The FTC recently posted a press release (FTC Press Release) on their settlement with Twitter, Inc. over charges that the company failed to protect users’ private information. The charges against Twitter stem from several high-profile incidences where hackers were able to gain administrative control of Twitter to: view nonpublic user information; gain access to direct messages and protected tweets; reset any user’s password; and send authorized tweets from any user account.
The FTC made it a point to remind companies that a promise to keep user personal information secure must be kept. Furthermore, even when social networking users choose to share information with others, they still have a right to expect that their personal information will be kept private and secure. The press release outlines the reasonable steps Twitter failed to take and serves as a useful guideline for companies that want to make sure their user information security practices do not run afoul of FTC expectations.