Recently Twitter has accepted that it had been using around 140 million Users’ personal data such as email addresses and phone numbers for targeted advertising. This data was collected for Two Factor Authentication [2FA] to improve additional security for Users and was ambiguously used for targeted advertisements.
Twitter has thus agreed to pay $150 million in compensation for a privacy lawsuit filed with the U.S Federal Trade Commission [FTC] and Department of Justice [DOJ].
According to the statement by FTC, Twitter had informed its users that the personal data would be used to keep their accounts safe but it used the Personal Data collected to send targeted advertisements for millions of users which benefitted Twitter financially.
“While Twitter represented to users that it collected their telephone numbers and email addresses to secure their accounts, Twitter failed to disclose that it also used user contact information to aid advertisers in reaching their preferred audiences,” said a court complaint filed by the DoJ.
The FTC also said in its statement: “The just-announced $150 million civil penalty stems from a new complaint filed by the Department of Justice on behalf of the FTC, alleging that Twitter violated the order in the earlier case by collecting customers’ personal information for the stated purpose of security and then exploiting it commercially.”
This case dates back to 2010 and 2011 when FTC had filed its complaint against Twitter. Twitter collected this information from its users from May 2013 to September 2019, it also had notified that it will use this information for account recovery if required.
Twitter revealed this issue of targeted ads in 2019. Along with this penalty for violating the order from 2011, this recent order also prohibits Twitter from further using this information for targeted ads. It also said “Twitter must notify users about its improper use of phone numbers and email addresses, tell them about the FTC law enforcement action, and explain how they can turn off personalised ads and review their multi-factor authentication settings,”