A current Twitter employee said several other members of the site’s privacy and security department had also resigned, while another said he was working with Twitter Blue, the company’s expanded paid service. said it was trying to stop the wave of abuse of
The Federal Trade Commission issued its latest consent decree with Twitter in May, saying it “follows Twitter with deep concern.”
Douglas Farrar, director of public affairs for the FTC, said: “The revised Consent Order gives us new tools to ensure compliance, and we are ready to use them.”
The privacy staff said their primary concern was the rapid rollout of new features without the full security review required by the FTC’s consent orders. They also objected in an email Wednesday night to an order that all employees must begin working 40-hour weeks in the office starting Thursday, addressed to employees for the first time since Musk took control of the company.
Musk’s email didn’t support Twitter’s long tradition of flexibility and remote work. Instead, he said he desperately needed to monetize Twitter Blue. Musk warned that Twitter likely won’t weather the coming recession unless subscription revenues pick up significantly. “About half of your revenue should be subscriptions.”
A former FTC official has warned that the resignation of a key privacy and security officer and some of Musk’s proposed changes to the Twitter product have put the company in serious regulatory jeopardy. did.
David C. Vladeck, director of the FTC’s Office of Consumer Protection at the time Twitter first settled with the FTC, said the departure and confusion raises the question, “Will compliance requirements go unnoticed?” said.
Vladeck said the penalties could be exponentially higher if Twitter were alleged to have breached its agreement with the FTC twice. “It’s going to be a very large multiple of the final fine,” he said, referring to a May fine of $150 million.
Twitter entered a consent decree with the FTC after allegations that it misrepresented emails and phone numbers it had collected for security purposes to serve targeted ads to users. The FTC argued that this violated his 2011 consent decree with the company.
The new legislation required Twitter to launch an enhanced privacy and security program, which was subject to third-party audits. Under this program, Twitter is required to conduct a privacy assessment of all new products it launches.
The employee’s Slack message said that releasing products or changes too quickly without effective security reviews is “extremely dangerous” for users.
Engineers say they have to bear the burden of proving that their products comply with the FTC agreement, which puts them at considerable personal legal risk.
The collapse of security leaders is particularly acute because the FTC audit was due by January, according to two people familiar with the schedule.
One person said Kissner and other executives had been hiring in a desperate effort to meet compliance rules earlier, despite a company-wide freeze.
“It’s people we desperately need,” said one of about half the companies laid off last week.
The Slack message contained a link to Whistleblower Aid. Whistleblower Aid represented former security chief Peiter Zatko when he filed a complaint earlier this year with the U.S. Securities and Exchange Commission and other officials for alleged violations related to the FTC. . Logging access to sensitive data and extensive use of outdated software.
The message warned that the FTC could fine Twitter “billions of dollars.” The author claimed that Musk’s top lawyer, Alex Spiro, heard Elon say that Elon was “willing to take enormous risks in retaliation against this company and its users.” Spiro did not immediately respond to a request for comment on the memo.
Other employees said they took paid leave on Thursday as a sign of disapproval.
Brought in by Zatko, Kissner was praised within Twitter and viewed as a key backstop during the recent turmoil.
Alex Stamos, former head of data security at Facebook and Yahoo, said: “The team led by Dr. Kisner has made significant progress in resolving these deficiencies as Twitter is mandated by the FTC’s consent order.”
