Feeds

Open API lessons for LinkedIn and Facebook

Code to play, not pay to play

3 Big data security analytics techniques

Open... and Shut One of the cardinal rules of open source is reciprocity: you can use my open-source code under the same terms that it was given to me. But as open source shifts to open APIs, "open" is increasingly a one-way street.

As one major case in point, LinkedIn likes to tout its open API to developers, but apparently only developers of a certain kind: the kind who don't compete with LinkedIn.

LinkedIn's stingy access to its API first came to light a year ago, when the professional networking service cut off API access to BranchOut, Monster, and other competitive services. LinkedIn cited Terms of Services (TOS) violations, principally the fact that these alternatives were planning to charge for access to LinkedIn member data.

Fair enough, right?

Perhaps. But it's perhaps not surprising that even as LinkedIn shut off access to would-be competitors, it released its own service (called Sales Navigator) that lets sales professionals buy access to LinkedIn member data without actually having any personal connection to the members in question, as Forbes reports.

LinkedIn declares in its S-1 that: "One of our core values is to make decisions based on the best interests of our members," but it seems that a value that LinkedIn holds even more dear is the ability to monetise its user base at the expense of user privacy, and to the exclusion of competitive services that might actually treat its user data with more respect.

Such discrimination is impossible in open source.

Early in the commercial life of free and open source software, there was a movement to provide source code free for all non-commercial use, but to require payment for any commercial use. True to its principles, the Free Software Foundation repeatedly nixed this, even despite the good intentions (make those who could, pay, so that non-commercial users of the software could use the software freely). "Open" meant that it was truly open, and not only open for those that helped the developer fill their wallet.

For LinkedIn, apparently "open" is a one-way proposition. Its APIs are free and open for all to use so long as they bring users or other benefits to LinkedIn. But competitive services just might pull users away from LinkedIn, and, even worse, might cut into LinkedIn's revenue streams, so they're banned from using the service.

Not that LinkedIn is alone in its one-sided view of openness. Facebook is a very open platform, unless, of course, you want to take your Facebook contacts over to Google's Gmail service. Google finally pulled the plug on the one-way pilfering of its address book service by Facebook, saying it would only open access to those that wanted to share two-way access, even if the other service was competitive to Gmail.

Since late 2009, LinkedIn has touted its open platform for developers. But it had been pressured to open up long before by David Berlind and others. It seems, however, that the company still has much to learn about what a truly open API looks like, and how it should be enforced.

So does the industry as a whole. As Mayfield's Robin Vasan speculates: "Perhaps the next generation of software will be solutions composed from these APIs/services." But this is likely only to be true if developers don't feel locked down or locked in by the APIs.

Open source showed an excellent way to ensure that software could be used and reused with relatively unfettered access. The API crowd has much to learn from its open-source progenitors. ®

Matt Asay is senior vice president of business development at Nodeable, offering systems management for managing and analysing cloud-based data. He was formerly SVP of biz dev at HTML5 start-up Strobe and chief operating officer of Ubuntu commercial operation Canonical. With more than a decade spent in open source, Asay served as Alfresco's general manager for the Americas and vice president of business development, and he helped put Novell on its open source track. Asay is an emeritus board member of the Open Source Initiative (OSI). His column, Open...and Shut, appears three times a week on The Register.

SANS - Survey on application security programs

More from The Register

next story
This time it's 'Personal': new Office 365 sub covers just two devices
Redmond also brings Office into Google's back yard
Oh no, Joe: WinPhone users already griping over 8.1 mega-update
Hang on. Which bit of Developer Preview don't you understand?
Microsoft lobs pre-release Windows Phone 8.1 at devs who dare
App makers can load it before anyone else, but if they do they're stuck with it
Half of Twitter's 'active users' are SILENT STALKERS
Nearly 50% have NEVER tweeted a word
Internet-of-stuff startup dumps NoSQL for ... SQL?
NoSQL taste great at first but lacks proper nutrients, says startup cloud whiz
Ditch the sync, paddle in the Streem: Upstart offers syncless sharing
Upload, delete and carry on sharing afterwards?
Microsoft TIER SMEAR changes app prices whether devs ask or not
Some go up, some go down, Redmond goes silent
Batten down the hatches, Ubuntu 14.04 LTS due in TWO DAYS
Admins dab straining server brows in advance of Trusty Tahr's long-term support landing
prev story

Whitepapers

SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.