the NSA around 2003-2004 which resulted in EFF filing a lawsuit, Hepting v. ATT, against ATT for violations of customer privacy in 2006)

John J. Donahoe (former eBay CEO, during his 7 years at the helm he tried to change the company's focus from being a marketplace of small sellers to a marketplace where large retailers could unload their crap while small sellers were treated as second class citizens and got crapped on)

Jonathan Christodoro, head of Icahn Capital (which has a long history of  buying stakes in companies and laying off tens of thousands of American workers.  On the plus side for movie lovers, Carl Icahn was one of the inspirations for the character Gordon Gecko)  

David M. Moffett  (was CEO of secondary mortgage lender Freddie Mac when the mortgage crisis hit in 2008. Mom and Pop on Main Street got screwed during the housing crisis, and Dave's friends got bailed out)

 

 

4 reasons why I won't be using PayPal in the future.

Share this post


Link to post
Share on other sites
16 minutes ago, drmike said:

4 reasons why I won't be using PayPal in the future.

On the positive side their board also includes Pierre Omidyar who put up the initial $250 mill to start 501(c) FirstLookMedia/The Intercept 

Share this post


Link to post
Share on other sites
1 hour ago, DomainBop said:

On the positive side their board also includes Pierre Omidyar who put up the initial $250 mill to start 501(c) FirstLookMedia/The Intercept 

Omidyar is far from a basket of good.  No soothing feeling from his name being on the positive side.

Share this post


Link to post
Share on other sites

  • Similar Content

    • By DomainBop
      PayPal customers in Turkey will no longer be able to receive or send money as of June 6, 2016 (only 1 week's notice was given) because Turkish regulators have rejected PayPal's license. This is going to hit any hosting company hard that is either located in Turkey or has customers in Turkey.  TL;DR PayPal is no longer an option for 75 million people...
      Google translate (if google spent half the time working on fixing its translation services that it does harvesting users data ...):
      PayPal  has some FAQs on this decision (in Turkish) for its Turkish customers here: https://www.paypal.com/tr/home
    • By drmike
      Caching layer at Steam exposed game subscribers info to other subscribers.  
      Details here: http://www.dailydot.com/politics/steam-bug-leaks-player-account-information/
    • By MannDude
      When ordering a service and viewing the due invoice, trying to subscribe to recurring payments sends you to a PayPal page to login. Afterwards, you are then sent to a page to input a 2 factor auth code. When clicking, "Send SMS" to retrieve the 6 digit code an error stating, "We're sorry. There's been an intermittent communication problem. Please try again later."
      About an hour has passed, and the issue persists. Anyone know whats up?
    • By Aldryic C'boas
      Like many hosts out there, the bulk of our recurring payments come in via PayPal.  And like most hosts that sell some of our services at decently low pricing, we've never been a fan of PayPal's fees taking a noticeable chunk out of the incoming payments.
       
      Standard PayPal fees are 2.9% + 0,30$ per transaction.  On a 5$ per month service, this amounts to 0,45$ in fees, leaving a 4,55$ income for the service.  If you're a respectable sized operation, let's say running 25 nodes with 75 of these 5$ plans each, that means PayPal is taking 843,75$ of your 9375$ income, leaving you with some change over 8500$.  Almost 10% of your income gone right off the top, before you even start looking at operating costs.
       
      For those that frequently collect smaller payments via PayPal, they also have a nifty program dubbed Micropayments.  It's a different fee rate you can have applied to your account, in which instead of 2,9% + 0,30$, it's 5% + 0,05$ applied to the sale.  So for our 5$ per month service, that puts you at 0,30$ in fees rather than 0,45$.  And if you're the respectable sized operation we mentioned before, it means your fees on that 9375$ income would only be 562,50$ rather than 843,75$ - an extra ~300$ in your pocket each month.  Sounds great!  But there's a catch:
       
      Do the math on those two fee structures, and you'll find the cutoff point is 12,00$ exactly.  Anything under 12$, and you pay less fees with Micropayment rates.  Anything over 12$, and you pay less on the standard fees.  Since few providers out there sell solely on the 12$ and under side of things, this means larger sales would take a bigger hit in fees if you switched to Micropayment rates.  Unless you had two PayPal accounts - one to receive the 12$+ payments at normal rates, and one for your <12$ payments are Micro rates.  Best of both worlds, and better yet this does *not* violate PayPal's TOS regarding holding more than one account per entity.  In fact, while speaking with our PayPal rep about holding a second account for the Micro rates, they encouraged us to pursue that course of action.
       
      But then, the catch strikes again.  WHMCS supports PayPal, but only a single account.  While the more crafty among us could indeed find a way to enable the PayPal gateway multiple times for multiple PayPal accounts (WARNING: I *strongly* advise against attempting to do this, as it leads to a rather nasty vulnerability), there's no sure-fire way to ensure clients would be using the correct one when paying their invoice, and you could end up being worse off than just eating the standard fees alone.
       
      About a year ago, after a ridiculous amount of testing and development, I wrote two scripts to add a 'PayPal Micro' gateway to WHMCS.  Superficially, it looks and behaves just like the normal PayPal gateway, except that you're entering two sets of information: Main PayPal Email, Micro Email; Main API creds; Micro API creds (API creds optional, only needed for refunds just like the regular PayPal gateway).  Simply displaying as 'PayPal' to clients, the entire process is done behind the scenes and requires no additional scripting or file modification.  When a client makes payment over 12$, the gateway pushes the information to your normal PayPal account, where normal fees are processed.  When the payment is under 12$, the gateway pushes to the micro-paypal account, where you get to take advantage of the lower fees on smaller payments, reducing your overhead and adding more to your bottom line.  Refunds work exactly the same as they do normally: when you press the 'Refund' button in WHMCS (or trigger it via API/etc), the gateway will select the correct PayPal account to push API credentials for, regardless of how much you're actually refunding of the payment.  To clarify: a 3$ refund from a 25$ transaction will still be processed properly by the 'Main' account, since that's where the transaction originally happened.
       
      Now, unlike my previous work, I'm not giving this away for free.  As I mentioned earlier, a modest sized operation will be saving hundreds of dollars a month - and obviously the more transactions you have, the more you benefit.  There won't be any licensing or recurring payments or any of that mess - a simple one-off payment and you receive two Ioncube encoded .php files - one goes into /whmcs/modules/gateways/ and the other into /whmcs/modules/gateways/callback/.  If for whatever reason PayPal decides to change up their API or any adjustments are needed to the files, I'll do so and hand out the updates to the folks that already paid at no cost.  This is also not theoretical work - we're using the exact same code at BuyVM/BuyShared, and have been for about a year, with no complications.  That's also a pretty solid guarantee that if any updates did have to be made, I'd have it done pretty quickly.
       
      This is a fairly unique setup, so I'm not going to put a price tag here.  But if you're interested in grabbing a copy, drop me a PM here on VPSB, and we'll work out a fair price.
    • By splitice
      Does anyone know how to go about reporting transactions received from stolen Paypal accounts? I cant seem to find anywhere (and I don't want to phoneticify over the phone).
       
      Having recognized the pattern I have refunded all the received payments. A certain new hosting company (isnt summer holidays in US over yet?) decided to pay for their services using 5 accounts and 15 transactions via stolen Paypals. Unfortunately Paypal caught a few before me so Paypal will make a bit in fees :(
       
      Anyway figured if its possible I would do the right thing and report them for the sake of the rightful owners.