'It's immoral or incompetent': ad industry skewers Twitter on security data misuse

The Drum 09 Oct 2019 12:30
'It's immoral or incompetent': ad industry skewers Twitter on security data misuse

Ad industry executives have hit out at Twitter after it admitted it "may have... inadvertently” used sensitive information given by users for security purposes to also help target advertising.

Email addresses and phone numbers, submitted for two-factor authentication to secure accounts from hackers, "may have been" used to power Twitter's Tailored Audiences and Partner Audiences advertising products.

On Wednesday 8 October, Twitter, in the name of "transparency", said it was unsure how many times the data pooled into ad buys, but assured no information left its platform. The issue, which it did not specify in any detail, was fixed in September after being in place for an undisclosed length of time.

Neville Doyle, chief strategy officer at Town Square, suggested it was "enormously improbable” that Twitter 'inadvertently' improved its ad product with the sensitive data, and blasted the tech giant for being either "either immoral or incompetent". Either way, he said, it was playing "fast and loose with users' privacy".

Last July, the Federal Trade Commission (FTC) fined Facebook $5bn for improperly handling user data, the largest fine ever imposed on company for violating consumers’ privacy. “[Such abuses are] standard practice and would have continued in the shadows were it not for Cambridge Analytica scandal and a heightened sensitivity to privacy," said the ad fraud researcher.

It's a further blow to Twitter which has been recovering from another data breach. Last May, it advised all 330 million users to change their passwords as "a bug" in the system meant it had been storing passwords in plain text. It has also shared iOS user location data with advertisers without permission and had a two-year phone number leak bug.

Doyle, formerly of ad agencies BBDO and Carat, said it was "convenient" that the incident benefited Twitter's bottomline and the effectiveness of its targeting.

Could this damage trust in the wider online advertising industry, he questioned. Web-users already think targeted advertising they already thing is “creepy”.

Privacy advocate and Brave browser thought leader, Johnny Ryan had previously explained the cross-use of data to the US Senate Judiciary Committee. Ryan said it was “good” that Twitter disclosed the incident.

Ryan explained: "The cross-use of data between processing purposes is a no-no in most cases. It seems to me that this aspect of the GDPR has not been effectively enforced anywhere in Europe.” As a result, there's been an “internal data free for all” in many companies.

“This is what happens when there is zero oversight of massive social media companies. You just kind of have to, you know, trust the companies’ word that they’re making things right after they totally screw you. Almost no other business works like this.”

According to ad-tracking firm Pathmatics Kraft Heinz, Nestlé and Coca-Cola are among the top five spenders on Twitter ads with the bulk of their media budgets going to video. The Drum has contacted these brands but was awaiting response at the time of writing.

He asserted that "marketers need to be extraordinarily sensitive and appropriate" in the way data is used and said there's "a line that shouldn't be crossed" when it comes to targeting people with personalised ads.

When dealing with the likes of Twitter or Facebook or YouTube or Google it is important to get results, but "not get to a point where you're questioning as to whether its the right use of personal data".

Could this incident slow the momentum the social network was making?

Continue reading original article...


TwitterAd industryFacebookNeville DoyleJohnny Ryan