Article Title: Former Employees Accuse Elon Musk of Violating Data Security and Privacy Practices at Twitter
Article:
According to depositions from former employees published by the Justice Department, Elon Musk, after his takeover of Twitter last year, repeatedly made business decisions that violated the company’s internal policies and likely ran afoul of a government order placing restrictions on data security and privacy practices. The revelations in the depositions mark the first official confirmation of the extent of the Federal Trade Commission’s (FTC) probe into whether Twitter was violating the terms of its settlement related to deceptive user data collection.
FTC orders are crucial tools for holding Silicon Valley accountable, and in 2019, Facebook had to pay a multibillion-dollar fine to the agency for violating its own privacy agreement. The new details about Musk’s handling of the FTC order come as the government opposes a request by Twitter, now referred to as X, to dismiss the consent agreement and shield Musk from a deposition.
The filing reveals that the FTC began deposing key Twitter employees shortly after Musk’s takeover to determine if the company was complying with the terms of the May 2022 order. The probe revealed a chaotic environment at the company, raising serious questions about Musk and other leaders’ involvement in ensuring compliance with the consent order.
According to the depositions, Musk exercised granular control over X Corp., potentially jeopardizing data privacy and security. One former employee testified that Musk claimed responsibility for compliance with the FTC order, acknowledging that liability fell on him. Multiple employees confirmed that Musk gave directives contradicting the company’s normal processes and policies. For instance, in December 2022, Musk instructed the relocation of company servers without wiping the data as required by policy. The testimony suggests that employees did not have enough time to establish a compliant process.
Musk’s cost-cutting measures, including multiple rounds of layoffs, reportedly impaired the company’s ability to fulfill data security promises made to the government. Former executives testified that due to the exodus of employees, several controls in the security and privacy programs were left unattended.
Neither Musk, his lawyer, nor X have commented on the matter. The consent order has become politically contentious, with Musk and House Republicans accusing FTC Chair Lina Khan of harassing X.
X has argued that the FTC attempted to influence Ernst & Young, an independent auditor hired by Twitter to assess compliance with the order. The filing by the DOJ reveals that Ernst & Young terminated its engagement with X Corp. in February 2023 due to extensive departures within the company and a lack of support.
This story is still developing, and further updates will be provided.