Twitter will pay a penalty for using the information requested from users for “targeted advertising” in order to ensure account security. The company, which admitted that it did this in 2019, announced that it used phone numbers and e-mail addresses added to the account for two-factor authentication to serve targeted advertising.
The Federal Trade Commission (FTC), responsible for the protection of consumer rights in the USA, described Twitter’s behavior as “deceptive” and stated that it violated a regulation made in 2011. The social media company, which is stated to have used the data of 140 million people without permission, was sanctioned.
Twitter to pay $150 million fine
The Federal Trade Commission announced that Twitter has been fined $150 million. It also banned him from making profits from the user data he collected through deceptive methods.
An explanation came from high-level names on the subject. FTC Chairman Lina Khan stated that this scandal, which affected more than 140 million people, increased Twitter’s primary income:
“As stated in the complaint, Twitter collected data from users on the pretext of security. But later on it also used this data to target users with ads.”
Deputy Attorney General Vanita Gupta said, “The $150 million fine reflects the seriousness of the allegations against Twitter. And the new measures that will be implemented as a result of the deal proposed today will help prevent further deceptive tactics that threaten users’ privacy.” used the phrases.
Other sanctions in addition to fines:
- Twitter is prohibited from profiting from fraudulently collected data.
- Users should be allowed to use other multi-factor authentication methods such as mobile authentication apps or security keys that do not require them to provide their phone number.
- Reporting users misuse of phone numbers and email addresses collected for account security to target ads to them and provide information about Twitter’s privacy and security controls.
- Implement and maintain a comprehensive privacy and information security program that requires the company, among other things, to review and address potential privacy and security risks of new products.
- Limiting employees’ access to their personal data.
What do you guys think about this? You can comment or share your views.