What do API Fee increases mean for communications compliance?

Technology vendors are increasing or imposing API fees on enterprise users of their collaboration and communications platforms – are they the new ‘cost of doing business’ compliantly?

24 November 2023 9 mins read
By Jay Hampshire

In brief:

  •  Technology vendors like Reddit and Twitter (X) are imposing fees on enterprise users to access data via their APIs
  • These fees can be substantial, and run the risk of third-party service providers going out of business or passing costs on to clients
  • Are these fees the new ‘cost of doing business’, and do they create new challenges for compliance teams?

There is continuing discussion in the media of the ‘cost of living crisis’ and the economically challenging times we find ourselves in. The cost of resources of all kinds is increasing, and the technology sector is no exception. Over the last year, we have seen technology vendors introducing (or increasing) fees for accessing data via their application programming interfaces (APIs). These costs have presented new challenges for businesses that need to access data, and there is concern that more large tech vendors could implement API fees – making them the new ‘cost of doing business’.

This poses a particular challenge in industries where data from communication and collaboration platforms like Twitter, Reddit, and Microsoft Teams needs to be captured and kept record of for compliance and regulatory reasons. These API fees – and their impact on third party service providers in terms of passing on costs or potentially going out of business – could not just become the new cost of doing business, but also the cost of compliance.

What are API fees?

An API is a software interface that allows two systems to communicate and exchange data through a request and response cycle; one system/user makes a request, like a search for specific data, and the other system fulfils that request. They are a common way for organizations to integrate services and capabilities with one another or with public users, and broadly fall into three accessibility categories:

  • Private: the API is used internally within an organization, with no outside access
  • Partner: specific business partners and third-parties are able to access the API
  • Public: the API is accessible by anyone, and can be accessed in order to build software and applications for that organizations’ platforms. (Although there are often still certain accessibility restrictions in place, even on public APIs)

Public API access has been a foundation of innovation, allowing developers to create applications and programs that interact with platforms like Microsoft Windows or the Apple product suite. There are several ways that vendors can charge fees for API usage, but two of the most common are charging for access, and charging for usage:

  • Charging for access: This method imposes a charge at point of use for an API, which users have to pay before they gain access. This usually involves a ‘flat’ cost that is not based on how or how often users access the API
  • Charging for usage: The vendor will decide on a pricing model that factors in a ‘usage’ metric for the API, such as charging a fixed rate every time a ‘call’ (contact request) is made to the API, or charging a percentage of the ‘value’ of the call made to the API. So, if the API is for an online shopping payment system, a percentage of the total value of an overall transaction is used to calculate the API charge

While charges for API usage may seem bearable at a surface level (often a fraction of a cent for each ‘call’ to the API) when users are making millions of requests to an API based on high-volumes of data, those costs can rack up incredibly quickly. This is the situation that third-party user experience app Apollo faced when Reddit implemented API fees earlier this year. Apollo acted as a client for iOS users to access Reddit’s data, first released in 2017 (long before the current conversation around API fees). Reddit implemented a charge-for-usage model, with developer fees set at 24 cents per 1,000 API access requests. Apps like Apollo can make more than seven billion access requests each month, meaning Apollo’s operating costs would have jumped to over $20 million a year. This was an unsustainable cost that forced the app to close.

Which technology vendors have introduced API fees?

API fees aren’t completely new, with many vendors having charged for API access or usage previously, including through pricing tiers. However, the discussion around API fees has picked up pace with a few large tech vendors implementing them for the first time. Much of the controversy has been driven by a figure who is no stranger to it – Elon Musk.

From 9th February, 2023, Twitter (now X) announced it would no longer support free access to its API. Instead, a three-tier API access model was introduced, with a free tier providing only 1,500 API access requests per month, and an enterprise tier costing a substantial $42,000 monthly fee. Third-party services are “encouraged” to use the basic paid tier, but this only provides them with 50,000 post requests and 10,000 read requests per month – far below the threshold many third-party solutions require to provide their services.

