Hacker News new | comments | ask | show | jobs | submit login
PayPal has ceased processing MEGA customer payments (mega.nz)
296 points by jawngee on Feb 28, 2015 | hide | past | web | favorite | 149 comments

Here is the post, for those who don't want or can't load the page:

PayPal has ceased processing MEGA customer payments effective immediately.

MEGA is aware of a report published by NetNames (partially funded from the MPAA supported Digital Citizens Alliance) that incorrectly claims MEGA's business to not be a legitimate cloud storage service. MEGA is aware that Senator Leahy (Vermont, Chair Senate Judiciary Committee) then pressured Visa and MasterCard to cease providing payment services to the companies named in that report.

Visa and MasterCard then pressured PayPal to cease providing payment services to MEGA.

MEGA provided extensive statistics and other evidence showing that MEGA's business is legitimate and legally compliant. After discussions that appeared to satisfy PayPal’s queries, MEGA authorised PayPal to share that material with Visa and MasterCard. Eventually PayPal made a non-negotiable decision to immediately terminate services to MEGA. PayPal has apologised for this situation and confirmed that MEGA management are upstanding and acting in good faith. PayPal acknowledged that the business is legitimate, but advised that a key concern was that MEGA has a unique model with its end-to-end encryption which leads to “unknowability of what is on the platform”.

MEGA has demonstrated that it is as compliant with its legal obligations as USA cloud storage services operated by Google, Microsoft, Apple, Dropbox, Box, Spideroak etc, but PayPal has advised that MEGA's "unique encryption model" presents an insurmountable difficulty. The encryption models claimed by various USA and other entities apparently do not represent any problem to PayPal or the parties behind PayPal.

MEGA supplies cloud storage services to more than 15 million registered customers in more than 200 countries. MEGA will not compromise its end-to-end user controlled encryption model and is proud to not be part of the USA business network that discriminates against legitimate international businesses.

Until new payment systems are implemented, MEGA will temporarily not enforce its storage limits or suspend any accounts for non-payment and has extended existing subscriptions by 2 months free of charge.

For a country which calls itself, non-ironically, the "land of the free" it is quite disappointing how moneyed US politics and the US justice system is.

It is pretty apparent in this case that a cartel of US companies has some powerful people in their pockets (namely Senators) and those individuals can wield their power to shut down legitimate businesses running abroad.

In this case they will likely wind up shutting down a company, but without even going through any kind of court. Since the last time they spent millions on Megaupload going through courts, and still got nowhere (since their whole case was baseless).

American justice is blind to everything except money.

Didn't VISA Master Card and Paypal get fined for blocking wikileaks recently?

Isn't this just about the same thing?

>Didn't VISA Master Card and Paypal get fined for blocking wikileaks recently?

Yeah, in Iceland. http://www.wired.com/2012/07/wikileaks-visa-blockade/

and applauded everywhere else...

And also DDoSed at the time.

Datacell filed a lawsuit in December for the blockade, but I doubt it has been decided yet.

Is there any citation for the assertion that this action was ordered by a Senator explicitly because of end-to-end encryption? I am skeptical as Mega.nz is obviously not the only company that provides end-to-end encryption.

I'm suspicious of that assertion only because it ignores the fact that the copyright-maximalist lobby has used the U.S. government to pursue Dotcom abroad in an egregious fashion. Sounds a lot more like convenient piling-on to me.

I read it to say "we received this report from a senator with a list of company names, and found MEGA, a company that we do substantial business with is on that report."

PayPal is perhaps not obligated to "not do business with" the entities listed on that report, perhaps some day, but they chose to not do business with this one and make a big public stink about it (together with MEGA), and whatever the report of that senator actually says (whoever's payroll he's on?), they chose to make their and MEGA' sides of the fight about this one thing, rather than about piracy or cp or whatever one thing ($$) motivated that actual senator's report.

I wouldn't say anything as silly as "I trust paypal", but if we can start having this conversation sooner it will be a step in the right direction, IMHO. Encryption is here to stay!

Not sure if this is what you mean by convenient piling on.

It's too bad that no countries have the guts to stand up to the U.S.

I don't think it's a matter of guts, as much as it's more beneficial to play along.

That's what having guts means. You're probably going to lose out to stand up for something you believe in.

It's not because of end-to-end encryption. It's in response to allegations that MEGA.nz and other "cyberlockers" exist primarily for the purpose of facilitating copyright infringement.

