Does that also mean that the company has access to all of your friends data?
Look no further than the 12 chapter 99 section GDPR and the shit ton of cookie banners it brought the web.
Would you let any company have unfettered access to your product via APIs? Should they have rate limits? Should they have to pay for access? How do you prevent a third party API from posting spam? What are the rules around being able to block the API when it behaves maliciously? Who gets to decide what malicious behavior is? How do you protect the data that is siphoned off from the API?
https://en.wikipedia.org/wiki/Cambridge_Analytica
Does that also mean that the company has access to all of your friends data?
Look no further than the 12 chapter 99 section GDPR and the shit ton of cookie banners it brought the web.
Would you let any company have unfettered access to your product via APIs? Should they have rate limits? Should they have to pay for access? How do you prevent a third party API from posting spam? What are the rules around being able to block the API when it behaves maliciously? Who gets to decide what malicious behavior is? How do you protect the data that is siphoned off from the API?