An API Policy Domain Specialist At Twitter

There are some jobs on the Internet I apply for no matter what my current situation is, and an API policy domain specialist at Twitter was one of them that popped up recently. I applied for the job within the first couple of hours after it came out, but haven’t heard from them. I can speculate on the reasons why, but I think a story about the job posting itself is actually more interesting, so I’ll focus there. It is the first time I’ve seen a job posting for this role, but I think it will eventually become a required role in the future for any company with a public API—-that is, if companies want avoid the trouble Twitter is going through right now, which again, is making Twitter the poster child for how to do APIs both right and wrong.

To highlight what this role is all about, I think Twitter’s own posting sums it up well, so let’s start by just reviewing what you’ll be doing if you get this job at Twitter:


We’re looking for an experienced, proactive, and detail-oriented team member to help develop and enforce Twitter’s data, developer, and API policies. Individuals in this role will work with teams across Twitter, as well as with members of the Twitter community, to empower thousands of developers worldwide to safely harness the power of Twitter data.

In this role, you will support Twitter’s “Know Your Customer” program for developers using our Enterprise APIs. This includes process development, auditing, and enforcement for Twitter’s data business and our public APIs to help ensure that Twitter data is being used in a manner consistent with Twitter policies. You’ll provide clear, actionable policy advice to the developer community and to internal stakeholders, and help identify win-win solutions to urgent customer issues.

  • Develop and implement data and API policies across Twitter’s standard and Enterprise APIs. Handle incoming queries about API policy areas with clear, helpful, and complete responses and feedback.
  • Lead investigative efforts into potential API abuse, including using internal resources, external and publicly-available sources, and audits of customer activity.
  • Conduct hands-on reviews of the product and service offerings of users of Twitter’s APIs to validate policy compliance.
  • Develop and implement policies, procedures and tools for conducting investigations of alleged policy or use case violations, including developing new tools and processes to facilitate investigations as appropriate.
  • Develop an audit plan to follow up on clear evidence of policy or use case violations, conduct internal audits and oversee independent third party audits.
  • Continuously evaluate, propose, and execute on improvements for existing processes and policies.

This role is based in San Francisco, reporting to Twitter’s Head of Site Integrity.</em>


One of the most powerful phrases in this description for me is that you will “develop and enforce Twitter’s data, developer, and API policies”. That is both a very important, and daunting challenge to take on. Ideally, this is something companies are doing from the beginning and weaving into their regular API management practices, but many companies like Twitter were born in the “growth at all cost” age, and after a decade of this, the bill is finally coming due on having to clean thing up the environment. The second part of this that grabs me is, “empower thousands of developers worldwide to safely harness the power of Twitter data” — which is something that is not going to be easy, with so many opinionated voices out there who are looking to be “empowered”, and with such a varied opinion on exactly what “safely harness” means.

When it comes to learning from Twitter and other industries in all of this, I think it is important that we continue highlighting, formalizing, and white labeling “Know Your Customer” practices. As Twitter states, “this includes process development, auditing, and enforcement for Twitter’s data business and our public APIs to help ensure that Twitter data is being used in a manner consistent with Twitter policies.” Again, this is something that every API provider should have in place early on, and be maturing and growing as their community matures and grows. Instituting a know your customer program after you’ve grown beyond 10K or 100K developers is going to be a pretty daunting task for any company, and will be much more affordable, realistic, and impactful if you initiate early-on, and evolve along with your API community.

Having an API policy role as part of your API management team should exist for every partner and public API effort. Granted, not every group will need to have a single person dedicated to this role, but it is a hat that everyone in the team should be putting on regularly, and a formal set of practices, and known your customer program should always be in place. The reason Twitter is in the current situation they are is because they’ve neglected this role over the last decade—-I am guessing me being opinionated about these things over the years is one of the reason Twitter hasn’t called me. (Call me maybe?) Honestly, I’m not 100% sure I’d be up for the job, but I’d be damn willing to try. Developing and enforcing policy at this scale, at the front lines where Twitter operates is going to a massive undertaking, and there will be not clear wins, with many, many, many, clear losses along the way. However, I think the learning experience that would come with those types of challenges would be a degree that you just couldn’t obtain at any University.

One thing missing from this job description for me is the public storytelling element. I think they nail the nuts and bolts of what has to happen, but the investigation and ultimate enforcement of policies is going to have to be more theatre than straightforward business. Whoever lands in this role is going to have to learn to become a master communicator and puppet master when it comes to public, partner, and government opinion. This isn’t just going to be about Twitter’s API policy, and is fast becoming about how Twitter’s policy will be dictated and regulated by federal and state policy—-if Twitter doesn’t get out ahead of every single area of policy enforcement. I mean, c’mon you run a social influence platform, you guys are going to have to get better at influencing public policy using your own channels. The public performance of all of this will be an essential part of your API policy enforcement strategy, and if you don’t address this early on, you will find yourself working against a pretty strong headwind, and eventually policy will be mandated by federal regulation to do things in a prescribed way, which won’t always be aligned with Twitter business objectives.

An API policy domain specialist at Twitter is probably the single most important and interesting API job that exists today. For me–it shows the power APIs have on politics, business, and almost every other aspect of our lives. I see API everywhere, but most days I just feel like the kid in the Sixth Sense. However, APIs are powering everything we do in our personal and professional lives, and like everything that operates at this scale, platform and government policy will continue to play an important role in shaping the positive or negative impact that APIs make on our worlds. I hope Twitter, and other API providers take the role of API policy seriously, and properly invest in this area. Prioritizing resources when it comes to understanding, developing, enforcing, and influencing API policy that guides the pipes behind the desktop, web, mobile, device, and network infrastructure that is increasingly dominating our lives.