The dust around Twitter doesn’t settle. Recently, the company’s former head of security, the legendary hacker-turned-cybersecurity-expert Peiter “Mudge” Zatko, disclosed some important details concerning Twitter’s activity. He said that Twitter didn’t provide the necessary information and misled federal regulators about its safety. If this information is accurate, Twitter might have to pay federal fines. Moreover, this could become a reason for Elon Musk not to buy the social platform.
Zatko Reveals How Twitter Misled FTC
If you seek reasons why Zatko disclosed this information, you must know he was fired in January this year. And this is retaliation for his refusal to stay quiet about the company’s vulnerabilities. Moreover, in July, he filed a 200-page complaint with the Securities and Exchange Commission (SEC). He is accusing Twitter of deceiving shareholders and violating its agreement with the Federal Trade Commission (FTC) to uphold certain security standards.
#BREAK A former Twitter executive, its head of security, has turned whistleblower.
He alleges grave security problems at the company that he says are a risk to national security and democracy.
His first TV interview here:https://t.co/QU823RBnN1 pic.twitter.com/krh7WVOrhe
— Donie O'Sullivan (@donie) August 23, 2022
He joined Twitter in 2020. According to his words, the platform is a “critical resource” for the world. So he wanted to fix all vulnerabilities. But the company’s CEO (Parag Agrawal) refused to tackle many security failings.
“This would never be my first step, but I believe I am still fulfilling my obligation to Jack and users of the platform,” Zatko told The Washington Post regarding his decision to become a whistleblower. “I want to finish the job Jack brought me in for, which is to improve the place.”
Key Points In Zatko’s Complaint
You understand that we can’t publish everything from the 200-page report. But here are some noteworthy points:
- Many Twitter employees have access to critical systems. For instance, around 7000 full-time employees can access users’ sensitive personal data.
- Though in 2010, Twitter signed an agreement with FTC to protect consumers’ personal information, it turns out Twitter has made “false and misleading statements” misleading FTC.
- Twitter has always said that only 5% of its monthly active users are bots, fake accounts, or spam. But according to Zatko, this number isn’t accurate and is far from being true.
- Though there have been many requests to delete certain users’ data, the company never did it.
Gizchina News of the week
Twitter Doesn’t Remain Quiet
In its turn, Twitter accused Zatko of making furor by selectively presenting the information.
“Mr. Zatko was fired from his senior executive role at Twitter for poor performance and ineffective leadership over six months ago. While we haven’t had access to the specific allegations being referenced, what we’ve seen so far is a narrative about our privacy and data security practices that is riddled with inconsistencies and inaccuracies, and lacks important context. Mr. Zatko’s allegations and opportunistic timing appear designed to capture attention and inflict harm on Twitter, its customers and its shareholders. Security and privacy have long been company-wide priorities at Twitter and we still have a lot of work ahead of us.”
Anyway, what Zatko said will have a significant effect on the company. According to FTC, they have already started an investigation. With a strong possibility, they will levy huge fines against Twitter.
This might also become a turning point for Musk, who doesn’t want to acquire Twitter anymore. Instead, he wants to launch his own social platform. As you remember, he paused the deal saying Twitter hadn’t provided true information about the number of bots. “We have already issued a subpoena for Mr. Zatko,” Alex Spiro, a lawyer representing Musk, said in a statement, “and we found his exit and that of other key employees curious in light of what we have been finding.”