MasterCard and Visa blocked payments in response to this letter from Senator Leahy: http://www.leahy.senate.gov/download/binder1

The letter cites this report, which concludes that MEGA.nz, among many other services, exists mostly to facilitate copyright infringement: http://www2.itif.org/2014-netnames-profitability.pdf

I doubt that this information is reliable, though I suspect it also happens to be true (if you understand my distinction). I have little doubt that mega.nz is mostly used to store pirated content, but I don't think this report is an adequate justification for a U.S. senator to pressure CC companies to block payments.

But I think it is important to emphasize that this is not really about encryption. MEGA.nz would, of course, want us all to think that it is...

But I think it is important to emphasize that this is not really about encryption. MEGA.nz would, of course, want us all to think that it is...

Well, the part about encryption is in quotes and attributed to PayPal.

It seems pretty clear to me - they're saying that due to Dotcom's history and the fact that he can't prove it's NOT piracy, because of the encryption, means they can't touch him.

That's a very bad precedent, terrible actually. Your service is encrypted. Someone claims it MUST be used primarily for bad stuff. You cannot prove your innocence because it's encrypted. Therefore, no payment processing for you.

It's the definition of guilty until proven innocent.

That said, I agree that given Mega's past, it seems likely there's a lot of piracy on there. And I hate piracy. But even so, this sort of thing cannot stand. ISPs make lots of money off piracy too. They shouldn't be cut off from Visa or MasterCard either.

I think its fairly clear that real story is simply that PayPal didn't want to jeopardize its relationships with Visa and MasterCard, and was only trying to explain in good faith why PayPal and MEGA.nz are in this position.

> Visa and MasterCard then pressured PayPal to cease providing payment services to MEGA.

As you observed, from a practical perspective it's a real problem for these types of services that they can't do much to rebut accusations of piracy, making it particularly important to behave as a "good corporate citizen" in other ways. And while Visa and MasterCard are free (I would think) to do business, or not, with anyone they choose for any reason, the Chairman of the Senate Judiciary Committee, on the other hand, should be expected to act on more solid information that some industry report before he tries to shut down someone's business.

In any event, MEGA.nz is clearly trying to claim they they were targeted because they provide end-to-end encryption. This is false. They were targeted because they are widely viewed as promoting copyright infringement. That they offer end-to-end encryption really plays only a tangential role in these accusations.

It's quite easy to declare that anyone claiming to need end-to-end encryption has something to hide. The NSA, and by extension pretty much any agency of the US government won't stand for being truly locked out of a person's online activities, and can put extreme pressure on a foreign company through US companies, through government reach - in this case through a Senator.

And that's all that needs to be said to put one company with extreme security out of business through the use of other companies is "they're pirates, or they'd show us their files." Won't someone think of the children and whatnot.

Wasn't it nice, pre-Snowden, when you could read the above paragraphs and think "that's a crazy conspiracy theory..."

> but PayPal has advised that MEGA's "unique encryption model" presents an insurmountable difficulty.

> Well, the part about encryption is in quotes and attributed to PayPal.

Putting 3 words in quotes, attributing them to someone, not providing the full communication (i.e., without context), and generating a sweeping conclusion from all that, is a clear sign that someone is producing a false narrative.

People that have the truth on their side don't need to do that.

> ISPs make lots of money off piracy too. They shouldn't be cut off from Visa or MasterCard either.

I seriously doubt that people sign up with their ISP so they can pirate vs. getting a general internet connection to browse Facebook. But that's a moot point since ISPs, fiber carriers, etc, just provide connections and transit, they don't generally host anything.

Complaining about ISPs making a profit from piracy is like complaining about highways and roads making a profit from people that commit crimes and use cars. It does not make sense.

I have no idea how bad the piracy is via Mega, but considering their previous business was driven by piracy, outright promoted and rewarded piracy, and generated 400MM from piracy, I think it's wise to take everything said and done with some salt.

> I seriously doubt that people sign up with their ISP so they can pirate

"Thanks for fixing up my computer/Internet, now can you show me how to get the free HBO TV shows?" quoth several people I've helped before.

I don't get this. I can use Mega in exactly the same way as Dropbox. Why does Mega exist to supposedly facilitate copyright infringement?

The content lobby paper you are referencing claims that the differences between a legitimate service and an illegitimate "cyberlocker" are the following:

* Bandwith for sharing is limited.

* User accounts are terminated for copyright infringement.

* Infringing material cannot be searched and found.

* Users are not paid for sharing material.

