Legislators Demand Answers in Wake of Twitter Whistleblower
WASHINGTON — In the days since a leaked whistleblower complaint alleged Twitter misled its users and government officials for more than a decade on safety and security features, its CEO Parag Agrawal, is facing questions from Congress. The whistleblower is also set to testify in September.
From the House, questions highlight the need for the social media company to be transparent in the run-up to the midterm elections.
“Security flaws that put users’ sensitive personal data within easy reach of a hacker looking to take control of a high-profile account or a foreign dictator looking for information on dissidents are nothing short of a threat to national security.
“If substantiated, the whistleblower allegations demonstrate a pattern of willful disregard for the personal data of Twitter users and the integrity of the platform,” wrote Committee on Homeland Security Chairman Bennie Thompson, D-Miss., and Rep. Yvette D. Clarke, D-N.Y., chairwoman of the Subcommittee on Cybersecurity, Infrastructure Protection and Innovation in a letter to the Twitter CEO Thursday.
The letter from House officials comes the day after the Senate Judiciary Committee announced the whistleblower, former security lead, Peiter Zatko, would testify on Sept. 13.
“Zatko’s allegations of widespread security failures and foreign state actor interference at Twitter raise serious concerns. If these claims are accurate, they may show dangerous data privacy and security risks for Twitter users around the world,” Judiciary Committee Chair Dick Durbin, D-Ill. and ranking member Chuck Grassley, R-Iowa, said in a joint statement.
“The Senate Judiciary Committee will investigate this issue further with a full committee hearing this work period, and take further steps as needed to get to the bottom of these alarming allegations.”
In 2011 the social media company entered into a settlement with the Federal Trade Commission promising it would fix a litany of security issues and be transparent. However, when Zatko was hired in 2020 he found the company had made little progress and had never come into compliance with that initial agreement.
Zatko also highlighted Twitter’s response to misinformation on the platform in his complaint. The House officials asked if the company has changed since he was fired in early 2022, especially considering the upcoming elections.
“Unfortunately, Twitter’s to-do list for the 2022 midterm elections is no less daunting. In research commissioned by Mr. Zatko during his time at Twitter, the misinformation consulting firm Alethea Group described Twitter’s site integrity team as grossly under-resourced and under-staffed, with only two employees dedicated to combating misinformation in 2021,” Thompson and Clarke wrote to Agrawal.
“The group reportedly lacked the technical tools, engineers, and language proficiencies to identify and manage misinformation effectively.”
The officials want to know if the Alethea report Zatko mentions is authentic, and what Twitter has done with its recommendations, including if it has upped staffing from the two-member misinformation team in 2021.
They also ask how the company is working with government agencies like the Cybersecurity and Infrastructure Security Agency to address its deficiencies.
In the letter, the House members lay out how Twitter has played a role in foreign and domestic misinformation attacks on democracy.
“In 2016, social media companies were caught flat-footed when Russian operatives used platforms like Twitter to carry out a widespread disinformation campaign to influence the results of the presidential election,” they wrote.
“By the 2020 election, the threat of disinformation had evolved, but it persisted. At that time, Twitter and other platforms assured Congress that they had invested heavily in putting people, plans, and policies in place to protect against election misinformation.
“As you know, that election was followed by an unprecedented, violent attack on our nation’s Capitol, fueled by the lie spread rampantly on social media that the 2020 election had been stolen.”
They question if Twitter really did put those plans and policies in place, if Zatko’s complaint is correct.
“American democracy is at an inflection point, and there is no question that the 2022 midterms and the 2024 presidential elections will test our institutions,” they wrote.
They asked Agrawal to answer their questions by Sept. 8.