Twitter Policy Change Hands User Data to Advertisers, Platforms

By Aaryaman Aashind

Twitter users can no longer block the platform from sharing certain personal information with advertisers because of a recent change in its privacy policy, digital-rights experts told Digital Privacy News.

Twitter, which announced the change last month, also now will share your nonpublic information with Google, Facebook and other platforms to boost its marketing efforts.

“All too often, Twitter, Google and Facebook will give users only as much control as they think they need to in order to stave off regulation and competitors, but no more,” said Karen Gullo of the San Francisco-based Electronic Frontier Foundation.

But Twitter said the policy change follows an overall examination by the company.

“We are constantly re-evaluating how our service works,” Laura Pacas, a Twitter spokesperson, told Digital Privacy News. “When we make changes, we are transparent and direct about it.”

“Twitter, Google and Facebook will give users only as much control as they think they need to in order to stave off regulation and competitors, but no more.”

— Karen Gullo, Electronic Frontier Foundation.

No More Protections

Twitter users once had the longstanding option of not sharing such private information as their smartphone’s device identifier and ad-engagement data with advertisers.

But on April 8, Twitter said the option had been removed and almost every smartphone user now would be sharing this data.

This change, however, applies only to users on Twitter’s mobile application. The company did not shift its policy on accessing the platform through a web browser.

In addition, Twitter users in the European Union, U.K., or in an EFTA state (Iceland, Liechtenstein, Norway and Switzerland) are not affected.

Existing laws in these jurisdictions prevent Twitter from sharing such information without specific user opt-ins.

Hence, those living in areas without such legal protections have no control over such data being shared.

“Previously, anyone in the world could opt-out of Twitter’s conversion tracking, and people in GDPR-compliant regions had to opt-in,” EFF’s Gullo told Digital Privacy News. “Now, people outside of Europe have lost that option.”

“When we make changes, we are transparent and direct about it.”

— Laura Pacas, Twitter.

Reportedly Huge Losses

Last year, Twitter reportedly lost a significant chunk of potential earnings because of a failure in processing its advertising data.

Even though this was blamed on a technical problem, Twitter may well be simplifying how it processes and shares advertisement-related data by removing sharing control from its users.

“Twitter apparently was happy to let users opt-out as long as ad spending continued to grow,” Gullo noted. “But last year, the privacy bugs and subsequent fixes seem to have shown Twitter exactly how much privacy options were costing it.

“Now, Twitter has removed the ability to opt-out of conversion tracking altogether.”

In discussing the change, Pacas said, “We decided that we needed to make this change in order to maintain the free service we deliver.”

Data to Be Shared

The nonpublic personal information that Twitter now will share include IP addresses and mobile-device advertising identifiers.

Users, however, do not have to be logged into to share such data. Simply opening Twitter’s mobile app is enough.

Additionally, Twitter will share which device saw or interacted with a particular ad spot with those partners who advertise on the platform.

This data may be shared directly with the advertiser or with data processors who work with Twitter.

The processors act on behalf of Twitter to provide analytics solutions to those who want to advertise on the platform.

But Twitter will not be sharing this information: usernames, emails, cellphone numbers or Twitter username.

“To measure the effectiveness of (the ads) that Twitter runs to promote the service, we need to share certain device-level data with our advertising partners,” Pacas said.

Twitter defines such data as “whether you installed the Twitter app on your device or whether you started to re-engage with Twitter as a result of the ad,” she explained.

But EFF’s Gullo countered to Digital Privacy News: “It shouldn’t be up to tech companies to give us privacy. We need strong data-privacy laws that protect users’ rights to privacy, access and control.”

Aaryaman Aashind is a writer based in Kolkata, India.