I have multiple AI-based apps that use OpenAI APIs and thus obviously require prompt egress to function. Thus those apps aren’t eligible for Atlassian’s new marketing ploy.
Meanwhile there appears to be a loophole where Rovo apps are qualified for RoA: Atlassian Marketplace
But obviously Atlassian isn’t training their own AI models; the prompts are egressed:
Rovo Agents are powered by large language models developed by OpenAI and Google, as well as a combination of open-source large language models (including the Llama series) and other machine learning models. These models include OpenAI’s GPT series of models and Google’s Gemini series of models.
My thoughts about this is that Atlassian is playing a very weird psy-op game, where they consider their customers mature enough to make their own decisions with regard to data processing when it comes to anything on the Atlassian platform, but somehow when it comes to Atlassian Marketplace Partners data privacy is not something you can trust either partner of customer with and only Atlassian knows best.
So Atlassian can freely do anything they want with their own platform, from sharing your data with OpenAI and Google to providing MCP servers, OAuth and integrations.
But Marketplace Partners are scary entities that should have the least possible access to data as they cannot be trusted, even though Atlassian legal has made sure that customers enter into separate agreements with Marketplace Partners so one would reckon that the same customer that has agency over their data in Atlassian should also have the same agency over their data when it comes to Marketplace partners.
It feels more and more like Atlassian just wants to get rid of the Atlassian Marketplace.
Or from a large customer point of view, they can persuade their security team to trust Atlassian, but trusting a number of marketplace vendors is more work, so less likely to happen.