The CEO & co-founder of CloudFlare, a self-described “recovering lawyer”, explains his company’s position on LulzSec:

Two broad points that I’ve drawn from the experience of watching this unfold over the last three weeks. First, CloudFlare is firm in our belief that our role is not that of Internet censor. There are tens of thousands of websites currently using CloudFlare’s network. Some of them contain information I find troubling. Such is the nature of a free and open network and, as an organization that aims to make the whole Internet faster and safer, such inherently will be our ongoing struggle. While we will respect the laws of the jurisdictions in which we operate, we do not believe it is our decision to determine what content may and may not be published. That is a slippery slope down which we will not tread.

Second, the experience of being attacked by some of the Internet’s most notorious hackers has validated CloudFlare’s core value proposition: if you can share data about attacks across a network, rather than keeping it siloed within each organization, everyone using that network can benefit. As hackers tried to take down LulzSec, CloudFlare recorded all the patterns of the attacks. In the last 3 weeks, we’ve generated more than 1 million new rules to better mitigate threats targeted at our users. Those rules were propagated in realtime to benefit the whole CloudFlare community.

In other words they don’t censor without being forced by law to censor (standard provider legal response) and they don’t mind the cost of developing millions of rules just for the Lulz.