The heart of tech is coming to the heart of the Mediterranean. Join TNW in València this March 🇪🇸

This article was published on January 16, 2018

How Twitter could have avoided this week’s DM scandal

How Twitter could have avoided this week’s DM scandal Image by: veritasvisuals / YouTube

Twitter is under fire this week after media organization Project Veritas published undercover footage of engineers from the company saying that employees – “at least, three or four hundred people” read users’ posts and supposedly private Direct Messages.

The company denied the claim, telling BuzzFeed News, “We do not proactively review DMs. Period. A limited number of employees have access to such information, for legitimate work purposes, and we enforce strict access protocols for those employees.”

Twitter hasn’t been great with disclosing its policies around how it manages content and users on its platform, but it seems like the company could have avoided looking as bad as it did.

For starters, it needs to do a better job of understanding its users’ expectations of how the service should work. Just as we assume that the letters we receive by post aren’t read by mailmen, it’s not crazy for people to assume that DMs on Twitter are private.

Twitter needs to be cognizant of that fact, and should modify its communications to the public accordingly. There’s a bit in its privacy policy about how, when it comes to DMs, the company “will store and process your communications, and information related to them,” but with a crucial function that users may already have (wrong) notions about, it’d help to be explicitly state what happens with those messages, and be more upfront it about it than hiding clauses in a lengthy document no one will read.

The other reason that Project Veritas’ sting operation could get people riled up is because it gives them only part of the story. If Twitter wants to rubbish claims of employees reading your DMS willy-nilly, it’d do well to explain the protocol that ensures the privacy of your messages, as well as the circumstances in which they may be accessed, and by whom.

Failing to do so not only erodes trust, but also invites speculation about how things are being managed internally at the company – and prompts organizations like Project Veritas to conduct sting operations to seek out the truth.

Of course, this is me giving Twitter the benefit of the doubt – that it isn’t reading your DMs for kicks or for profit. But in denying that it’s doing so after its employees claim that it does happen could mean that the company doesn’t have proper policies in place for securing your data, and that’s worrying.

And there’s reason to believe that maybe Twitter doesn’t run as tight a ship as it should: last November, a contractor who worked for the company managed to cause President Trump’s account to be temporarily deactivated. Regardless of what you think of his politics, Twitter believes that Trump’s account is ‘newsworthy’ and shouldn’t be taken down – and yet, the company’s systems allowed it to happen.

Twitter has promised time and again that it’ll be more transparent about its policies, but it’s clearly not doing a good job. And getting caught out by the likes of Project Veritas – which you’ll remember as the organization that sloppily tried and failed to bait the Washington Post into reporting a false story about sexual harassment last year – isn’t a good look for the company at all. The company needs to change its attitude towards transparency, and consider its benefits instead of avoiding the challenges it brings.