Cloudflare’s Matthew Prince: ‘We’re aiming to be the fourth major public cloud’

With its new low-cost R2 cloud storage service, Cloudflare is jumping into direct competition with the AWS service that launched the cloud computing revolution.

Cloudflare CEO Matthew Prince

Cloudflare will not charge data-egress fees for customers using R2, taking direct aim at the fees AWS charges developers to move data out of its widely popular S3 storage service.

Photo: Martina Albertazzi/Bloomberg via Getty Images

Cloudflare is ready to launch a new cloud object storage service that promises to be cheaper than the established alternatives, a step the company believes will catapult it into direct competition with AWS and other cloud providers.

The service will be called R2 — "one less than S3," quipped Cloudflare CEO Matthew Prince in an interview with Protocol ahead of Cloudflare's announcement Tuesday morning. Cloudflare will not charge data-egress fees for customers using R2, taking direct aim at the fees AWS charges developers to move data out of its widely popular S3 storage service.

R2 will run across Cloudflare's global network, which is most known for providing anti-DDoS services to its customers by absorbing and dispersing the massive amounts of traffic that accompany denial-of-service attacks on websites. It will be compatible with S3's API, which makes it much easier to move applications already written with S3 in mind, and Cloudflare said that beyond the elimination of egress fees, the new service will be 10% cheaper to operate than S3.

"We are aiming to be the fourth major public cloud," Prince said. Cloudflare already offers a serverless compute service called Workers, and Prince thinks that adding a low-cost storage service will encourage more developers and companies to build applications around Cloudflare's services.

Joining the ranks of AWS, Microsoft and Google will be a difficult undertaking. It has been 15 years since AWS launched S3, which kick-started the cloud computing revolution and currently stores an enormous amount of web content on behalf of its customers. Couple that history with the dozens of compute and software-development services it currently offers, and it's not hard to see why AWS has more than 40% of the market for cloud infrastructure services, according to Gartner.

But Prince thinks cloud buyers are less enamored with AWS these days, and rarely passes up an opportunity to bash the company while promoting the services that Cloudflare offers, which generated $431 million in revenue last year. R2 strikes directly at one of the biggest sources of frustration with AWS: Getting your data out of its cloud network can be an expensive and frustrating undertaking.

No exit

AWS, Microsoft and Google charge their customers pennies per gigabyte of data that they transfer out of its storage service to the internet, and that can add up very quickly. In 2019, the Information reported that Apple was paying AWS around about $50 million in data-transfer fees a year, about 6.5% of the total amount it spent that year.

Major cloud providers built and maintained staggering amounts of networking equipment to handle customer traffic, and therefore feel entitled to recoup some of that investment, but Prince thinks they're charging too much. In 2018, Cloudflare launched the Bandwidth Alliance in hopes of encouraging cloud companies to link up their networks and reduce egress costs for mutual customers.

R2 puts that thinking into real practice. Cloudflare's R2 customers won't have to pay anything to move their data out of Cloudflare's network, Prince said.

"Customers shouldn't get locked in just because they can't afford to pull their data back out of the service," he said. Last year HPE CEO Antonio Neri compared the public cloud to the "Hotel California" in an interview with Protocol: As the Eagles might have put it, your data can check out any time it likes, but it can never leave.

At launch, R2 will cost $0.015 per gigabyte of data stored on the service, about half as much as AWS charges for customers on its frequent access tier. Infrequent access to R2 will be free, the company said.

R2 will be "accretive" for Cloudflare; the company is still planning to make a profit on the service despite the lack of egress fees and lower prices, Prince said. Cloudflare's network is already interconnected with roughly 25% of all the independent networks around the world — and with almost all of the major ones, including the big cloud providers — in order to provide its core services, which means it has much lower bandwidth costs than most operators, he said.

Table for four?

Prince acknowledged that R2 will not deliver the same amount of performance as S3 at launch, especially when it comes to writing data to its servers. The service also won't launch with as many add-ons such as analytics tools that are available with S3, although Cloudflare plans to offer those additional services over the next several months.

Reading data from R2 should be on par with the S3 experience, he said, and like S3, Cloudflare's service will offer strong consistency, which is important for customers that need to sync data quickly.

Current cloud-storage services require customers to select a region in which to host their data, but R2 will be able to replicate stored objects around the world for faster access, Prince said. However, it will also be able to support data-residency laws, which require certain types of data to be stored in distinct geographical locations.

Is all that really enough to vault Cloudflare into the upper ranks of cloud computing vendors? On their own, R2 and Workers probably aren't enough for every major enterprise's computing needs, but Prince will be happy if Cloudflare can attract even small amounts of business away from the big cloud companies.

"We really try to make it very easy for people to incrementally move more of whatever it is that they can use on Cloudflare's network to us," Prince said.

