[maxmorlocke]

There are a few reasons:

1.) When a user reports an issue to us, it is much easier to find any issues in our error reporting stack. if we have their name and email address attached to the issue as opposed to asking them for all the search terms, time of issue, etc. and then hunting through to see if we've already found (and hopefully fixed) the issue. This practice started when we were a paid subscription, and I've found it useful to continue, especially with a very small team supporting a set of highly asynchronous interactions with scripts running across multiple websites and pushing data back to a common source.

2.) There are contractual requirements for some of the data that we've purchased to be protected from copies of those databases being made. Placing it behind an auth wall and leveraging account based rate limiting for API endpoints met our partners' needs.

[PaulDavisThe1st]

Wouldn't session-based rate limiting realistically accomplish the same goal for (2) ?

[raylad]

Requiring login and claiming not to sell PII look contradictory though, and will prevent some people (me for instance) from using your service.

[vosper]

Why does it look contradictory? Are you saying you just don't trust anyone who collects PII not to sell it, even if they've said they won't?

[aaaaaaaaata]

Hacks

Buyouts

etc

[sorokod]

They did not said that they won't.

[dymk]

The extension is pretty good, they're free to sell my PII in exchange for its use.