38 comments

[ 3.0 ms ] story [ 84.7 ms ] thread
What's the use case for Twitter to allow outside write API access?

If twitter banned all API write access, what would be the problem?

The vast majority of people would still use Twitter via the app or their website, and it would obviously solve a lot of spam problem. But do we really need automated emergency alerts that don't filter through a human?

How would it solve the spam problem? People would just write bots that work through the website by scripting headless browsers.
At the browser level you have Captcha, which is a lot more expensive to spam - you need a human somewhere to overcome - than an API.
Depends on your definition of expensive. Captcha solving goes for around 1/10 a cent per catcha. (obviously pricier than free, but if you want to blast out 1000 tweets a day, that'd cost you $1)
You don't need a human for captcha. You can put together software pretty easily now that'll solve some captchas some of the time, and with automation even a 5% success rate means you can still get thousands of accounts.
They could easily detect and ban accounts that failed 95% of captchas, though.
The captcha tends to be during signup, not just any general request. Otherwise third party clients wouldn't work at all. So there isn't any "account" with 95% failure, only IP addresses that fit that. However, spreading requests to multiple IP addresses can help get around that, and botnet rental is pretty cheap these days (cheaper than the captcha prices that have been quoted).
The captcha tends to be during signup, not just any general request. Otherwise third party clients wouldn't work at all

The post that started this thread was about thought experiment of Twitter killing off their API. So that third party clients wouldn't work is a given. And since they wouldn't work, there's no reason why Twitter couldn't show a captcha many more times after signup.

Why would they completely limit API write access when there's a less nuclear route to prevent abuse as detailed in the article?
Just a few use cases. I suspect there are quite a lot:

1) Allowing a delay between creation and posting e.g. Buffer.

2) Posting updates to Twitter whenever CMS content changes e.g. Wordpress.

3) Large companies who need tools that work across all social media sites e.g. Hootsuite.

4) RSS -> Twitter.

Those all are automated spam, and doesn't really facilitate discussion. They just increase noise on the platform.

Edit: Reminder that Twitter filters out posts that don't receive much interaction.

(comment deleted)
Lol @ you assuming that anything a company posts is spam. You can just unfollow them.
Not everything in Twitter is about discussion.

Much of the platform is dedicated to users wanting to follow products, brands, services etc. For them the services I listed are a critical necessity. You can argue all of it is spam but then by that definition so is most of the web.

Pretty much none of what I use Twitter for is discussion. You're assuming everyone uses Twitter for a very specific, limited purpose.
I think there is an argument that automating tweeting leads to more spam even though there are some legitimate use cases.

The NYTimes automating tweeting a link to an article after its published provides value. Yet that same functionality allows spammers to tweet links to their spam automatically as well.

Likewise with scheduling, etc.

Anecdotally, before 2010 (when scheduling tweets became popular) I remember Twitter being much more active and discussion oriented, hence I paid more attention to my feed. Now i only use Twitter to search for specific things (ie is AWS down)

for example, the tweets by @newsycombinator are posted via API.
And if you look at that account there's no real interaction going on with it for an account that has 175k followers.
And yet it has that many followers, some portion of presumably see some utility in receiving those tweets, even if that utility does not match your idea of what they should do with it.
Accounts that don't have interaction get filtered out by Twitter in their timeline.
They show up just fine in mine.
Curious if enforcement is going to also thrash legitimate human accounts that have been - underhandedly - oauth’d authorized to be remotely controlled by a third party.

I hope Twitter introduces a screen informing who and what caused suspensions or bans

Wouldn't Twitter be able to see who access was delegated to? It sounds like they'd just ban the app rather than all its users.
The idea is to find and kill bot accounts, not bot-control aps.
Doesn’t this imply the end of any usefulness of twitter for business and marketing purposes? Big companies have multiple accounts and no one is tweeting directly, it all goes through some central tool in marketing dept. Weird move, twitter.
No?

First of all, big companies don't usually have multiple Twitter accounts; rather, all their representatives communicate from a single account.

Second of all, even if a company did want to use a multitude of Twitter accounts for some reason, the ban is on posting the same content to multiple accounts, aka spam. Not simply having multiple accounts available to choose from in the same interface.

Multinational corporations often have different accounts for different regions. Corporations that operate in multiple sectors often have different accounts for different sectors.

Some are both multinational and cover several sectors, for example Yamaha.

Here are just a few Yamaha twitter accounts: @YamahaMusicEU, @YamahaMusicUSA, @YamahaUK, @YamahaAV, @YamahaMotorEU, @YamahaMotorUSA, @YamahaMotoGP.

When a company makes a product they may or may not wish to make the same announcement on the accounts for that vertical across different regions. Most often the really big ones will probably make different announcements due to both differences in desired wording and in launch dates, but still the point stands that they might sometimes wish to post the same news.

I'd imagine that Twitter would gladly offer a paid program for companies that wish to use the service in that way.
Yes?

Almost all top tech companies have multiple @accounts, even Twitter does! I've seen multiple times how these companies post same announcements on multiple accounts. Even Twitter sometimes does that, for example when announcing something important in relation to security or policy, they post the same thing on the dedicated channel and their main channel.

Moreover, there are tons of tools build around Twitter API, like consumer ones: buffer, hootsuite and several other big enterprise tools that enable exactly that - connecting multiple accounts and cross-posting/scheduling the same tweet across all channels (as usually these tools also connect to facebook, linkedin and g+).

So, I still don't understand Twitter's move here, they are effectively declaring most of their business use cases to be outside of the guidelines. I'm surprised.

There is a mechanism in the new policy that could work for this. They allow automated re-tweats still. Post the big news to @CorpABC and then re-tweat to @CorABCVertical and @CorpABCRegion as needed.
Sounds sensible. A pain for the social tools to implement, but could work well in the end.
> Posting multiple updates [...] to a trending or popular topic [...] with an intent to subvert or manipulate the topic [...] is never allowed.

Good thing intent is super easy to infer without ambiguity.

Is it just me or did Twitter just remove a large honey pot for identifying fake accounts?

For example, a recent anti Net Neutrality marketing push was allegedly done by AT&T paying a company who owned a large amount of accounts to tweet members of US Congress the exact same message at roughly the same time. I can't think of an easier way for Twitter to round up a ton of potential fake accounts than watching for these type of events.

I'm not saying that if 100 accounts all post the same thing at the same time, they're all fake accounts. I'm just saying those 100 accounts are worth looking into with other automated checks.

Maybe, but instead they added measurements that the event itself shouldn't occur at all in the first place. Since tweets are very short-lived I feel it's more important to proactively prevent spam rather than reactive.

Besides that, while it's quite easy to "detect" some spam wave as a human within a given context, implementing such a detection in an automated manner is a lot harder, because a machine doesn't have intuition and have the context required to notice it.