After law enforcement officials accused Twitter of illegally utilizing users’ data to help sell targeted adverts, the company was fined $150 million (£119 million) in the United States.
According to court records, the Federal Trade Commission (FTC) and the Department of Justice claim that Twitter broke a contract with regulators.
Twitter has previously said that it would not provide advertisers with personal information such as phone numbers and email addresses.
According to federal authorities, the social media business violated the rules.
In December 2020, Twitter was fined £400,000 for violating the GDPR data privacy standards in Europe.
The Federal Trade Commission (FTC) is an independent US government organization tasked with enforcing antitrust laws and promoting consumer protection.
Twitter is accused of violating a 2011 FTC injunction prohibiting the corporation from misrepresenting its privacy and security procedures.
Advertising on Twitter’s platform, which lets users ranging from consumers to celebrities to companies to publish 280-character messages, or tweets, produces the majority of the company’s revenue.
Twitter began requesting users for a phone number or email address in 2013 to strengthen account security, according to a lawsuit filed by the Department of Justice on behalf of the FTC.
“As the complaint states, Twitter gathered data from users under the guise of using it for security purposes, but subsequently used the data to target users with advertisements,” said FTC chair Lina Khan.
“This behavior impacted over 140 million Twitter users while also increasing Twitter’s principal revenue stream.”
“Once again, Twitter is breaching the confidence that its users have in their platform by utilizing their private information to their own advantage and raising their own income,” Ian Reynolds, managing director of computer security firm Secure Team, told the media.
“Twitter misled their consumers into a false feeling of security by gathering their data under the guise of security and account protection, but eventually ended up exploiting the data to target their users with adverts,” he continued.
“This reality demonstrates the power that corporations still wield over your data, and that there is still a long way to go before people can feel confident in their ability to fully control their digital footprint.”
Twitter needs users to submit a phone number and an email address in order to verify their account.
People may use this information to reset their passwords and unlock their accounts if necessary, as well as enable two-factor authentication.
Two-factor authentication adds an extra layer of protection by sending a code to a phone number or email address in addition to a username and password to allow users connect into Twitter.
According to the FTC, Twitter was also utilizing the information to improve its advertising business until at least September 2019.
Advertisers are accused of having access to users’ security information.
In addition to the monetary penalty, Twitter must:
- It must stop utilizing the phone numbers and email addresses it obtained unlawfully.
- warn users of the company’s unauthorized use of security information
- inform users about the FTC’s legal action
- show you how to disable personalized ads and double-check your multi-factor authentication settings
- give solutions for multi-factor authentication that don’t require a phone number
- Implement a stronger privacy and security program, which includes notifying the FTC of problems within 30 days.
Vanita Gupta, the US assistant attorney general, stated, “The Department of Justice is dedicated to preserving the privacy of customers’ sensitive data.”
“The proposed settlement’s $150 million penalty reflects the severity of the claims against Twitter, and the significant additional compliance requirements that will be imposed as a result of the proposed deal will help prevent similar deceptive techniques that endanger users’ privacy.”