French newsbrand Le Monde is “fiercely defending” its journalism from AI bots that don’t offer a value exchange while still letting the “good bots” in.
Le Monde has licensing deals with OpenAI, Perplexity and Meta, which allow its content to be used by large language model bots, such as ChatGPT, to answer users’ questions. This has led to “significant” new revenue both through payments from the LLMs and new subscribers coming in via the LLMs.
But like many publishers Le Monde is also investing heavily in fighting off the ‘bad bots’ threatening its subscription and advertising revenue.
Chief technology officer Paul Laleu is leading Le Monde’s response to many different types of bot traffic, from credential stuffing, where stolen passwords are used to access user accounts, to web scraping, where hackers redistribute copyrighted content.
“We see attempts to impersonate Google, so hackers find a way to come to your website and say, ‘hey, I’m Google,’ and then if they don’t succeed there, they try to bypass your paywall or they take out a subscription to try and redistribute the content that way,” Laleu told Press Gazette.
While hackers are increasingly using AI to illegally access and distribute content, publishers are also deploying AI to stop them. Le Monde relies heavily on bot management tools to protect its content and distinguish between the good and bad actors, said Laleu.
“Bot management is very important to us; it is really our first line of defence. We use it to identify what is non-human behaviour and then block it.”
Working in partnership with global edge cloud platform Fastly, Le Monde uses bot management to spot patterns of behaviour that could not be carried out by a human.
It then takes steps, such as generating infinite content mazes, to make it difficult for bots to find a route to the content. This an expanding range of decoy content generated to sap the resources of unauthorised scrapers and lead them away from real content.
Fastly co-founder Simon Wistow said: “Fastly’s edge-based platform detects, classifies and acts on bots at the point of contact, before the bot has had any meaningful interaction with the publisher’s infrastructure.
“For a media organisation, like Le Monde, where the content itself is the commercial asset, dealing with bots at speed is imperative.
“Our platform also stands out for its configurability, meaning publishers can apply different policies to different traffic types without a blunt-instrument approach that risks blocking legitimate users. In other words, we give publishers the power to control which traffic they allow to view their content and which they choose to block.”
[Read more: Le Monde CEO urges publishers to sign AI partnerships to stay competitive]
‘Good’ bots typically identify themselves and comply with standards to prove they are genuine, but the ‘bad’ bots outnumber these and Le Monde deploys a variety of techniques via Fastly to identify these malicious actors.
“We use a series of signals that are a lot more robust than older techniques that used strict pattern matching,” said Wistow.
“For example, we can see if bots behave in ways that humans can never do – clicking too fast, accessing hundreds or thousands of websites at the same time.
“Basically, there’s some behaviour that would look fine to an individual website, but because we see so much of the web’s traffic, it stands out as unusual.
“The result is that Le Monde can confidently allow the crawlers that matter for its discoverability, while stopping the ones that are simply using that cover to steal content.”
Le Monde making it ‘harder and harder’ for AI hackers to reach content
The hackers use many different ways to distribute their stolen content. Le Monde’s Laleu said: “Whatsapp remains a concern to us. Hackers are using WhatsApp to share publishers’ content, often in the form of PDFs and they are doing this for almost every publisher in the world.
“It’s almost like a sport for hackers, but at Le Monde, our core is the quality of the journalism the newsroom reporters are producing and we are fiercely defending it.”
Le Monde has also changed how it takes payments for subscriptions to make it harder for bots to access content for free.
“We now make sure that the payment transaction is completed before we allow anyone to access our content,” said Laleu.
“There are a lot of ways to manage subscriptions and some allow users quite deep access to a site before the payment has been cleared and hackers are using stolen credit cards to take advantage of this.
“But now, because access isn’t enabled until payment is cleared, when I open Le Monde to users, I know that the payment has already been collected, so we are seeing a big improvement on that side.”
It’s easier for publishers to use technology to stop hackers from getting at their content in the first place than to try to use the law to go after them once they’ve stolen it. This is largely because hackers are often based offshore so they are difficult to find and follow up through foreign law enforcement and legal systems.
Laleu said: “Even if you do manage to track them down and win a legal action, they often just start up again somewhere else.
“Instead, what we try to do is use automated workloads to block them every day to make it harder and harder for them to get at our content and we see that the more we are doing this, the less they are willing to put the effort into stealing our content.
“What is crucial is having a platform that is extremely adaptable and responsive. AI moves fast. If we had been having this conversation six months ago, I’d be giving very different answers and in six months’ time, things might change again.
“By working with a flexible platform we are able to keep up with how quickly things are changing and how hackers are responding to it.”
Email pged@pressgazette.co.uk to point out mistakes, provide story tips or send in a letter for publication on our "Letters Page" blog