Twitter whistleblower Peiter Zatko reveals employees concerned China agent could collect user data

On Tuesday, Zatko's testimony before the Senate Judiciary Committee revealed Twitter's security issues could be far more serious

September 14, 2022 11:56 am | Updated 11:56 am IST

File photo of Twitter Inc.’s former security chief Peiter “Mudge” Zatko

File photo of Twitter Inc.’s former security chief Peiter “Mudge” Zatko | Photo Credit: REUTERS

The FBI informed Twitter Inc. of at least one Chinese agent working at the company, U.S. Senator Chuck Grassley said during a Senate hearing on Tuesday where a whistleblower testified, raising new concerns about foreign meddling at the influential social media platform.

(Sign up to our Technology newsletter, Today’s Cache, for insights on emerging themes at the intersection of technology, business and policy. Click here to subscribe for free.)

Peiter "Mudge" Zatko, a famed hacker who served as Twitter's head of security until his firing in January, said some Twitter employees were concerned that the Chinese government would be able to collect data on the company's users.

Twitter has come under fire previously for lax security, most notably in 2020 when teenage hackers seized control of dozens of high-profile accounts, including the verified profile of former U.S. President Barack Obama.

On Tuesday, Zatko's testimony before the Senate Judiciary Committee revealed Twitter's security issues could be far more serious, alleging for the first time that the company was informed of agents of the Chinese government working at the social media firm.

During his testimony, Zatko referenced a Reuters story on Tuesday that detailed internal clashes between some teams that wanted to maximise the advertising revenue opportunity from Chinese advertisers and others who were concerned about doing business inside China amid rising geopolitical tensions.

"This was a big internal conundrum," Zatko said, adding the company was reluctant to turn away from China as the fastest- growing overseas market for ad revenue.

"In a nutshell, if we were already in bed, it would be problematic if we lost that revenue stream," he said.

Zatko said on Tuesday that in the week before he was fired from Twitter, he learned the FBI told the company an agent of China's Ministry of State Security, or MSS, the country's main espionage agency, was on the payroll at Twitter.

It was not immediately clear if the alleged Chinese agent was still working at the company.

A Twitter spokesperson said the hearing "only confirms that Mr. Zatko's allegations are riddled with inconsistencies and inaccuracies."

The spokesperson added that Twitter's hiring process is independent of foreign influence and access to data is managed through background checks and monitoring and detection systems.

Zatko said on Tuesday he recalled a conversation with another Twitter executive about concerns that a foreign agent was inside the company. The executive responded "Well, since we already have one, what does it matter if we have more?"

When asked if he believed something good would come from the hearing, Zatko said "I hope so."

“I’m basically risking my career and reputation. And if something good comes from this five or 10 years down the road, it will have been worth it,” he added.

Zatko's two-hour testimony wrapped up by midday on Tuesday.

Litigation against Musk

Grassley noted that Twitter Chief Executive Parag Agrawal refused to appear at the hearing for fear it could jeopardise the company's litigation against Elon Musk, who is also the CEO of Tesla Inc. Twitter and Musk head to trial next month over whether the billionaire's $44 billion takeover deal should be completed.

The senator said in his opening remarks that many of the whistleblower allegations directly implicated Agrawal, and if the claims were true, "I don't see how Mr. Agrawal can maintain his position at Twitter going forward."

Twitter shareholders have approved Musk’s buyout of the company, Twitter said on Tuesday after a virtual special meeting of stockholders.

The San Francisco-based company sued Musk for terminating the agreement, while the Tesla chief executive countersued, accusing Twitter of misrepresenting the number of false and spam accounts on its service.

A Delaware judge ruled last week that Musk may include Zatko's whistleblower claims in his case against Twitter, but denied his request to delay the trial.

The Senate Judiciary Committee questioned Zatko over his claims that Twitter misled regulators about its compliance with a 2011 settlement with the Federal Trade Commission over improper handling of user data.

Since then, Twitter has made "little meaningful progress on basic security, integrity and privacy systems," Zatko's complaint filed with regulators in July said.

Twitter has said Zatko was fired for "ineffective leadership and poor performance," and that his allegations appeared designed to harm Twitter.

Zatko's whistleblower complaint appeared to contain over two pages of links to supporting documents, such as emails between Zatko and CEO Agrawal and an assessment of misinformation and disinformation on Twitter. The number of documents was limited compared with those provided by Facebook whistleblower Frances Haugen, who released thousands of pages of internal material.

0 / 0
Sign in to unlock member-only benefits!
  • Access 10 free stories every month
  • Save stories to read later
  • Access to comment on every story
  • Sign-up/manage your newsletter subscriptions with a single click
  • Get notified by email for early access to discounts & offers on our products
Sign in

Comments

Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.

We have migrated to a new commenting platform. If you are already a registered user of The Hindu and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.