What just happened? Twitter is facing more problems in its legal battle with Elon Musk after a whistleblower claimed company executives deceived federal regulators and its own board of directors over the way it protects user data, security measures, and its ability to fight spam accounts.
The Washington Post and CNN both report that the accusations come via complaints filed with the Securities and Exchange Commission, Federal Trade Commission, and Department of Justice from Twitter's former head of security, Peiter Zatko, who goes by the nickname "Mudge."
Zatko alleges in the complaints that he "witnessed senior executive engaging in deceitful and/or misleading communications affecting Board members, users and shareholders" on multiple occasions in 2021 and that CEO Parag Agrawal asked him to provide false and misleading documents.
Zatko also calls Agrawal's tweet stating the company is "strongly incentivized to detect and remove as much spam as we possibly can, every single day" a "lie."
JUST IN - Twitter stock falls over 5% amid whistleblower allegations. pic.twitter.com/WRK21KIPHz
— Disclose.tv (@disclosetv) August 23, 2022
One of the claims is that Twitter violated its 2011 settlement with the FTC, which arose from charges over it deceiving consumers and putting their privacy at risk by failing to safeguard their personal information. Part of the settlement was that Twitter maintains a comprehensive security plan, but Zatko says half the company's 500,000 servers were running out-of-date and vulnerable software and that executives withheld from directors facts about the number of breaches and lack of protection for user data.
Zatko also says thousands of Twitter staff still had broad access to the platform's systems, and their access was not adequately monitored. "Nearly all employees have access to systems or data they should not," the complaint states.
There's also a reference to the number of spam accounts on Twitter, something the company insists makes up less than 5% of all accounts. Zatko claims Twitter's head of site integrity said the company did not know how many fake accounts were on the platform, and it did not wish to know the exact number as it would likely harm Twitter's public image and share price.
So spam prevalence *was* shared with the board, but the board chose not disclose that to the public … pic.twitter.com/lXk48TFZL1
— Elon Musk (@elonmusk) August 23, 2022
Elon Musk, of course, walked away from his $44 billion acquisition of Twitter over the spam-counting controversy. The world's richest man will doubtlessly refer to the complaint as evidence in his upcoming trial against Twitter.
"We have already issued a subpoena for Mr. Zatko, and we found his exit and that of other key employees curious in light of what we have been finding," Musk attorney Alex Spiro of Quinn Emanuel told CNBC.
A Twitter spokesperson said Zatko was fired in January this year for "ineffective leadership and poor performance."
"What we've seen so far is a false narrative about Twitter and our privacy and data security practices that is riddled with inconsistencies and inaccuracies and lacks important context. Mr. Zatko's allegations and opportunistic timing appear designed to capture attention and inflict harm on Twitter, its customers and its shareholders. Security and privacy have long been company-wide priorities at Twitter and will continue to be," the spokesperson continued.
Reuters writes that in the wake of the complaints going public, Twitter is now combining its health experience team, which works on reducing misinformation and harmful content, with the Twitter service team, which is responsible for reviewing profiles that users report and taking down spam accounts.
