Twitter settles privacy case with the FTC

Powered by SC Magazine

Agrees to security guidelines, regular audits.

Twitter has agreed to adopt a new security programme which will settles its privacy case with the US Federal Trade Commission.

The Commission said that the micro-blogging site would be enforcing best practices for password selection and control as well as submit to regular audits of its security controls.

Among the measures required will be the adoption of unique non-dictionary passwords not used with other accounts or stored within unencrypted email messages.

The company will also be required to swap out passwords regularly and protect its administrative controls through a unique log-in page that locks an account after a certain number of failed log-in attempts.

Additionally, the company will be required to adjust its notifications to users in order to avoid misleading them about the company's privacy protections.

In a blog posting, Twitter general counsel Andrew Macgillivray said that the company had already adopted a number of the stipulations in the settlement.

"Even before the agreement, we'd implemented many of the FTC's suggestions and the agreement formalizes our commitment to those security practices," he wrote.

The deal stems from a pair of breaches Twitter suffered in 2009 which lead to user accounts being compromised and a breach of Twitter corporate data. The FTC said that the breaches were due to lax security practices, such as using dictionary-based passwords and not limiting the number of log-in attempts on an account.

"When a company promises consumers that their personal information is secure, it must live up to that promise," said FTC bureau of consumer protection director David Vladeck.

"Likewise, a company that allows consumers to designate their information as private must use reasonable security to uphold such designations."

Copyright ©

Twitter settles privacy case with the FTC
Top Stories
Toll Group to go Google
Poaches Woolworths project manager.
How News Corp's CIO tackled skills in his race to the cloud
What to do when your team’s talents are no longer needed.
Photos: How Thodey transformed Telstra
From turbulent Trujillo to Australia's leading telco.
Sign up to receive iTnews email bulletins
Latest Comments
Who do you trust most to protect your private data?

   |   View results
Your bank
Your insurance company
A technology company (Google, Facebook et al)
Your telco, ISP or utility
A retailer (Coles, Woolworths et al)
A Federal Government agency (ATO, Centrelink etc)
An Australian law enforcement agency (AFP, ASIO et al)
A State Government agency (Health dept, etc)

Do you support the abolition of the Office of the Information Commissioner?

   |   View results
I support shutting down the OAIC.
I DON'T support shutting the OAIC.