By: Denis Cyr
In a regulatory filing on Monday, Twitter said it received a draft FTC complaint alleging violations between 2013 and 2019.
The social media company is accused of using phone numbers, which are uploaded to users’ Twitter accounts for security purposes, to target people with ads.
The violations could result in $250 million in fines levied against the social media giant
The violations could potentially be in breach of a consent order against the company in 2011, when the FTC detected ‘serious lapses’ in Twitter’s data security that allowed hackers to obtain users’ private information, The Daily Mail reported.
Following the announcement of our Q2 financial results, we received a draft complaint from the FTC alleging violations of our 2011 consent order,’ a Twitter spokesperson said.
‘Following standard accounting rules we included an estimated range for settlement.’
The matter remains unresolved and there can be no assurance as to the timing or the terms of any final outcome,’ Twitter said.
Twitter claims this was inadvertent and not a deliberate way to deliver ads to Twitter users on smartphones
The phone numbers were intended to set up a two-factor authentication, in which users can secure their account from would-be hackers by using their mobile device or email as a fail-safe, but users instead ended on up on advertisement feed.
The Daily Mail reported: Twitter said it inadvertently used the information to help match users’ accounts with stores they may have shopped at.
This allowed ad partners that had access to a person’s phone number – i.e. a pharmacy or any retailer with a rewards program – to match that number with a customer’s Twitter account and advertise directly to them on the platform.
The Verge explained: Between 2013 and 2019, Twitter used phone numbers and email addresses provided “for safety and security purposes” to help target ads. Twitter disclosed the practice back in October, saying that it was done “inadvertently” and called it “an error.” The FTC evidently believes that Twitter misled consumers by not disclosing that their data may have been used in this way.
Under the 2011 ruling the FTC stated ”Twitter was barred for 20 years from ‘misleading consumers about the extent to which it protects the security, privacy, and confidentiality of nonpublic consumer information, including the measures it takes to prevent unauthorized access to nonpublic information and honor the privacy choices made by consumers.”