• 

Twitter employees may face “difficult times ahead” if new money doesn't start rolling in, now-owner of the social media platform, Elon Musk, warned on Thursday. 

The platform is displaying continuous losses of high-level leaders in charge of data privacy, cybersecurity, and regulation compliance - such as Twitter’s head of trust and safety, Yoel Roth.

Roth, the face of Twitter’s content moderation, was applauded by Musk for defending the platform's campaign against harmful misinformation and hate speech, but his resignation was confirmed by an executive through an internal messaging board to coworkers, according to AP.

“He’s worked incredibly hard under very challenging circumstances, including being personally targeted by some of the most vicious trolls who were active on the platform,” said Emily Horne, former coworker and friend of Roth's, who was responsible for global policy communications at Twitter until 2018. “He stayed through all of that because he believed so deeply in the work his team was doing to promote a public conversation and improve the health of that conversation.”

Losses also included chief privacy officer, Damien Kieran, and chief information security officer Lea Kissner, who tweeted Thursday: “I’ve made the hard decision to leave Twitter.” Last week, according to an executive, Twitter was slashing approximately 50% of its workforce. 

I've made the hard decision to leave Twitter. I've had the opportunity to work with amazing people and I'm so proud of the privacy, security, and IT teams and the work we've done.

I'm looking forward to figuring out what's next, starting with my reviews for @USENIXSecurity 😁

— Lea Kissner (@LeaKissner) November 10, 2022

'No way to sugarcoat it'

The past few days have witnessed mayhem of developments, as an email to employees sent from Musk on Wednesday demanded employees to come back to the office Thursday morning and stop working from home. Then a first “all-hands” meeting was called Thursday afternoon. A few “exceptional” employees may be exempt from the return-to-office order, according to an anonymous employee who noted that employee concerns weren't taken into consideration. 

“Remote work is no longer allowed," confirmed Musk, stressing that intense work is required to succeed, and being present at the office will be required for at least 40 hours per week.

The email read: “Sorry that this is my first email to the whole company, but there is no way to sugarcoat the message,” before Musk described a fragile economic situation for Twitter as it mainly depends on advertising to generate money. 

Musk’s memos and meetings have been an attempt to relieve advertisers hesitant to invest in the platform following the dismissal of its top executives and after well-known brands dropped Twitter as part of their advertising targets.

In another email to employees, Musk categorized Twitter’s new subscription service as a “priority over the past 10 days." The new development concerns a subscription of $7.99 per month which gives users a blue check mark next to their name - the mark was previously only for verified accounts of those such as celebrities and political figures.

“Without significant subscription revenue, there is a good chance Twitter will not survive the upcoming economic downturn,” he said, adding, “We need roughly half of our revenue to be subscription.”

In an email following that, the “absolute top priority” by Musk became the need to suspend “bots/trolls/spam” which impersonate verified accounts.

Security and order breaches

Alex Stamos, former Facebook security chief and cybersecurity expert, tweeted Thursday about a “serious risk of a breach with drastically reduced staff” that could also put Twitter at crossroads with a 2011 order from the Federal Trade Commission (FTC) requiring it to take care of serious data security lapses.

This is a really big deal. Twitter made huge strides towards a more rational internal security model and backsliding will put them in trouble with the FTC, SEC, 27 EU DPAs and a variety of other regulators.

There is a serious risk of a breach with drastically reduced staff. https://t.co/2VxOC6d6lY

— Alex Stamos (@alexstamos) November 10, 2022

“Twitter made huge strides towards a more rational internal security model and backsliding will put them in trouble with the FTC” and other regulators in Europe and the US, said Stamos. 

In a statement Thursday, the FTC relayed that it is “tracking recent developments at Twitter with deep concern," emphasizing that “no CEO or company is above the law, and companies must follow our consent decrees.”

“Our revised consent order gives us new tools to ensure compliance, and we are prepared to use them.” In an email to employees seen by AP, Musk noted that “Twitter will do whatever it takes to adhere to both the letter and spirit of the FTC consent decree.” 

“Anything you read to the contrary is absolutely false. The same goes for any other government regulatory matters where Twitter operates,” Musk continued.

In May, a $150 million penalty was paid by Twitter for violating the 2011 order, and the order's amended version provided new procedures that further required Twitter to enforce an enhanced privacy protection program.

In the complaint filed, the agencies said that from May 2013 to September 2019, Twitter told users that it was collecting their email addresses and phone numbers for purposes of account security. However, the company failed to reveal it would also use the data to enable companies to send targeted online ads to users.

The FTC and DOJ also said in the complaint that Twitter falsely claimed it acted in accordance with US privacy agreements with Switzerland and the European Union, which ban companies from processing user data in ways that are at odds with purposes authorized by users.

The Securities and Exchange Commission (SEC), which Musk tweeted in 2018 that he doesn't respect, recently looked into Musk's possible delay of his disclosures to the agency. In 2018, $20 million in fines were paid by Musk and Tesla over his allegedly misleading tweets declaring the acquisition of funds to privatize Tesla for $420 a share, after Musk fought the SEC in court over compliance with the agreement.

Riana Pfefferkorn, a Stanford University researcher who said she claims to have previously provided Twitter with external legal counsel, said, “If Twitter so much as sneezes, it has to do a privacy review beforehand,” adding, “There are periodic outside audits, and the FTC can monitor compliance.”

In 2011, Twitter agreed to a 20-year FTC consent order over its data security practices. In May, FTC fined Twitter $150MM for violating the 2011 order & issued a modified order. If Twitter so much as sneezes, it has to do a privacy review beforehand.

— Riana Pfefferkorn (@Riana_Crypto) November 10, 2022