I think you and many people are overcomplicating this subtopic into the legal context of receiving C&D, etc letters.
Their service is their software. They have control over it. If they wish to impose technical limitations to how it may be accessed and by whom, that is entirely their prerogative. Nothing in the law can tell a company or a user otherwise, short of subpoenas for customer data or some such like that.
I think the larger legal issues come from the fact that circumventing these technical limitations can lead to to degradation of value and security for a company's customers due to derivative products created via this unauthorized client -- much like what has happened with SnapChat and third-party services retaining snaps. If systematic unauthorized access to a system could serve to diminish the value and trustworthiness of a company and its brand, you're damn right they will legally pursue those enabling it.
Sure, they have complete right to safe guard customer data with authentication checks.
But the situation here is that the customer is offering its consent to use their data on another platform or application.
The same holds for rooting android/iphones and making them do what you want. Not getting into legal details, you should own your data across services and your hardware that you buy.
Adding technical barriers is one thing, suing and interdependent group of people trying to learn the API and building tools on top is completely unfair.
Their service is their software. They have control over it. If they wish to impose technical limitations to how it may be accessed and by whom, that is entirely their prerogative. Nothing in the law can tell a company or a user otherwise, short of subpoenas for customer data or some such like that.
I think the larger legal issues come from the fact that circumventing these technical limitations can lead to to degradation of value and security for a company's customers due to derivative products created via this unauthorized client -- much like what has happened with SnapChat and third-party services retaining snaps. If systematic unauthorized access to a system could serve to diminish the value and trustworthiness of a company and its brand, you're damn right they will legally pursue those enabling it.