Masking tape or gum Global effects of Twitter's errors

 Twitter is a powerful tool for spreading messages quickly, effectively, and directly. This is true for fire departments, governments, corporations, school districts, local utilities, and grassroots organisations all around the world.

In a shocking whistleblower revelation, Twitter's former head of security claims that the social media firm has long been carelessly neglectful in protecting its users' privacy and cybersecurity. While troubling for anybody using Twitter, the disclosures may be especially troubling for people who use it to communicate with constituents, disseminate information in times of crisis, and political dissidents and activists targeted by hackers or their own governments.

The Internet Freedom Foundation, an Indian nonprofit that promotes digital rights, has a policy director named Prateek Waghre. "We tend to view these companies as large, well-resourced organizations that know what they're doing, but you realize that a lot of their actions are ad hoc and reactive, driven by crises," he said. In essence, chewing gum or cello tape is frequently used to keep them together.

Pieter "Mudge" Zatko, who led Twitter's security team until he was let go at the beginning of this year, lodged the complaints with federal American authorities last month, alleging that the company had misled regulators about the strength of its cybersecurity defenses and its carelessness in attempting to weed out fake accounts that spread misinformation. One of the most severe charges made by Zatko is that Twitter broke the terms of a 2011 FTC settlement by falsely claiming that it had placed greater safeguards in place to protect the security and privacy of its users.

The charges in the case against India, according to Waghre, were "direct unsupervised access to the firm's systems and user data" and that Twitter intentionally permitted the Indian government to put its operatives on the company payroll. He also mentioned a recent incident in which a former Twitter employee was found guilty of providing private user information to Saudi Arabian royal family members in exchange for bribery.

Inconvenience and embarrassment, like when an Indiana State Police account was hacked and "poo-poo head" was tweeted earlier this year, can be the results of privacy and security mistakes, but they can also be much worse. A Saudi humanitarian relief worker was given a 20-year prison sentence in October 2021 as a result of what the kingdom claims was the operation of an anonymous, satirical Twitter account. The men accused of spying for the kingdom while employed at Twitter may be related to this case.

Bethany Al-Haidari has been worried about Twitter's user privacy safeguards for years as an advocate for dissidents and others held in Saudi Arabia. She is even more concerned as a result of the latest whistleblower charges.

That is really problematic, given what we know about how social media is utilised globally, according to Al-Haidari, a representative of the American human rights organization The Freedom Initiative. It "is pretty alarming to me," she said, because hackers or governments may leverage the claimed cybersecurity flaws at Twitter to obtain users' identities, private conversations, or other sensitive information.

The Chinese-Australian artist and activist Badiucao expressed worry about the whistleblower's claims, adding that many users give their phone numbers and email addresses to Twitter. Badiucao frequently publishes artwork that opposes the Chinese Communist Party.

Once that private data is exposed, it might be exploited to identify you, the man said. Badiucao claimed that he frequently receives propaganda and death threats from accounts that appear to be spam or bots.

However, the artist intends to continue using Twitter since, in her words, it's probably the best "shelter for free speech" available to activists and artists who speak Chinese.

Twitter maintains that the whistleblower claims lack context and offer a "false narrative" about the company and its privacy and data security policies. Twitter stated in a statement that "security and privacy have always been, and will continue to be, company-wide priorities."

None of the organizations The Associated Press spoke to this week have any intention of ceasing their use of Twitter, despite the heightened worries raised by Zatko's assertions. Despite the disturbing nature of the whistleblower's allegations, security experts say there is no justification for individual users to deactivate their accounts.

Professor of communications at Syracuse University Jennifer Grygiel, who closely monitors Twitter, was alarmed by yet another security breach. On their last day of work in 2017, a Twitter customer service representative briefly cancelled then-President Donald Trump's account. Grygiel claimed that although the account was swiftly restored, the incident demonstrated Twitter's vulnerability to use by governments, heads of state, and military branches.

"Are the claims made by the whistleblower shocking and surprising to me? I'm not," declared Trav Robertson, chair of the South Carolina Democratic Party. The party has around 18,700 followers on Twitter. He contends, though, that it's crucial for people to avoid thinking that "the ongoing attacks on our emails, databases, Twitter accounts, and Facebooks" represent the new normal. We stop being proactive when we grow conditioned to it, he claimed.

Public information officer JD Chism of the Denver Fire Department acknowledged worries about security. However, the administration must balance that risk against how crucial Twitter has become for informing the public about emergencies. Real-time information on fires, the resulting road closures and injuries, and retweets from other agencies alerting the public to threats like flash floods are all available on the department's Twitter feed.

Twitter will continue to be used by the department in the interim because, according to Chism, "It's good for taking care of people, and that's what we're here for."