The United States’ Federal Trade Commission (FTC) has imposed a sanction of $150 million on Twitter.
The social media company was allegedly making use of the personal information of its users, which it promised to use to secure their accounts, for target ads.
This is not the first alleged violation of the FTC Act, under which, among other things, the agency is “empowered to prevent unfair or deceptive acts or practices in or affecting commerce.”
Tekedia Mini-MBA edition 16 (Feb 10 – May 3, 2025) opens registrations; register today for early bird discounts.
Tekedia AI in Business Masterclass opens registrations here.
Join Tekedia Capital Syndicate and invest in Africa’s finest startups here.
In 2011, Twitter settled with the FTC, having been accused of serious lapses in its data security that allowed hackers to obtain unauthorized administrative control of the platform.
The order prohibited misrepresentations around how Twitter maintains information like email addresses and phone numbers collected from users.
The just-announced $150 million civil penalty stems from a new complaint filed by the US’ Department of Justice (DOJ) on behalf of the FTC, alleging that Twitter had violated the order in the earlier case by collecting customers’ personal information for the stated purpose of security and then exploiting it commercially.
The FTC in a statement announcing the fine, said, “Specifically, while Twitter represented to users that it collected their telephone numbers and email addresses to secure their accounts, Twitter failed to disclose that it also used user contact information to aid advertisers in reaching their preferred audiences. The complaint was filed by the DOJ on behalf of the FTC.”
The complaint said users provided email addresses or telephone numbers based on Twitter’s “deceptive statements” that such information would be used for account security, such as two-step authorizations.
“This practice affected more than 140 million Twitter users, while boosting Twitter’s primary source of revenue.” the FTC added.
In addition to imposing a $150 million civil penalty for violating the 2011 order, the new order adds more provisions to protect consumers in the future. The orders are as follow:
- Twitter is prohibited from using the phone numbers and email addresses it illegally collected to serve ads.
- Twitter must notify users about its improper use of phone numbers and email addresses, tell them about the FTC law enforcement action, and explain how they can turn off personalized ads and review their multi-factor authentication settings.
- Twitter must provide multi-factor authentication options that do not require people to provide a phone number.
- Twitter must implement an enhanced privacy program and a beefed-up information security program that includes multiple new provisions spelled out in the order,
- Twitter must acquire privacy and security assessments by an independent third-party approved by the FTC, and report privacy or security incidents to the FTC within 30 days.
This is indeed a welcome and commendable measure as was taken by the US’ FTC. This implies that such illegal activity had been taking place across the global community without the knowledge of the apt authorities in various countries where they are operating.
Hence, if well checked or scrutinized, it would be ascertained that other social media networks have equally been carrying out such unauthorized or prohibited acts.
The relevant agencies in other nations are also enjoined to expedite actions in a bid to discover similar prohibited activities, and sanctioning the indicted firm accordingly.