Twitter settles privacy case with the FTC

Powered by SC Magazine

Agrees to security guidelines, regular audits.

Twitter has agreed to adopt a new security programme which will settles its privacy case with the US Federal Trade Commission.

The Commission said that the micro-blogging site would be enforcing best practices for password selection and control as well as submit to regular audits of its security controls.

Among the measures required will be the adoption of unique non-dictionary passwords not used with other accounts or stored within unencrypted email messages.

The company will also be required to swap out passwords regularly and protect its administrative controls through a unique log-in page that locks an account after a certain number of failed log-in attempts.

Additionally, the company will be required to adjust its notifications to users in order to avoid misleading them about the company's privacy protections.

In a blog posting, Twitter general counsel Andrew Macgillivray said that the company had already adopted a number of the stipulations in the settlement.

"Even before the agreement, we'd implemented many of the FTC's suggestions and the agreement formalizes our commitment to those security practices," he wrote.

The deal stems from a pair of breaches Twitter suffered in 2009 which lead to user accounts being compromised and a breach of Twitter corporate data. The FTC said that the breaches were due to lax security practices, such as using dictionary-based passwords and not limiting the number of log-in attempts on an account.

"When a company promises consumers that their personal information is secure, it must live up to that promise," said FTC bureau of consumer protection director David Vladeck.

"Likewise, a company that allows consumers to designate their information as private must use reasonable security to uphold such designations."

Copyright ©

Twitter settles privacy case with the FTC
Top Stories
Westpac committed to core banking plan
[Blog post] Now with leadership.
The True Cost of BYOD - 2014 survey
Twelve months on from our first study, is BYOD a better proposition?
Photos: Unboxing the Magnus supercomputer
Pawsey's biggest beast slots into place.
Sign up to receive iTnews email bulletins
Latest Comments
What is delaying adoption of public cloud in your organisation?

   |   View results
Lock-in concerns
Application integration concerns
Security and compliance concerns
Unreliable network infrastructure
Data sovereignty concerns
Lack of stakeholder support
Protecting on-premise IT jobs
Difficulty transitioning CapEx budget into OpEx