Decided - The FindLaw Noteworthy Decisions and Settlements Blog

Twitter Settlement: Site Promises to Increase Security

You'll never meet a Twitter user who doesn't simultaneously curse and chuckle when greeted with the iconic Fail Whale.

But you'll also never meet a user who doesn't use the microblogging site to criticize Twitter itself.

What does this mean? Tweeters can handle a little downtime, but when Twitter security is breached multiple times, as it was at the beginning of 2009, users are visibly up in arms. Or tweets.

Hopefully such breaches will be a thing of the past--the Federal Trade Commission has announced that it has finalized a Twitter settlement stemming from those incidents. 

Back in 2009, Twitter was hacked at least twice--once via a password hacking tool, and once when a hacker guessed an administrator's password. Hackers took over well-known accounts, such as those belonging to President Obama and Fox News, but also had access to private user information.

The Federal Trade Commission alleged that Twitter deceived consumers and put their privacy at risk in violation of Twitter security and privacy policies that promised to safeguard that information.

For 20 years, Twitter is not permitted to mislead consumers about the extent of user security, privacy or confidentiality, reports the Los Angeles Times. This is a throw-away clause, as the law already prohibits the company from doing so.

The Twitter settlement also requires the site to beef up its security program, which will be audited for the next 10 years. After conducting a data security risk analysis, the site must add more employees to the Twitter security team, explains InformationWeek. It will also have to work with service providers and take reasonable measure to mitigate risks.

Violations will result in a fine of $16,000.

Related Resources: