Twitter has published a statement in which it has admitted that user data including e-mail, numbers, and addresses could have been used for advertising purposes.
The important (and rather ironical!) thing to note here is that this is a clear violation of the actual purpose of the data, which was to ensure account security for these users.
As per the statement:
We recently discovered that when you provided an email address or phone number for safety or security purposes (for example, two-factor authentication) this data may have inadvertently been used for advertising purposes, specifically in our Tailored Audiences and Partner Audiences advertising system.
So basically how this happened was like this: Advertiser uploads his/her marketing list; and the list may have matched people on Twitter that provided their mails and numbers for security purposes. When you consider the sheer reach that Twitter commands, incidents like this become a very serious concern.
As of June, the social media network has an average monetizable daily active usage of 139 million, a year-over-year rise of 17 million and a quarter-over-quarter rise of 5 million. While advertises would kill for that kind of personal data, users are not going to be very happy to find that the data they provided for security purposes is being used to target them with ads.
Meanwhile, Twitter has clarified that while it is not sure how many users could have been impacted, it is certain that no personal data was ever shared with any external entities, including partners. It also said that the issue has already been fixed as of 17th of September, and phone numbers and mails expressly collected for the purpose of security would not be used for advertising.
This was an error and we apologise…We cannot say with certainty how many people were impacted by this, but in an effort to be transparent, we wanted to make everyone aware.
We’re very sorry this happened and are taking steps to make sure we don’t make a mistake like this again.