March 2011
« Feb   Apr »

Shooting down paywalls

Now there’s a wall between us, somethin’ there’s been lost
I took too much for granted, got my signals crossed
Just to think that it all began on a long-forgotten morn
“Come in,” she said, “I’ll give you shelter from the storm

The State of Paywalls

Another high profile publication is putting up walls. The New York  Times is planning on charging again. Their paywall is up in Canada, and will be up globally by the end of the month. And it looks to be one of the least secure implementations yet. They seem to have done everything on the client. So, first, the content is always actually on the page. They just pop an obscuring <div> on top of it so that you can’t see the content, and stop the browser scrolling. This guy has already written a 3-line script for dodging it which I’ll reproduce in full:

//Prototype is already installed on NYTimes pages, so I'll use that:
$(document.body).setStyle( { overflow:'scroll' } );

So one way for non-techies go get around the paywall is to use something like the above in a Greasemonkey or similar script. Or, if you want to be more dramatic about it, you could even use this spaceship to shoot away the offending HTML elements. It’s cool as you can shoot the paywall and the ads together.

Using an HTML element destroying spaceship to tear down a paywall

The New York Times also have a 20 free articles per month thing going. Again, implemented client side using a cookie. Delete your cookies from the site, and it is all yours. Getting around this paywall is so easy that it looks like they didn’t even try to properly protect the content. And maybe they didn’t.

In fact, there is a strong argument to say that a secure paywall isn’t a good idea. The Times of London have a well implemented, pretty secure paywall, but they are one of the few. The Wall Street Journal, probably the most successful pay wall of the lot, do a simple referer check. If you’re coming from Google, you get access. So if you’ve got the energy, just search for the headline on Google to get your free access. If you’ve got less energy but more skillz, just spoof your referer using Spoofy or something. This also works on the New York Times site.

The Problem

The root of the problem is getting the balance correct between social sharing and decent security, and we all know how users hate (and I mean proper, vitriolic hate) hitting a paywall when clicking on a shared link.

When it comes to the crunch, there are only three models that are possible to securely implement:

  • Option #1: No real security that a monkey couldn’t avoid. This is the NYT, WSJ and many more. But this will stop the vast majority of folk “stealing” the content. The biggest downside is probably the press reaction too the joke of a paywall, as has just happened with the NYT.
  • Option #2: Allow limited access to non-paying users (first click free, 20 free articles per month, or whatever). However, in order to do this securely the user must register first. And although registration is less of a barrier than asking for a credit card, it’ll still scare people off in droves. And if registration is too easy without a valid email address check, you’ll get a whole load of Donald Duck’s registering. Off the top of my head I can’t think of anyone doing this at the moment.
  • Option #3: The Full Monty. All users have to pay to see any protected content. The Times of London are doing this. I really don’t like this option for most people as new readers will be hard to come by. You might do well from existing loyal fans, but in the long term I can’t see it working. Sharing is caring and all that.

The Solution

Fucked if I know.

With all of the above models, not all of the content needs to be protected. The Times of London protects everything. As does the pr0n industry. Others only protect parts of their site. Some protect content until it is a bit stale (a week, or maybe an hour in financial services). I quite like The Daily’s model. They simply don’t bother to try to protect the stuff on the web site. I don’t think they’re even bothered by the sites popping up allegedly circumventing the paywall. You pay for the iPad app and hopefully that offers such a lovely experience that it is worth it.

My view is you probably want the paywall to leak, so superficial security is probably best. You certainly want people posting links to your content on FaceBook, Twitter and the rest.  The people that try to “hack” it probably wouldn’t have paid anyway, so you’ve got some nice differential pricing going there already. Especially if you’re getting ad revenue too. Maybe show a lot more ads to the non-registered users.

Of course, if it is easy enough for my deceased grandmother to bypass, you’ve got problems. No-one will pay, and you’ll piss off the people that already have. But if you lose 3% or something, it doesn’t sound like the end of the world. Comparable to shoplifting in retail.

Now this clearly doesn’t work for single, high value assets (books, movies, music) where people will go to a lot of effort to get their grubby little hands on a single item of content. But for newspapers and magazines, it is probably time for most publishers to choose Option #1, give up on 100% security, hope that legitimate experience is a whole lot better than the cheating experience and accept that there are some people that won’t pay for anything.

Or a better solution

Wait! Before we give up, I think Option #2 is the long term solution. No-one seems to do it at the moment because the registration barrier is big and people won’t even register to see content shared with them. But what if they were registered already? If a publisher could throw their proprietary registration system out the window and allow access through Google, FaceBook or TheNextBigThing, they would be laughing. Then they could provide proper, secure metered access/first click free/X free per month and lots lots more without scaring users off. And, of course, when they can do their one-click payment through the above things get even better, but that’s another topic.

Secure paywalls aren’t that hard, and these leaky things offend my sensibilities. I’m not aware of any publishers doing this properly at the moment. Or are they? Let me know. Over and out.


  • Facebook
  • Google Bookmarks
  • Digg
  • LinkedIn
  • StumbleUpon
  • Technorati

17 comments to Shooting down paywalls

  • Dom

    A pleasure to read this, Jon, particularly the open and profane acknowledgement of the difficulty in solving the problem.

    I won’t pay for much in the way of information online, but I would probably be prepared to pay to shoot up the front page most mainstream publications, particularly most Murdoch-controlled ones, as in your graphic, so a gameified access model, either pay-per-shot or maybe just a sponsored spaceship (customised, ‘brought-to-you-by The Daily Telegraph’, etc), should be investigated.

    Good post, keep ‘em coming -

  • Carlos

    Nice post. :)

    I would suggest the NYT DRM “weakness” is quite deliberate.

    I agree with your conclusion. Once the OpenID/OAuth mess settles down, registration as we know it will be rare. And at that point, option #2 is in play. And if Facebook, et al have your credit card details, how different will buying a digital mag on the web seem to buying one on your iPad?

    Options #2 and #3 are much the same. One’s a magazine you can flip through at the newsagent, the other’s a magazine wrapped in plastic that you can only look inside once you’ve paid for it…

    Could one argue that PC games are already further down this road? I’m thinking of Steam: despite the complaints about DRM by some, most people seem happy with it as it Just Works.

    • Agree. Although technically nothing in this post has anything to do with DRM. That’s more for the high value content (movies/music/etc). With every news site in the world, once I’ve paid I can copy the content and send it to my friends. DRM is more for preventing people that have the content from spreading it. I don’t know of any digital newspapers that bother.

  • Jocke

    In the time Before TheNextBigThing or Universal Registrations and Logins I came up with a few ways to make it work (sadly one again unrealised idea).
    First; There’s no way of protecting news. People will gossip. Share the news, steal them, spread them. It’s human nature.
    Second; Human nature will go through fire and water to get information on the things they feel they need to know about.

    You can’t make subscriber revenue on the first point. Advertising revenue, sure, referral refenue, sure.
    The second one on the other hand you can make subsriber money on. However, there’s problem; humans want to share. If things are locked down you can’t share it (as you pointed out, Jon).

    Well, the solution is to make a hybrid. Monetise on journalism; character, opinion, bundled research, graphics, statistics, etc. However, the basic “story” has to be available, but in some form limited. Have hidden sections in text that you unlock by paying. These section are indepth. Graphics and photos you can have smaller, and paying for them gives you the full blown ones, the ones that it’s worth saving, printing, “owning”. Statistics can be in downloadable format (CSV, Excel, etc).
    That’ll allow you to send a link to your friends; they’ll get the gist of the article, and when they want to know more, they’ll have to pay (or bug the guy who paid to send over all the paid material – which might happen, but after a while he’ll get bored).

    If you want couple this with TheNextBigThing’s auto login and credits you’ve purchased at that site.


    PS, hire me! ;)

    • Your right. I should have mentioned this too. The good old “teaser version” of the content. Now I agree with you that this should be enough to give the gist of the article, have smaller images, etc, etc. However, in reality they don’t seem to want to give away more than a few hundred words. So the teaser/free version is just annoying.

      It is also technically a pain because you really want a single URL to the article, which is cached on your CDN and all that. But some people will see the full thing, and others will see the crappy preview. Fortunately we’ve got some magic tricks up our sleeve using ESI’s that can make this work.

      P.S. Early days.

  • Jocke

    I agree with what you’re saying – my version of this is more than a teaser. If “they” don’t want to give away more than a teaser then the idea is stillborn. However, I thought of this when a free online (only) magazine was trying to figure out how to make money. They had a loyal bunch of readers, but couldn’t do the ends of the spectrum: paywall or free. A typical article would be ~16 paragraphs (sections). Imagine if there were 30 of them, and 10-15 were free. This was also a site that reviewed products £1 – £20,000 and events. So hi-res images would have wetted potential buyer’s appetite, etc.

    The URL thing is obviously a tricky subject. Instead of displaying the paid sections one could display a message to the reader, and potentially sorted kewords words for web crawlers. If it can be indexed by crawlers, it’ll be “stolen” (vs. “shared”).
    As for caching, one could cache two versions (unpaid/paid) or cache the paragraphs and assemble them. To be extremely simplistic.

    However, I think you’ve got more insight into what “they” want to do and thus what can be done (from a business perspective).

    This is an interesting problem. I shall be coming back to snoop for more comments. Graçias!

  • Peter

    It will be interesting if Google will accept that they hide it at the user level. They do not like that you hide or are not consistent in the presentation of content like the Wall Street Journal.

  • Shane K Johnson

    Good call on the social registration. Anytime I come across a page that requires registration, I simply close it. However, if it let me sign in via Facebook, Twitter, etc. then I would certainly do so.

  • Readers:
    [1]I wonder how many new readers the NYT has attracted since the publication of it’s paywall side-step. Perhaps it was all a cunning plan to snatch a few more readers from other news sites. I haven’t seen a response from the NYT but I’m sure it’s not just “Oh, we didn’t think of that…”

    I wonder what [2]the overhead cost is in producing both a teaser version and a full version of an news article – probably quite high (where teaser versions need to be spidered) – and [3]how that compares to subscription revenue. The National College for Leadership of Schools and Children’s Services has had a crack at teasing content. If you’re not logged in, you get a summary page (which helps google) and a good handful of metadata (which helps their search engine) – nice low cost solution ( and check out the link in the RH column “Securing the…” – it’s not login restricted but it’s the same type of screen for documents, I can’t remember where the subscriber content is now #OldMan)

    I still like the idea of newspaper apps despite their criticism. Public web site is stripped down but use your app for the full rich version). [4]Not sure where this leaves indexing your site though.

  • มันน่าพิศวงวิธี intereseting มันเป็นสำหรับฉันเพื่อเข้าชมคุณบ่อยมากBlack Friday Dewalt DCT410S1 Home Tool Dewalt DCT410S1

  • My brother recommended I might like this web site. He used to be entirely right. This post actually made my day. You can not believe just how so much time I had spent for this info! Thanks!

  • It’s hard to find your blog in google. I found it on 16 spot,
    you should build quality backlinks , it will help you
    to rank to google top 10. I know how to help you, just search in google – k2 seo tips and tricks

  • In the City of Chicago. If you turn your water pressure at various
    places in scattered quantities, an increase in the areas of buildings is driving painting
    contractors can do it is reasonable to expect
    that company. The efficient team of Painters Delaware. In some
    cases they also realize significance of having to go into business for
    a general contractor.

    Feel free to surf to my page; website (Sabine)

  • Thassociated pilot claiming shelter, what had lain than 45 hours deep under the 777 jetand / or did not reward well during a trip two days proper the accident and he seemed to be “simply well organized or prepared,in according to the investigative reportwe might”the main reason pilot that’ll never have taken off! !” sserve attorney Ilyas Akbari, whe ones firm vacation 14 to be able to the passengery.

  • Magic lantern’s zebra stripes and focus peaking have saved my ass so much as

  • Hear from the expert, Judge Michele F. Lowrance, on how to psychological prep to divorce and deal with the negative comments from some friends a household. Christian freelance author kristine Steakley and adviser gives her viewpoints on marriage and spirituality.

Leave a Reply




You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>