As far as I know most of those apply to Mega as well as to Dropbox. (Mega pays users that recruit new premium users, this can be seen as encouraging infringement, if you think that this gives incentive to host content in hope of users downloading the content and becoming premium users.)

That it is about infringing copyright is what the content lobby would want us to believe. I don't see how the material you are referencing is less biased than Mega's blog post. You just replaced one biased opinion with another.

> Mega pays users that recruit new premium users, this can be seen as encouraging infringement

Dropbox pays you (in lifetime free storage) for referring new users.

I don't think you read my post carefully. I was very careful to say that I don't think the report is very reliable, much less that it is adequate justification for cutting MEGA.nz off from CC payments.

You also didn't read very far into the report; they allege finding much more direct evidence of infringement than what you say:

>For direct download cyberlockers, 78.6 percent of files were found to infringe copyright. For streaming cyberlockers, 83.7 percent of files were found to infringe copyright.

Again, I don't think these claims should be taken at face value. But the chain of events here is pretty clear: 1) report is published, 2) Senator['s staffer] reads report, gets agitated about copyright infringement (probably at the suggestion of industry groups), 3) Senator writes letter to Visa/Mastercard, accusing them of facilitating copyright infringement, 4) Visa/Mastercard freeze out MEGA.nz. Given all the pressure that we know the content lobby brings to bear on legislators, and how eager democratic legislators like Leahy have historically been to do this lobby's bidding, I find nothing farfetched about this chain of events whatsoever. And there is certainly no evidence that Visa and MasterCard cut off MEGA.nz because it uses end-to-end encryption. As others in this thread have pointed out, there are many "legitimate" services that use end-to-end encryption, that have not been targeted in this way.

As for the difference between Dropbox and MEGA.nz, I suspect it's that, allegedly MEGA.nz's content is overwhelmingly infringing. Dropbox's probably is not.

I'm well aware of what you wrote, and I'm well aware of the section you are citing.

Their method of measuring copyright infringement is very sketchy. They can only measure public links, so they miss the majority of the data stored. I don't trust their algorithm either, given the ridiculous amount of false positives in automated DMCA requests. They don't give their results for non-"copylockers" like Dropbox.

Mega claims in their blog post that 99.7% of the files they are hosting are smaller than 20 MB. That almost all of those are copyright infringing is not plausible.

That's not what cryptolocker means. It means something really really different.

> Visa and MasterCard then pressured PayPal to cease providing payment services to MEGA.

Would love to know more about this. Why did two other companies pressure another company? State assisted anti-competition? Missing out on transaction fees?

Why are two of the biggest payment companies pressuring a smaller payment company out of money they decided to step out of?

Is the free market we want to build not really a free or fair market, but one where you are free to destroy the free and fair market for other competitors? If one person pressured another person that would be intimidation yet when that person is a larger corporation it is not seen as being a mafioso bully?

Because they were pressured by the government. Who were pressured by a different company. Who pay for elections.

and if we know PayPal, they are still letting the charges go thru, use the money for a couple days and then send the user a in-site only warning about not forwarding it.

This selective banning should be a concern in general especially with such monopolistic corporations like VISA/Mastercard.

Are there no regulatory requirements to force VISA/master card to accept payments as long as the business is not illegal?

Does anyone remember when donations to Wiki leaks got frozen?

Forcing someone to accept payments is the other side of the same coin.

I don't want my government to strongarm credit companies into refusing to process payments for politically troublesome customers. But I also don't want my government to strongarm those same companies into processing those payments.

If anything, this is just a wakeup call that the credit duopoly have more power than we realized.

Kim Dotcom is nothing if not resilient. It is morally and ethically complicated to root for him in every aspect, but I fully expect him to come up with a clever solution to bypass this duopoly in a way that the average user can accept. I don't know if there's any question for which Bitcoin is an unqualified right answer, but this may be as close as I've seen it come.

> I also don't want my government to strongarm those same companies into processing those payments

Most industries are regulated to some extent to prevent collusion and abuse of various forms. Do you disagree with regulation in general, or what makes you think payment processors in particular should not be forced to accept all lawful transactions?

Capitalism in general lends itself to institutionalized repression of the minority, and I don't claim to have a solution to that. My gut tells me that the government forcing private business is not always the right answer (though it sometimes is; I'm not anti-regulation in general). Perhaps my gut is wrong, because I can't come up with a higher-level solution.

For a start, payment processors should have some freedom to refuse merchants selling any thing that looks like snake oil: Requiring merchants to keep deposits and having putative chargebacks may not be enough to compensate processors for the reputational risks they are taking.

