Twitter whistleblower's Senate testimony no boon for Musk
Twitter’s former security chief, whistleblower Peiter "Mudge" Zatko, levied a host of accusations against the platform to the Senate Judiciary Committee Tuesday, saying Twitter maintained lax security standards, did not vet employee access to user data and would not improve its practices even in the face of government fines.
Why it matters: The testimony comes as Twitter's court fight to get Elon Musk to make good on his deal to buy the company for $44 billion moves forward, but it did not appear to offer much new ammunition for Musk's case.
- Very little of Zatko’s testimony covered Musk’s main argument since July for leaving the deal: his charge that Twitter has been untruthful about the number of bots and fake accounts on the platform.
When Zatko’s whistleblowing report became public last month, it appeared that his complaints against the company could be of use in Musk’s defense.
- Zatko alleged that Twitter lacked the internal resources to fully count the number of bots on the service and had little interest in doing so.
- Musk's lawyers immediately introduced new filings based on Zatko's claims, and the judge in the case, which is set for trial beginning Oct. 17, ruled last week that Musk could introduce this new evidence to the proceeding.
While Zatko’s Tuesday testimony was light on bot-talk, he elaborated on the many security risks he says he observed in his position before the recently installed CEO Parag Agrawal fired him last January.
- Zatko said that he found that Twitter’s engineers, some 4,000 employees, all had extensive access to company and user account data.
- He said that one-time government fines for violating regulations — such as the $150 million Twitter paid to the Federal Trade Commission over improperly selling user data earlier this year — were built into the company’s operating budget.
Twitter has said that Zatko's complaint is "riddled with inconsistencies and inaccuracies."
The intrigue: Senators from both parties made it clear they support increased government regulation of Twitter and other social media platforms — and that would affect Twitter's future, whoever wins in court.
- Zatko said he was concerned the FTC didn’t have the resources to properly investigate Twitter’s security protocols or vet the information that Twitter provided to the agency.
- Senators on both sides of the aisle discussed strengthening federal regulatory bodies. Sen. Richard Blumenthal (D-Conn.) even suggested the creation of a wholly new agency focused on enforcing tech regulations.
- Yes, but: Years of similar hearings have not moved Congress to approve broad legislation imposing new regulations on the industry.
Yes, but: Zatko’s 200-page whistleblower report filed with Congress and other U.S. agencies could still cause Twitter problems and help Musk’s case.
- Parts of his testimony alleged poor internal reporting practices, which could conceivably be used by Musk in his case.
- “There was a culture of not reporting bad results up, only reporting good reporting results up because that was the internal incentive structure,” Zatko told the committee. “You were rewarded based upon relationships and how you performed in an emergency — not for identifying existing errors and doing the ground work for keeping the lights on and running the business.”
What’s next: As with last year’s Facebook whistleblower Frances Haugen, Zatko could be called before lawmakers again.
- Despite multiple attempts by Musk to delay the case, the Oct. 17 court date still stands — unless the parties decide to settle sooner.
Before the testimony began, Musk tweeted a popcorn bucket emoji.