It's normally Facebook in the firing line over personal data misuse, but this week, Twitter has admitted that it has also been misusing people's personal information for ad targeting purposes.
We recently found that some email addresses and phone numbers provided for account security may have been used unintentionally for advertising purposes. This is no longer happening and we wanted to give you more clarity around the situation: https://t.co/bBLQHwDHeQ
— Twitter Support (@TwitterSupport) October 8, 2019
As noted, Twitter has found that people's email addresses and phone numbers, which they had provided purely for account security purposes, had been used to match them with more relevant ads.
The process involved the use of Twitter's Tailored and Partner Audience options, through which brands provide their contact listings and Twitter matches them against the profiles in its database.
As explained by Twitter:
"Tailored Audiences is a version of an industry-standard product that allows advertisers to target ads to customers based on the advertiser's own marketing lists (e.g., email addresses or phone numbers they have compiled). Partner Audiences allows advertisers to use the same Tailored Audiences features to target ads to audiences provided by third-party partners. When an advertiser uploaded their marketing list, we may have matched people on Twitter to their list based on the email or phone number the Twitter account holder provided for safety and security purposes. This was an error and we apologize."
So, essentially, Twitter took that data and used it as a matching tool to better correlate audiences for ads. It's largely the same process that Facebook was found to be utilizing with mobile numbers uploaded for two-factor authentication after an investigation last year, which Facebook later admitted to. In that instance, the issue was then added into the FTC's case against Facebook for cumulative privacy violations, which eventually lead to The Social Network copping a record $5 billion fine.
Twitter will likely avoid penalty, because its usage was accidental, whereas Facebook had knowingly utilized this information stream within its process.
Twitter says that it has now corrected the issue:
"We cannot say with certainty how many people were impacted by this, but in an effort to be transparent, we wanted to make everyone aware. No personal data was ever shared externally with our partners or any other third parties. As of September 17th, we have addressed the issue that allowed this to occur and are no longer using phone numbers or email addresses collected for safety or security purposes for advertising."
It's another example of just how much personal information we provide online, and how that data can be used against us, without our knowledge or permission. The fact of the matter is that each day, we're all uploading more and more of our personal information, and once it's logged and recorded, it can also, potentially, be misused. And there's not a lot we can do about it.
That's actually a key point in the Facebook/FTC case - while Facebook has taken a seemingly huge financial hit, the company is on track to generate $60 billion in revenue for the year, so the actual impact is not that major. It's difficult to get your head around the fact that a company can just absorb a $5 billion penalty, but that's how big Facebook now is, and as it continues to grow, it also moves further beyond the realms of normal limitations and restrictions. If a $5 billion fine doesn't hurt it, what can regulators do? And given this, should we be concerned about Facebook's power?
That's the core of the rising case against big tech, that they're moving beyond any potential constraints, and are gaining too much power, particularly in relation to the masses of user data they gather. In Twitter's case, it's less of an issue, but it does, once again, highlight that it's not just Facebook who have, and are using, your personal insights.
Our entire lives are becoming increasingly connected, increasingly digital. Cash transactions will soon be a thing of the past, digital assistant devices are logging more of our personal, intimate requests, health trackers are monitoring our every move. Yes, social platforms have a lot of data, but even if you take them out of the equation, there are plenty of other expanding databases being formulated based on our activity.
This is the price we pay for increased convenience, and we largely don't question such. Until it's too late.
This new incident underlines that it may already be too late in many respects, but its a smaller issue than the Facebook one, so we'll move on. But more scrutiny of such. more broadly, is indeed required.