Twitter settles privacy charges with U.S.

NEW YORK Thu Jun 24, 2010 11:28pm IST

A screengrab of the homepage of microblogging serviceTwitter. REUTERS/www.twitter.com

A screengrab of the homepage of microblogging serviceTwitter.

Credit: Reuters/www.twitter.com

Related Topics

NEW YORK (Reuters) - Microblogging service Twitter has agreed to a settlement with the U.S. Federal Trade Commission over charges it put its customers privacy at risk by failing to safeguard their personal information.

The settlement announced by the FTC on Thursday stems from a series of attacks last year on Twitter, the three-year old phenomenon that lets people send short text messages to groups of followers. Under the terms of the agreement, Twitter is creating an independently audited security program, among other measures.

The FTC said serious lapses in Twitter's security allowed hackers to send out phony tweets pretending to be from U.S. President Barack Obama and Fox News. Hackers also managed to take administrative control of Twitter and gain access to private tweets, or short text messages of 140 characters or less.

Between January and May 2009, hackers were "able to view nonpublic user information, gain access to direct messages and protected tweets, and reset any user's password" and send tweets from any user account, according to the FTC complaint.

Twitter acknowledged 45 accounts were accessed by hackers in January last year and 10 in April 2009 "for short periods of time."

It said the January attack resulted in "unauthorized joke tweets" from nine accounts. The hackers may also have accessed data such as email addresses and phone numbers, the privately held company said.

In the April incident, Twitter said it cut off the hacker's administrative access within 18 minutes of the attack and quickly informed affected users.

The FTC said Twitter was exposed to these attacks because it "failed to take reasonable steps" to prevent unauthorized administrative control of its system.

"When a company promises consumers that their personal information is secure, it must live up to that promise," David Vladeck, director of the FTC's Bureau of Consumer Protection, said in a statement.

And if a company allows consumers to designate their information as private, it must use reasonable security to support that designation, he said.

Under the terms of the settlement, Twitter will be barred for 20 years from "misleading consumers about the extent to which it maintains and protects the security, privacy, and confidentiality of nonpublic consumer information."

Twitter must also establish a comprehensive security program that "will be assessed by a third party every year for ten years," according to the FTC.

Twitter said it already made many of the changes suggested in the settlement, which comes less than two months after another popular social site, Facebook, suffered its own security breaches.

The agreement will be subject to public comment for 30 days, starting on Thursday and continuing through July 26, 2010, after which the FTC will make a final decision. (Reporting by Sinead Carew; editing by Tim Dobbyn and Andre Grenon)

FILED UNDER:
  • Most Popular
  • Most Shared

Tech Showcase

Antitrust Measure

Antitrust Measure

European Parliament may propose Google break-up in draft resolution.  Full Article 

Regulating Apps

Regulating Apps

Singapore to regulate taxi-booking apps Uber, GrabTaxi.  Full Article 

Aereo Bankrupt

Aereo Bankrupt

Aereo files for bankruptcy  Full Article 

Cyber Spying

Cyber Spying

U.S. accuses China of cyber spying on American companies  Full Article 

Tech Workers

Tech Workers

Obama's immigration tweaks leave Big Tech wanting more.  Full Article 

Net Neutrality

Net Neutrality

FCC chief says U.S. Internet rules must stand up to lawsuits  Full Article 

New Amazon Service

New Amazon Service

Amazon plans ad-supported video streaming service - NY post  Full Article 

Travel Technology

Travel Technology

Airlines eye tech partners to tap customer data  Full Article 

Reuters India Mobile

Reuters India Mobile

Get the latest news on the go. Visit Reuters India on your mobile device.  Full Coverage