Twitter fined $150 Mil in privacy settlement

In recent news, social media platform Twitter has agreed to settle and pay $150 million in fines after the U.S. government has sued the company, alleging that it lied to consumers about how it protects their personal data.

The social media giant had apparently failed to tell its users for years that it used their contact information to help marketers target their advertising. That was in violation of a 2011 privacy settlement with the Federal Trade Commission (FTC).

“This practice affected more than 140 million Twitter users, while boosting Twitter’s primary source of revenue,” said FTC Chair Lina Khan.

“The Department of Justice is committed to protecting the privacy of consumers’ sensitive data,” said Associate Attorney General Vanita Gupta, in a statement. “The $150 million penalty reflects the seriousness of the allegations against Twitter, and the substantial new compliance measures to be imposed as a result of today’s proposed settlement will help prevent further misleading tactics that threaten users’ privacy”.

This case highlights the uncertainty of social media and how exposing this can be to users’ personal information. This data can be collected from what you post, like, accept and search about on the web and through your devices.

Ian Reynolds, Managing Director of computer security firm Secure Team commented “Once again, Twitter is violating the trust that their users have in their platform by using their private information to their own advantage and increasing their own revenue”. “This reality shows the power that companies still have over your data and that there is a long way to go before users can be comfortable knowing that they have full control over their own digital footprint”.

In addition to a $150 million civil penalty for breaking the 2011 order, the new order adds more restrictions to protect consumers in the future:

• Twitter is restricted from using the phone numbers and email addresses it illegally collected to serve advertisers.
• Twitter must alert users to their improper use of personal data and advise them of FTC law enforcement action, also explaining how to turn off personalised ads.
• Twitter must provide multi-factor authentication options that don’t require people to provide a phone number.
• Twitter must implement an enhanced privacy program and a higher information security program that includes multiple new provisions spelt out in the order, get privacy and security assessments by an independent third party approved by the FTC, and report privacy or security alerts to the FTC within 30 days.

With new measures in place to protect consumers, Twitter has said they will now conduct a range of checks and processes to ensure that their user’s data is adequately protected from misuse.