Twitter's settlement covers allegations that it
misrepresented the "security and privacy" of user data between May
2013 and September 2019, according to the court documents.
The company will pay $150 million as part of the settlement
announced by the Justice Department and the Federal Trade Commission (FTC). In
addition to the monetary settlement, the agreement requires Twitter to improve
its compliance practices.
The complaint said that the misrepresentations violated the
FTC Act and a 2011 settlement with the agency.
"Specifically, while Twitter represented to users that
it collected their telephone numbers and email addresses to secure their
accounts, Twitter failed to disclose that it also used user contact information
to aid advertisers in reaching their preferred audiences," the complaint
said.
Twitter's chief privacy officer, Damien Kieran, said in a
statement that with the settlement "we have aligned with the agency on
operational updates and program enhancements" to protect user privacy and
security.
Twitter is a free service that makes money primarily through
advertising. Billionaire Elon Musk, who is buying the service for $44 billion,
has criticised its ads-driven business model and pledged to diversify its
revenue sources.
"If Twitter was not truthful here, what else is not
true? This is very concerning news," Musk said in a tweet late on
Wednesday, commenting on the social media company's ad practices and the fine.
The US officials pointed out that of the $3.4 billion in
revenue that Twitter earned in 2019, about $3 billion was from advertising.
The company made $5 billion in revenue for 2021. It said in
a filing earlier this month that it had put aside $150 million after agreeing
"in principle" upon a penalty with the FTC.
"Twitter obtained data from users on the pretext of
harnessing it for security purposes but then ended up also using the data to
target users with ads," said FTC Chair Lina Khan in a statement.
"This practice affected more than 140 million Twitter users, while
boosting Twitter's primary source of revenue."
The complaint also alleges that Twitter falsely said it
complied with the European Union-US and Swiss-US Privacy Shield Frameworks,
which bar companies from using data in ways that consumers do not authorise.
Twitter's settlement follows years of fallout over the
privacy practices of tech companies.
Revelations in 2018 that Facebook, the world's biggest
social network, was using phone numbers provided for two-factor authentication
to serve ads enraged privacy advocates.
Facebook, now called Meta, similarly settled with the FTC
over the issue as part of a $5 billion agreement reached in 2019. © Reuters