Privacy experts and legislators are expressing concerns over Twitter's data security and privacy measures following the exit of key company executives.
A letter addressing these apprehensions was recently sent to Twitter by a group of Democratic senators. They voiced worries that the recent resignation of senior data security executives might jeopardize user data security and privacy, and possibly infringe upon a 2022 agreement with the Federal Trade Commission (FTC).
This correspondence was prompted by the resignation of Ella Irwin, Twitter's head of trust and safety, and A.J. Brown, the company's head of brand safety and advertising quality. Irwin stepped into her role last fall following the resignation of Yoel Roth, Twitter’s previous head of trust and safety, amid the tumultuous acquisition of the company by Elon Musk.
The letter stated, “The string of high-profile resignations from Twitter’s lead privacy, information security, and compliance officers raises concerns about Twitter’s ability to fulfill its legal obligations.”
Elizabeth Warren, the Democratic senator from Massachusetts and co-author of the letter, also tweeted: “After mass layoffs and hasty product launches, two of Twitter’s top safety executives resigned last week. Is Twitter abiding by an existing @FTC order to protect consumer privacy and safety? We need answers.”
In the previous year, Twitter had agreed to a $150 million settlement of a privacy lawsuit brought forward by the FTC and the Justice Department. The agencies claimed that Twitter wrongly gathered user data for advertisers to target ads. The settlement necessitated Twitter to adhere to additional obligations, such as establishing and maintaining a privacy and security program, as noted by the senators.
Brandon Pugh, policy director of the cybersecurity and emerging threats team at the R Street Institute, said the concerns expressed in the letter are valid and lawmakers should scrutinize Twitter, particularly given its past FTC issues. Pugh also suggested that the letter lacks clarity about the precise actions Twitter allegedly took and primarily relies on past actions and recent staff departures to speculate violations.
Experts, including Cyrus Walker, the founder and managing principal at cybersecurity firm Data Defenders, agree that Twitter should treat these concerns seriously and safeguard user data. Walker further stated that the oversight of Twitter by lawmakers could set a precedent for other tech giants facing similar situations.
According to Walker, "The disregard of information security can create ripple effects throughout the tech industry given the interlinked relationships that Twitter has with other providers, so they should definitely take it seriously.”