The FTC released a Consent Order to settle charges against Twitter surrounding its privacy and data security practices. The FTC’s complaint alleged that intruders accessed Twitter’s administrative accounts twice between January and May 2009. During that time, the hackers were able to access private tweets, reset user passwords, send false tweets, and access private user information. The FTC alleged Twitter failed to take reasonable steps to safeguard user information by following deficient password and login procedures.

The settlement does not include a monetary fine, but requires Twitter to establish and maintain a comprehensive information security program, which will be assessed by an independent auditor every other year for 10 years. Twitter is barred from making any misleading statements to consumer regarding its data security for 20 years. Additionally, the agreement includes provisions addressing Twitter’s use of service providers and requiring Twitter to evaluate and adjust its information security to address material changes to its business or other events that might impact the effectiveness of its security program.

The privacy policy posted on Twitter’s website stated that “Twitter is very concerned about safeguarding the confidentiality of your personally identifiable information. We employ administrative, physical, and electronic measures designed to protect your information from unauthorized access.” This is the FTC’s first case against a social networking site. Going after Twitter signals the FTC’s concern over the protection of personal information extends beyond historical notions of “trade,” and is not limited to the protection of financial information only. The FTC is interested in holding companies to their representations regarding their security practices.

This entry was posted on Monday, July 26th, 2010 at 7:48 pm by Crystal Lyons and is filed under Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.