The Twitter privacy policy is silent on what Twitter would do in the event of a data breach. One reading of the policy could be that since the user consents to this information being shared, Twitter would have limited liability or even a limited duty to inform in the event of a breach.
According to an article on securitywatch.pcmag.com, Twitter recently had a data breach where 250,000 user accounts were compromised. Speaking on the notice Twitter sent to users, the article said, "The notification email from Twitter is cryptic, to say the least. It doesn't mention the attack at all, nor does it link to the actual blog post. It just informs the user the password may have been compromised and offers the user a link to click on to reset the password. There are a[sic] other links to other parts of the site in the email" (Rashid, 2013). Based on the fact that the privacy policy does not specify how Twitter must inform and recent evidence, one could imagine the company does not have a formal policy for notification.
The policies used for this post are: https://twitter.com/tos and https://twitter.com/privacy
References
Rashid, F. Y. (2013, February 2). Twitter Breached, Attackers Stole 250,000 User Data. Retrieved from http://securitywatch.pcmag.com/none/307708-twitter-breached-attackers-stole-250-000-user-data
No comments:
Post a Comment