Twitter To Pay $150 Million Penalty For Privacy Breach

Twitter Welcome
Twitter Welcome
(Last Updated On: May 26, 2022)

The Federal Trade Commission (FTC) accuses Twitter of deceptively using account security information to sell targeted advertising.

In response to a 2011 FTC order, the FTC and Department of Justice (DOJ) have ordered Twitter to pay $150 million in penalties and cease profiting from the falsely collected information.

The FTC has taken action against Twitter, Inc. for the deceptive use of account security information for targeted advertising. In order to protect user accounts, Twitter asked for users’ phone numbers and email addresses. Afterwards the company charged advertisers for the right to use this data to target specific users.

According to a 2011 FTC order, Twitter cannot misrepresent its privacy and security practices. According to the proposed order, Twitter will be required to pay a $150 million penalty and is not allowed to profit from its deceptively collected data.

“As the complaint notes, Twitter obtained data from users on the pretext of harnessing it for security purposes but then ended up also using the data to target users with ads,” said FTC Chair Lina M. Khan. “This practice affected more than 140 million Twitter users, while boosting Twitter’s primary source of revenue.”

“The Department of Justice is committed to protecting the privacy of consumers’ sensitive data,” said Associate Attorney General Vanita Gupta. “The $150 million penalty reflects the seriousness of the allegations against Twitter, and the substantial new compliance measures to be imposed as a result of today’s proposed settlement will help prevent further misleading tactics that threaten users’ privacy.”

“Consumers who share their private information have a right to know if that information is being used to help advertisers target customers,” said U.S. Attorney Stephanie M. Hinds for the Northern District of California. “Social media companies that are not honest with consumers about how their personal information is being used will be held accountable.”

According to the complaint, over 140 million Twitter users provided their phone numbers and email addresses between 2014 and 2019, after the platform told them it would help protect their accounts. According to the FTC, Twitter failed to disclose that its services would be used for targeted advertising. Twitter used the phone numbers and e-mail addresses to allow advertisers to target specific advertisements to specific customers by matching this information with information they already had or obtained from a third party data broker.

In addition to the $150 million penalty, other provisions of the proposed order would:

  • Prohibit Twitter from profiting from deceptively collected data;
  • Allow users to use other multi-factor authentication methods such as mobile authentication apps or security keys that do not require users to provide their telephone numbers;
  • Notify users that it misused phone numbers and email addresses collected for account security to also target ads to them and provide information about Twitter’s privacy and security controls;
  • Implement and maintain a comprehensive privacy and information security program that requires the company, among other things, to examine and address the potential privacy and security risks of new products;
  • Limit employee access to users’ personal data; and
  • Notify the FTC if the company experiences a data breach.
Following the approval of the settlement by a federal court, Twitter agree to pay a civil penalty of $150 million to resolve the FTC’s allegations and implement changes to improve its data privacy practices.
Twitter apologized for using phone numbers and email addresses provided for account security like two-factor authentication for advertising in October 2019, saying they “may have been used accidentally for ad targeting.”
“We recently discovered that when you provided an email address or phone number for safety or security purposes (for example, two-factor authentication) this data may have inadvertently been used for advertising purposes, specifically in our Tailored Audiences and Partner Audiences advertising system,” said the company at the time.

In July 2020, Twitter Verified Accounts were Hacked.

The Hackers accessed Twitter’s internal system to hack top accounts, including famous Leaders, Billionaires, and Celebrities.

Total
8
Shares
Previous Article
DevOps

Top 9 DevOps Monitoring Tools In 2022

Next Article
Cyber security career

Pursue A Career In Cyber Security

Related Posts