Twitter Fined for Misusing 2FA info for Ads
Twitter has been ordered to pay $150 million for misusing account security data for targeted advertising.
The fine, imposed by the US regulator FTC, comes because Twitter phone numbers and email addresses provided for two-factor authentication (2FA) were also used to send targeted advertisements to users.
With 2FA, when logging in to a new device, you also need a second code in addition to your password, which is sent by text message, email or via an authentication app. Twitter did not inform users that the contact information is collected in this way was also used for commercial purposes and not just for security measures.
In total, this concerns 140 million users since 2013, after Twitter was ordered by the FTC not to misrepresent such things. The FTC has banned the company from making a profit from the data, must also allow other 2FA methods such as mobile apps, and must notify users of the misstep.
Twitter, which admitted the mistake in 2019, says in a response that it has always cooperated with the investigation and will pay the fine. The company also states that it takes data security and user privacy very seriously. A statement that American technology companies often use at times when they abuse the privacy of their users for extra income.