Slash Boxes

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 14 submissions in the queue.
posted by janrinok on Tuesday February 27, @03:31PM   Printer-friendly

Twitter security staff kept firm in compliance by disobeying Musk, FTC says:

Twitter employees prevented Elon Musk from violating the company's privacy settlement with the US government, according to Federal Trade Commission Chair Lina Khan.

After Musk bought Twitter in late 2022, he gave Bari Weiss and other journalists access to company documents in the so-called "Twitter Files" incident. The access given to outside individuals raised concerns that Twitter (which is currently named X) violated a 2022 settlement with the FTC, which has requirements designed to prevent repeats of previous security failures.

Some of Twitter's top privacy and security executives also resigned shortly after Musk's purchase, citing concerns that Musk's rapid changes could cause violations of the settlement.

FTC staff deposed former Twitter employees and "learned that the access provided to the third-party individuals turned out to be more limited than the individuals' tweets and other public reporting had indicated," Khan wrote in a letter sent today to US Rep. Jim Jordan (R-Ohio). Khan's letter said the access was limited because employees refused to comply with Musk's demands:

The deposition testimony revealed that in early December 2022, Elon Musk had reportedly directed staff to grant an outside third-party individual "full access to everything at Twitter... No limits at all." Consistent with Musk's direction, the individual was initially assigned a company laptop and internal account, with the intent that the third-party individual be given "elevated privileges" beyond what an average company employee might have.

However, based on a concern that such an arrangement would risk exposing nonpublic user information in potential violation of the FTC's Order, longtime information security employees at Twitter intervened and implemented safeguards to mitigate the risks. Ultimately the third-party individuals did not receive direct access to Twitter's systems, but instead worked with other company employees who accessed the systems on the individuals' behalf.

Jordan is chair of the House Judiciary Committee and has criticized the investigation, claiming that "the FTC harassed Twitter in the wake of Mr. Musk's acquisition." Khan's letter to Jordan today argues that the FTC investigation was justified.

"The FTC's investigation confirmed that staff was right to be concerned, given that Twitter's new CEO had directed employees to take actions that would have violated the FTC's Order," Khan wrote. "Once staff learned that the FTC's Order had worked to ensure that Twitter employees took appropriate measures to protect consumers' private information, compliance staff made no further inquiries to Twitter or anyone else concerning this issue."

Khan also wrote that deep staff cuts following the Musk acquisition, and resignations of Twitter's top privacy and compliance officials, meant that "there was no one left at the company responsible for interpreting and modifying data policies and practices to ensure Twitter was complying with the FTC's Order to safeguard Americans' personal data." The letter continued:

Original Submission

This discussion was created by janrinok (52) for logged-in users only, but now has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 5, Insightful) by ledow on Wednesday February 28, @09:51AM (1 child)

    by ledow (5567) on Wednesday February 28, @09:51AM (#1346620) Homepage

    I have disobeyed bosses on many occasions, usually when it's about to land us into legal trouble or they expect me to perform an action I know to be damaging, illegal, unethical, etc.

    Sorry, what kind of hell-hole do you live in where you even THINK for a second that you must obey every order barked at you by your boss for fear of termination, no matter how ridiculous, illegal, etc. it may be?

    Strangely, I have not yet once been fired, and every time I've done this it's resulted in immediate backing-down and letting me proceed as I'm supposed to.

    Firing people for that it literally a way to bankrupt your company through unfair dismissal lawsuits AND make whatever you wanted to do public AND then get in trouble with courts for not only disobeying court orders but doing so WILLFULLY to the extent that you fired employees for complying with them, which greatly increases the damages and penalties you'll be hit with.

    If your employees say "no, that's illegal", and your first thought is "I'll just fire you then", you're the one who's going to end up in jail.

    Starting Score:    1  point
    Moderation   +3  
       Insightful=3, Total=3
    Extra 'Insightful' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   5  
  • (Score: 1) by khallow on Thursday February 29, @12:52PM

    by khallow (3766) Subscriber Badge on Thursday February 29, @12:52PM (#1346789) Journal
    And such bosses also don't want to be on record as directly ordering someone to break the law. Their legal defense above would likely be that they were unaware that the action was illegal and that it was the employee's duty to inform them of this fact rather than carry out the action. Have cake and eat it.