The network of micro-blogging service Twitter has just agreed to settle a case amicably with the FTC, the U.S. Trade Commission. She had complained, saying that Twitter had failed in its obligation to protect the personal data of its users, not putting the necessary barriers.
Twitter would have been lax in the management of private data of its users. A situation that has allowed hackers to take administrative control of the service, said the complaint made public last night the United States. Hackers have been able on two occasions in early 2009, access to tweets that had been designated as private by the senders. They were also capable of sending false messages by passing them through tweets from Obama, Fox News and other organizations, according to the FTC.
The fault of Twitter would not have established or strengthened security policies, for certain, however trivial. Thus, no system against weak passwords easy to guess, no encryption of passwords sent by email ... And no suspension of the password of a user after multiple failed login attempts. "Twitter feels very concerned with protecting the confidentiality of your personally identifiable information," explains the policy statement of the site. "We use appropriate administrative, physical and electronic to protect your data from unauthorized access."
"When a company promises its customers that their personal information is secure, it must keep its promise," tackle David Vladeck, director of the Office of Consumer Protection of the FTC. "In addition, a company that allows its users to detail what information must use private security measures for their protection." Under the deal agreed by Twitter and the FTC, the social networking site will have implement a comprehensive security system, which will be audited annually by an expert third for the next 10 years.
No comments:
Post a Comment