Twitter Inadvertently Shared Users Data With Advertisers Without User Consent

Twitter has once again confessed a serious problem breaching users’ privacy. It turns out that Twitter inadvertently shared users’ data with some advertisers due to a glitch. This glitch even affected those accounts that did not explicitly permit such sharing.

Twitter Shared Users Data With Advertisers Due To A Bug

In a recent blog post, Twitter admitted a serious glitch in its systems. The flaw caused the users’ settings to not work as intended in some cases. As the blog post reads,

We recently found issues where your settings choices may not have worked as intended.

Reportedly, the problem arose in the ad settings. As a standard, Twitter lets the users choose what type of data they want to share with Twitter. This data may subsequently reach the partnering advertisers of the social media giant, apart from other uses.

While this seems a pretty transparent privacy control, due to said glitch, it didn’t work. Even in cases where users simply denied any permissions, Twitter continued to collect and share the data.

It precisely happened in two ways.

In the first scenario, the platform collected and shared data with advertisers if a user clicked or viewed an ad for a mobile app on the platform and interacted with it. As stated by Twitter,

If you clicked or viewed an advertisement for a mobile application and subsequently interacted with the mobile application since May 2018, we may have shared certain data (e.g., country code, if you engaged with the ad and when, information about the ad, etc) with trusted measurement and advertising partners, even if you didn’t give us permission to do so.

It means the data sharing without permissions continued for over a year.

In the second scenario, Twitter may have collected and shared your data ‘based on inferences’ for ad targeting purposes. This practice continued since September 2018 and even happened in those cases where the users did not permit.

Though they assured that the data remained limited to Twitter. Also, they ensured that the collected data did not include details like email accounts and passwords.

Twitter Fixed The Glitch – Users To Check Settings

Twitter has confirmed in their disclosure that they already fixed the glitch on August 5, 2019. It means the users no longer face this problem. However, they haven’t revealed other details yet as they continue with the investigations.

We know you will want to know if you were personally affected, and how many people in total were involved. We are still conducting our investigation to determine who may have been impacted and If we discover more information that is useful, we will share it.

Moreover, they also apologize for the occurrence and pledge to prevent such issues from happening in the future.

However, recalling the previous record of such glitches, it isn’t certain whether Twitter will succeed in fulfilling this commitment. This report marks the third major security issue with Twitter. In January 2019, Twitter confessed of an Android app bug that continued to expose users’ private tweets for five years. Whereas, in May 2019, they admitted an iOS app bug that allowed sharing of users’ location data.

Let us know your thoughts in the comments.

Related posts

Water Facilities Must Secure Exposed HMIs – Warns CISA

Microsoft December Patch Tuesday Arrived With 70+ Bug Fixes

NachoVPN Attack Risks Corporate VPN Clients