Like all similar "why don't they have at least a self/community-supported open basic API" questions, the answer is usually the same: They're afraid someone else might create something of value, in part using their API, without them getting their own beaks wet in the process. If you want to integrate with a Nissan Leaf, even if all you wanted were the most harmless read-only access, they'd like you to request a biz dev meeting with them where they'll be happy to talk ruinous terms.
For a related story, see how Chamberlain (MyQ) torched the great, community-built Home Assistant integration it once had for no reason at all. They're afraid somehow they could stop getting the kickbacks from the likes of Walmart and Amazon delivery which they enjoy today, seeing themselves as co-owners of your garage door.
In most cases it's not about profit, but about having to invest serious amounts of effort to please one or two hackers, who will then DoS your API as soon as you've made a mistake.
These same companies have you click through 1000 pages of legalese (that thoroughly covers their butts) in order to use their own apps, which are probably more likely to be compromised than a public API, so I don't know why that would come with more liability.