Update (April 19, 2016): This change is now live. You can view the updated Terms of Service here, or read about them below.

tl;dr:

We’re planning to make some changes to our Terms of Service to stop companies from scraping profile information from multiple websites and spamming users. The changes only restrict a specific kind of commercial use of profile data that is scraped or copied from our site without the user’s permission. The changes don’t impact Q&A content (like posts or comments) in any way.

What’s happening:

A number of companies seem to have the following business plan:

Use scrapers, bots, or very cheap labor to collect developers’ profile information from sites like Stack Overflow Merge that information with profiles they find on other sites (open source contributions, LinkedIn, etc.) Create a huge database of spammable users Sell this database as a "careers product" to slimy recruiters to use for spamming purposes (often telling those recruiters that these developers are their "members") Profit!

Why it’s bad:

We don’t want any more of our users to get annoyed and spammed by these bozos people.

It’s directly competing with our jobs business. We’ve built a jobs site that respects developers and puts them in control of when they are contacted. We don’t appreciate competitors who take our users’ data without their permission and don’t show developers the same respect.

We believe that developers should have full control over how their personal information is used, and whether or not they want to be contacted by recruiters. Acting in the developer’s interest is one of the central tenets of Stack Overflow Jobs. That means we don’t allow spam, and we put developers fully in control of who can (and can’t) contact them. So we find it pretty infuriating to see companies whose entire business model is scraping our users’ info and spamming them.

What’s changing:

The following will be explicitly prohibited in the Terms of Service, and applies to all sites in the Stack Exchange network:

Scraping users’ profile info for commercial purposes:

Profile Content that is NOT available via the Stack Exchange API ("Personal Profile Content") cannot be used for any commercial purpose, individually or in aggregate, or be republished without the explicit consent of the author of such Personal Profile Content or the explicit consent of Stack Exchange.

We were very careful in how we worded this in order to ensure three things:

We did not want to restrict normal user-generated content (posts, comments, etc.) in any way, or undermine one of our earliest promises: We don’t own your content, and if we turn evil, it’s available to you or someone else to liberate. (Did you know that the entire Stack Overflow data set is available as a creative-commons licensed downloadable data dump?) We didn’t want to restrict anyone using the API to access profile content innocently, for doing things like linking posts to users, etc. All content previously available through the API (usernames, rep, etc.) is still available. Nothing about this transfers any rights from our users to us. Users can even give permission for these "services" to scrape their profile info from our site. We don’t know why you would want to, but it’s there for ya if you do.

Today, this restricts just a handful of fields that are on the public profile, but not in the API (like "People Reached.") In the future, it will also cover the personal information in the Developer Story, including all public information about your career history.

Claiming users you found on Stack Overflow are your service’s "members":

Additionally, no Profile Content, including API Profile Content, may be used in any way that implies a user is affiliated with, has signed up for, or is in any way associated with a third party without explicit permission from Stack Exchange or the user.

Some users asked if, "without the explicit consent of the author... or the explicit consent of Stack Exchange" might mean that this granted us the right to opt you into some other organization's membership. Fear not - it grants us no new powers to put you on the membership rolls of the National Order of TRS-80 Enthusiasts (or any other org). All it says is that if a company has not gotten permission from one of us, they may be sure that they are in violation.

Creepy stuff, and we don’t have to debate what "creepy" means:

Stack Exchange may also terminate, block, or suspend any and all Services and access to the Network immediately, without prior notice or liability, in its sole discretion, for any reason or no reason at all

We don’t have to let anyone scrape our users' private data, and if they do so to harass or misrepresent our users, or do anything else that makes users’ lives even slightly less lovely, we have the right to block them. (This doesn’t really change anything - we already have the right to block malicious IPs, and do so occasionally, but our lawyers tell us that saying so explicitly in the ToS can save time dealing with bad actors.)

A couple of notes:

We plan to keep everything that's currently available through the API available in the future, although it’s possible that could change if we see companies annoying users in ways that seem to outweigh the benefits.

This has no impact on how "normal" content (posts, comments, etc.) is licensed on Stack Exchange. You may remember our prior proposal to change the license for code contributions. Our initial ideas for that were controversial, so we slowed that process down to give us time to work with the community on the best solution to code licensing.

Source materials:

Here are the key new sections, all in one place. (Many of these are excerpted above)

Profile Content is information about you (a Subscriber) that is contributed by you or inferred about you by your activity. Profile Content includes, but is not limited to, display names, reputation scores, avatars, your role and company, and other user generated content found on a Subscriber's profile such as "About Me" content. Profile Content that is available via the Stack Exchange API ("API Profile Content") is perpetually and irrevocably licensed to Stack Exchange and its Subscribers under the Creative Commons Attribution Share Alike license. Profile Content that is NOT available via the Stack Exchange API ("Personal Profile Content") cannot be used for any commercial purpose, individually or in aggregate, or be republished without the explicit consent of the author of such Personal Profile Content or the explicit consent of Stack Exchange. Stack Exchange reserves the right to exclude Content, including Profile Content, from the Stack Exchange API at any time without prior notice. Additionally, no Profile Content, including API Profile Content, may be used in any way that implies a user is affiliated with, signs up for, or is in any way associated with a third party without explicit permission from Stack Exchange or the user. Under no circumstances will Subscriber use the Network or the Service to (a) send unsolicited e-mails, bulk mail, spam or other materials to users of the Network or any other individual, (b) harass, threaten, stalk or abuse any person or party, including other users of the Network, (c) create a false identity or to impersonate another person, or (d) knowingly post any false, inaccurate or incomplete material, or (e) copy, download, or scrape any Personal Profile Content for the purpose of indexing software engineers, social recruiting, sourcing, employment-related services, compiling databases of employment solicitation targets, providing content for a hiring platform without the express permission of Stack Exchange or the User.

And here’s a link to the current version, if you want to see what’s changing, or really like to read long-winded, lawyer-y stuff.