Whoa - couldn't disagree more. I think the implicit (or explicit, in
ToS - havent't checked) understanding is that apps with read access
can access DMs in order to return them to the current user. E.g.
desktop clients or web apps with client-like functionality. They're
clearly certainly not the most secure private channel possible but
they are very much intended to be private.

As with a lot of other social services' APIs, the data returned might
not be usable in all contexts.  The goal of OAuth is to allow an app
to make calls on a user's behalf, it does not enforce that data be
used scrupulously or define what constitutes said scrupulous use.

Even if a fine-grained permission were added for accessing DMs, this
would not mean the user gave permission for the app developer to
personally look at their DMs.

On Sep 16, 3:48 pm, Ken <k...@cimas.ch> wrote:
> Anyone reading this article?
> http://www.readwriteweb.com/archives/twitter_permissions_how_much_do_...
> my quick response - users need to understand that DMs aren't private,
> they're just direct: one-to-one as opposed to one-to-many.
> please - keep privacy settings simple!
> my 2 cents..  yours?

Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 

Reply via email to