The Federal Trade Commission has agreed on a settlement with Twitter stemming from allegations that the micro blog deceived consumers and put their privacy at risk by failing to safeguard their personal information, resulting in a breach that allowed hackers to take over Twitter twice in 2009.
The micro blog also asserted it employed administrative, physical and electronic measures designed to protect users’ information from unauthorized access.
FTC alleged that between January and May of 2009, hackers twice gained administrative control of Twitter and hijacked several dozen prominent accounts, including those of Barack Obama and then-CNN anchor Rick Sanchez, as well as accessed accounts’ email addresses and other personal information.
Under the settlement, Twitter will be barred for 20 years from misleading consumers about the extent it protects the security, privacy and confidentiality of nonpublic consumer information, including the measures it takes to prevent unauthorized access to nonpublic information and honor users’ privacy choices.
In addition, the company also must create and maintain a comprehensive information security program, which an independent auditor will review every other year for 10 years.