SERP API Legal Posture Matters
Google sued SerpAPI. hiQ won against LinkedIn. Legal posture varies by provider. Choose APIs with clean legal standing for production workloads.
Before picking a SERP API, ask three questions: can the provider collect data reliably without frequent breakage? Can you use that data within your product's terms of service and applicable regulations? And can your product survive if the vendor's terms or collection method changes? This is not about which API is "legal" -- every provider operates in the same gray area -- it is about understanding your risk profile.
Question 1: collection reliability
SERP APIs scrape search engines, and search engines actively fight scraping. Every provider deals with the same cat-and-mouse: IP bans, CAPTCHAs, layout changes that break parsers. The difference is in how quickly they recover. A provider with deep proxy infrastructure (Bright Data, Oxylabs) may recover faster from IP-level blocks. A provider with smaller infrastructure may have multi-hour outages when Google changes something. Ask for uptime history and check their status pages.
Question 2: downstream usage rights
Most SERP APIs grant you the right to use retrieved data in your application. But "use" varies. Storing SERP snapshots for historical analysis is different from republishing snippets verbatim. Feeding SERP data into an AI model's training set is different from using it for one-time research. Read the provider's terms, but also read the search engine's terms. Google's Terms of Service prohibit automated access -- every SERP API technically violates this. The question is whether your usage adds enough transformation to be defensible.
# Risk assessment framework for SERP API usage
risk_factors = {
"data_storage": {
"low": "Cache for 24 hours, use for real-time decisions, then delete",
"med": "Store historical snapshots for trend analysis",
"high": "Republish raw SERP data or snippets to end users",
},
"data_transformation": {
"low": "Display raw results with minimal changes",
"med": "Extract signals (rank, features) and aggregate",
"high": "Feed into ML models for training",
},
"attribution": {
"low": "No attribution, data used internally",
"med": "Link back to original sources",
"high": "Claim data as proprietary",
},
"volume": {
"low": "Under 10k queries/month",
"med": "10k-1M queries/month",
"high": "Over 1M queries/month (higher visibility to search engines)",
},
}
# Score your use case: mostly "low" = minimal risk
# Any "high" factor = consult legal counsel before committingQuestion 3: vendor dependency risk
Tavily was acquired by Nebius in February 2026 for $275M. Teams that built critical pipelines on Tavily now face an uncertain roadmap. This happens regularly in the API space. Mitigation strategies: abstract your search provider behind an interface, keep a secondary provider tested and ready, and avoid vendor-specific features that create lock-in.
import requests, os
from abc import ABC, abstractmethod
class SearchProvider(ABC):
"""Abstract provider to avoid vendor lock-in."""
@abstractmethod
def search(self, query: str, num_results: int = 10) -> list:
pass
class ScavioProvider(SearchProvider):
def search(self, query: str, num_results: int = 10) -> list:
resp = requests.post(
"https://api.scavio.dev/api/v1/search",
headers={"x-api-key": os.environ["SCAVIO_API_KEY"]},
json={"query": query, "platform": "google", "num_results": num_results},
timeout=10,
)
return resp.json().get("organic_results", [])
class SerperProvider(SearchProvider):
def search(self, query: str, num_results: int = 10) -> list:
resp = requests.post(
"https://google.serper.dev/search",
headers={"X-API-KEY": os.environ["SERPER_API_KEY"]},
json={"q": query, "num": num_results},
timeout=10,
)
return resp.json().get("organic", [])
class SearchRouter:
"""Route to primary provider, fall back to secondary."""
def __init__(self, primary: SearchProvider, fallback: SearchProvider):
self.primary = primary
self.fallback = fallback
def search(self, query: str, num_results: int = 10) -> list:
try:
results = self.primary.search(query, num_results)
if results:
return results
except Exception:
pass
return self.fallback.search(query, num_results)
router = SearchRouter(ScavioProvider(), SerperProvider())Provider comparison by risk posture
- DataForSEO: established since 2016, pay-as-you-go reduces financial lock-in, EU-based entity
- Scavio: per-credit pricing with no minimums, multi-platform coverage reduces need for multiple vendors
- Serper: credit packs valid 6 months, low vendor risk for burst usage but no SLA guarantees
- SerpAPI: longest track record, monthly subscriptions create recurring cost commitment
- Exa: VC-funded semantic search, differentiated product but higher acquisition risk
- SearXNG: self-hosted eliminates vendor risk entirely, but you own all operational risk
Practical checklist
Before signing an annual contract or building a deep integration: confirm the provider's uptime over the last 90 days, read their data usage terms (not just pricing), check if they have been acquired or raised a round recently (acquisition changes priorities), verify they support the specific search engines and locales you need, and build your integration behind an abstraction layer. The cheapest API is worthless if it disappears or changes terms after you have built your product on it.