I think he doesn't quite "close the loop" on how this proposal would work. Requiring open API access doesn't just create competition. It gives that competition a bit of an advantage, in the sense that the platform would still have to bear the considerable cost of providing the base infrastructure - storage, user management, at least some privacy enforcement, etc. This is, I suppose, to offset other advantages that the platform would unavoidably retain.
Is it fair? Would it work? I'd have to think about that some more, but I think the cost factor is a necessary part of those analyses.
An open API triggers that other fear, a bigger attack surface to a closed-source system that was built in a hurry with less regard for security, and more room for exploits.
No doubt. Every mistake (or "mistake") once made by the platform would almost inevitably be repeated by many API users, until some of them become platforms themselves. there might be some technical measures that can improve things somewhat, but overall I suspect it will make the security/privacy situation worse. Instead of keeping an eye on one shark, individuals and regulatory bodies would have to apply the same level of vigilance to each of a thousand piranhas.
Is it fair? Would it work? I'd have to think about that some more, but I think the cost factor is a necessary part of those analyses.