Twitter has been fined $150 million for deceptively collecting user information to see targeted ads. According to the FTC, Twitter has been asking users to provide their phone numbers and e-mail addresses for security reasons but went on to profit from them by letting advertisers target specific users - this use of the data was not disclosed to users.
Commenting, FTC Chair, Lina M. Khan, said:
“As the complaint notes, Twitter obtained data from users on the pretext of harnessing it for security purposes but then ended up also using the data to target users with ads. This practice affected more than 140 million Twitter users, while boosting Twitter’s primary source of revenue.”
By giving Twitter their phone numbers and e-mail addresses, users benefited by being able to reset their passwords if they forgot them and were able to use two-factor authentication. Twitter failed to mention that this data would be used to help match ads to specific users which would increase the chance users would be shown relevant ads.
Aside from the fine, Twitter will be banned from profiting from deceptively collected data, it should allow other multi-factor authentication solutions that don’t require phone numbers, and anyone who was affected should be notified. The FTC also wants Twitter to examine the privacy and security risks of new products, limit employee access to personal data, and tell the FTC of any data breaches.
15 Comments - Add comment