All Info & Announcements

An Update on Free Account Creation

Filen
Filen
6 min read
An Update on Free Account Creation

At Filen, we build cloud storage around a simple promise: strong privacy and security by default, with zero-knowledge end-to-end encryption at the core.

That is not changing.

What is changing is one part of how new free accounts are created. We are doing this because abuse has grown to a point where it is starting to create real problems for the service and for regular users.

This post explains what is happening, why we are adjusting the system, and exactly who is affected.

Why we have to act

We have been dealing with abusive and criminal use of Filen for a long time. Fighting this kind of behavior is hard for privacy-first services, especially when the service is designed so that we cannot see user content.

Even without access to file contents, abuse still has real consequences:

1) A lot more operational work

The number of reports and requests we have to handle has increased significantly. This includes abuse reports, inquiries from private security organizations, and formal requests from institutions. Processing these takes time away from building and improving the product.

2) Reputational damage

We believe privacy matters. But we do not want Filen to gain a reputation as a service that people associate with hiding criminal activity. That is not what we stand for, and it is not the future we want for Filen.

3) Reachability problems for normal users

When a service shows up frequently in threat-intelligence reports, parts of its infrastructure can end up on blocklists used by security-focused DNS resolvers and similar systems. A recent example involved Quad9, a well-known DNS resolver that blocks domains it believes are malicious based on threat intelligence. Abuse reports linked to multiple free-account networks created on our platform led to this kind of issue. If something important to our service ends up being blocked there or in upstream feeds, some users may have trouble accessing Filen depending on their network and DNS setup.

4) Direct financial harm through multi-accounting

We regularly see attempts to create large numbers of free accounts, often through VPNs or proxies, to collect huge amounts of free storage. This is not normal usage and it is not sustainable. Filen is completely self-hosted on our own infrastructure, and every GB of storage creates costs for us.

5) A responsibility we take seriously

Privacy is not an invitation to cause harm. We are not willing to ignore what is happening and push responsibility away. We want Filen to be a safe and private place for normal people, not a platform that becomes known for abuse.

What we considered and rejected

There are obvious options that would reduce abuse fast, but they break things we care about:

  • Removing the free tier would make Filen far less attractive for abuse, but it would also remove an important way for new users to try Filen. We want to keep 10 GB free, and we want people to be able to test the service properly.
  • Strong identity checks at signup could help, but they would come with privacy downsides and more personal data collection. That is not aligned with how we want to run Filen.

So we looked for the smallest change that targets the main abuse pattern without changing our encryption model.

The change: how the free 10 GB is granted for newly created accounts

First, a quick reassurance: if you already have a Filen account, nothing changes for you. We are not revisiting existing accounts, and we are not taking storage away from anyone.

For new users, most people will notice no change. If you register normally, you will still receive 10 GB free storage, as always.

What we need to address is a very specific abuse pattern: the automated creation of large numbers of free accounts through anonymization networks. Many people use VPNs for perfectly valid reasons, and we respect that. The problem is that these same networks are also the main driver behind multi-accounting and free-tier abuse at scale.

Going forward, the free 10 GB allocation for newly created accounts will be granted when the signup connection appears to be a normal consumer connection. This is done through a one-time automated network classification at signup (for example, whether the connection resembles VPN/proxy infrastructure or not).

What this does and does not mean:

  • No human review is involved
  • Happens once at signup
  • A context-free yes/no classification: the IP is evaluated only to answer one narrow question at the moment of signup: does this connection look like anonymization infrastructure (VPN/proxy), or like a typical consumer network. It is not used to learn anything else about you and the result is not stored beyond the signup process.
  • Separated from account data: this classification is performed independently from your account information and is not used to build a profile, generate user metrics, or make future decisions about your account.
  • No ongoing linkage: it is not used for ongoing tracking and is not tied to your account for future decisions.
  • GDPR compliant: this step is designed to be GDPR compliant. It is limited to what is necessary for preventing abuse of the free tier, and the outcome is only used for the one-time decision of granting the free 10 GB allocation.
  • Paid accounts, and accounts that were created without an anonymization service, remain completely unaffected.

Accounts are still created and function normally either way. The only difference is whether the free 10 GB allocation is applied at signup.

Which service will we use to carry out this one-time check?

To start, we’ll use Ipregistry, a France-based (EU) IP classification service, to provide a simple yes/no indication of whether an IP address belongs to an anonymization service. Only the IP address is evaluated; no account data, no context and no other user information is shared.

IP addresses are necessarily processed when accessing any online service. The Ipregistry lookup is therefore a minimal, purpose-limited step and is performed only once during signup. We consider this less privacy-invasive than alternatives like identity verification or removing the free tier. To further minimize privacy impact, we chose an EU-based, GDPR-compliant provider instead of a US-based service.

What is not changing

Existing accounts are not affected

  • We are not re-checking existing accounts.
  • We are not removing any storage from anyone.
  • If you already have a Filen account, you can ignore this update.

Normal new users will not notice anything

If you register normally, you will still receive 10 GB free, and you keep it.

Our encryption and privacy model is not changing

  • No changes to zero-knowledge encryption
  • No scanning of your files
  • No content analysis

Why this helps with DNS and access issues

Some DNS providers and security products block domains based on threat intelligence. If a service is repeatedly reported in ways that look suspicious to those systems, it increases the chance of being blocked for some users, even if most users are doing nothing wrong. Reducing large-scale abusive signups helps lower that risk and helps keep Filen reliably reachable across different networks and DNS configurations.

FAQ

Does this mean Filen blocks VPN users?

No. This change only affects whether a brand-new account receives free storage when it is created through an anonymization service. It is a targeted measure to reduce automated and large-scale abuse.

What about referrals and the free tier?

We are keeping the free tier and referrals for normal users. The goal is to keep the system working for real users while stopping the abuse patterns that are causing damage. Accounts that do not receive the free 10 GB will also not be eligible for any referral bonuses.

What if I need extra privacy during signup?

We understand the concern. We are choosing an approach that avoids identity verification, avoids changes to encryption, and limits the decision to a one-time check that only affects free storage on new accounts. If you need to use a VPN during initial registration, you can still create a Filen account, but you’ll need to upgrade to any paid plan to use the account. If you believe your account was flagged incorrectly, please contact our support team.

When will this happen?

We’ll activate the system very soon. Right now, we’re just running the final tests.

Closing

We are not taking this step because we want to. Not to maximize profit, and not for any reason other than what we have explained above. This is the smallest necessary measure for everyone involved, so that Filen can continue to offer high-quality, affordable, private, and most importantly... accessible cloud storage for everybody in the future.

Thanks for understanding, and thanks for helping us keep Filen a place people can rely on.

-The Filen Team

You might also like

Subscribe to Filen Hub newsletter and stay updated.

Don't miss anything. Get all the latest posts delivered straight to your inbox. It's free!
Great! Check your inbox and click the link to confirm your subscription.
Error! Please enter a valid email address!