On May 25, 2022, Twitter reached a settlement with the Federal Trade Commission (FTC) regarding a privacy incident disclosed in 2019 when some email addresses and phone numbers provided for account security purposes may have been inadvertently used for advertising. This issue was addressed as of September 17, 2019, and today we want to reiterate the work we’ll continue to do to protect the privacy and security of the people who use Twitter.
Keeping data secure and respecting privacy is something we take extremely seriously, and we have cooperated with the FTC every step of the way. In reaching this settlement, we have paid a $150M USD penalty, and we have aligned with the agency on operational updates and program enhancements to ensure that people’s personal data remains secure and their privacy protected.
Twitter’s commitment to security and privacy is not a point-in-time exercise for us but a core value we constantly enhance by updating our practices to meet the evolving needs of our customers. The recently announced Data Governance Committee is an embodiment of our dedication to strengthen the implementation of our privacy and security policies and standards, as well as to expand our internal privacy and security review processes during the product development life cycle.
Moving forward, we will continue to make investments in this work, including building and evolving processes, implementing technical measures, and conducting regular auditing and reporting to ensure we are mitigating risk at every level and function at Twitter. We will also continue to partner with the FTC, and our security and privacy regulators around the world, on our shared mission of building useful products and services that meet our customers’ needs while keeping the information they share with us secure and respectful of their privacy.