The Price of Hackers, Spammers and Abuse: When Is It Too Much?

Google (s GOOG) announced Thursday it will shut down its Translate API entirely later this year, “due to the substantial economic burden caused by extensive abuse.”
While the issue of whether the company is justified in shutting down the API (and cutting off a resource upon which developers have based important features and even entire companies) is already a major source of debate, the news raises an interesting general question. When it comes to dealing with the ever-present threat of hackers and spam abuse, when should a web company cut its losses?
Any tech company offering web services in a sizable capacity has to deal with the threat of hackers, spammers and abuse. Just like national defense budgets, it seems that the bigger the tech superpower, the bigger the cost of keeping the hackers at bay. Indeed, Google is certainly not alone in facing expensive security needs of late. Earlier this week, consumer electronics stalwart Sony (s SNE) reported┬áit has already spent more than $170 million dealing with last month’s PlayStation Network hack, adding it will likely spend additional money responding to class action lawsuits stemming from the attack.
The tech industry’s rising stars have found that as they’ve grown, their security needs have expanded in kind. Twitter has said it’s “constantly battling against spam” on its system. “Like it or not, as the system becomes more popular, more and more spammers will try to do their thing,” the company wrote in a blog post last year. And as many as 20 percent of Facebook’s employees are reportedly tasked with focusing on security-related issues.
Hacking and other online abuses will almost certainly become a bigger problem in the coming years as more and more of the world comes online. Weighing the cost of fending off the proverbial barbarians at the gates will continue to be a constant dance for tech companies large and small. And whenever the risk/reward balance of running a certain unit tips into unprofitable territory, it’s within the company’s right to cut it off — regardless of who else it effects. If nothing else, it’s a reminder of the dangers of building a business on another company’s API, especially in today’s increasingly volatile world of online security.