Twitter has agreed to pay a $150 million fine for failing to protect the data of its users. According to federal officials, the company used data to help marketers target ads on the platform.
Federal officials sued the platform for misleading users about how their data would be protected. The company was accused by regulators of violating a previous Federal Trade Commission (FTC) privacy settlement, as it collected information to help marketers target their advertising.
The officials said that Twitter users were advised that phone numbers and email addresses would be kept private for security reasons. However, the lawsuit claims that the contact information of over 140 million was used for other purposes, and this was not disclosed.
The lawsuit says: “From at least May 2013 through at least September 2019, Twitter did not disclose, or did not disclose adequately, that it used these telephone numbers and email addresses to target advertisements to those users through its Tailored Audiences and Partner Audiences services.”
How will users be protected in the future?
In a blog post, Twitter said that it is committed to protecting users’ privacy. As well as paying a large financial penalty, the company has agreed to implement a privacy program.
The company says the program will ensure data security by always disclosing why and how it collects, shares, and uses personal information. Additionally, users can access a multi-factor authentication option that doesn’t require sharing a phone number.
“In reaching this settlement, we have paid a $150M USD penalty, and we have aligned with the agency on operational updates and program enhancements to ensure that people’s personal data remains secure and their privacy protected,” the blog post said.
Further advice from the FTC
The Federal Trade Commission (FTC) says that there are several steps people can take to protect their personal information online, including:
- Use multi-factor authentication if possible, as it makes it harder to log in to accounts.
- Choose forms of multi-factor authentication that don’t involve personal information.
- Select security questions carefully, making sure no one can guess the answers.
- Always check the privacy settings – some platforms allow users to opt-out of targeted advertisements in an app’s privacy settings.