I disagree. If you only have 2 viable options for accepting payment world wide, then they need to accept all lawful transactions. Bitcoin isn't a viable option for Grandma.

If Grandma is that technically incompetent, the only thing viable for her is cash and check. They couldn't pay with PayPal anyway. Someone who is technical enough to pay with PayPal, however, can pay with Bitcoin all the same -- the hurdle is in making sure it's understood as a cash transaction with refunds at the mercy of the seller.

The hurdle is with not letting someone take your money. Right now every other month there's a scandal because either some technically savvy cryptoanarchists were apparently not savvy enough and got their money stolen, or some exchange decides to rob everyone altogether.

So explain to me how any grandma is supposed to work with a system that even techies constantly get burned by it?

The same way they currently work in a system everyone gets burned by? The main benefits of the current system from my perspective are that fraud detection algorithms are really good now, in the cases of credit card fraud the CC companies usually just credit back the stolen amount to the customer (which unfortunately hurts sellers since buyer fraud is still common), and when events like $300m-$900m getting stolen from banks happen, the overall system generates so much profit that it mostly gets swept under the rug and the average person isn't hurt. (FDIC helps too.) Despite all these benefits, the elderly are still routinely scammed out of money. (Some reports suggest increasingly.)

I haven't heard anything about outright bitcoin thefts from privately owned wallets with a password protecting them, but then again I don't follow bitcoin too closely. The typical drama I hear is an exchange shutting down (why would the elderly have their btc on an exchange when their bank account funds aren't on an exchange?) and occasionally someone's unencrypted wallet backup on a compromised server being taken. There was also the issue with the android wallets a while back generating insecure keys. I'm not convinced the elderly would lose any more than they already do on average given they're using bitcoin (which I think they're fully capable of using if they're already using online payment systems). Anyway this is kind of a fruitless discussion for this instance. Grandmas don't use MEGA.

> Bitcoin isn't a viable option for Grandma.

And if there's no market pressure, it never will be.

It will take a lot more than "market pressure" to make Bitcoin a safe, usable option for Grandma.

We desperately need a digital currency standard that offers security and user-friendliness without being centralized in a cabal of shadowy clearinghouses, and without ridiculous technical limitations that keep it from being more than an overpromoted academic exercise.

I for one would prefer a more democratic digital currency.

Should Bitcoin become more widely adopted, I don't like how I would have no say in its operation or design decisions.

Paper currency, I get to vote on the people who appoint those decision-makers every couple of years. Bitcoin? Not so much.

(edited to fix a typo)

Actually, you can absolutely have a say in bitcoin's operation or design decisions.

From the bitcoin FAQ:

Bitcoin is a distributed network, so any changes implemented to the system must be accepted by all users. Someone trying to change the way Bitcoins are generated would have to convince every user to download and use their software – so the only changes that would go through are those that would be equally benefit all users.

And thus, it is more or less impossible for anyone to change the function of Bitcoin to their advantage. If users don't like the changes, they won't adopt them, whereas if users do like them, then these will help everyone equally. Of course, one can conceive of a situation where someone manages to get a change pushed through that provides them with an advantage that no one notices, but given that Bitcoin is structurally relatively simple, it is unlikely that any major changes will go through without someone noticing first.

The fact that such changes are so difficult to make testifies to the fully distributed nature of Bitcoin. Any centrally controlled currency can be modified by its central agency without the consent of its adherents. Bitcoin has no central authority, so it changes only at the behest of the whole community. Bitcoins development represents a kind of collective evolution; the first of its kind among currencies.


Can you explain the connection between what you copypasted and the idea that I have a say in how Bitcoin operates?

I'm struggling to see how "any changes implemented to the system must be accepted by all users" is democratic, or gives any decision-making authority to the people.

The wording is inaccurate in that instead of /all/ users it should say the /majority/ of users must accept changes proposed to bitcoin. Regardless, you honestly don't see how that gives the decision-making power to the people? Why do you think that?

I don't see how that gives decision-making power to the people.

I do think that sets an extraordinarily high barrier to making any changes; far higher than a citizenship test or a poll tax, two other things that have been discarded as antithetical to a democratic right to vote.

? are you talking about central banks? Because I have no idea what you are saying, and I believe you also do not understand yourself.

Let's wait, if you please, and see what kind of shit-show "network neutrality" turns into before we go clamoring for payment neutrality!

You mean like the shit-show that railways, telephones, and the internet as it stands right now are?

edit: In addition to down voting me zaroth, would you mind including examples of how common carrier doesn't work for the examples I provided? I'm genuinely interested.

