Twitter denied any data leak in the company that happened in India
Officials from the microblogging site clarified that the Indian government did not force them to recruit any of their recommendations to the company
According to Zatko’s disclosure sent to the US Congress, Twitter’s leadership misrepresented its security vulnerabilities to its board and government regulators
Following the whistleblower claims of Peiter Zatko, Twitter said it is following strict data safety standards, and most of its employees can’t access user data. Further, Twitter denied any data leak taking place in the country.
Officials from the social media giant were subjected to a hearing by the Parliament Standing Committee on Communications and Information on Friday (August 26) after allegations emerged that the Indian government had forced Twitter to hire a government ‘agent’ with ‘unsupervised access to the company’s systems and user data’.
Reportedly, Twitter executives denied the allegations and refused that any data security breach took place in India.
An IANS report citing sources said officials from the microblogging site clarified that the Indian government did not force them to recruit any of their recommendations to the company. However, media reports suggest that Twitter executives did not give proper replies to questions about data safety and user privacy.
The 25-member parliamentary panel summoned Twitter’s senior director of public policy Samiran Gupta and director of public policy Shagufta Kamran to represent the social media company.
Twitter finds itself in trouble again as the former head of security Zatko turned whistleblower. The Washington Post reported on August 23 that Twitter had buried ‘egregious deficiencies’ in their security.
According to Zatko’s disclosure sent to the US Congress, Twitter’s leadership misrepresented its security vulnerabilities to its board and government regulators. He further alleged that Twitter’s security issues could lead to foreign spying, hacking and disinformation campaigns.
Peiter Zatko also alleged that the Indian government forced Twitter to hire someone on their payroll with access to user data when widespread protests were going on in the country.
The microblogging site has been at loggerheads with the Indian government for the past few months, particularly on content removal and account suspension.
In July, Twitter moved the Karnataka High Court against blocking orders issued by the Ministry of Electronics and Information Technology (MeitY) under Section 69A of the IT Act. It stated that the government did not specify why it wanted Twitter to suspend the 39 accounts mentioned in the orders.
Earlier on Friday, the Shashi Tharoor-led parliamentary committee had summoned officials from the IRCTC, asking questions about their plans to monetise user data, including sensitive personal data. In response, officials from the IRCTC said that the e-tender was withdrawn after shelving the plans.
Elsewhere, during the Supreme Court’s hearing of the Pegasus surveillance case, the former Chief Justice of India NV Ramana said that the Indian government had not been cooperative in the probe.
In May this year, the Indian Computer Emergency Response Team (CERT-In) issued guidelines for virtual private networks (VPNs), mandating the collection of user data such as IP addresses, names and mobile phone numbers, essentially rendering them useless.
The government also withdrew the Personal Data Protection Bill earlier this month, leaving a regulatory vacuum around protecting Indian users’ data.
