The United States’ Federal Trade Commission (FTC) has imposed a sanction of $150 million on Twitter.
The social media company was allegedly making use of the personal information of its users, which it promised to use to secure their accounts, for target ads.
This is not the first alleged violation of the FTC Act, under which, among other things, the agency is “empowered to prevent unfair or deceptive acts or practices in or affecting commerce.”
Register for Tekedia Mini-MBA edition 17 (June 9 – Sept 6, 2025) today for early bird discounts. Do annual for access to Blucera.com.
Tekedia AI in Business Masterclass opens registrations.
Join Tekedia Capital Syndicate and co-invest in great global startups.
Register to become a better CEO or Director with Tekedia CEO & Director Program.
In 2011, Twitter settled with the FTC, having been accused of serious lapses in its data security that allowed hackers to obtain unauthorized administrative control of the platform.
The order prohibited misrepresentations around how Twitter maintains information like email addresses and phone numbers collected from users.
The just-announced $150 million civil penalty stems from a new complaint filed by the US’ Department of Justice (DOJ) on behalf of the FTC, alleging that Twitter had violated the order in the earlier case by collecting customers’ personal information for the stated purpose of security and then exploiting it commercially.
The FTC in a statement announcing the fine, said, “Specifically, while Twitter represented to users that it collected their telephone numbers and email addresses to secure their accounts, Twitter failed to disclose that it also used user contact information to aid advertisers in reaching their preferred audiences. The complaint was filed by the DOJ on behalf of the FTC.”
The complaint said users provided email addresses or telephone numbers based on Twitter’s “deceptive statements” that such information would be used for account security, such as two-step authorizations.
“This practice affected more than 140 million Twitter users, while boosting Twitter’s primary source of revenue.” the FTC added.
In addition to imposing a $150 million civil penalty for violating the 2011 order, the new order adds more provisions to protect consumers in the future. The orders are as follow:
- Twitter is prohibited from using the phone numbers and email addresses it illegally collected to serve ads.
- Twitter must notify users about its improper use of phone numbers and email addresses, tell them about the FTC law enforcement action, and explain how they can turn off personalized ads and review their multi-factor authentication settings.
- Twitter must provide multi-factor authentication options that do not require people to provide a phone number.
- Twitter must implement an enhanced privacy program and a beefed-up information security program that includes multiple new provisions spelled out in the order,
- Twitter must acquire privacy and security assessments by an independent third-party approved by the FTC, and report privacy or security incidents to the FTC within 30 days.
This is indeed a welcome and commendable measure as was taken by the US’ FTC. This implies that such illegal activity had been taking place across the global community without the knowledge of the apt authorities in various countries where they are operating.
Hence, if well checked or scrutinized, it would be ascertained that other social media networks have equally been carrying out such unauthorized or prohibited acts.
The relevant agencies in other nations are also enjoined to expedite actions in a bid to discover similar prohibited activities, and sanctioning the indicted firm accordingly.