There's better discussion elsewhere on this thread about some reasons why it's actually better to live in a world where PayPal can drop Mega if they feel like it than a world in which they can't.

Umm... and FYI, I pretty much always upvote replies to my comments regardless of content. I would not down vote your reply even if I could.

I'm sorry about that incorrect assumption, I was unaware of how the system worked, and it happened seemingly instantly. And there may have been some beer somewhere in the mix...

Again, sincere apology.

OT FYI note: you can't downvote direct replies.

> I don't want my government to strongarm credit companies into refusing to process payments for politically troublesome customers. But I also don't want my government to strongarm those same companies into processing those payments.

While I 100% agree in principal in reality there are so few options to accepting payments online that if a couple of the big guys block you then you're completely out of business. When you have an industry controlled by just a couple of companies that everyone in the world has to essentially use, there is a big concern there.

Not sure what the right answer is here.

Actually what you oppose is considering them common carriers. The government has forced business to accept customers in the past and they applied similar theory to net neutrality yesterday.

But I also don't want my government to strongarm those same companies into processing those payments.

So VISA and Mastercard should be allowed to reject customers at will?


If they are allowed, how is the criteria selected? Are you(payment industry) going to stop payments for the following:

Atheist groups? Islamic non-terrorist groups? Foreign countries you don't 'like'? Libertarians/Greens/Socialists/Communists? Non profits you don't like? Church of Satan donations?

They have a monopoly over the bulk of commerce, as does PayPal. And they act as a cartel, de-facto banning whatever they disapprove of. In other words, having them strongarm businesses is killing their connection to the market.

With the exception of discriminating against certain protected classes, American companies are generally free to decide who they want as a customer and who they don't. You don't have a right to credit card processing any more than you have a right to eat at a fancy restaurant or hire a developer -- imagine if contract developers weren't allowed to turn down clients.

On the other hand, there is a legal obligation to process dollar bills for debts. In a world where everything is increasingly digital, it would be nice if there was a government-sanctioned option that doesn't discriminate against any [legal] services.

There is the concept of legal tender, which creditors are required to accept as payment of debts (it's printed on US currency). We need some kind of electronic payment equivalent.


How would this help? Visa, Mastercard and Paypal aren't the creditors here.

Obviously the rules and parties involved would be different for an electronic equivalent to the concept. I'm sure you can figure out the rest.

It has nothing to do with electronic. Visa isn't the creditor, so legal tender laws wouldn't apply even if they were carrying physical bills.

You are thinking too literally. An electronic legal tender must necessarily have an electronic means of conveying it. That may not be Visa, but the means of payment would be just as essential to the concept as acceptance of payment.

I wouldn't put too much credence on the US government to figure this out in any sort of timely manner. There's plenty of areas in our country which are years behind in terms of governance, policy and societal effects.

They're still playing the game "if it's an internet technology, the Constitution doesn't really apply".. So to see if they could wrap their heads around an internet based currency is pretty much a joke.

And then I think, how did the FCC decision pass? Bureaucracy. It's not the Legislative/Executive/Judicial.

Not only are they allowed to reject customers at will, but they are required to by US law. The PATRIOT Act altered US anti money laundering rules in a subtle but important way. It deleted the "mens rea" requirement and converted money laundering into what's called a strict liability crime.

In English, that means any company that routes money around is criminally liable for any crimes committed by their clients - even if they didn't know about them or believed the activity was legal.

In effect, every banker and money transmitter in the world can face a 20 year jail sentence and/or crippling fines if ANY of their clients are themselves considered to be or merely suspected of being, criminals. No trial needed.

This is why you keep reading about banks being involved in money laundering. It's impossible to move money and not be considered a money launderer by the US government these days.

So this puts VISA/MC/PayPal in an impossible bind. They can look at Mega and say, well, this seems like a legal business. There's no law obviously being broken. But the guy is being charged over a previous business, accused of being a criminal. If they give him financial services and then years later this new Mega is also suspected of being criminal (note: suspected not proved) then VISA/MC can find headlines like "Visa found guilty of money laundering".

They have lots of clients, so from their perspective, eliminating all the politically risky ones is a no brainer.

Same thing for Wikileaks, CAGE (UK civil rights group), the entire nation of Somalia etc ... they all lose banking services because they are politically unpopular and therefore expose bankers to AML violations.

How do you explain the complete lack of any consequences to HSBC, then?

Isn't that because the HSBC stuff happened in Europe and not the US? Or have I mixed up cases.

