The social network’s user data and more will soon be at the whims of the world’s richest man. Who’s worried?
BY:
Salvatore Nicci
Technology Analyst / Reporter
PROJECT COUNSEL MEDIA
27 April 2022 (Berlin, Germany) – Yesterday our boss, Gregory Bufithis, did a nice summary of Elon Musk, Twitter, the future of disinformation, the economics of social media, and a “Big Picture” look of what might really be happening. You can read it by clicking here. He left out the data privacy implications and thought it best that we cover it. Ars Technica, Wired magazine, The Verge plus a number of other media and privacy pundits have done a shout out over the last 2 days, plus the BBC ran a special segment on one of their news shows. The following is a mash-up of their observations plus my conversations with a few of our contacts:
Musk secured an agreement on Monday to buy Twitter for about $44 billion and take the company private. It is actually a merger agreement with Musk’s company X Holdings I and you can read the details here in Twitter’s 8K which was filed last night. And as a further note, what it really means is that the Twitter board has agreed to recommend his offer to the Twitter shareholders and his offer is still conditional on completing due diligence.
In his initial comments about the move, Musk discussed a range of goals from “making the algorithms open source to increase trust” to addressing spambots and “authenticating all humans.” There isn’t more information available yet on how Musk will steer Twitter, but privacy and security proponents say that these initial comments paint a mixed picture of where the social media giant could be headed under its new leadership – and reveal the risks of trusting platforms to protect our private information.
Unlike Facebook and other platforms that have enforced “real name” policies, Twitter has largely allowed people to use pseudonyms or remain anonymous, an approach that could change under Musk. Additionally, Musk will soon be able to access all Twitter user data, including IP addresses and the content of direct messages. Twitter’s DMs are notably not end-to-end encrypted, meaning that they can be accessed by whoever controls the platform. Proponents of end-to-end encryption have long emphasized that the protection not only safeguards users’ data from prying eyes of all sorts, but puts the power with users for the long term, regardless of who owns the service when. Last night on BBC Evan Greer, deputy director of the digital rights group Fight for the Future, noted:
“Once the deal is done, Elon Musk is now literally the king of Twitter. There is nothing stopping him from accessing your direct messages or handing them over to a government – perhaps one in a country where Tesla is trying to do business. The Chinese government, for example, is notorious for policing both public discourse and private communications, demanding that tech companies retain records about the identities of their users even if people are allowed to post using a handle. As rival ultra-billionaire Jeff Bezos highlighted in a Monday tweet thread, one of Musk’s other companies, Tesla, has major business interests in China. Twitter, meanwhile, remains a thorn in Beijing’s side”.
Like other tech giants, Twitter has spent years building out systems for reporting things like the number of government information requests it receives or legal demands to remove content. Musk has indicated that transparency will be a priority for him at Twitter, but it remains unknown which areas he wants to focus on and what his stance will be on issues like government requests for user data. Lily Hay Newman, who is a senior writer at Wired magazine and who has written reams on information security, digital privacy, hacking and has an expertise on Twitter privacy policies, noted:
“In general, digital rights advocates point out that open standards protect speech more effectively than closed ecosystems, because they allow multiple organizations to offer versions of an interoperable service that users can choose from. (Think about SMS and email as two examples of these types of services.) In practice, though, users have flocked to the relative simplicity and ease of use that platforms like Twitter offer. In recent years, the company even launched its own exploratory program, Project Blue Sky, to look at ways of opening Twitter up as an interoperable, standardized platform rather than a single, closed service”.
And when Musk talks about “authenticating all humans,” it’s possible he’s referring to a plan to reduce spambots by having users, say, fill out captchas before tweeting to prove that they’re human. It’s unclear how feasible a system like this would be, but in theory, privacy and security advocates say, this is a best-case scenario and could actually be useful.
The worst-case scenario, though, is that Musk is advocating a situation in which Twitter would either collect information about each user to confirm internally that they are an individual person or, worse still, require that users only have Twitter accounts under their legal identity. Jeff Kosseff, an associate professor of cybersecurity law at the United States Naval Academy and who is a close colleague of our boss, said:
“I don’t know what Musk means by this, but what would concern me most would be if everyone had to authenticate their identity with Twitter. There are a lot of voices that are heard on Twitter that can’t be heard on platforms with real-name policies like Facebook. And platforms like Facebook are not a bastion of civility because of real-name policies anyway. Any small requirement to provide identifying information, even if it doesn’t require you to post under your real name, would really alter the ability of many people to speak online, especially outside the U.S.”
Musk will presumably share more details and specifics about his plans for Twitter soon. In the meantime, the situation serves as a cautionary tale of the uncertain and unpredictable path all private platforms are ultimately on. Evan Greer also noted in her BBC interview:
“The extreme centralization and privatization of online spaces disproportionately harms those who don’t have access to traditional media. For human rights activists, small business owners, independent musicians, and folks from marginalized communities. having a platform ripped out from under you, or even just having an algorithm changed without warning, can have a profound impact on your ability to be heard, make a living, or even survive”.
As Meta continues to push its stand on implementing end-to-end encryption for Facebook Messenger and Instagram DMs, it remains to be seen what a Musk-led Twitter will do with its private user communications. But it is, understandable, a bit scary. Twitter has been relatively good with the privacy stuff, and this takeover could be a serious issue for people who use the platform and have been shielded by the company. Sure, just use Twitter DMs to hand out your Signal number. And then Elon can Signal message you. Such convenience. I’ll close with Greg’s final thought on the matter.
“But at the end of the day private ownership of such a powerful instrument as Twitter is probably a bad idea in any case – far worse than merely a concentration of economic power, which led the American government (when it was actually functioning) to impose antitrust legislation on monopolies and other malfactors of great wealth. Twitter, like Facebook (which is even worse) represents a great concentrated social influence and political power. And no individual, least of all one as eccentric, erratic, and socially ill-informed as Elon Musk, should be able to buy power of that magnitude”.