Twitter failed to protect user's accounts

THE COMMUNICATION MEDIUM FOR THE LANGUAGE IMPAIRED, Twitter has been slapped down by the US Federal Trade Commission (FTC) for its lax security that led to account holders' private information being easily accessible.

The micro-blogging service, known primarily for its useless messages and patchy service, was hacked numerous times last year. The FTC is blaming Twitter for allowing hackers to be "able to view nonpublic user information, gain access to direct messages and protected tweets, and reset any user's password" between January and March, 2009.

Twitter acknowledged that 45 accounts had been accessed, but bleated that it was only for "short periods of time".

According to the FTC, the compromised accounts were due to Twitter's failure to take "reasonable steps", meaning that its users weren't to blame.

David Vladeck, director of the FTC's Bureau of Consumer Protection went further, saying that "when a company promises consumers that their personal information is secure, it must live up to that promise." Well, yes.

So it is perhaps more than a little disappointing that all Twitter had to do was agree that for the next 20 years it will refrain from "misleading consumers about the extent to which it maintains and protects the security, privacy, and confidentiality of nonpublic consumer information."

Or, in other words, it merely had to say sorry and promise not to do it again, at least not for a very long time.

Twitter also said that it had already implemented many of the changes suggested by the FTC.

A final decision on the agreement will be made by the FTC on 26 July. µ