Quoting Dewald Pretorius <dpr...@gmail.com>:
Here's another issue that probably needs to be considered.
It applies mostly to DMs, because people will tend to use DMs for
sensitive information, and would expect a certain level of privacy.
Right now, an OAuth authorized site can query a user's DMs and do with
that info what it likes. It could present privacy issues, but at least
you have an audit trail of the DM request by the authorized site in
You lose that audit trail with Site Streams. The DMs are
indiscriminately distributed out to all OAuth authorized sites that
subscribe to the user's stream.
It may not seem like a big deal, because it's status quo minus the
audit trail. Until you're hit with a multi-million dollar class-action
lawsuit for indiscriminately distributing potentially sensitive
information. Then it is a big deal. It's not only the lawsuit, it's a
privacy PR disaster as well.
Ayup - *Twitter* loses an audit trail - they can track sends / TCP
acknowledgements but have no idea what the receiver is doing with the
packets. The consuming site must maintain an audit trail, though, right?
Something like this happened at Facebook when they changed their
developer TOS. Here's the wording they used:
?You must give users control over their data by posting a privacy
policy that explains what data you collect, and how you will use,
store, and/or transfer their data. You may cache data you receive from
the Facebook API in order to improve your application?s user
experience, but you should try to keep the data up to date. You will
delete all data you receive from us concerning a user if the user asks
you to do so, and will provide a mechanism for users to make such a
I'm assuming Twitter will want to do something similar, and I'd think
it would also include honoring the "delete" messages that come down
the streams. That could be *very* interesting if the service was doing
M. Edward (Ed) Borasky
"A mathematician is a device for turning coffee into theorems." - Paul Erdos
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: