Originally Posted by Nantonaku

What do you mean? If you have access via an API then you have access to the data. Do we or don't we have access? I'd assume they could easily give us GET permissions and not care what we do with the data as long as we don't make it public. Wasn't that the whole idea of giving ALPA API access? They don't have to allow any kind of Post or Delete access. Nothing about this is an IT security nightmare if properly designed.