Cover of APIToS project report

APIToS project

Presentation of APIToS Project

APIToS (API Terms of Services) is a research study that has been conducted for over two years, with the aim of examining the role of API Terms of Service (ToS) in the development of sustainable digital infrastructures.

This project, laureate of the Digital Infrastructure grant, is the result of a collaboration with Medhi Medjaoui (the Maintainers) and Mark Boyd (Platformable for the production and design of the final content).
The research findings of the APIToS project have resulted in a standardized model of mutual commitments between API providers and their users, which is made available in the form of customized ToS with various options to choose from. To enhance the usability of these contracts, a significant legal design project was undertaken, which includes the use of pictograms and a wizard. The ultimate aim of the project is to make APIs and their use a catalyst for more trustworthy and sustainable infrastructures.

Winner of the 2020 Digital Infrastructure call for proposals supported by the Ford Foundation, the Alfred P. Sloan Foundation and the Mozilla Open Source Support Program, among others, the APIToS project aims to understand how API ToS can help build more saner and trustworthy API ecosystems.

Research phases

The APIToS project involved several phases of research, ranging from an initial investigation into the challenges related to APIToS use and the development of the FACT (Fair API Commitments to Trust) model, to the creation of a dedicated interface. The research phases can be summarized as follows:

  • First phase : To better understand the use of APIToS, the project involved interviews with both producers and users of APIs from various sectors, such as research and business, as well as desk research about innovative API initiatives. Additionally, the project conducted a legal analysis of a corpus of APIs.
  • Second phase : As part of the APIToS project, a questionnaire was designed and disseminated to collect feedback from users. Based on the results, the project team created personae and user experience maps to identify areas for improvement in the ToS, with a particular focus on enhancing accessibility and increasing transparency from API producers.
  • Third phase : The APIToS project involved the creation of a framework for building trust in the use of API ToS, known as FACT (FAIR API Commitment to Trust). To facilitate the development of this model, a focus group was formed to gather opinions and advice from various stakeholders.
  • Fourth phase : The final phase of the APIToS project involved an iteration on the FACT framework, which resulted in the development of a generic licence that describes the possible mutual commitments between API producers and users. A “wizard” was also created to enable the automatic generation of ToS APIs based on the FACT licence.


How to make better decision for digital infrastructure by using API Terms of Service that are easy to read, understand and evaluate

Main results and content produced

The use of APIToS reflects the inequalities and power asymmetries that are prevalent in our digital environments based on centralising infrastructures (LinkedIn, Google, Facebook, Twitter, etc.). Through APIs, these actors dictate the possible use of their services and direct the possibilities of action of a set of actors exploiting their API. Whether it is in the creation of new commercial applications (e.g. map data for the construction of transport services) or in research projects, which are based on data from APIs (e.g. Twitter).

The project report, which can be downloaded from our website, discusses the role of APIs and their place in digital ecosystems and the various risks associated with ToS (e.g. frequent change of conditions, change of pricing scheme or business model).

When developing an application or service using APIs, the terms of service (ToS) can be a complex and challenging legal document to navigate for API producers, product and platform managers, and developers. The questionnaire results showed that ToS are often not consulted by users, and there is a lack of direct interaction between API producers and users, resulting in one-way decisions reflected in the ToS and their changes. To better understand the legal challenges and identify possible improvements throughout the lifecycle of an API, several personae and user journey maps were created.

The API Tos are a catalyst for providing a set of mutual commitments favourable to both API producers and their users.
They have been materialised by a trust framework called FACT (Fair API Commitments to Trust). This standardised framework is based on :

  • a foundation based on two key principles: fair loyal change policy and fair use policy;
  • 5 possible elements in the form of options: Ethical data policy, reference and attribution, API access, Loyal output policy, API Specifications.

In order to make this trust framework actionable, an important legal design work has been carried out based on 3 complementary layers:

  • a set of pictograms characterising the two basic principles and the different options of the 5 elements characterising APIToS;
  • a FACT licence translating these principles into legal clauses clarifying the rights and duties of API producers and API users;
  • an interface that takes up these elements and allows the user to generate in a few clicks the general conditions of use of their choice in accordance with the FACT model.

What are the benefits for API producers and users ?

The above actions have different levels of application and implications depending on the stakeholders involved. Benefits have been identified for :

  • For API Provider :
    • Facilitate interoperability and interfacing between APIs and ToS (time-saving and efficiency),
    • Give confidence to users,
    • Rely on a common base, so providers do not use resources reinventing the wheel.
  • For API Consumer :
    • Greater confidence in the data providers,
    • Reduced power imbalances and symmetries (communication, usage constraints, adaptation to changes),
    • Eliminating the economic stakes from the ToS to make them more sustainable.
  • For API Ecosystem :
    • Rebalancing power relationships in open ecosystems,
    • Integrating ToS into current dynamics of digital economic regulation (GDPR, data sovereignty).