Thank you! There are definitely platforms that intentionally gate-keep their APIs. A good example is LinkedIn, which many companies still try to force-build their own integrations with. Our goal is to allow each developer to make their own informed decision regarding the policies of the platforms that they're working with. For our hosted service, we want to prioritize use cases where the end-user truly owns the data. We can also refer to legal precedent cases where many other companies make unofficial APIs.
We are working on a way to auto-patch internal APIs that change by having another agent trigger the requests.
Regarding the legality aspects — really appreciate you mentioning this — we’ve put a lot of thought into these issues, and it’s something we’re continually working on and refining.
Ultimately, our goal is to allow each developer to make their own informed decision regarding the policies of the platforms that they're working with. There are situations where unofficial APIs can be both legal and beneficial, such as when they're used to access data that the end user rightfully owns and controls.
For our hosted service, we aim to balance serving legitimate data needs with safeguarding against bad actors, and we’re fully aware this can be a tricky line to navigate. What this looks like in reality would be to prioritize use cases where the end-user truly owns the data. But we know this is not always black-and-white, and will come up with the right legal language as you recommended. What does help our case is that many companies are making unofficial APIs for their own purposes, so there are legal precedents that we can refer to.
I have to disagree, it is definitely not legal in the US to use unauthorized access points to access authorized data. Thats like saying you're allowed to get into your apartment through breaking your neighbors door and climbing between the windows
In the US this is pretty simply covered by Computer Misuse Act and Computer Fraud and Abuse Act, both federal laws
Im not claiming you're liable, just surprised no lawyer pointed this out at YC
If I open the Safeway app and it fetches what is available in a given store without any authentication and everyone sees the same data, that could possibly fall under that exemption.
If my browser is downloading some data, then what’s the difference if my AI agent is doing the same? I’ll even tell you it’s my browser. Who are you to say what qualifies as a browser?
A browser is a user agent, it's some software that makes requests to a server and renders them in a way I can understand. There's no difference between using a screen reader to vocalize content and using an AI agent to summarize it.
This analogy is completely off. A closer analogy is someone calls you on your phone letting you know they're here. You were expecting them, so you say "come on in." But, they were at the back door instead of the front door. I don't think anyone would consider that your friend did something illegal.
VCs are still rational beings. They don't fund something just because someone is emotionally attached to the idea. If you get a huge number of people emotionally attached... then that's a different story.
