The Ethics and Consequences of Dodging Paywalls

Popzazzle | Thursday, 6 January 2022 |

"Some paywalls are so weak that those of us who adhere to high privacy standards online don't even realise they're there."

Door slightly ajar
Photo by Dima Pechurin on Unsplash

It's a really interesting question. Is dodging an online paywall worse than blocking ads? What are the potential consequences when we bypass paywalls and access "premium" content without compensating the provider? If publishers tell us we must pay to read their content, do the technical means by which we evade their 'digital checkout' even matter? Is bypassing paywalls akin to stealing books - something we can do, but know is wrong? That really depends on how "paywalled" the content is.

There are different strengths of paywalling. Some paywalls are rigid lockouts that genuinely do solely let in those who pay. Others essentially employ a sucker-gate, which only monetises the visitors who don't realise they have a choice. The site may, for example, let you in for free if you're hitting a link on Twitter or Facebook, but not if you're responding to an email nudge from an existing subscriber. Let you in for free if you're using this browser setup, but not that one.

In these situations, the criterion for entry is not whether or not you're paying, but whether or not it's in the publisher's interests to let you pass their gate. Social media users are often allowed in for free - at least for a period of time - because they're in a position to promote the content and spread the links. Then, once the link-sharing hits a threshold, the gate is closed and subsequent visitors start hitting the paywall.

Because paywalled content is much harder to promote than openly-accessible content, paywalling can be very fluid, with gates opening and closing on demand. It's like:

"Yeah it's free guys! Share the shit out of it!... Whoa, hang on - we now have an established, constant flow of traffic and this is getting 10K hits a day. Look at all that money we could be making! Quick! Lock the freeloading bastards out!"

This fluidity is one of the reasons why Wayback Machine has become a primary paywall bypass. It's often the case that a six-month-old paywalled article was ungated in its first week online, so by looking up the URL on Wayback Machine, as it was during that first week, we see the full, unrestricted version of the page. Many well-established older articles have also been opportunitistically paywalled in more recent times, and they too can be 'unlocked' via a quick timehop on Wayback.

We're not doing anything legally wrong in visiting an internet archive (although whether Wayback is legally entitled to re-publish other people's content without consent or notification is a separate matter). But the ethics are neither black nor white.

Wayback's intended purpose is to preserve the historical development of the web. Not to bypass paywalls. So technically, if we're only using Wayback to see if the article was paywalled when first published, that would be a legitimate historical query. But if we're specifically using it to access and in particular read paid content, the ethics are questionable.

I say questionable rather than bad, because the publisher has sought to exploit the publicity and sharing attributes of free content, and made a mug of people who shared and publicised it on the basis that it was free. Remember, these publishers are not saying the content is freely-accessible for a limited time only. They are pretending it's permanently free in a bid to gain permanent links, then gating at strategic points in time. I call this payjacking.

So the publishers' ethics are poor, and that offsets any ethical questions surrounding the bypassing of the paywall.

In fact, the publishers' ethics can be even worse than that. Especially in the earlier stages of building a paywalled site, it can be advantageous for a publisher to maintain both a paywall and a free readership in strategic places. All at the same time. A privileged free readership then does the promotion, while simultaneously there are other visitors hitting the paywall. It's scummily discriminatory as a tactic - especially since the free readerships are often the wealthiest - but it can be very viable for the publishers economically, because it surmounts the paywall's classic problem of promotional silence.

We should also note that the publishers' practise of payjacking harms smaller free sites' status prospects, because it shatters trust in links generally, and makes writers of permanent content less inclined to share links spontaneously. This effect is much more harmful to small sites than big, because the big sites have systems of organised, incentivised link-sharing, which the small ones can't afford. We're seeing smaller sites become more obscure, as established sites get bigger and more powerful. The gap has widened hugely, and the trust degradation caused by payjacking increases it further.


Generally speaking, the more categorical the paywall, the less ethical the behaviour required to bypass it. Realistically, you're not going to bypass the strongest paywalls without someone paying for access, and then passing on the content secondhand. This is not only unethical - it's also a proven breach of copyright law if the content is shared publicly on another site. If identified, the person redistributing the content could be sued for damages.

At the other end of the spectrum, some paywalls are so weak that those of us who adhere to high privacy standards online don't even realise they're there. For example, the content may only be protected by a JavaScript screenblock. JS screenblocks are popular because the active scripting allows the site to react to circumstance. It's not about working out who's a subscriber and who's a non-subscriber. A login can do that. It's about working out the type of non-subscriber, and then deciding whether or not it's in the site's interests to allow them in for free.

But if, as a visitor, you disable JavaScript in your browser for privacy and security reasons, these particular paysites will not have the means to erect their screenblocks. So you sail straight onto any regular HTML pages without any obstruction - or any indication that you shouldn't be looking at the content for free.

Clearly, accessing JS-protected pages as a non-JavaScript user is in no way unethical. No one is obliged to enable JavaScript, so if the site can't even inform us that the content is pay-to-view without the use of that particular technology, it's wholly unreasonable for the publishers to expect us to pay. As I said, if websites are using this type of block they're most likely excluding on a discriminatory basis anyway, which throws the sites' ethics into question - not ours.

But there are numerous levels in between these extremes. And this is where the ethics become more difficult to assess. One of the most interesting levels of paywalling is one I've touched on before on this blog. The paywall itself is strong, but the publisher provides a deliberate bypass for search engine crawler bots.

In this implementation, the publishers want to sell their content as a "premium" product, and yet still have it show up in the organic search results as if the content were free. So what they do is present the full content unrestricted to search engine crawler bots - so the search engines can rank the material in competition with free content. But when the public click on the search results, they are served only with a paywall and told to subscribe. I call this scheme bait and gate.

And it's a nice little earner for the publishers. There's just one, small snag... The search engine caches the page as crawled by its own bot - namely, the full, freely-accessible page. So by searching for the article on Google and then going to the cached version rather than the live version, hey presto, the paywall magically disappears.

There's at least one paywall-dodging site that takes the work out of this, and simply asks for the URL of the paywalled page, then displays the unpaywalled version. I won't name or link to the site because it's serving the content on its own domain without consent, which is an obvious copyright violation regardless of whether or not the content is paywalled. I'm not going to assist or encourage clearcut copyright infringement.

But setting aside the copyright issue - let's say the paywall-dodging site were instead transferring users straight to the search engine cache - what are the ethics of this type of bypass?

They say that two wrongs don't make a right, but again we have to start by questioning the publishers' ethics. The paywalling sites that compete for web search clicks as free content  - most typically powerful and high-ranking media operations - know that in the process they will stifle genuinely free content out of the search results. They also know they're making the search process more annoying for the average web search user, who realistically is not going to pay for access every time they encounter locked content.

So these "bait and gate" publishers are not behaving in a considerate manner. In showing one thing to the search bot and another to the public, they're gaming the system. They're being dishonest. Google used to call this "cloaking" and have strict rules against it. But it's now progressively casting those rules aside because... ya know... capitalism and shit.

And actually, it's not just paywalled sites that Google is handing a free pass to annoy the crap out of web surfers. The high ranking of "bait and gate" monolith Pinterest has proved so annoying that a Chrome extension was created to block it from Google Images.

Google knows these "bait and gate" sites are nothing but a pain in the posterior for most surfers, and it's not even as if Pinterest owns any of the photos it hosts. There's also almost never any value added by Pinterest users. They just re-post other people's photos. That's it. So, barely any substance, barely any original content, terrible user experience... Breaks every one of Google's definitions of an acceptable website, and yet, top results time and time again. Explain that without using the words "backhander" and "corruption".

Whether or not any money really is changing hands, Google is clearly complicit in these schemes that push locked pages at search users. We know that for a fact because Google used to block such pages and even penalise the publishers cloaking them. It only began including them in the results in autumn 2017 after a documented policy change. But ultimately, the publisher is still lying to the search bot about what the public will find at that URL. Just because Google is now happy to accommodate bent behaviour, it doesn't make those who exhibit that bent behaviour any less bent.

Said publishers also know that they're making an unrestricted version of their content freely available. And there's no rule or law against viewing the Google cache, so for the consumer bypassing a paywall in this way there's certainly no legal issue.

And the ethics? Pretty much the same. This type of paywall evasion is only possible because the publishers are using a dishonest means of baiting clicks. If they showed the search engine crawlers the true version of their page, their paywall would remain watertight. So ethically, you can pretty much file it under "just desserts". Make a note, though... the content still belongs to the publisher. You can view it in the Google cache, but you can't pilfer it from the Google cache and put it on your own website.

We next come to the ethics of "browser manipulation" as a means to bypass paywalls. Once again, the ethics are grey. Some paywalling systems are designed to allow a set amount of viewing and then block the user until they pay. And these are often easy to circumvent in the browser by clearing (or if possible blocking) cookies as necessary. Without the cookies, the site loses track of how many posts you've read, and is forced the zero its counter. The result is permanent access.

If you're calculatedly clearing cookies to achieve this, it's ethically dodgy. But nowhere near as dodgy as the ridiculously slapdash gating system being used to regulate access. There could be no legal issue, because we're all entitled to manage cookies as we please, and under GDPR and other data regulations are protected by law in doing so. The onus is really on the publisher to properly manage access. But once again they're torn between the lure of publicity and the lure of capital. Trying to have your cake and eat it rarely creates a watertight plan, and we see that exemplified in paywalling strategies.

Then we come to shared logins. The ethics of shared logins depend on whether the user's payment purchases the account, or purchases a personal right to view. If you're buying the account, then sharing the login is just as ethical as buying a house and inviting your girlfriend to move in with you. And then perhaps, say, inviting her mother... No, let's not go down that road... But the point is, once you've bought the house, the estate agent can't start demanding extra money every time you invite a new guest.

If, however, you've purchased a personal right to view content, you can't transfer that right to other people. And most Terms will probably be worded to bill the deal as a purchase of singular access for one person only, which makes sharing the login unethical. Personally, I think shared logins are a step too far, and depending on the Terms may also be grounds for legal action. If the publisher has always been above board and has never tried to pretend the content is free in order to bait free publicity, my view is that we should just respect their paywall. Either pay, or don't look at the content.

[UPDATE: New section in response to a reader's query...


Q. Could a publisher establish your IP address during a paywall-dodge, then match that IP address to a known identity they confirmed when you previously visited their site, and then approach you for payment?

A. This is certainly feasible. Because the original publisher's page elements (potentially including tracking tools) are usually loading even when you consume the content on a third-party domain, the publisher would be able to record your page view against your IP address. If you've signed up to any of their, or their partners' services, they may then be able to match your IP address to your identity. From there, there's nothing, technically, to stop them emailing you with a demand for payment.

But would they actually do this?...

It would be highly unlikely because the damage to their brand image would almost certainly cost them more than what they'd make from those who paid. And they may also breach privacy regulations if the paywall was bypassed unwittingly and innocently by someone else using the same internet connection. The whole idea is prohibitively high-risk. But if they actually did try to pursue legal action against a party who merely consumed (as opposed to republished) the content, it would be very complicated. The publisher would have to...

  • Show that they hadn't intentionally or knowingly given the content away for free. This would be extremely difficult for publishers who paywall selectively, or who deliberately present an openly-accessible page to search bots. Intermittent paywalling would put them on dubious ground here too.
  • Prove they'd notified you that the content was paid access.
  • Prove you knew the content you accessed was actually the same content they'd asked you to pay for, and not just another article with the same title from a separate source. Given the nature of the internet (and especially news dissemination), this could be phenomenally difficult.
  • Prove you consumed the content beyond the gate (in other words, you read the whole article and not just the free leader). Publishers with page-scroll trackers and other micro-monitoring tools may be able to do this.
  • Prove it was specifically you who consumed the content, and not someone else with access to the same internet connection.
Because making a legal case hinges on the issue of intent, it makes sense to steer clear of paywall-dodging sites that actually admit that their purpose is to dodge paywalls. If a publisher could detect and record that you accessed pay-to-view content through a resource whose sole expressed purpose is to dodge paywalls, they'd have a much easier time proving intent.

It's also faily well apparent that habitual consumption of paid content would be a lot easier to prove as intentional than isolated one-offs.

...End of UPDATE]


Previously, when web users have skirted around monetisation systems, there have been associated consequences. For example, the blocking of ads is said to have led to paywalling, CPU-hijacking (for crypto-mining), the annoyance of donation-begging, etc. These alternative monetisation plans have not always been implemented because of adblockers. Indeed, many people now generating income through paywalls or donations have never served ads, so you can't singularly say that adblocking caused the paywalling boom. But it would be pretty ambitious to deny it's been a factor. So what future damage could we cause through bypassing paywalls?

One possibility is the widespread adoption of a much sneakier system, such as Web Monetization.

The imaginatively titled Web Monetization is a standard that turns paywalling into a potentially webwide protocol which aims to trivialise (i.e. vastly reduce) payments per page view. The idea is that you sign up for global access to a mass of paywalled sites, bump up your credit, and then seamlessly sail onto any site using the protocol.

Because the payments per view are so trivial, a modest amount of credit buys a lot of views, so it sounds great in theory. But if it were ever widely adopted, it would result in an unprecedented tidal wave of clickbait, burying valuable content even deeper in the mire of SEO spam. And because the new system trivialises not just the access payments, but also the consent process per page view, it would inevitably result in us unwittingly paying to read all sorts of worthless trash, including full-page adverts.

Web Monetization would be far worse for the internet than the current, highly selective system of paywalling, because the paywalls would be much less noticeable, so there would be much less impetus for publishers to provide value for money. Indeed, even now, the stuff we find behind paywalls is often spectacularly high on promise and miserably low on fulfilment. You could multiply that by a heady factor if paywalling were to be trivialised to a point where we were no longer actually hitting the walls and having to make a considered decision to subscribe.

But if too great a proportion of the public learn to bypass existing paywalls, we could see a conglomerate of major publishers striking deals with cybertech to normalise a protocol like Web Monetisation. Mozilla is already on board with it. And if Google/Apple were ever cut in on the profit, they could revise their browser tech to make such a protocol impossible to circumvent.

That would take us to the doorstep of internet content subscriptions, where we pay one basic access debit to the ISP as we do now, and another, variable levy to a general monetisation gatekeeper, who then distributes shares to various subgatekeepers, which are then forwarded to the actual sites we visit - minus all the deductions, obviously. We could see companies like Brave and Mozilla acting as subgatekeepers. Anyone running a browser would be perfectly placed to profit from such a scheme. The willingness is already there in the tech industry. The resistance is coming from the consuming public and the larger publishers at present.

It may still seem a long way off for well-established publishers, since Web Monetization in its current form can't compete with their privately implemented paywalling for revenue. But once a threshold of internet users bypass existing paywalls, those economics change, and the idea of guaranteed revenue, protected by Big Tech, suddenly becomes more attractive to the major publisher. Web Monetization would need revision to attract those big publishers, but if the ball really started rolling it could prove impossible to stop.

In fact, at crtical mass, the snowball of the Web Monetization standard could quickly turn so much of the WWW into a lockout that realistically, everyone would need a global subscription.

So before we raise our vigilante swords in a bid to build paywall-bypass resources, let's remember that a choice only remains a choice as long as the providers are getting what they want. If too many of us bypass paywalls, we may ultimately start to see new systems in which non-subscribers are blocked not just from the realm of crappy, "premium" newsbait, but from most of the useful web. It's only the more lucrative gravy train of privately implemented paywalls that's stopping a unified rush towards this at present. Take the money out of that gravy train, and things will change.

And Web Monetization is also a monumental surveillance threat, because by nature the system has to identify us and track everything we access. We see in the privacy policy for the currently prominent Web Monetization platform - Coil - that they're just another data company that lab-rats and productises the consumer, disrespects creators, and subjugates the lot. Once you have operators like that tracking a vast volume of people across the whole internet, you might as well take the phrase "online privacy" out of the dictionary.

Let's try to respect existing paywalls - at least when the publisher respects us.
Bob Leggitt
Post author Bob Leggitt is a print-published writer and digital image creator, multi-instrumentalist, twice Guitarist of the Year finalist, web page designer and software developer.
[Twitter] | [Contact Details]