On Wednesday (June 22), a German company that had been cut off from payments from PayPal because of German privacy rules lashed back at PayPal. PayPal had backed down, apologized and reinstated the company, but the German firm said it was too angry with PayPal to necessarily return.
This started out as a tale of regulatory disclosures gone wacky and ended up as a story about companies deciding there is only so much payments guff they’ll take before rebelling. That second tale started with Walmart’s payments heresy move, as it stopped accepting Visa in Canada.
The beginning of this tale happened last week, when PayPay insisted on information from the file-sharing company, Seafile, that the company couldn’t provide due to German privacy rules. On Saturday (June 18), Seafile posted: “PayPal has demanded that we monitor data traffic as well as all our customers’ files for illegal content. They have also asked us to provide them with detailed statistics about the files types of our customers sync and share on https://app.seafile.de. Since complying with this demand would violate German/European data protection laws (and also be morally wrong in our opinion), we have declined to comply with this demand. PayPal has notified us on June 14th that we have time until June 19th to remove PayPal as a payment method and all mentions of PayPal from our web sites.”
That raised an interesting question of imposing U.S. regulatory rules—not to mention PayPal corporate rules—on companies elsewhere around the globe who may be unable to comply.
But this story then took a double surprise. First, PayPal apologized. And if that’s not surprising enough, it’s apology was accepted but it’s business was—apparently declined.
Here’s Seafile from June 22: “Yes, our PayPal account has been re-instated. PayPal called us this afternoon to apologize for the frustration and inconvenience that restricting our PayPal account has caused us. They said they made a mistake in our case. We are not a ‘high risk business’ and (Seafile) sufficiently explained our business model to them when they asked us.”
And then they drop the surprise: “Theoretically, we could accept PayPal payments again. But the whole situation has left a bad after taste. It just felt very wrong when we had to cancel all existing subscriptions last Saturday. We appreciate PayPal for apologizing and being so honest about the fact that they’ve made a mistake. But the whole incident has shattered our trust in PayPal. We just can’t imagine how we should be able to trust PayPal again after what has happened. That’s why we are currently still looking into alternatives.”
Indeed, Seafile had decided that the PayPal incident forced them to be generous with their own customers. “Since we are no longer allowed to use PayPal as a payment service provider, we will temporarily offer our cloud services for free. As soon as the new ordering system is ready for use with a German payment service provider, we will convert these free accounts back to paid accounts. You can find information about the actual cost of the accounts on the order page. Those of you who don’t want to pay for their account after the conversion have the right to terminate their account.”
Note, by the way, that they didn’t say they were exploring just any alternative to PayPal. This time, it was going to be a local German payment service provider. And here’s where this morphs back into a regulatory story. Their takeaway seems to be that while this was an overreaction from PayPal, given U.S. rules, it may not have been much of an overreaction. To keep things safe, they concluded, it’s best to use a payments company that has to abide by the same privacy rules as other German—and, to a slightly lesser extent, European—payments companies.
This forces us to look at a frightening question. Will payments compliance requirement—based partially on the Patriot Act—end up driving away non-U.S. customers? (By the way, the Patriot Act has a claim to fame as one of the most tortured acronyms to ever get through Congress. It—I swear—actually stands for Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act of 2001. Yeah, I couldn’t make that up.)
This is critical as global payments traffic is essential to companies here. From a payment facilitator perspective, though, it might be an opportunity. You can offer non-U.S. companies the convenience of U.S. payments options, but bureaucracy would be rationally handled at the PF level. It’s not a bad option as I am guessing this won’t be the last we’ll be seeing of angered non-U.S. companies pushing back—now that Seafile has shown that it can be done.