After the U.S. government sued Twitter, the social media platform agreed to pay $150 Million in fines. The company had misled its users about the privacy of their data. Federal lawsuit claims that the microblog platform had not told its users, for many years, how it uses their personal data to target advertising campaigns. It was in breach of a privacy agreement with the Federal Trade Commission from 2011.
Lina Khan (FTC Chair) stated that this practice affected more Twitter users than 140,000,000 and boosted Twitter’s primary source revenue.
FTC (Federal Trade Commission) and Department of Justice (DoJ), claimed that Twitter had told users it collected their email addresses and telephone numbers for account security purposes but failed to tell them that it would also use this information to send consumers targeted ads.
“The Department of Justice is committed to protecting the privacy of consumers’ sensitive data,” said Associate Attorney General Vanita Gupta, also in a statement on Wednesday. The $150 million penalty is a serious reflection of Twitter’s allegations. Significant new compliance measures that will be implemented as a result today’s settlement will prevent any further misleading tactics that could threaten the privacy of users.
Twitter paid the civil penalty of $150 million to resolve the allegations made by the government. The platform also agreed to take significant new compliance steps to improve its data privacy practices.
The DoJ stated that Twitter must develop and maintain an information security program and privacy guidelines, as well as a privacy review and written report before it can implement any product or service that gathers personal information. It will also need to test its privacy safeguards regularly.
Twitter must also obtain periodic assessments of its data protection program from an outside assessor. It will need to provide annual certificates of compliance from senior officers. Reports after data privacy incidents that affect 250 users or more are required. Further, Twitter will be required to notify its U.S. customers that joined Twitter after Sept. 17, 2019, regarding the settlement. Users will have the option to secure their privacy or security by providing options. The settlement will require that the DoJ (and the FTC) each take responsibility for monitoring Twitter’s compliance.
Paul Bischoff (Internet privacy advocate at Comparitech), explained that the fine was a similar warning to all social media platforms.
Twitter has admitted that in 2019, it used user’s phone numbers to verify two-step verification for marketing purposes. It was a violation of both U.S. and EU laws. “Now we can finally see the outcome,” Bischoff wrote in an email.
Charles King, a technology analyst at Pund-IT said that the FTC’s 150 million dollar fine was based on an order and ruling the Commission issued in 2011.
King observed that Twitter agreed to adhere to the agreement by promising to not commercially exploit users’ private information. But, Twitter then began to break its promise in 2013 when it sold users’ personal email addresses to advertisers. The FTC determined that Twitter was abusing its position with consumers/users and issued a warning to the company about future violations. Twitter replied that they understood, and then purchased a rope ladder to help them search for a strong branch in a tree.
Also, the wheels of justice seemed to be slow.
Bischoff said, “It’s remarkable that even though the FTC admitted guilt, it took close to three years for DoJ and FTC to reach a deal, no criminal charges were brought, and there was no precedent set by any court.” I would love to see billion-dollar companies held accountable.