Updated 9/29: AWS issued a statement in response to the launch of R2: "We agree that Amazon S3 has been a game changer for developers. With the deepest feature set and industry-leading scalability, data availability, security, and performance, customers are storing well over 100 trillion objects there today. While we can't comment on a product that has been announced but not released, we welcome competition generally across our businesses because we believe it is healthy and helps grow markets."


Is it legal to fire someone while they’re on parental leave?

Twitter is in chaos right now. But that’s still not a good reason to fire someone while they’re on parental leave.

Kayvon Beykpour was terminated during his parental leave.

Screenshot: Twitter

This week, Twitter fired the company’s head of Consumer, Kayvon Beykpour, in the latest shakeup related to the Elon Musk deal.

According to Beykpour’s tweet, the senior executive was on paternity leave after welcoming a daughter last month. This brings up a lot of questions around the ethics — and legality — of firing someone while they’re on parental leave.

Keep Reading Show less
Michelle Ma

Michelle Ma (@himichellema) is a reporter at Protocol, where she writes about management, leadership and workplace issues in tech. Previously, she was a news editor of live journalism and special coverage for The Wall Street Journal. Prior to that, she worked as a staff writer at Wirecutter. She can be reached at mma@protocol.com.

Sponsored Content

Foursquare data story: leveraging location data for site selection

We take a closer look at points of interest and foot traffic patterns to demonstrate how location data can be leveraged to inform better site selecti­on strategies.

Imagine: You’re the leader of a real estate team at a restaurant brand looking to open a new location in Manhattan. You have two options you’re evaluating: one site in SoHo, and another site in the Flatiron neighborhood. Which do you choose?

Keep Reading Show less

Crypto is crumbling, and DeFi hacks are getting worse

The amount of crypto stolen in the first quarter of 2022 has already surpassed criminal hackers’ 2021 haul. There aren’t any easy fixes.

The biggest hacks of 2022 were carried out by attackers spotting vulnerabilities in smart contracts and protocols, especially in cross-chain bridges and flash loan protocols.

Illustration: Christopher T. Fong/Protocol

Until recently, DeFi seemed like it was on an exponential trajectory upwards. With the collective value of crypto peaking near $3 trillion, hackers saw a big opportunity. The only thing that may slow them down is the precipitous drop in the value of the tokens they’re going after.

DeFi hacks have been getting worse and worse, with no clear solutions in sight. According to a recent report by blockchain security firm PeckShield, the amount of money netted from DeFi hacks in the first four months of 2022, $1.57 billion, has already surpassed the amount netted in all of 2021, $1.55 billion. A report by Chainalysis found a similar trend, with the hacker haul in the first three months of 2022 exceeding a record set in the third quarter of 2021.

Keep Reading Show less
Lindsey Choo
Lindsey Choo is a San Francisco-based reporter covering fintech. She is a graduate of UC San Diego, where she double majored in communications and political science. She has previously covered healthcare issues for the Center for Healthy Aging and was a senior staff writer for The UCSD Guardian. She can be reached at lchoo@protocol.com.

Privacy by Design laws will kill your data pipelines

The legislation could make old data pipelines more trouble than they’re worth.

Data pipelines have become so unwieldy that companies might not even know if they are complying with regulations.

Image: Andriy Onufriyenko/Getty Images

A car is totaled when the cost to repair it exceeds its total value. By that logic, Privacy by Design legislation could soon be totaling data pipelines at some of the most powerful tech companies.

Those pipelines were developed well before the advent of more robust user privacy laws, such as the European Union’s GDPR (2018) and the California Consumer Privacy Act (2020). Their foundational architectures were therefore designed without certain privacy-preserving principals in mind, including k-anonymity and differential privacy.

Keep Reading Show less
Hirsh Chitkara

Hirsh Chitkara ( @HirshChitkara) is a reporter at Protocol focused on the intersection of politics, technology and society. Before joining Protocol, he helped write a daily newsletter at Insider that covered all things Big Tech. He's based in New York and can be reached at hchitkara@protocol.com.


Why AI-powered ransomware could be 'terrifying'

Hiring AI experts to automate ransomware could be the next step for well-endowed ransomware groups that are seeking to scale up their attacks.

Ransomware gangs don’t have AI ransomware. At least not yet.

Photo: Max Duzij/Unsplash

In the perpetual battle between cybercriminals and defenders, the latter have always had one largely unchallenged advantage: The use of AI and machine learning allows them to automate a lot of what they do, especially around detecting and responding to attacks. This leg-up hasn't been nearly enough to keep ransomware at bay, but it has still been far more than what cybercriminals have ever been able to muster in terms of AI and automation.

That’s because deploying AI-powered ransomware would require AI expertise. And the ransomware gangs don’t have it. At least not yet.

Keep Reading Show less
Kyle Alspach

Kyle Alspach ( @KyleAlspach) is a senior reporter at Protocol, focused on cybersecurity. He has covered the tech industry since 2010 for outlets including VentureBeat, CRN and the Boston Globe. He lives in Portland, Oregon, and can be reached at kalspach@procotol.com.

Latest Stories