I guess I can't say that there were no consequences, since they were able to pay $2 billion to walk away scot free: http://www.rollingstone.com/politics/news/outrageous-hsbc-se...

According to this analysis, that amounts to about 5 weeks of HSBC's income, to say nothing of total reserves/worth: http://www.thefiscaltimes.com/Columns/2012/12/13/Too-Big-to-...

As far as I understand it, the new revelations coming out about HSBC are indeed more Europe-oriented, but are not limited to Europe in scope.

they were able to pay $2 billion to walk away scot free

Is it only me, or does that phrase make no sense?


Yes, of course. Companies shouldn't be forced to provide service if they feel it's not in their best interest. If you were a consultant (you may be), would it be reasonable to force you to accept any client?

Things that serve all people without choice are utilities, and should be left to the government (either directly or through strict regulation).

Except if there's a monopoly or even duopoly, it should very much do just that. Or split them up.

> Are there no regulatory requirements to force VISA/master card to accept payments as long as the business is not illegal?

There are no such requirements. They are allowed to refuse processing for businesses they deem a high risk for fraud, for instance.

Given Dotcom's past, any business he is running should set off all kind of alarms in the fraud prevention department of the credit card companies.

Often they deal with such a situation by charging higher processing fees, and holding back larger amounts of your money as a reserve to cover refunds and chargebacks if you do turn out to be a fraudulent business, but at the scale Dotcom is trying to operate the credit card companies might feel that this is not enough to protect them.

Are you expecting the same government which shattered original Mega to now force payment providers to serve new Mega? Even if they had the regulatory tools, why would they?

It's a shame we still don't have a cryptocurrency that can be used to route around economic damage caused in situations like this. Bitcoin was the Altair of digital currency. Where's the Apple II?

Man, why does Kim insist on all the special effects? I've never seen a blog post take so long to load.

6.8MB page load. More than half of the 168 requests were for javascript files. The largest file was a 620kB (23k line) stylesheet.

Those are some pretty wild numbers.

For a whopping 2.6kb of text.

Someone really ought to fire their webdesigner...

I wouldn't be surprised if Kimble made it himself. He's 31337.

Looks like a significant and concentrated effort to produce something nearly-unusable, there must be a microsoft patent they're infringing on.

Sounds pretty mega to me alright.

It's seems that the mega.nz is a one huge app and it's loaded all at once on the first page load. You see that navigating the site and accessing the app itself is really fast without additional load times.

That's pretty horrifying

Actually, it’s a great solution. Because, as soon as you download the extension, or load the website once, from that moment on everything will be encrypted client side, to make sure MEGA will never be able to spy on their users.

It makes sense for the main app. The question is why their blog is part of the main app.

It's not much worse than blogspot.

Seriously, how can you fuck up so badly on something so basic as rendering a blog post, when the name is Blogspot?

This is why I desperately hope bitcoin would one day get adopted by the masses.

Here's where coinbase could make an interesting feature.

Coinbase QuickPay

A dropdown of popular companies. Select the one you want then enter the amount you want to pay this company in USD. A confirmation screen comes up asking you "Do you really want to pay $X dollars to $COMPANY ?" You select "yes", and from there coinbase does whatever it takes to transfer that value to that company. Completely hiding any concept of bitcoin. Of course, you'd have a QuickPay transaction history screen where you could select "Technical Nerd Details" on a transaction and see all that bitcoin stuff; but initially the transaction history will look just like your bank's transaction history. Showing just the companies, dates, USD amounts. I guess there needs to be some kinda one time email-verification between the merchant, coinbase and costumer at the beginning to prove which payments are coming from who. Coinbase would have to put metadata on the transaction; like maybe a hash of the email address or something that $COMPANY could verify on their side.

Then I guess USgov gets banks to cease processing ACH from coinbase.....

Even if Visa and others would allow this approach, it would still really limit Mega's ability to get funds to the point where its not a viable business I would think.

for those who dont want to download >5 megs of assets, I took the content and put it on pastebin. http://pastebin.com/FBEjGTqV

Chrome's developer tools says "1.9 MB transferred" when loading the MEGA page with cache disabled. On the other hand, it says "7.1 MB transferred" when loading your Pastebin link.

What other, user-friendly payment providers are there for MEGA to use?

Edit: Ask HN: Paypal alternatives for vendors outside the US? https://news.ycombinator.com/item?id=9123336

So what's next? The banning of payments to VPNs?

