Recent news surrounding an attempted buy-out by Elon Musk isn’t the only problem at Twitter if a recently-reported lawsuit from the US government is any indicator. If the suit bears any fruit, in fact, the controversies surrounding Mr. Musk may be the least of the company’s problems.
Filed in the Northern District of California, the lawsuit claims that Twitter has misled users regarding their data privacy. Most prominently with regard to user phone numbers and email addresses. According to the lawsuit, Twitter told users those credentials were only used to protect their accounts. But Twitter also used those details to help advertisers target users if the allegations bear out.
Why else did the US Government file a lawsuit against Twitter?
The lawsuit specifically centers around a timeframe extending from May of 2013 through September 2019. So the case could potentially be made that Twitter no longer engages in the activity that’s led to the lawsuit. However, the unconsented use of phone numbers and email addresses for ads isn’t the only issue at hand either.
In fact, the other issue presented in the lawsuit could potentially be more damaging. The US government also brought its lawsuit against Twitter over the apparent mishandling of even more private data. Namely, users’ messages.
According to the filing, Twitter first failed to ensure that tweets and DMS couldn’t be read by employees. Specifically, that’s tweets and direct messages from the app’s ‘protected accounts’.
Following in that same vein, Twitter also allegedly didn’t put any safeguards in place to protect private DMs, to begin with. That means that although Twitter claimed direct messages could only be viewed by recipients, there weren’t any protections in place to ensure that was the case. Moreover, during the above-mentioned timeframe, Twitter didn’t restrict employee access to private user information based on their job requirements.
Moreover, Twitter stands accused of misleading users about the safety and security of their messages on the platform. The lawsuit alleges that Twitter failed to ensure that tweets and DMs from protected accounts were inaccessible to Twitter workers. And that it failed to protect private direct messages. So workers across the board, if the allegation holds true, had ready access to user details well beyond phone numbers and email addresses.
What will happen with this lawsuit?
Now, Twitter has effectively been accused of breaching the FTC Act and Order of 2011. That makes prohibitions against companies misrepresenting the security of nonpublic consumer information. The lawsuit is seeking “civil penalties” for the violations. But exact amounts Twitter could end up owing have not been disclosed. Additionally, it isn’t immediately apparent what the maximum fine for the violations might be.
The government is also seeking to ensure that Twitter doesn’t violate user trust again. Namely, by asking for a permanent injunction against Twitter to that effect.
How, exactly, that will play out for the hugely popular social media site and service remains to be seen.