Twitter Admits it Used Users’ Private Security Data for Targeted Ads Without Their Permission

Twitter has disclosed that it may have shared the private data of several users with advertising partners without their knowledge, to enable targeted advertising.

Twitter said that it ‘inadvertently’ served tailored ads to account holders using phone numbers and email addresses that users provided for two-factor authentication purposes https://t.co/P1cBNbRsd1

— Silicon Republic (@siliconrepublic) October 9, 2019

The social media giant said that it gave 3rd-party advertisers access to users email addresses and phone numbers which were originally provided by users for the security of their accounts (two-factor authentication).

Twitter’s two-factor authentication provides added security to a user’s account against hackers. When logging in on an alien device, Twitter requests authorisation from a linked phone number or email (authorisation code).

Now, with this information (numbers and emails), advertisers may have been able to contact users with ads, even if they never opted for such.

“We’re Very Sorry This Happened”: Twitter Admits To Using Security Data For Targeted Ads https://t.co/oYLcSrkY1q via @bandt

— Asher Wolf (@Asher_Wolf) October 8, 2019

The platform, in its defence, says this was an error and that users can be assured that their data had not been shared beyond its partner advertisers.

“When an advertiser uploaded their marketing list, we may have matched people on Twitter to their list based on the email or phone number the Twitter account holder provided for safety and security purposes. This was an error and we apologize.”

Twitter

The platform also claims to have addressed the issue as of September 17. And since it’s not data that you can withhold (except you delete your account), Twitter is assuring users that their private data, shared for account security, are not being mined any longer.

But Twitter is unable to say how many of its users were affected, hence its public apology. So if it happens that you were affected, Twitter is kind of saying, ‘we don’t know if you were, but sorry. And yeah, trust us with your data moving forward, as it won’t happen again.‘

Interestingly, this is not the first time that the platform has been in the spotlight for such privacy issues. In July, the company admitted to sharing users’ data with advertising partners since May 2018, even if they have opted out from personalised ads. They continued to show people ads based on inferences made about the devices they use without permission.

https://twitter.com/TonyRomm/status/1181684153928093697

At this rate, Twitter may just be in the same boat as Facebook, which since last year has been under scrutiny for its various privacy breaches, including farming users’ email/phone numbers for targeted ads and the prominent Cambridge Analytica Scandal.