March 14, 2011, 4:46 PM — Under a settlement with the Federal Trade Commission, microblogging service Twitter has agreed to implement a better information-security policy following separate, successful hacks into user accounts in 2009.
(Also see: What are Internet users willing to pay for?)
The settlement bars Twitter from misleading consumers about its security and privacy practices for 20 years. The startup, which lets people publish short messages called tweets, must also establish a comprehensive information security program that will be audited every other year for 10 years.
The FTC says Twitter could be fined up to $16,000 if it violates the settlement.
On two separate occasions in 2009 -- once in January and another time in May -- hackers gained administrative control of Twitter, taking advantage of weak employee passwords and other lax security procedures on the part of Twitter workers. The FTC reports that 55 user accounts were compromised, with hackers sending out fake messages from the accounts. Among the users whose accounts were violated were President Obama and singer Britney Spears.
Personally, I'd find the hackers for missing a potentially hilarious comic opportunity. Seriously, how do you gain access to the Twitter accounts of famous people and not stir up trouble? Imagine this headline on TMZ:
"Obama, Britney in Twitter beef"
Bottom line: Twitter and the hackers both need to raise their games.
Chris Nerney writes about the business side of technology market strategies and trends, legal issues, leadership changes, mergers, venture capital, IPOs and technology stocks. Follow him on Twitter @ChrisNerney.