Twitter installs new privacy safeguards

Twitter,
the San Francisco micro blogging start-up, has reached a settlement with the
Federal Trade Commission over privacy safeguards on its site.

The
FTC had charged that a security lapse on the site had allowed hackers last year
to impersonate Twitter users such as then-President-elect Barack Obama and Fox
News.

“A
company that allows consumers to designate their information as private must
use reasonable security to uphold such designations,” David Vladeck,
director of the FTC’s Bureau of Consumer Protection, said in a statement
Thursday.

“Consumers
who use social networking sites may choose to share some information with
others, but they still have a right to expect that their personal information
will be kept private and secure.”

According
to the FTC, in a second breach last year, a hacker broke into a Twitter
employee’s personal e-mail account and found two passwords. “Using this
information, the hacker was able to guess the employee’s Twitter administrative
password,” the FTC statement said. “The hacker reset at least one
Twitter user’s password, and could access private user information and tweets
for any Twitter users.”

Under
terms of the settlement, Twitter will be barred for 20 years from misleading
its users about how it protects their privacy. Twitter also must establish an
information security program, which will be examined every other year by a
third party for the next 10 years. The company wasn’t fined.

Twitter
acknowledged the settlement in an e-mailed statement and in a post on its
official blog by General Counsel Alexander Macgillivray. The company said it
had responded quickly last year to close the two security breaches and notify
affected users and “has agreed to implement significant security
measures.”

“Even
before the agreement, we’d implemented many of the FTC’s suggestions and the
agreement formalizes our commitment to those security practices,”
Macgillivray wrote.

NO COMMENTS