Twitter Admits to Privacy Settings Blunders
Twitter said in a blog post that several privacy settings "may not have worked as intended" since 2018. By that it means technical failures led it to collect information--some of which it shared with its advertising partners--that its users explicitly told it not to via their settings.
The first setting related to information gathered when Twitter users interact with ads in the service's mobile app. The company said in its blog post that "if you clicked or viewed an advertisement for a mobile application and subsequently interacted with the mobile application since May 2018," it may have shared data with its "trusted" measurement or ad partners "even if you didn't give us permission to do so."
That data included the user's "country code, if you engaged with the ad and when,"plus "information about the ad" and more. It's collected to give Twitter more information about a "conversion event" that basically lets advertisers know their ads have proven effective. Twitter's reliance on advertising revenues makes proof of effectiveness important; companies aren't going to pay for ads nobody clicks.
The company said it also "may have shown you ads based on inferences we made about the devices you use, even if you did not give us permission to do so" as part of a process introduced in September 2018. This process was supposed to make the ads Twitter shows on its own platform, as well as other services, more relevant to their viewers. (Which, again, is meant to appease the ad companies it serves.)
Twitter said this information wasn't shared with other companies--which is a plus--and didn't include things like account credentials. More details about the inferences Twitter makes about its users can be found on the company's website. Those inferences are mostly supposed to make sure Twitter serves the same (or at least similar) advertisements to its users even if they switch between devices or browsers.
Companies that rely on ads often want to have their cake and eat it too. They introduce new tools for collecting more information that can be used to serve increasingly relevant ads but don't want people concerned about their privacy to abandon their services. So they allow users to opt out via their account settings. This is supposed to give people at least a modicum of control over their data.
But this disclosure shows that relying on settings to safeguard information requires faith in the company offering these services. Faith that privacy-related settings are working properly, faith that companies honor those settings and faith that those settings will remain available if a company struggles. There's no indication Twitter was acting in bad faith, but users might still question if their own faith was misplaced.
Stay On the Cutting Edge: Get the Tom's Hardware Newsletter
Get Tom's Hardware's best news and in-depth reviews, straight to your inbox.
Twitter said that it fixed both of these problems on August 5. It said it's "still conducting our investigation to determine who may have been impacted," so it can't notify affected users or even guess how many people were affected, but it assured its users that "if we discover more information that is useful we will share it." That's a pretty big "if" when it comes to something as critical as privacy settings.
Nathaniel Mott is a freelance news and features writer for Tom's Hardware US, covering breaking news, security, and the silliest aspects of the tech industry.
Intel looks beyond silicon, outlines breakthroughs in atomically-thin 2D transistors, chip packaging, and interconnects at IEDM 2024
iFixit now sells genuine Xbox replacement parts but at ridiculous prices — $599 for an Xbox Series X motherboard when a new console costs $499
US govt says Cisco gear often targeted in China's Salt Typhoon attacks on 8 telecommunications providers — issues Cisco-specific advice to patch networks to fend off attacks
-
Math Geek "may not have worked as intended" to me means they actually collected less than they intended.Reply
i still giggle when folks pretend that all you have to do is click a couple buttons in the privacy settings and all these companies that depend on data mining for cash all of a sudden stop collecting it and let you use the service for free.
ok so maybe i don't giggle so much as point and laugh hysterically but you get the idea.:ptdr: