The former security chief of Twitter claims that the firm deceived regulators on spam and shoddy security
The stunning whistleblower lawsuit, a copy of which The Washington Post was able to get, paints a shocking picture of Twitter as a disorderly and directionless business plagued by internal strife. One of the most significant allegations is that Twitter falsified its security plan in order to comply with the terms of a settlement with the FTC.
In his complaint, Zatko claims that during the country’s tumultuous period of protests, the Indian government compelled Twitter to hire one of its agents and grant them access to user data. According to the complaint, the Justice Department’s National Security Division and the Senate Select Committee on Intelligence have received evidence corroborating that claim. Another person with knowledge of the situation concurred that the employee was most likely an agent.
The complaint stated that:
Due to Twitter’s fundamental architectural problems, the Indian government required Twitter to employ a specific person or people who were government agents and who would have access to a significant amount of sensitive Twitter data. The number of government data requests from the Indian government was purportedly quantified in Twitter’s transparency reports, but the company did not actually inform users that it was believed by the executive team that the Indian government had been successful in hiring agents on the company payroll. Twitter officials broke the company’s stated promises to its users by knowingly allowing an agent of the Indian government direct, unrestricted access to the company’s systems and user data.