In a new shocker, a whistleblower files a complaint that the Indian government forced Twitter to put in an agent to have access to data.
In this new revelation about Twitter, the whistleblower alleges that the Indian government forced Twitter to put ‘agent’ on payroll to get access to personal user data, says former security chief and whistleblower filed a complaint with the U.S. Securities and Exchange Commission.
Peiter Zatko, former head of security at Twitter raised the issue with the U.S. Securities and Exchange Commission among other security lapse claims at Twitter.
He said the government agent would have had access to sensitive user data due to Twitter’s weak security infrastructure, according to a censored version of the complaint uploaded by the Washington Post newspaper and verified by Zatko’s attorney at Whistleblower Aid
The whistle-blower alleges that the company misled regulators about deficiencies in its ability to protect users against hackers or even spam.
As per a report published by the Washington Post, which obtained the complaint, Mr. Zatko also alleged that the company deceived its users, Board of Directors as well as federal regulators about “extreme, egregious deficiencies” in its ability to protect users against hackers or even spam.
The allegations come at a time when Twitter Inc. is embroiled in a legal battle with Elon Musk, who has accused the firm of lying about the true number of bot and spam accounts on the platform. Mr Musk has backed out of a deal to buy the company for $44 billion.
“Zatko’s complaint says he believed the Indian government had forced Twitter to put one of its agents on the payroll, with access to user data at a time of intense protests in the country,” the Washington Post report said.
“The complaint said supporting information for that claim has gone to the National Security Division of the Justice Department and the Senate Select Committee on Intelligence. Another person familiar with the matter agreed that the employee was probably an agent,” it added.
Twitter has been involved in a long battle with the Indian government over the removal/blocking of content on the platform, which has heightened over the past year. The company recently moved to the Karnataka High Court, wanting review and relief from “overbroad and arbitrary” content blocking orders from the government, alleging “disproportionate use of power”.
India ranks top of the list of nations seeking to block tweets by journalists, and news outlets according to a Twitter report.
Queries sent to the Ministry of Electronics and IT on these allegations did not produce a response till the time of going to press.
In an emailed response, a Twitter spokesperson said that Mr. Zatko was fired from his senior executive role at Twitter in January 2022 for “ineffective leadership and poor performance”.
“What we’ve seen so far is a false narrative about Twitter and our privacy and data security practices that is riddled with inconsistencies and inaccuracies and lacks important context,” the spokesperson said, adding that Mr. Zatko’s allegations and opportunistic timing appear designed to capture attention and inflict harm on Twitter, its customers and shareholders.
Last year, Twitter went to court against the Indian government expressing concerns over the use of “intimidation tactics” and “potential threat to freedom of expression” in India. The government had hit back terming such statements in an attempt to defame India.
The report further stated that Twitter violated the terms of an 11-year-old settlement with the Federal Trade Commission by falsely claiming that it had a solid security plan.
“Zatko’s complaint alleges he had warned colleagues that half the company’s servers were running out-of-date and vulnerable software and that executives withheld dire facts about the number of breaches and lack of protection for user data, instead presenting directors with rosy charts measuring unimportant changes,” it said.
The complaint also alleged that the company’s chief executive officer Parag Agrawal was “lying” when he tweeted in May that the company was “strongly incentivized to detect and remove as much spam as we possibly can”.