Twitter bug revealed user location data to an anonymous partner – TechCrunch

[ad_1]

Twitter Monday afternoon disclosed bug that, under certain conditions, resulted in the sharing of location data of an account with a Twitter partner, even if the user had not chosen to share this data. The bug has only touched that part of Twitter's iOS user base, the company said, which has since been warned of the problem.

Affected users had multiple Twitter accounts on iOS and had chosen to share their specific location using the optional feature of one account at a time. Twitter indicates that it may have accidentally collected location data for the other account or accounts on the same mobile device, even when these accounts were not enabled in the same way for sharing location data.

Due to a bug in Twitter for iOS, we inadvertently collected and shared location data (at the zip code or city level). We fixed the bug, but we wanted to make sure to share more of the context around that with you. More here: https://t.co/n04LNt62Sa

– Twitter Support (@TwitterSupport) May 13, 2019

This information was then shared during the real-time bidding process with an unnamed Twitter partner, which means that it received unauthorized location data. Twitter notes that it was not "accurate" location data because the data was already "fuzzed" to be only a zip code or city (5 km squared).

This means that the data "can not be used to determine an address or to map your precise movements," the company noted.

For those who are concerned that their position is disclosed or generally misdirected, Twitter assured the affected users that the partner receiving the position data also did not receive their Twitter ID or a unique account ID. They would not have been able to determine your identity, explains the company. And the location data has not been kept by the partner, Twitter explains.

According to the announcement of the company:

We confirmed with our partner that the location data were not kept and that they only existed in their systems for a short time. They were subsequently removed as part of their normal process.

We have solved this problem and are working hard to ensure that it does not happen again. We also contacted people whose accounts had been assigned to let them know that the bug had been fixed. We encourage you to review your privacy settings to ensure that you only share the data you want with us.

We do not know yet when this sharing of place took place or for how long, because Twitter did not reveal it in his post announcing the bug. He also did not name the partner who was in possession of the data, nor did he explain how such a bug was born. He only said that he has not managed to delete the location data.

Arriving at a comment, Twitter told TechCrunch that none of this information would be disclosed.

Twitter indicates that affected users have been notified and that anyone with questions can fill out a form to contact Twitter's Data Protection Officer with any other questions. It is unclear to what extent the bug will result in a GDPR fine at this stage, given the lack of clarity available.

[ad_2]

Source link