Twitter to pay $150m penalty for user privacy failures

Twitter will pay a $150m penalty due to allegations by federal regulations that the platform failed to protect the privacy of users’ data over a six-year span.

According to Security Week, the platform will pay the penalty and also put in place new safeguards.

The Justice Department and the Federal Trade Commission announced the Settlement with Twitter earlier this week. The regulators claimed that Twitter violated a 2011 FTC order by deceiving users about how well it maintained and protected the privacy and security of their non-public contact information.

Twitter told users from May 2013 to September 2019 that it was collecting their phone numbers and email addresses for purposes of account security. However, it failed to disclose that it also would use the information to enable companies to send targeted online ads to users on the platform, the government claims.

Regulators also alleged that Twitter falsely claimed it complied with US privacy agreements with the European Union and Switzerland, which prohibit companies from processing user information in ways that are at odds with purposes authorised by users.

FTC chair Lina Khan commented, “Twitter obtained data from users on the pretext of harnessing it for security purposes but then ended up also using the data to target users with ads. This practice affected more than 140 million Twitter users, while boosting Twitter’s primary source of revenue.”

The FTC’s 2011 order had alleged ‘serious lapses’ in Twitter’s data security that enabled hackers to gain unauthorised administrative control of Twitter.

Twitter chief privacy officer Damien Kieran said, “Keeping data secure and respecting privacy is something we take extremely seriously, and we have cooperated with the FTC every step of the way. He said the company has taken steps in accord with the FTC on updating operations and making other improvements “to ensure that people’s personal data remains secure and their privacy protected.”

In 2021, WhatsApp was hit with a $225m fine by Ireland’s Data Protection Commission after it failed to disclose enough information to users about the data shared with other Facebook companies.

Copyright © 2022 RegTech Analyst

Enjoyed the story? 

Subscribe to our weekly RegTech newsletter and get the latest industry news & research

Copyright © 2018 RegTech Analyst

Investors

The following investor(s) were tagged in this article.