On July 28th, The FTC sent a complaint to Twitter alleging the social media giant had used data “provided for safety and security purposes for targeted advertising during periods between 2013 and 2019”.
In October 2019, the company said it had “inadvertently” used security contact details to target ads.
“We recently discovered that when you provided an email address or phone number for safety or security purposes (for example, two-factor authentication) this data may have inadvertently been used for advertising purposes, specifically in our Tailored Audiences and Partner Audiences advertising system,” the company said in a blog post at the time.
“When an advertiser uploaded their marketing list, we may have matched people on Twitter to their list based on the email or phone number the Twitter account holder provided for safety and security purposes. This was an error and we apologise.”
Twitter was unable to say how many people were affected by the error. The company made an agreement with the FTC in 2011 that it would not mislead users about the safety of their personal information. According to the firm, the complaint could cost the company $150-250 million.
- Twitter warns hackers may have accessed users’ contacts
- SBRC ethical hacker to provide “offensive security” advice to Scots firms
- Report | Employee mistakes cause almost half of cybersecurity issues
The announcement comes on the back of both a massive hack that hit a number of Twitter accounts, including major business and political figures such as Bill Gates, Jeff Bezos, Barack Obama and Joe Biden, and after the company reported second-quarter revenues of $683 million.
“Following the announcement of our second-quarter financial results, we received a draft complaint from the FTC alleging violations of our 2011 consent order,” a Twitter spokesperson said. “Following standard accounting rules we included an estimated range for settlement in our 10-Q filed on August 3.”