A government investigation of Elon Musk's tenure as leader of Twitter has determined that there may be violations of a 2022 FTC order that required certain privacy and security measures be implemented.
Elon Musk followed the privacy policy update with a statement affirming that X's machine learning and AI models would not be trained with private and confidential information, such as direct messages.
Elon Musk is asking a US District Court to put an end to the FTC privacy settlement the company has been subject to since May of last year, claiming biased investigations and misconduct.
The private tweets that were supposed to be restricted to authorized Twitter Circle users were able to make their way into the 'For You' tab of others during a period in April, including non-followers.
In a Fox News interview with Tucker Carlson, Elon Musk revealed that all unencrypted Twitter data was regularly subject to government surveillance under the previous ownership.
GitHub has shared a DMCA filing from Twitter that indicates source code leak was apparently posted on the site shortly after Elon Musk's introductory round of layoffs began.
The FTC investigation's specific concern with the Musk era is that the company is retaining adequate resources to fund and staff the privacy practices it remains obligated to in a 2011 FTC settlement.
Twitter cites abuse of the text messaging 2FA option by bad actors as the reason for the change in policy. The service will still allow free use of authentication apps or hardware security keys as an additional account security layer.
Security researchers had matched email addresses to account names, providing an indication that the data leak was legitimate, but Twitter says that the data was gathered via a variety of publicly available sources.
The Irish DPC probe centers on an API vulnerability that appears to have been exploited by multiple parties before being detected and remediated. The data breach first came to light in August and was acknowledged by Twitter.
