Twitter settles privacy charges with U.S.

NEW YORK Thu Jun 24, 2010 11:28pm IST

A screengrab of the homepage of microblogging serviceTwitter. REUTERS/www.twitter.com

A screengrab of the homepage of microblogging serviceTwitter.

Credit: Reuters/www.twitter.com

Related Topics

NEW YORK (Reuters) - Microblogging service Twitter has agreed to a settlement with the U.S. Federal Trade Commission over charges it put its customers privacy at risk by failing to safeguard their personal information.

The settlement announced by the FTC on Thursday stems from a series of attacks last year on Twitter, the three-year old phenomenon that lets people send short text messages to groups of followers. Under the terms of the agreement, Twitter is creating an independently audited security program, among other measures.

The FTC said serious lapses in Twitter's security allowed hackers to send out phony tweets pretending to be from U.S. President Barack Obama and Fox News. Hackers also managed to take administrative control of Twitter and gain access to private tweets, or short text messages of 140 characters or less.

Between January and May 2009, hackers were "able to view nonpublic user information, gain access to direct messages and protected tweets, and reset any user's password" and send tweets from any user account, according to the FTC complaint.

Twitter acknowledged 45 accounts were accessed by hackers in January last year and 10 in April 2009 "for short periods of time."

It said the January attack resulted in "unauthorized joke tweets" from nine accounts. The hackers may also have accessed data such as email addresses and phone numbers, the privately held company said.

In the April incident, Twitter said it cut off the hacker's administrative access within 18 minutes of the attack and quickly informed affected users.

The FTC said Twitter was exposed to these attacks because it "failed to take reasonable steps" to prevent unauthorized administrative control of its system.

"When a company promises consumers that their personal information is secure, it must live up to that promise," David Vladeck, director of the FTC's Bureau of Consumer Protection, said in a statement.

And if a company allows consumers to designate their information as private, it must use reasonable security to support that designation, he said.

Under the terms of the settlement, Twitter will be barred for 20 years from "misleading consumers about the extent to which it maintains and protects the security, privacy, and confidentiality of nonpublic consumer information."

Twitter must also establish a comprehensive security program that "will be assessed by a third party every year for ten years," according to the FTC.

Twitter said it already made many of the changes suggested in the settlement, which comes less than two months after another popular social site, Facebook, suffered its own security breaches.

The agreement will be subject to public comment for 30 days, starting on Thursday and continuing through July 26, 2010, after which the FTC will make a final decision. (Reporting by Sinead Carew; editing by Tim Dobbyn and Andre Grenon)

FILED UNDER:

Tech Wrap

Reuters Showcase

India Cricket Chief

India Cricket Chief

Former ICC boss Dalmiya returns as BCCI chief.  Full Article 

S&P on Budget

S&P on Budget

Budget shows commitment to keep fiscal deficit low - S&P.  Full Article 

New Phone

New Phone

Samsung unveils sleek new Galaxy phones to battle Apple.  Full Article 

MH370 Search

MH370 Search

Interview: Australia says hunt for missing MH370 jet may be called off soon.  Full Article 

Blogger's Murder

Blogger's Murder

Bangladesh says arrests main suspect in U.S. blogger Avijit Roy's killing.  Full Article 

England under Fire

England under Fire

Changes demanded after England's latest World Cup flop.  Full Article 

Anti-Putin Rally

Anti-Putin Rally

Anti-Putin protesters rally in New York after Nemtsov's murder.  Full Article 

Brit Awards

Brit Awards

Brit awards shake up British album chart, boost Sam Smith.  Full Article 

Lathmar Holi

In Pics: Lathmar Holi

Images of "Lathmar Holi" at Nandgaon in Uttar Pradesh.  Full Coverage 

Reuters India Mobile

Reuters India Mobile

Get the latest news on the go. Visit Reuters India on your mobile device.  Full Coverage