The rationale behind this contentious decision is around monetizing data. An official Twitter channel summarized that “Twitter data are [sic] among the world’s most powerful data sets”, and Musk added further colour:

“Free API is being abused right now by bot scammers & opinion manipulators. There’s no verification process or cost, so easy to spin up 100k bots to do bad things. Just ~$100/month for API access with ID verification will clean things up greatly.”

Microsoft has similarly updated the API fee tier structure for its Azure API management platform, as well as introducing API fees for Microsoft Teams features. New charges for meeting recording and transcription are set at $0.03/minute for recording and $0.024/minute for transcription. Microsoft also imposed API charges across a range of other Teams features earlier in the year.

Reddit’s shift to imposing API fees seems to have been driven by similar consideration to X’s – monetization of data and content. Steve Huffman, Reddit co-founder and CEO, summarized that “the Reddit corpus of data is really valuable … we don’t need to give all of that value to some of the largest companies in the world for free”.

Whatever the rationale might be for charging API fees, the prevailing trend seems to be that big tech providers are going to begin charging developers that engage with their platforms for all but the most basic use cases. With organizations like Slack and Zoom requiring developer users to subscribe to more advanced service tiers to implement certain features, and LinkedIn’s terms of use for its APIs stating it ‘may choose to’ charge fees in future, it would be a fair bet to see API fees as the new ‘cost of doing business’ for many.

Are API fees the new ‘cost of compliance’?

Firms in the financial and banking sectors might not need to engage with service provider’s APIs directly, and therefore do not need to consider the impact of API fees as a direct business expense. But what those firms need to be mindful of is API fees presenting an indirect cost – by hitting them in their compliance budgets.

There is increasing regulatory expectation – and scrutiny – around recordkeeping, especially regarding keeping records of communications data. We are seeing  greater instances of regulatory enforcement for recordkeeping failures and lapses. There is growing expectation that firms capture all of their communications and compliantly archive messages, or face regulatory wrath. But an ever growing number of communications channels poses new compliance challenges – and this is where potential overlap with API fees begins.

Many firms work with solutions providers – like Global Relay – who provide compliant communications data archiving services. These solutions connect specified communications channels to a compliant archive, and do so by interacting with the end-providers API, and then collecting and capturing data in an archive. Dependent on the number of connection/data collection requests these services send to the API, this may result in the third-party provider needing to pay API fees. Think about how many messages a firm might send over a service like Slack or Microsoft Teams per month, with each of those messages needing to be captured, archived, and the third-party needing to call the provider’s API for each one – any API costs will add up quickly.

Customers employing the services of these third-party providers are, naturally, worried about this new ‘cost of compliance’ being passed on, and how to avoid, absorb, or anticipate this cost. The first step in addressing these concerns communication. Contacting your partner will allow you to have an open and frank conversation about your concerns, and will enable you to understand if any API costs will be passed on to you based on your third-party communications capture strategy.

By understanding your needs and usage, your third-party partner will be better able to understand if your usage requirements allow a tier to be used that doesn’t require API fees to be paid, or keeps fees as low as possible. Keeping an eye on industry news around API fees is also a good step – your solution provider will also be doing this, and it will mean you to spot the trends and hints of other providers introducing API fees, and allow you to act accordingly together.

Having that conversation with your partner will also help you to understand their own partnerships with end-providers. Third-party providers will work closely with the ‘big names’ to understand where, and if, API fees will be introduced or increase, and how these can be reduced or avoided altogether through means like pricing and revenue share – so it isn’t just a case of API fees being entirely dictated by providers. While some key figures seem intent on passing on the “cost of doing business” to their user base, passing on cost to our valued partners will always be the last thing on our agenda.  

While the conversation around API fees is still unfolding, regulatory expectations around communications data capture continue to increase. Ensuring you’re capturing and compliantly archiving your communications across all channels – from Microsoft Teams to (formerly) Twitter – is vital to staying on the right side of regulators.