Given the following quote:

> a key concern was that MEGA has a unique model with its end-to-end encryption which leads to “unknowability of what is on the platform

It's not outside the realm of possibility.

Everyone seems to be taking Mega's statements as truth without question at all. Banning payment to VPNs would severely cripple lots of businesses in the U.S. and around the world. I don't believe it's a possibility, at all.

> Banning payment to VPNs would severely cripple lots of businesses

I don't believe this banning would be broad enough in scope, at least not in the near future, to affect many actual businesses. These takedowns could easily be very narrowly targeted at VPNs which advertised themselves almost exclusively on torrent trackers hosting links to RIAA movies.

This premise would still be reasonable even without Mega's comments, it's based on the actual legal assaults we've already seen applied to many different mass storage providers, taken to its next logical step. Doesn't even require slippery-slope arguments.

It would be very uncharacteristic and damaging to their business for them to lie in a situation like this.

I'm perfectly willing to believe that PayPal is bullshitting them.

Yeah, because Kim Dotcom has always been such a reliable and standup guy.

I don't know the current levels of VPN usage, but I'd seriously doubt that there are any industries at all that rely upon people using someone else's IP. Using a VPN to get around content blackouts / licensing agreements in your country is not legal, so I'm sure you don't mean that.

> but I'd seriously doubt that there are any industries at all that rely upon people using someone else's IP.

A VPN is not a proxy.

Plenty of businesses rely on VPNs to keep their staff communications safe when those staff are working away from the office. This is not an unusual or weird requirement only used by the security paranoics -- it is everyday standard practice.


> A virtual private network (VPN) extends a private network across a public network, such as the Internet. It enables a computer or network-enabled device to send and receive data across shared or public networks as if it were directly connected to the private network, while benefiting from the functionality, security and management policies of the private network.[1] A VPN is created by establishing a virtual point-to-point connection through the use of dedicated connections, virtual tunneling protocols, or traffic encryptions. Major implementations of VPNs include OpenVPN and IPsec.

That's an internal VPN though, not a service with customers.

There are plenty of services with customers that cater to small businesses who don't have the staff to set up and run their own software.

A websearch for business VPN returns dozens of providers for businesses.

Under what legal precedent can you declare that using a VPN for those purposes is illegal? I'm curious about actual cases, laws, and rulings. Is the claim that the DMCA anti-circumvention laws make it illegal? You do know that the DMCA is only a law in the US right? Which in general is the country people VPN _to_, not _from_?

By circumventing such restrictions, the user violates the terms of the license granted by the site, and is therefore committing copyright infringement, except in the countries where just downloading is permitted.

It could happen... We could see Box, Spideroak and any Dropbox end to end encryption plugins lose payments too.

Some vps have already been banned.

I think bitcoin sucks for a number of important technological and philosophical reasons, but when people ask what its killer features sure: this is one of them. And it's hugely important and hugely needed.

plz enlighten on these tech and philosophy reasons?

An offhand tech+philosophical reason would be the environmental impact of bitcoin mining.

Do you have any reason to assume that the infrastructure of banks is frendlier to the environment than Bitcoin mining is? The required logistics for thousands of buildings to be safely supplied with new fiat, the manual labour, enforcing security etc are probably way more demanding already.

Now add the whole high frequency trading thing and all the efforts that surround it on top of that and we are probably good for another few years before Bitcoin mining is even worthy of being mentioned. Until then, I don't see we wouldn't have worked out a better proof of work system that's more friendly to the environment, should this really become a concern.

Most fiat currency is already digital, and the drawbacks of digital fiat that keep cash around are shared by Bitcoin, so that's a red herring.

As for HFT, there are already companies doing it in BTC denominated markets, so that doesn't count either.

The air conditioning footprint of bank branches alone is going to be several magnitudes greater in terms of energy consumption than bitcoin mining, add in commuting hours for every bank employee and it isn't even a contest, people just parrot whatever news source they like without thinking, even people on HN, it is really very sad.

Banks serve function far beyond mere transfer and holding of currency. Last I checked, the blockchain infrastructure doesn't e.g., issue mortgages.

Trust is expensive.

VISA, Mastercard and SWIFT have damaged their own brands by showing themselves not be neutral but controlled politically. By not being neutral, it shows they cannot be trusted and dependable for all users.

Other entities will arise that are neutral around the world and will replace VISA, mastercard and SWIFT.

> VISA, MasterCard and SWIFT have damaged their own brands...

Do you honestly think anyone outside HN and other very tech heavy crowds knows about this? Do you think they'd care?

If this has done anything (and I kind of doubt it) I would say it's helped them politicaly a little tiny bit.

Indeed. The only other political action by VISA and MasterCard I remember is them blocking payments to Wikileaks, for which they were rightfully subjected to a global DDoS attack.


“unknowability of what is on the platform”. What's PayPal got to do with that anyway, considering that they admit the business is legitimate?

It doesn't matter that the business is legitimate.

The US Treasury has almost unlimited power to fine or imprison people who move money on the flimsiest of pretexts - and they use it. Look up "Operation Chokehold" for an example but there are many more.

PayPal is attempting to insulate itself from political pressure that can be brought to bear on them in future if they continue to serve Dotcom (and/or their banking partners). Nothing more complex than that. Rule of law does not apply in the banking world.

I'm not sure what's Mega's involvement in moving money here, or maybe I don't get it. It seems more of not-being-able-to-bypass-encryption issue which is probably more alarming, since I'd infer that, if the US Treasury is the entity putting pressure on PayPal, then who's putting pressure on the US Treasury?

> Look up "Operation Chokehold" for an example but there are many more.

Did you mean Operation Chokepoint? I can't find anything for Chokehold, but Chokepoint yields a bunch of pressure on pay-day lenders.

It's a bullshit answer, so don't expect to find any real rationalization behind it.

Interesting they call out other services the USA is okay with that also provide encryption. I believe all the other services the provider can access the data.

Except maybe SpiderOak.

Crashplan also has client side encryption, though the security of it is a little questionable (I cannot elaborate for legal reasons).

PayPal continues to show how shitty they are. Stop using them!

To people who work there, why? How can you continue to work for an organization that does things like this?

> PayPal continues to show how shitty they are. Stop using them!

I really wish I could...

When I created my SaaS a few years back, I went all out with payment providers.

I registered and implemented every single form of online payment I could find. PayPal, AlertPay, PayPay, MoneyBookers, LibertyReserve, Bitcoin. You name it, I made that form of payment available. I even accepted money orders via snail mail.

In the ~2 years I gave all of the "other guys" a chance, 99.9% of my payments came via PayPal.

I received 1 money order. Perhaps 3 people paid via LibertyReserve. 0 payments from all of the other providers mentioned. And over 5,000 payments via PayPal.

Unfortunately, there is no other option if you want to sell stuff online.

And this is coming from one of Bitcoins biggest proponents.


They weren't available in my country when I started up.

They're probably somewhat of an option today, sure. But I suspect they'd still only garner 10-20% of sales at best. First mover advantage and all that...

Dunno - Kim Dotcom is a convicted fraudster with a long track record of enabling illegal copying. Paypal are a private company. Why shouldn't they be able to chose not to work with unsavoury clients?

I've already done that once, and I'm still doing it as hard as I can.

Can't we classify banks as Title II utilities? They use a lot of telecommunication services.

There is something funny about considering banks to be dumb pipes through which money travels.

Well banks are too smart for the good of the society right now. I would like some form of Glass Steigl updated for the modern age that splits the banks in two parts - the utility - facilitating movement of money and the commercial part. The utility will be common carrier.

PayPal, Visa and MasterCard are slowly piping custom to altcoins though. I guess that is a good thing.

America on the wrong side of history....again. Yawn.

It's time for plan B :)

Smells like bullshit to me...


That's easy: they were making money with it. Now for my question: what made them give up on all that revenue?

Most obvious guess? MPAA and/or Rival cloud service lobby / complaints.

NSA and the war against cryptography.


I mean that I'm surprised it took this long for the payment processors to cease dealing with MEGA. I was expecting this to happen much sooner.

As someone was saying on Twitter, you can legally buy guns in US, but end-to-end encryption is a big no no, because end-to-end encryption is umm...dangerous? It reminds me of another stupid law meant to ban body armor.

Not with Paypal you can't, they'll shutdown your account for anything firearm related.


Private gun sales aren't recorded in the US.

"Private" is not the best word to use here. Gun shops are required to maintain logs. Outside of that, transactions between individuals aren't involuntarily logged (the poorly named "gunshow loophole").


And can we get any source on that claim?

http://www.rechtsanwaltmoebius.de/urteil/lg-muenchen-6-kls-3... is the original text of his conviction for fraud in the nineties.

Of course all that doesn't justify the way the US treats him now. Fairness and equality before the law are fine principles.

This is a start, all unrelated to MegaUpload etc.: https://en.wikipedia.org/wiki/Kim_Dotcom#Criminal_investigat...

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact