[Mistletoe]

> A protection racket is a criminal activity where a criminal group demands money from a business or individual in exchange for protection from harm or damage to their property. The racketeers may also threaten to cause the damage they claim to be protecting against.

[gruez]

How is this different than say, ticketmaster charging money to not get "blocked" from a venue (ie. a ticket)?

[rightbyte]

It isn't. Ticketmaster is also a way to dominant middleman with way too much influence in the sector.

[gruez]

"cloudflare is engaging in monopolistic behavior" would be the saner take here, but the OP was specifically accusing cloudflare of being a "protection racket". Ticketmaster might be engaging in illegal monopolistic behavior in the ticket space, but nobody seriously thinks they're engaging in a "protection racket" over access to venues.

[AyyEye]

Because those websites cloudflare is performing racketeering-as-a-service for are open to the public.

[gruez]

Cloudflare isn't unilaterally inserting themselves between the website and you. They're contracted by the website owner to provide website security, just like how ticketmaster is contracted by the venue owner to provide ticketing. I don't see what the difference is.

[AyyEye]

"Security" in the real world doesn't get to profile people. Profiling is Cloudflare's entire business model.

[umbra07]

What do you think club bouncers are doing?

[gruez]

>"Security" in the real world doesn't get to profile people

1. yes they do. have you ever been to vegas? there's cameras and facial recognition everywhere. outside of vegas, some bars and clubs also use ID scanning systems to enforce blacklists, and in most cases that system is outsourced to an external vendor. finally, ticketmaster requires an account to use, and to create an account you need to provide them your billing information. that's arguably more intrusive than whatever cloudflare is doing, which is at least pseudonymous.

2. "profiling people" might be objectionable for other reasons, but it's not a relevant factor in whether something is a "protection" racket or not. There's plenty of reasons to hate cloudflare, but it's laughable to describe them as a criminal enterprise.

[AyyEye]

1. A blacklist isn't profiling. Known problem causing entities is entirely different than 'he looks suspicious', because the latter is often... Misused (to be polite).

2. Of course it is relevant. Because the more false positives they have the more money they can extort. They have negative incentive for their system to work properly.

P.S. ticketmaster is absolutely criminal, too.

[re-thc]

> are open to the public

Most websites aren't "open to the public". Most use firewalls, configure rules, etc that already block certain accesses. It's open to selected groups, just maybe including 1s you're allowed to be a part of.

[acdha]

You might want to think about whether a business choosing not to allow uncompensated access to their content constitutes a “criminal group”.

[wpm]

Don’t put your stuff on the internet then, or put it behind a paywall/registration.

[acdha]

So … it’s okay if they build their own system but you find it upsetting when they pay Cloudflare for a service?

[Aachen]

I mostly agree with you but do find it a fair point to suggest making it a straight-up paywall then. If they want some clients to pay for the content based on heuristic and black-box algorithms, that's going to be discriminatory, we just don't know to which groups (could be users from cheap connections or lower-income countries, could be unusual user agents like Ladybird on macOS, could be anything)

[acdha]

Perhaps, but I’m not sure how different that would be in practice. I have no more idea how the NYT implemented their paywall than Cloudflare does.

[Aachen]

The scope of the average paywall is quite different, letting only some specific crawlers pass for indexing but not meaning to let anyone read who isn't subscribed. I can see the similarity you mean and it's an interesting case to compare with, but "everyone should pay, but we want to be findable" seems different to me from "only things that look like bots to us should pay". Perhaps also because the implementation of the former is easy (look up guidance for the search engines you want to be in; plain allowlist-based) and the latter is nigh impossible (needs heuristics and the bot operators can try to not match them but an average person can't do anything)

[internetter]

What you propose is making the web worse for everyone, instead of a minority of users (AI agents)

[dylan604]

Huh? You have to login to Twit...er, X, Facebook, Insta, Snapchat, blah blah blah. After that, there's what 10% of the internet left. Seems like the open not-behind-paywall is the minority fo the interent