Comment by yjftsjthsd-h

Right; I think having the API exist is a good thing, it's just a question of making sure that it's only used in ways that the user allows. Your own scripts inspecting and controlling arbitrary windows on your own machine => great, third party programs doing the same thing without your informed consent => bad. (In practice, this means I'm a big fan of extensive permission systems that have the ability to deny or fake responses at the user's direction)