Twitter to Pay a $150M Fine over Accusations it Improperly Sold Users’ Data

Twitter has been fined $150 million in the US after law enforcement officials accused it of improperly utilizing user data to sell tailored adverts.

According to court records, the Federal Trade Commission (FTC) and the Department of Justice claim that Twitter broke an agreement with regulators.

Twitter has previously stated that it would not provide personal information such as phone numbers and email addresses to advertisers.

According to federal authorities, the social media company violated these rules.

In December 2020, Twitter was fined £400,000 for violating Europe’s GDPR data privacy guidelines.

The FTC is an independent US government organization whose aim is to enforce antitrust law and promote consumer protection.

It charges Twitter with violating a 2011 FTC order that expressly prohibits the corporation from misrepresenting its privacy and security procedures.

According to a complaint filed on behalf of the FTC by the Department of Justice, Twitter began requesting users in 2013 to supply either a phone number or an email address to strengthen account security.

“As the complaint states, Twitter collected data from users under the guise of using it for security purposes, but subsequently used the data to target users with ads,” said FTC Chair Lina Khan.

“This technique impacted over 140 million Twitter users while increasing Twitter’s principal revenue stream.”

Twitter Authentication Failure

“Once again, Twitter is breaking the confidence that their users have in their platform by utilizing their private information to their own advantage and raising their own revenue,” Ian Reynolds, managing director of computer security firm Secure Team, told the BBC.

Twitter tricked their clients into a false feeling of security by gathering their data under the guise of security and account protection, but ultimately ended up exploiting the data to target their users with ads companies,” he stated.

“This reality demonstrates the influence that firms continue to have over your data and that there is still a long way to go before users can be certain that they have complete control over their own digital footprint.”

Twitter’s 2FA raising concerns

Twitter urges the platform users to submit a phone number and an email address in order to authenticate their accounts.

This information is also useful for resetting passwords and unlocking accounts, as well as enabling two-factor authentication.

Two-factor authentication adds an extra layer of protection by delivering a code to either a phone number or an email address to assist users in logging into Twitter in addition to a username and password.

However, according to the FTC, Twitter was also using that information to grow its advertising business until at least September 2019.

It has been accused of providing ads companies with access to users’ security information.

Twitter must also, in addition to the fine:

  • Stop utilizing the phone numbers and email addresses it illegally obtained.
  • Warn users about its inappropriate use of security information. consumers about the FTC’s law enforcement action explain how to turn off personalized advertisements and review multi-factor authentication settings.
  • Give choices for multi-factor authentication that do not require a phone number.
  • Establish a more robust privacy and security program that involves reporting problems to the FTC within 30 days.

“The Department of Justice is committed to protecting the privacy of users’ sensitive data,” stated US Associate Attorney General Vanita Gupta.

“The $150 million penalty reflects the gravity of the claims against Twitter, and the significant additional compliance requirements that will be imposed as a result of the proposed settlement will help prevent similar misleading techniques that endanger users’ privacy.”

Do you have any thoughts on this article? Let us know what you think in the comments section below.

I’m sure you’ll find this article interesting as well.

Leave a Comment