Tech

Twitter Inadvertently Shared User Data Without Express Consent And Fixed The Bug Before Outrage

Twitter reportedly shared some user data without express consent. Interestingly, the limited data exposure occurred inadvertently, claims the micro-blogging network. Moreover, Twitter confirmed that it quickly fixed the bug that affected a small portion of its users. In addition to this, Twitter also attempted to decipher the devices that some users were using without seeking and receiving the users’ express approval. The second incident did not result in data being shared but may have been used to fine-tune the ad delivery mechanism. Experts argue Twitter may have knowingly ignored a specific setting that does not allow the company to deploy these techniques.

Twitter has confirmed that it discovered a bug in the data collection and sharing methodology. The social media platform fixed a reportedly minor bug that resulted in the company sharing some user data with its advertising partners. Although the data shared did not have any components that directly identified the users, the sharing occurred without express consent sought or granted by Twitter. Simply put, Twitter’s platform inadvertently shared user data that was never approved by the concerned or impacted users. The social media platform has confirmed that it plugs possible leaks without delay to limit the impact.

Twitter Exposed User Data To Advertising Partners For More Than A Year:

While Twitter’s assurances matter, the fact that the data exposure continued to happen for more than a year is certainly concerning. According to Twitter’s own admission, the data remained exposed from May 2018 to August 5, 2019. The bug was discovered and immediately fixed after August 5. The company stresses that a very small fraction of its users was impacted by the flaw. The impacted users are those who clicked or viewed an ad for a mobile application and later interacted with that mobile application. In other words, users had to not only click on the ad that promoted a mobile application but had to download the same and use it, to be impacted.

The bug in Twitter’s data management engine resulted in sharing some categories of user information. Twitter confirmed that the shared information consisted of country code, device type, and ad details. The company mentioned the data was inadvertently shared with a small list of advertisers that Twitter works with. The company relies on these advertisers to measure ad performance and track the ads.

Twitter had apparently shared some user data without express consent. Interestingly, the limited data exposure occurred inadvertently, claims the micro-blogging network. Moreover, Twitter confirmed that it quickly fixed the bug that affected a small portion of its users. In addition to this, Twitter also attempted to decipher the devices that some users were using without seeking and receiving the users’ express approval. The second incident did not result in data being shared but may have been used to fine-tune the ad delivery mechanism. Experts argue Twitter may have knowingly ignored a specific setting that does not allow the company to deploy these techniques.

Twitter has confirmed that it discovered a bug in the data collection and sharing methodology. The social media platform fixed a reportedly minor bug that resulted in the company sharing some user data with its advertising partners. Although the data shared did not have any components that directly identified the users, the sharing occurred without express consent sought or granted by Twitter. Simply put, Twitter’s platform inadvertently shared user data that was never approved by the concerned or impacted users. Incidentally, this is not the first time Twitter has faced such privacy-related bugs. However, the social media platform has confirmed that it quickly plugs the possible leaks without delay to limit the impact.

Twitter Also Ignored A Setting That Prevented It From Inferring Data:

Apart from the aforementioned bug that exposed some user data with ad partners, Twitter also acknowledged another ad privacy issue. Although Twitter confirmed it essentially ignored a specific setting that prevented it from inferring data, the company confirmed the data was never shared with any external agencies.

Since September 2018, Twitter’s advertising platform made inferences about a user’s devices. The company noted that the data was collected simply to “fine-tune ad delivery,” and admitted that the data collection took place without users’ express approval. The consent that Twitter is referring to is basically a tick box that is found within the “Personalization” subheading within Settings. The setting that prevents Twitter from inferring information is called “Personalize based on your inferred identity”. Twitter describes the “Inferences” setting on a help page.

For example, if you commonly use Twitter for Android around the same time and from the same network where you browse sports websites with embedded Tweets on a computer, we may infer that your Android device and laptop are related and later suggest sports-related Tweets and serve sports-related advertising on your Android device. We may also infer other information about your identity to help personalize your Twitter experience.

If the setting is not enabled, it essentially does not grant Twitter permission to make such clever inferences. While some social media users may not object to personalized ads, others are uncomfortable, claiming it is an invasion of privacy.


Leave a Reply

Your email address will not be published.

Close