"for pennies" is a lot more expensive than 0, and that matters at scale.
Scam isn't about one person performing one request, for that you can indeed just hire a human, it's about thousands of bots constantly interacting with a service.
If you need to scrape 10m records and there's no anti-fraud protection, you pay $0 (excluding typical bandwidth / server costs). If every query requires a captcha, and you have to pay $.01 per captcha, the operation costs you $100k.
Going from 0 to 100k is often "good enough" to make these things uneconomical.
Actually, I oversimplified. In most cases you don't have to pay $.01 per CAPTCHA. It's usually a fraction of a penny per CAPTCHA.
So basically it's good enough to protect something that is arguably barely worth protecting. I don't find this compelling. Protecting things that barely need it is already easy using existing techniques.
"for pennies" is a lot more expensive than 0, and that matters at scale.
Scam isn't about one person performing one request, for that you can indeed just hire a human, it's about thousands of bots constantly interacting with a service.
If you need to scrape 10m records and there's no anti-fraud protection, you pay $0 (excluding typical bandwidth / server costs). If every query requires a captcha, and you have to pay $.01 per captcha, the operation costs you $100k.
Going from 0 to 100k is often "good enough" to make these things uneconomical.