On Tuesday, October 9th, Twitter admitted that it used account phone numbers and email addresses for targeted advertising. Provided from users to enable two-factor authentication, this is a huge breach of privacy.
In a blog-posts describing the discovery, Twitter explains that the information was inadvertently used by its Tailored Audiences and Partner Audiences advertising systems. The Tailored Audiences program targets ads to customers based on lists consisting of phone numbers, email addresses, or twitter handles. Advertisers use their existing marketing lists and match the information to Twitter accounts. It’s described by Twitter as being “a great way to create highly relevant remarketing campaigns.” The Partner Audiences advertising program uses the same features to target audiences provided by a third party.
Twitter states: “When an advertiser uploaded their marketing list, we may have matched people on Twitter to their list based on the email or phone number the Twitter account holder provided for safety and security purposes.”
This is an obvious infraction on Twitter users trust who providing their information anticipating an additional layer of security. The statement continues to explain that it is unknown how many users are affected but indicates that no personal data was shared externally with third parties. The issue was modified on September 17th, but the error was brought to the attention of the public recently to be transparent.
Twitter profusely apologizes for the breach throughout the statement. Inevitably, this will impact the level of confidence its users have in the social media platform. In any case, Brave River always recommends using two-factor authentication for an added layer of security.