Whistleblower Peiter “Mudge” Zatko will testify before a U.S. Senate committee about the social media company’s alleged security failings, in accordance with a congressional subpoena. Zatko, previously Twitter’s head of security, was also subpoenaed by Musk’s legal team earlier this week, to testify in the ongoing court battle over the billionaire’s attempt to back out of his fraught $44 billion Twitter purchase.
The allegations that Zatko made about his former employer, in a 200-page disclosure sent to multiple government agencies, include the following, according to CNN and The Washington Post:
- That the company has recklessly allowed half of all its staff access to users’ personal data
- Twitter has misled regulators and users on its security practices, and violated the terms of an 11-year old FTC settlement
- User data isn’t deleted when an account is
- Company leadership hasn’t pursued accurate accounting of bots on the platform, and hasn’t honestly disclosed their knowledge of bots
- And that the platform has allowed government agents to infiltrate its ranks (Note: Just two weeks ago, a former Twitter employee was convicted on charges of spying for Saudi Arabia.)
Earlier this week, Twitter shared an e-mailed statement with Gizmodo denying the legitimacy of the allegations and claiming that Zatko was fired from his role for poor performance. “What we’ve seen so far is a false narrative about Twitter and our privacy and data security practices that is riddled with inconsistencies and inaccuracies and lacks important context. Mr. Zatko’s allegations and opportunistic timing appear designed to capture attention and inflict harm on Twitter, its customers and its shareholders. Security and privacy have long been company-wide priorities at Twitter and will continue to be,” the company wrote.
Zatko’s congressional hearing is scheduled for Tuesday, September 13 at 10 a.m., according to a press announcement from Senate Judiciary Committee leaders, Illinois Senator Dick Durbin and Iowa Senator Chuck Grassley.
“Mr. Zatko’s allegations of widespread security failures and foreign state actor interference at Twitter raise serious concerns. If these claims are accurate, they may show dangerous data privacy and security risks for Twitter users around the world,” Durbin and Grassley said in the joint statement. “The Senate Judiciary Committee will investigate this issue further with a full Committee hearing this work period, and take further steps as needed to get to the bottom of these alarming allegations.”
This isn’t the first time Twitter has been under federal scrutiny for its mishandling of private data and security, as evidenced by the 2010 FTC complaint and subsequent settlement against the company. However, it’s also far from the first instance of a congressional tech hearing in recent years. Often, the bulk of what these hearings do is reveal that lawmakers have very little understanding of controversial technology, even when the feds are using it.