On Could 25, 2022, Twitter reached a proposed $150 million settlement with the Division of Justice (“DOJ”) and the Federal Commerce Fee to resolve allegations that the corporate deceptively used nonpublic consumer contact info obtained for account safety functions to serve focused advertisements to Twitter customers. In a complaint filed in federal court docket, the federal government alleged that Twitter violated each the FTC Act and a 2011 FTC Order by misrepresenting the extent to which the corporate maintained and guarded customers’ nonpublic contact info. The proposed settlement would require Twitter to pay $150 million in civil penalties and implement a complete privateness and data safety program “with extensive procedures to safeguard user information and assess internal and external data privacy risks.”
The grievance alleged that from Could 2013 to September 2019, Twitter collected cellphone numbers and electronic mail addresses from over 140 million customers for account safety functions, however failed to disclose that the customers’ contact info additionally can be used to serve focused advertisements to customers.
Within the grievance, the DOJ and FTC alleged that Twitter’s conduct violated an current FTC Order, as well as to Part 5(a) of the FTC Act. The present FTC Order, in impact since 2011, prohibits Twitter from misrepresenting the extent to which it maintains and protects the privateness and safety of nonpublic shopper info. The 2011 FTC Order was finalized after Twitter agreed to settle allegations that the corporate’s information safety practices had enabled menace actors to entry nonpublic consumer info and personal tweets.
The grievance additional alleged that Twitter misrepresented its compliance with the EU-U.S. and Swiss-U.S. Privateness Protect Frameworks, every of which prohibits the processing of private info in a means that’s incompatible with the needs for which it was collected or approved by the consumer to whom it pertains.
The proposed settlement would require Twitter to meet quite a few reporting and record-keeping obligations, together with conducting privateness opinions and written studies prior to implementing any new services or products that collects customers’ nonpublic private info, and repeatedly acquiring assessments of its privateness and data safety program by an unbiased assessor authorized by the FTC. As well as, the proposed settlement would prohibit Twitter from utilizing the beforehand collected nonpublic consumer contact info to serve focused advertisements, and require Twitter to notify customers that will have been affected by the difficulty.