Twitter filed its quarterly report at the Securities and Exchange Commission on Monday. The tech giant disclosed that it is under investigation by the Federal Trade Commission. Twitter allegedly used personal information-provided by users for security-for targeted advertising. Twitter could be facing a $250-million fine.
According to CNET, Twitter received a draft complaint from the FTC.
The complaint says Twitter violated a 2011 consent decree. This decree states that the company would work harder to safeguard users' personal information.
Twitter allegedly used phone numbers or email addresses given by users for targetted advertising between 2013 and 2019. The
pieces of information were supposedly for security purposes.
According to experts, using the phone numbers provided by users for security reasons for advertising is a fundamental betrayal of trust.
Eva Galperin, the EFF's director of cybersecurity, said Twitter tried to make money by "unintentionally" using the information users provided to secure their accounts. Such behavior, she said, "undermines people's willingness to use 2FA and makes them less secure in the long run."
2FA or two-factor authentication is second-layer security. It aims to protect an account or system. After users are asked for the password as the first factor, they could be asked additional information like the last digits of a card number or others; this following information would be the 2FA.