Twitter Fined $150 Million By FTC For Alleged User-Privacy Violations
The Federal Trade Commission levied a $150 million fine on Twitter, alleging that the social network let advertisers use private data to target specific users — without informing users of the practice.
According to the agency, Twitter violated a 2011 FTC order that “explicitly prohibited” the company from misrepresenting its privacy and security practices. In addition to the $150 million fine, Twitter is banned from “profiting from its deceptively collected data,” the FTC said.
In August 2020, Twitter disclosed that it expected to face an FTC fine of $150 million to $250 million related to the allegations.
In a blog post, Twitter chief privacy officer Damien Kieran wrote, “Keeping data secure and respecting privacy is something we take extremely seriously, and we have cooperated with the FTC every step of the way. In reaching this settlement, we have paid a $150M USD penalty, and we have aligned with the agency on operational updates and program enhancements to ensure that people’s personal data remains secure and their privacy protected.”
In a statement about the FTC’s fine against Twitter, FTC Chair Lina Khan said, “Twitter obtained data from users on the pretext of harnessing it for security purposes but then ended up also using the data to target users with ads. This practice affected more than 140 million Twitter users, while boosting Twitter’s primary source of revenue.”
According to a complaint filed by the Department of Justice on behalf of the FTC, Twitter in 2013 began asking users to provide either a phone number or email address to enable two-factor authentication, an enhanced form of security (beyond just a password).
From 2014 to 2019, more than 140 million Twitter users provided their phone numbers or email addresses after the company asked for the info, according to the complaint. Twitter, however, “failed to mention that it also would be used for targeted advertising,” allowing marketers to target specific ads to users by matching the information with data they already possessed or obtained from third-party data brokers, the FTC alleged.