
Short answer: if you expose an API, you need an API license agreement for two reasons: your developer use case will change, and you have to set expectations so developers do not build businesses on access you never promised to keep.
I delayed writing about API license agreements for a while, because I could not find a good real world example to go with the post. Then Twitter gave me one, when it changed its API license agreement and caused quite an uproar in the developer community. Here are 2 great reasons why software and SaaS companies with an API need an API license agreement, instead of going naked with no agreement.
For background: Twitter changed its API licensing terms to further restrict how its API developers use the API (over 750,000 registered apps at the time). Twitter wanted its API developers to build “tools,” not businesses or applications.
1. Your API Developer Use Case Could Change.
Things change rapidly in the software and API licensing world. You may open up your API without an API license agreement, realize you opened it up too much, and then want to restrict what your developers are doing. Twitter realized exactly this, as developers were using the API to compete with Twitter or simply duplicate its interface, causing confusion in the marketplace.
Most API license agreements are pretty one sided (you are giving something away for free and it is your technology), so you can change the terms at any time. However, if you do not have an API license agreement and then change your API program, your developers may get upset, and if they lose money as a result, you may be responding to complaints and lawsuits. An API license agreement protects you and limits your liability if things change.
2. Communicate the Right Expectations to Your API Developers.
As with any agreement, an API license agreement helps communicate your model and set expectations of what developers can and cannot do. Most users actually want to know where the boundaries are.
If Twitter did not have an API license agreement with (a) limitations of liability, (b) disclaimer of warranties, and (c) specific language giving it the right to change the agreement at any time, it would have been sued for this change. API users would have argued they relied on unrestricted access and built a business around it, and that Twitter could not make a change without compensating them.
Do Not Rely on Copyright Alone.
Some vendors assume the law will protect their API even without an agreement. It is not that simple. In Google LLC v. Oracle America, the Supreme Court held in 2021 that Google’s reuse of Java API declaring code was a fair use, and it pointedly declined to decide whether API code is copyrightable at all. Translation for vendors: the IP status of your API is uncertain, so your license terms are doing the real work of defining what developers may do. And when access itself is the issue, unauthorized use of your API can implicate the Computer Fraud and Abuse Act (18 U.S.C. section 1030), but only if your terms drew the line clearly.
What an API License Agreement Should Contain.
At a minimum, a vendor-side API license agreement should cover:
- A scoped grant. What the developer may and may not build, and any field-of-use limits.
- Rate limits and acceptable use. Usage ceilings and prohibited behaviors, referenced from a policy you can update.
- Right to change or discontinue. Clear language that the program and terms can change, with notice.
- IP and data. Who owns what, and how developer and end-user data may be used.
- Limitation of liability and warranty disclaimer. Especially important for a free or low-cost program.
If you remember that (1) things can and will change in your API model, and (2) you need to set the right expectations with your developers, you have the 2 main reasons you need an API license agreement. The same instinct shows up in the restrictions you put in any software license. If you need one drafted, an attorney who lives in software licensing can scope the rights and the change-of-terms language correctly.
Frequently Asked Questions.
Can I change my API terms after developers have built on them? Yes, if your agreement reserves the right to change or discontinue the program with notice. Without that language, developers may claim they relied on the old terms.
Is my API protected by copyright automatically? Not reliably. After Google v. Oracle, API reuse can be a fair use, and copyrightability of API code was left open. Your contract, not copyright alone, is what protects you.
What is the single most important clause? The right to change or discontinue the program, paired with a strong limitation of liability and warranty disclaimer.
For the broader framework on choosing between subscription and license structures, see SaaS Agreement vs. Software EULA: Which Template Do You Need?
Disclaimer:
This post is for informational and educational purposes only, and is not legal advice. You should hire an attorney if you need legal advice, which should be provided only after review of all relevant facts and applicable law.
Discover more from Aber Law Firm
Subscribe to get the latest posts sent to your email.