Twitter has expressed regret for the use of phone numbers and e-address of its users given for account safety, inadvertently to permit targeted advertising.
Based on the provided contact info, it is possible for 3rd-party marketers to approach particular Twitter users despite the user’s unwillingness to let his information being used in that manner.
Twitter stated that it was uncertain regarding the number of users impacted from it but BBC realizes that users have been affected worldwide. Even, Twitter isn’t proactive in communicating customers to notify them about the breach.
It wasn’t revealed when this breach was discovered by the company but asserted that the issue has been addresses on September 17. Furthermore, the firm confirmed that no e-addresses or phone numbers given for security purposes are being used for any sort of advertisement.
The European headquarters of Twitter are located in Dublin and no information has been given away by the company whether the IDPC (Irish Data Protection Commissioner) has been informed or not, other than saying it communicated appropriately with regulators.
As per Europe’s GDPR (General Data Protection Regulation), users have to be informed is any breaching of their personal data has taken place other than their purpose. Twitter stated that it has 139 M users and the platform is being used by them each day and they’re attended with ads.
Twitter allows advertisers to match their own info regarding customer e-addresses which are collected independently from Twitter with those of Twitter’s users that use the exact e-address; although this method is common in social media where ads are targeted at those who’re likely to be acquainted with the product or brand.
However, according to Twitter’s disclosure here those account details were used which were provided for the sole purpose of account safety. This procedure adds 2nd-level of safety. However, Twitter acknowledges its errors and apologizes.