Twitter's API is notoriously bad for 3rd party apps.[0] In order to use the standard API, you need to register for a developer account, which requires manual approval and which Twitter can deny for any reason.[1]

Facebook has a history of outright suing 3rd party apps.[2]

If I can log into Twitter, I should also be able to update my account with an HTTP request. That's it. I shouldn't need to sign an agreement, or tell them why I'm programmatically accessing my account, or dig into a settings page. I should be able to grant an OAUTH permission to anyone that gives them access to that API, and Facebook shouldn't be able to sue that person just because they got around an IP block. That should just be part of my account.

I don't know if this legislation guarantees that (the article doesn't link to the text of the bill). Most tech legislation is bad, so there's a good chance it doesn't. But the principle remains.

[0]: https://www.theverge.com/2018/8/16/17699626/twitter-third-pa...

[1]: https://developer.twitter.com/en/docs/basics/developer-porta...

[2]: https://www.eff.org/cases/facebook-v-power-ventures

i wonder what caused them to limit their platforms so much.

wanting to own all ads placed against user content

wanting to lock users in and make it harder to leave for another service and still maintain a presence (which is also a constant ad for that other service) by cross-posting

wanting to make it harder to see the stuff you're following people for without ads inserted every few posts

It s still possible to leave but nobody leaves. Surely they benefit from some extra safeguards, but i don't think either are worried that users will take their data elsewhere. Usually when a new platform emerges, it 's a new format (e.g. tiktok).

I 'm pretty sure their response was in order to avoid bad PR during the Analytica scandal period.

As I understand it for Twitter in particular, third-party apps were limiting the reach of their business-related tactics that users hated. Namely, none of those apps implemented any kind of invasive advertising, tracking, and recommendations – which made those apps much better from the UX standpoint than the official ones.

A mixture of bad tech legislation, concerns over Russian interference, and good old-fashioned anti-competitive tendencies.

Having itself supplanted MySpace, Facebook is in a good position to see how easy data-exports can help competitors supplant a dominant company.

3rd-party clients are also a good way to remove ads and tracking, which is obviously not in Twitter or Facebook's best financial interest.

Yet they still provide with tools to export all data . So i don't think the migration of users is a major concern for them.

I 'm personally all in favor of making the APIs open and unlimited again, but within a month you 'll have journalists nagging again

Export tools happened after GDPR.

they existed long before gdpr, e.g.:

https://www.askdavetaylor.com/export-data-facebook/

This fight is much older than that. If you want to get sad, read this: https://en.wikipedia.org/wiki/FriendFeed

At least as far as Twitter goes don't they limit some of their APIs like how many users a given set of API keys can use or something like that?

Yeah they severely limit bots and ask for phone numbers and then they 'll ban your number if you use it twice. Who's responsible for that other then the media FUD about russian bots? I really can't blame twitter (and FB) for limiting their platforms here.

Hmm.

That's actually a good question.

Does it outline in this legislation who is responsible if twitter throws open their api's and the company that a user delegated steals the user's data by acting, essentially, as a proxy api for other companies? I would think it's obvious that from the moment you delegate access to your data, Twitter would no longer be responsible. Basically, they should only be responsible for making sure that data is given only to whoever authenticates with the appropriate keys that the user in question authorized. What happens from there should be no longer Twitter's legal problem.

That seems obvious to me, but it's definitely something you would have to check.

Thhis isnt even about theft, but that people give their permission willy nilly to bad actors. Thats not a solvable problem

>Thats not a solvable problem

Well, we're not trying to "solve" the problem. We're just trying to clarify that Twitter has no legal liability for the problem. If you delegate access to your account and someone proxies it; or there are all of a sudden all these GDPR violations flooding in because you gave away access to your contacts' private information when you delegated access to your account; etc etc; that liability should fall on either the user, or the entity to which the user delegated access. It shouldn't really fall on Twitter.

That's all we're talking about here, just making sure that legal and criminal liability is matched with delegated authorization. Because the legal ramifications are what tend to ensure security and privacy.

That’s what platforms already do - yet they are being slandered for not saving their users from themselves.

First, I doubt many people knowingly allowed Cambridge Analytica access to their data.

Second, slandering is not the same as legal liability. If people are slandering you, sue them. But people can't sue you and say FB gave some company access to my data unless FB actually does that without the user's knowledge.

Lastly, under this new system, no one would be saying that FB is legally liable for a user explicitly granting access to a third party. Vast majority of people would lay the blame for that at the foot of the idiot user. Again, we're just trying to verify that the legislation reflects that very common sense view.

I think their API restrictions really started earlier as an effort to push users to their official app.

Granted your points are still very valid / a concern.

Maybe but i noticed them becoming really unworkable since 2016.

So Twitter and Facebook have monopolies? Isn’t that kind of the opposite of a monopoly?

No, it is just that the word is used differently in common practice.

If "literally" can now include figuratively, then "monopoly" can include oligopoly.

They are different kinds of websites.

and that s why they are "monopolies" - they each dominate a format. It's like saying IRC is a monopoly - which it is, just not owned by a central entity. It's not really going to work with people having 2 facebook-like accounts - they 'll eventually gravitate to one. What will work, is if there are viable , better open source and decentralized alternatives.

So if we granular defined monopoly - HN could be defined as a monopoly.

But the fact that people have LinkedIn, Facebook, Twitter, Reddit, etc accounts does show that people will use more than one service.

How many people are in multiple Slack groups.

Hn and reddit are the same format. And linkedin could easily merge with facebook. But facebook and twitter don’t mix

> How many people are in multiple Slack groups

Aren’t they using a single app?

> Hn and reddit are the same format.

No they are not. there are no sub-HNs.

Hn is very similar to r/programming r/starups etc

And you expect legislators to understand that distinction?

if they can't understand the tech, why would they be fit to legislate ?

As if most legislators are elected for their ability to understand technology....

By doing something that is already possible, and has not broken their monopoly?

I didn't say it would work. I said this is what the Senators are trying to do. We'll see what the final form of the bill looks like.