() — Twitter whistleblower Peiter “Mudge” Zatko will testify before Congress on Tuesday in his first public appearance since and The Washington Post reported his allegations against the company last month.
Lawmakers from the Senate Judiciary Committee are expected to question Zatko over his claims that Twitter has undisclosed security and privacy vulnerabilities that could threaten users, investors and even US national security.
What Zatko says during Tuesday’s hearing could set the stage for further investigations by Congress, federal regulators and law enforcement officials. His testimony could also further complicate the legal battle over billionaire Elon Musk’s Twitter takeover deal, and comes on the same day that Twitter shareholders are scheduled to vote on the deal.
In a disclosure sent to several lawmakers and government agencies in July, Zatko accused Twitter of failing to safeguard users’ personal information and exposing the most sensitive parts of its operations to too many people, potentially including foreign spies. Zatko, who was Twitter’s chief security officer from November 2020 until he was fired in January, also alleged that company executives, including CEO Parag Agrawal, have deliberately misled regulators and the company’s own board of directors. about its shortcomings.
Twitter has criticized Zatko and widely defended itself against the accusations, saying the revelation paints a “false narrative” of the company. A company spokesman said Zatko was fired for “ineffective leadership and poor performance.” Zatko himself claimed in his disclosure that he was fired in retaliation for raising his concerns about security vulnerabilities and alleged false statements by Twitter executives to his board of directors.
News of the disclosure quickly prompted lawmakers and regulators in the United States and other countries to announce that they would investigate his claims. Zatko has briefed some members of Congress behind closed doors, but his testimony Tuesday will be lawmakers’ first chance to publicly pressure Zatko to reveal more about what he witnessed at the company.
“Mr. Zatko’s allegations about widespread security lapses and interference by foreign state agents on Twitter raise serious concerns,” Senators Dick Durbin and Chuck Grassley, chairman and ranking Republican of the Senate Judiciary Committee, said in a statement. statement last month announcing the hearing.
Lawmakers are likely to focus on Twitter’s alleged failures to protect user data, as well as Zatko’s claims that the company is vulnerable to exploitation by foreign governments and can even now have foreign spies on their payroll. Zatko also claimed that Twitter is in violation of its 2011 settlement order with the Federal Trade Commission (FTC), a claim that, if found to be true, could lead to fines in the thousands persecuted if found. shows that they were knowingly responsible for any violation of the order.
Musk, who is currently fighting Twitter in court to get out of a $44 billion takeover deal, is also likely to be keeping a close eye on Zatko’s testimony. Musk’s legal team sent a third letter to Twitter on Friday seeking to terminate the deal, alleging that an alleged $7.75 million payment made to Zatko in June, prior to its disclosure, violated the company’s obligations under the agreement. the acquisition contract. The letter claimed that the payment had been revealed in a Twitter court filing earlier this month. Twitter fired back on Monday, calling Musk’s letter “invalid and erroneous” and saying he had not violated the agreement.
Legal obligations Zatko may have do not prevent him from disclosing to lawmakers and law enforcement, according to Whistleblower Aid, the organization that provides Zatko’s legal representation.
Whistleblower Aid also represented Frances Haugen, the former Facebook employee who sued the social media giant last year. Her revelations sparked numerous congressional hearings, bills and changes by the company.
Current and former Twitter officials are expected to appear on Wednesday, a day after Zatko’s testimony. before another Senate panel to testify about the impact of social media on national security. Zatko’s accusations against Twitter could also figure prominently in that hearing, further focusing Washington’s attention on the company.
An experienced whistleblower on Capitol Hill
Zatko is no stranger to the Capitol. In 1998, Zatko appeared before the Senate Governmental Affairs Committee as part of a panel of ethical hackers that urgently told Congress that the technology used to access the Internet was not secure. “If what you are looking for is computer security, the Internet is not the right place,” Zatko warned lawmakers at the time.
Now, nearly a quarter of a century later, Zatko returns to Capitol Hill to warn again about the alleged insecurities of one of the world’s most influential social media platforms. Zatko, who worked at the US Department of Defense and Google before joining Twitter, is said to have a knack for explaining complex security issues to corporate executives and other non-experts, according to several former colleagues. . This ability could come in handy when he publicly comes out against Twitter.
Among Zatko’s most explosive claims are that roughly half of Twitter employees, including all of its engineers, have extensive access to the company’s active product, including real user data. This differs from other big tech companies, he says, where coding and testing is done in special environments, separate from the services consumers use. Zatko also alleges that Twitter does not reliably delete the data of users who terminate their accounts, in some cases because Twitter has lost track of the information. The alleged rulings represent violations of Twitter’s 2011 FTC settlement order, according to Zatko.
Twitter has said that members of its engineering and product teams are allowed to access the Twitter platform if they have a specific business justification for doing so, but that members of other departments, such as finance, legal, marketing, sales, human resources and support, they can’t do it. Twitter has also said it has created internal workflows to make sure users know that when they cancel their accounts, the company will deactivate them and start a deletion process. But Twitter has declined to say whether it usually completes that process.
Zatko’s accusations also raise questions about Twitter’s ability to manage election-related threats ahead of the US midterm elections later this year.
The disclosure, which includes a copy of a 2021 report from an outside consultant on Twitter’s efforts to tackle disinformation, accuses the company of misaligned priorities between product and security teams and a reactive approach to misinformation. disinformation and manipulation of the platform. For its part, Twitter says it has “a cross-functional team around the world that is focused on curbing the spread of misinformation and fostering an environment that is conducive to healthy and meaningful conversation.”
The Musk Factor
Zatko’s testimony, and any resulting action taken by lawmakers and regulators, could also have implications in the legal battle over Musk’s effort to back out of the deal to buy the company.
Zatko contends that Twitter has misled Musk and the public about the number of bots on its platform, an issue that has become the focus of Musk’s efforts to get out of the deal. The whistleblower’s other claims also offer Musk some new cards to use in his fight.
Last week, a Delaware judge ruled that Musk could expand his claims in the case based on the whistleblower’s disclosure. Musk’s team was to take a statement from Zatko on Friday.
Musk alleged in a second letter seeking to terminate the acquisition deal last month that the whistleblower’s claims, if true, would constitute additional justification allowing him to opt out of the deal. In the letter, Musk’s team claimed that investigations by Congress and other foreign agencies could materially harm the company. Musk’s first attempt to terminate the Twitter deal was in July.
Twitter responded to Musk’s letter, saying it “is based solely on statements made by a third party which, as Twitter has previously stated, are riddled with inconsistencies and inaccuracies and lack material context.” The company reiterated that it intends to close the deal at the agreed price and terms.
Musk and Twitter are set to go to trial over the settlement in October, after the judge denied Musk’s request to delay the proceedings following the whistleblower’s revelation.
Add Comment