I’m not on Twitter, but I can think a myriad of cases where I wouldn’t want to touch the API without my case being malicious. Like extracting data from the platform, or monitor specific accounts, or monitor trends, or whatever. It doesn’t have to necessarily be a troll farm, or a fake users service. I’m sure the API allows most, if not all of these, but there would be usage quota. You bypass it, and then you can even start a business around it. There are thousands of startups out there providing services for social media monitoring, and I seriously doubt all of them are going through the official API.