It’s a day that ends in the letter “y,” which suggests there’ll be more drama on Twitter. Lea Kissner, chief information security officer, Damien Kieran, chief privacy officer, and Marianne Fogarty, chief compliance officer, have all resigned. According to the article, the company’s engineers would now be in charge of assuring regulatory compliance. Twitter is now subject to a consent decree from the Federal Trade Commission, which contains specific privacy and security obligations.
“I’ve taken the difficult choice to abandon Twitter,” Kissner tweeted. “I’ve had the chance to work with incredible individuals, and I’m really proud of the privacy, security, and IT teams and the work we’ve accomplished.”
The departures will almost certainly have an influence on Twitter’s security and privacy departments. To that end, according to a Slack message supposedly sent by a Twitter lawyer, engineers have been urged to “self-certify” that they are in compliance with FTC regulations and other laws. “This will expose engineers to a significant degree of personal, professional, and legal danger,” the statement states. “I predict that management will put pressure on all of you to implement changes that will almost certainly result in severe accidents.” The attorney, who recommended employees to seek whistleblower protection, if necessary, cautioned that such modifications are “very risky for our users.”
The FTC consent order is part of a May deal between Twitter and the commission. One of the criteria requires the corporation to implement a “comprehensive privacy and information security programme” to assess the privacy and security risks of new goods. If Twitter breaches the consent order, it might face “billions of dollars” in penalties, which would be “very harmful to Twitter’s survival as a platform,” according to the lawyer.
This week, the business updated the Twitter Blue service and began charging $8 per month for a checkmark (formerly used to indicate that an account was verified). Impersonation, fake accounts, and frauds have already become a minefield as a result.
According to a Twitter employee, the rapid launch of the sponsored checkmark scheme, enforced by new owner Elon Musk, evaded the standard privacy review procedure. “The individuals generally responsible with these things were given little warning, little time, and [it’s] ridiculous to believe [the privacy assessment] was complete,” the employee said, noting that none of the team’s suggestions were implemented before the new Twitter Blue went live. That team could only examine potential hazards the night before Twitter pushed out the redesigned service.