The News: Twitter must pay a $150 million fine after U.S. law enforcement officials accused it of illegally using users’ data to help sell targeted ads. Read the BBC Press Release here.
Twitter Slapped with $150 Million Fine by Federal Investigators, Undermining Credibility and Trust
Analyst Take: The Federal Trade Commission (FTC) and Department of Justice say Twitter violated an agreement it had with regulators and have fined the company $150 million. Court documents showed Twitter has vowed to not give personal information like phone numbers and emails to advertisers, and Federal investigators say the social media company broke those rules. In addition to the fine, Twitter must also:
- stop using the phone numbers and email addresses it illegally collected
- notify users about its improper use of security information
- tell users about the FTC law enforcement action
- explain to users how to turn off personalized adverts and review multi-factor authentication settings
- provide multi-factor authentication options that do not need a phone number
- implement an enhanced privacy and security program which includes reporting incidents to the FTC within 30 days
I see the combination of the substantial fine and corrective measures as essential to curbing the data privacy abuses by social media giants like Twitter, and this action by the DOJ and the FTC should be a wakeup call to other platforms. Users are largely not uninformed — they notice how some of the ads on the sites they visit swiftly align with their interests or recently visited sites and suspect social platforms are not protecting their privacy in the interests of making money from advertisers. Unfortunately, all too often social media platforms such as Twitter and willing advertisers have exploited online loopholes, including the circumvention of online privacy rules, to promote products.
Twitter produces most of its revenue from advertising on its platform, which enables users to post 280-character messages, or tweets. According to a complaint filed by the Department of Justice on behalf of the FTC, Twitter in 2013 began asking users to provide either a phone number or email address to improve account security.
The latest fine follows on Twitter’s pattern of privacy clashes with regulatory agencies. In March 2011, Twitter settled charges that it neglected to safeguard users’ personal data after a couple of breaches in 2009. Per the settlement, Twitter agreed not to misinform consumers about its privacy protection policies for the next two decades as well as perform repeated security audits. Twitter was also fined $547,000 ($450,000 Euros) in December 2020 by Ireland’s Data Protection Commission for breaching Europe’s General Data Protection Regulation (GDPR).
Twitter and Elon Musk
The settlement with the FTC and Justice Department comes amidst the ongoing controversial takeover bid of the company by Elon Musk, which remains in a state of limbo at the moment. Twitter agreed to Elon Musk’s $44 billion bid to take the company private. Musk has expressed concerns about the deal, while Twitter remains committed to completing the deal. Musk indicated the deal to buy Twitter is temporarily on hold while he awaits details on the number of fake accounts and spam across the platform, however he also remains committed to finishing the deal. Maybe. In truth, it’s not really clear at all how this will end up with the various machinations at play here.
Musk initially unveiled intentions to move Twitter’s codebase to a more open model. That said, transitioning closed source code owned by a corporate entity to an open-source model can prove challenging. At a technical level, a change of this nature would require Twitter developers to be tasked with cleaning up code, removing comments that are okay for an internal audience, but shouldn’t or cannot be shared in an open-source community.
This would mean a significant overhead for Twitter’s developers and will likely impede their efforts to bring new features to market if it comes to pass. However, these technical efforts wane in comparison to the open sourcing of the underlying algorithms that underpin much of Twitter. Listing this algorithm on GitHub for all to see, and crucially download and use, would be significant. Not only from the impact this would have on the much talked about the role Twitter plays as the ‘town square of ideas’ but it would also place commercial pressure on other social media platforms whose algorithms are closed and proprietary. While this seems attractive in some ways, I see many challenges in executing and managing this if it were to actually happen.
Twitter Is Not the Only Social Platform That Does This
Twitter is hardly unique among the major social platforms in using phone numbers and emails to help authenticate users including two-step authentication and security processes. The distinction here is that Twitter got caught with its hand in the digital cookie jar by sharing such data with advertisers that resulted in the sizable FTC fine.
Nor is Twitter alone in getting hit with hefty fines by government investigators for data privacy violations. In 2019, TikTok, for instance, was fined $5.7 million for illegally collecting children’s data. Also in 2019, Facebook was fined a record $5 billion by the FTC for violating a 2012 consent decree by inappropriately sharing information belonging to 87 million users with the now-defunct British consulting firm Cambridge Analytica that was subsequently used in the 2016 U.S. Presidential election campaign. Clearly, the social media realm needs to clean up its data privacy act.
Not Good Timing for Twitter
All in all, this fine is obviously not great timing for Twitter. The company’s latest misuse of personal data provided by users for security reasons for ad targeting tarnishes the trustworthiness of the social media platform in the eyes of the public. Although to be fair, our research shows that most users don’t trust social media platforms and most know their data is regularly compromised, used to target advertising, and that they have little to no control over that. This news won’t be surprising or shocking to many — especially users who actually pay attention to how their data is used in serving up ads to them.
Specific to Twitter and this instance, it will be interesting to see how Twitter can sustain the revenue flow from its ad model while respecting the data privacy of users moving forward.
Ultimately, it will be interesting to see what impact this fine has on Musk’s intentions to buy Twitter. Is he serious? Is he looking for an out? Is he committed to doing the work and spending the money that would be involved upon deal completion to actually do what he’s said and transition Twitter’s codebase to an open-source model? Is he really passionate about restoring user and broad public confidence in Twitter’s affinity to uphold data privacy rights and rules or is there more at play here? Lots of questions, to be sure, but the way we see it, the next move is Musk’s. And if past history is anything, we’ll be hearing from him soon.
Disclosure: Futurum Research is a research and advisory firm that engages or has engaged in research, analysis, and advisory services with many technology companies, including those mentioned in this article. The author does not hold any equity positions with any company mentioned in this article.
Analysis and opinions expressed herein are specific to the analyst individually and data and other information that might have been provided for validation, not those of Futurum Research as a whole.
Other insights from Futurum Research:
Image Credit: Getty Images
The original version of this article was first published on Futurum Research.
Ron is an experienced research expert and analyst, with over 20 years of experience in the digital and IT transformation markets. He is a recognized authority at tracking the evolution of and identifying the key disruptive trends within the service enablement ecosystem, including software and services, infrastructure, 5G/IoT, AI/analytics, security, cloud computing, revenue management, and regulatory issues.