Twitter says it was just an accident that caused the microblogging giant to let advertisers use private information to better target their marketing materials at users.
The social networking giant on Tuesday admitted to an "error" that let advertisers have access to the private information customers had given Twitter in order to place additional security protections on their accounts.
"We recently discovered that when you provided an email address or phone number for safety or security purposes (for example, two-factor authentication) this data may have inadvertently been used for advertising purposes, specifically in our Tailored Audiences and Partner Audiences advertising system," Twitter said.
"When an advertiser uploaded their marketing list, we may have matched people on Twitter to their list based on the email or phone number the Twitter account holder provided for safety and security purposes. This was an error and we apologize."
Twitter assures users that no "personal" information was shared, though we're not sure what Twitter would consider "personal information" if your phone number and email address do not meet the bar.
"We cannot say with certainty how many people were impacted by this, but in an effort to be transparent, we wanted to make everyone aware. No personal data was ever shared externally with our partners or any other third parties," the mea cupa reads.
UK ads watchdog bans Burger King Twitter jibe for condoning chucking milkshakes at politiciansREAD MORE
"As of September 17, we have addressed the issue that allowed this to occur and are no longer using phone numbers or email addresses collected for safety or security purposes for advertising."
Earlier this year, Facebook was handed a $5bn fine by the US government for playing fast and loose with the personal information of its customers. It is not clear what this incident could mean for Twitter legally, if anything. The FTC declined to comment on the matter.
Users, however, do not look to be happy with either the mishap or the way Twitter is handling the disclosure.
No problem, @twitter! These things happen. Even if it wasn’t unintentional, let’s be honest: your company selling us advertising is a lot more important than the trust and safety of your user base. https://t.co/4FCvXoJ7gU— Matthew Green (@matthew_d_green) October 8, 2019
Perhaps, and I'm just spitballing here, the database Twitter uses to guard the security of people around the world could be separate from the one selling us stuff? Also, maybe they could tell us about this aw-shucks whoopsy-daisy sooner than 21 days after it's been addressed? https://t.co/ZFFCakUtt1— Drew Harwell (@drewharwell) October 8, 2019
Aside from being a violation of privacy and potential legal liability for Twitter, the incident will have the added effect of making users less safe by discouraging them from using phone numbers and email verification as additional levels of security.
All in all, this is a bad look for Twitter that isn't likely to go away any time soon. ®
Sponsored: Webcast: Ransomware has gone nuclear