Twitter whistleblower ordered to testify in Congress over devastating security revelations

Twitter’s former security chief Peiter “Mudge” Zatko is set to testify in Congress next month after he went public with scathing allegations about the social media company’s security practices and attempts to harass regulators, the Washington Post reports. Zatko is expected to speak at a hearing on Sept. 13 and is expected to address the privacy and national security concerns raised in his complaint.

“Mr. Zatko’s allegations of widespread security failures and interference by foreign state actors on Twitter are a matter of serious concern,” said Senate Judiciary Committee chair Senator Richard J. Durbin (D-Ill) and the committee’s top executive, the Republican Senator Charles E. Grassley (R-Iowa). ) in a joint statement. “If true, these claims could expose dangerous data privacy and security risks for Twitter users around the world.”

Zatko has already met face-to-face with Judiciary Committee staff and had three meetings on Capitol Hill, according to the Washington Post reports.

Zatko’s complaint has also been criticized by European data protection regulators, TechCrunch reports. The complaint alleges that if EU regulators had inquired about Twitter’s security practices, the company would have tried to mislead them in the same way it misled the FTC. Ireland’s Data Protection Commission, which leads the enforcement of the EU’s General Data Protection Regulation (GDPR) for Twitter due to the location of the tech company’s EU headquarters, said it had “held talks with Twitter” about the issues raised. were addressed in the whistleblower complaint.

Meanwhile, French data watchdog CNIL told: TechCrunch that it is “currently investigating” allegations in Zatko’s complaint, and that the investigation could lead to “a compliance injunction or sanction” if Twitter is found to have violated the law. TechCrunch notes that it’s unclear what sanctions Twitter could face in the EU, but the GDPR allows fines of up to 4 percent of a company’s global annual revenue, depending on the severity of the violation.

Twitter declined to comment on The Washington Post to the news of the hearing, and a company representative did not immediately respond The edge‘s request for comment. But in an internal memo sent after the revelations became public, Twitter CEO Parag Agrawal said the claims are “a false story riddled with inconsistencies and inaccuracies, presented without significant context.”

“Mr. Zatko was fired from his senior executive role at Twitter more than six months ago due to poor performance and ineffective leadership,” a company spokesperson said. told CNN when the allegations became public. “Mr. Zatko’s allegations and opportunistic timing appear designed to draw attention and harm Twitter, its customers and its shareholders.”

Zatko, who was? fired by Twitter in January Shortly after Agrawal became CEO, the complaint filed with the Securities and Exchange Commission (SEC) last month makes numerous damning claims about security vulnerabilities at the company. In particular, he says the company violated the rules agreement signed with the Federal Trade Commission (FTC) to maintain several security safeguards after a few security incidents in 2009.

The former security chief also claims that Twitter’s approach to measuring the number of bots on its platform is misleading, which, if true, would invalidate his claim that less than 5 percent of its monthly users are bots, fake accounts or spam. This figure has proved key in Twitter’s ongoing legal battle with Elon Musk, after Tesla’s CEO attempted to pull out of his agreement to buy the social media network over a dispute over the number of bots on his platform.