The Department of Justice and the US Federal Trade Commission released a statement saying that Twitter has agreed to pay a $150 million fine for disclosing user data. The lawsuit was filed in the Northern District of California. It states that from May 2013 to September 2019, the social network misled its users about how their personal data would be used. The phone numbers and email addresses of Twitter users were collected ostensibly for the security of credentials, but in fact they were transferred to third-party companies for the purpose of targeting ads, and this was not provided for in the user agreement.
Such actions by Twitter, according to the initiators of the lawsuit, violate the decree of the Federal Trade Commission of 2011 on the protection of personal data of users. The breach affected more than 140 million users and helped boost the company’s revenue. Not only will the social network pay a hefty fine, but it is committed to establishing and maintaining a comprehensive privacy and information security program, according to a statement from the Justice Department. The company’s data protection measures will need to be regularly reviewed and assessed by independent experts, and before launching a new service related to collecting user data, Twitter will need to conduct a privacy analysis and submit a written report.