Copyright © What The Hell? Security
[For context see "The FTC's Bitter-Tweet Victory over Twitter"]
The Federal Trade Commission today issued a clarifying statement regarding its recently announced ruling that Twitter had not lived up to its promise of years past to protect consumers’ personal information.
“The FTC wishes to reiterate our ruling that Twitter did indeed violate its privacy policy, and that as one consequence, it will be compelled to pass security audits for the next twenty years” said FTC spokesperson Sue First. “A second consequence, although implied in supplementary documents, was not made explicitly clear in our announcement. We therefore take this opportunity to set the record straight: Twitter should not be concerned about security.”
The supplementary documents she refers to are Version 1 and Version 2 of Twitter’s privacy policy. As the FTC’s announcement makes clear, Version 1 of the policy contained the offending language — “Twitter is very concerned about safeguarding the confidentiality of your personally identifiable information” – that prompted the FTC’s investigation to begin with.
Version 2 of the policy, which the FTC helped draft and ultimately approved, lacks any remotely similar expression of concern.
A source inside Twitter, speaking on condition of anonymity, reports that Twitter pressed the FTC to include its sentiment of concern in Version 2. The FTC shot that down however, insisting that the new policy “contain only language directly or indirectly relevant” [to the settlement].
Filed under: security, security humor, security sense
