Twitter settles privacy case with the FTC

Powered by SC Magazine
 

Agrees to security guidelines, regular audits.

Twitter has agreed to adopt a new security programme which will settles its privacy case with the US Federal Trade Commission.

The Commission said that the micro-blogging site would be enforcing best practices for password selection and control as well as submit to regular audits of its security controls.

Among the measures required will be the adoption of unique non-dictionary passwords not used with other accounts or stored within unencrypted email messages.

The company will also be required to swap out passwords regularly and protect its administrative controls through a unique log-in page that locks an account after a certain number of failed log-in attempts.

Additionally, the company will be required to adjust its notifications to users in order to avoid misleading them about the company's privacy protections.

In a blog posting, Twitter general counsel Andrew Macgillivray said that the company had already adopted a number of the stipulations in the settlement.

"Even before the agreement, we'd implemented many of the FTC's suggestions and the agreement formalizes our commitment to those security practices," he wrote.

The deal stems from a pair of breaches Twitter suffered in 2009 which lead to user accounts being compromised and a breach of Twitter corporate data. The FTC said that the breaches were due to lax security practices, such as using dictionary-based passwords and not limiting the number of log-in attempts on an account.

"When a company promises consumers that their personal information is secure, it must live up to that promise," said FTC bureau of consumer protection director David Vladeck.

"Likewise, a company that allows consumers to designate their information as private must use reasonable security to uphold such designations."

Copyright ©v3.co.uk


Twitter settles privacy case with the FTC
 
 
 
Top Stories
Matching databases to Linux distros
Reviewed: OS-repository DBMSs, MariaDB vs MySQL.
 
Coalition's NBN cost-benefit study finds in favour of MTM
FTTP costs too much, would take too long.
 
Who'd have picked a BlackBerry for the Internet of Things?
[Blog] BlackBerry has a more secure future in the physical world.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Which is the most prevalent cyber attack method your organisation faces?




   |   View results
Phishing and social engineering
  70%
 
Advanced persistent threats
  2%
 
Unpatched or unsupported software vulnerabilities
  11%
 
Denial of service attacks
  6%
 
Insider threats
  10%
TOTAL VOTES: 725

Vote