I’ve been developing websites professionally for over 10 years. I’ve worked in and with creative agencies large and small, and have been self-employed for a time, too.
I first jumped into freelancing in 2010, only a few years after graduating from university and without a great deal of business experience under my belt. During this time, I surrounded myself with others who were in similar positions. I attended many events around the time on the nature of digital design, and one topic which came up a few times in relation to problem clients was the controversial “kill switch”.
In short, a kill switch is a means by which the provider of a website can take the website offline without the client’s permission or knowledge. A quick Google search will reveal a number of methods to achieve this, from scripts hosted on remote servers to plugins for popular CMS-driven websites.
But should we do this, ever?
This is a controversial subject and winding back the clock 7 years I would have broadly argued in favor of a kill switch. Today, I’m not so certain I would agree with my former self.
To really get under the skin of this question, we need to examine the main reason why a developer might want to build in a kill switch. In most cases, we would point to the breaking down of client/supplier relationship, and possibly the withholding of payment for work completed.
In this case, the kill switch would act as the very last line of defense, and my former self would have pointed to this as a worthy-enough reason. But this is a service-lead industry and the relationship we have with our clients matter. I would argue that the relationship is the overriding key to success, even above producing your best piece of work. For this reason, a kill switch should never need to be invoked.
Don’t forget your reputation, either. Killing a client’s website might carry professional, ethical and legal repercussions.
The Devil’s advocate answer
Let’s imagine for one moment that delivering a website, which is a commodity, is like any other business transaction. It is quite right that the supplier provisions themselves with certain contractual protections. The key point here is contractual. When banks lend money which is not repaid, they make it clear up-front that your house may be repossessed against the outstanding debt. This is their last line of defense. In similar circumstances, when the remote disabling of a website is made crystal clear, you may have a case for building in a kill switch.
There are a couple of instances where a kill switch may be useful, even if the client doesn’t know about it.
Firstly, a lot of web development gets outsourced to developing countries where labor costs are lower. A number of factors may work to make business relationships more difficult, from cultural differences and language barriers through to misaligned expectations and even basic logistical factors like time differences. Not to mention non-delivery of work or payment. These can lead to relationship breakdown. Eastern suppliers are not equipped with the economic might of their Western clients and, always one to fight for the underdog, I believe building in a kill switch could give them the upper-hand if things turn ugly (though admittedly, this links back to the aforementioned relationship point, but we do need to factor in context).
To really get under the skin of this question, we need to examine the main reason why a developer might want to build in a kill switch.
A second case for the installation of a website kill switch may come if a website mutates into something the supplier did not comply to working on. For example, if the content is changed into something which threatens to cause harm in some way, or is illegal. The supplier would be faced with moral and possibly legal questions which would need to be addressed before any action was taken. This is a fringe case, but I’m sure stranger things have happened.
So, a website kill switch: yes or no?
I have never built a kill switch into a client website. There have been times in the past when I have felt like I needed additional assurance, and that a way to disable the site on a whim would be useful. But ultimately I feel it is not so much a debate around legal or moral conduct, but one of maturity and professionalism. Even if a client is a nightmare and withholding payment, disabling their website won’t get you paid. At best, you might feel some contorted sense of achievement if you take a client site offline to punish them, and at worst you might land yourself in court.
For these reasons, I think flicking the kill switch is rarely, if ever, the right approach.