It’s so common to hear tech companies say: “Privacy is not a privilege; it is a fundamental right” that those words have become a cliche. People have become desensitized to hearing companies say, “we value your privacy,” and are worn out from being asked to accept privacy policies that they rarely, if ever, even read. Many companies make these declarations without even showing people what actions they are taking to protect their privacy. And let’s be honest, we have room for improvement too.
We believe companies should be accountable to the people that trust them with their personal information, and responsible not only to protect that information but to explain how they do it.
That’s why we’re launching the Twitter Privacy Center to provide more clarity around what we’re doing to protect the information people share with us. It is the central place that host’s everything that’s part of our privacy and data protection work: related initiatives, announcements, new privacy products, and communication about security incidents. It should be easier to find and learn more about the work we’re doing to keep your data secure, including what data we collect, how we use it, and the controls you have.
How we think about Privacy and Data Protection at Twitter
People’s right to privacy and data protection is something we have fought to protect since Twitter was created in 2006. From the beginning, we have offered a range of ways for people to be part of the conversation on Twitter on their terms – from creating pseudonymous accounts to protect their identity to letting people control who sees their Tweets. But what people see externally is not the sum of our work. Behind the scenes, teams across the company are constantly working to protect your privacy and data. This work has three areas of focus:
- Fix technical debt. Twitter has changed a lot since the first Tweet was sent almost 14 years ago. As was, and still is, common in fast-growing tech companies, we built new features and services on top of older systems. In some cases, the older systems were never made to support their current uses — that’s technical debt. Tackling technical debt is an ongoing challenge for every company, and we’ve been doing it for years. This work isn’t just good for the privacy and safety of people who use Twitter, it’s also good for business. It will help us get better products and services to you faster. Also, you may have noticed that we have been communicating more data and security related disclosures over the last two years. Many of those are the direct result of these efforts. We have been working to make sure our systems meet your expectations, and when they don’t or when we have found issues that may require your attention to keep you safe and secure, we have told you about them. We’ll continue to do this when something requires your attention.
- Build privacy into the products we launch. Privacy by design is a priority with every product we build. To achieve this, we continue to build out our processes to review the products we launch. This process involves our Information Security, Product and Privacy Counsel teams, and our independent Office of Data Protection. This is critical work that we’re continuing to invest in. Every new employee goes through data privacy, security, and management training. We launched an internal group called Twitter Doves, which is designed to cultivate the best data privacy, security and management practices for everyone at the company. The Doves’ motto, “trust is earned, not given,” guides best practices we adhere to across Twitter. Finally, we’re speaking with people around the world to better understand how different cultures and groups think about privacy and what they expect when they share their information with a company like ours. For example, through the initial findings from this research, we’ve learned that “meaningful controls” have different connotations depending on where you’re from. This kind of feedback is critical to us as we build the privacy and data controls people want when they use Twitter.
- Keep ourselves accountable to the people that trust us with their data. We know that there is no silver bullet that will make people trust us with their data. However, we also know that to keep your trust we have to show you we’re accountable. We have already taken a variety of steps to weave accountability into how we operate. Our Data Protection Officer, Damien Kieran, provides an independent assessment of all privacy and data protection-related work to our board of directors on a quarterly basis to make sure we’re appropriately discussing any issues and concerns we have and to drive alignment on what matters from a data protection perspective. We are continuing to invest in our Data Management Organization so that we can always account for the data we have, how it is used, and when it is shared. To make sure everyone at Twitter is accountable, privacy and data protection is the heart of our 2020 company-wide priority to build products that earn the trust of people who use them. Also, launching the Twitter Privacy Center provides a central place to keep you updated on our privacy and data protection work and aid us in being accountable to you through transparency.
Twitter is not perfect at privacy and data protection. But we want you to know our statements are not a cliche but backed by an evolving privacy and data protection program intended to keep your data secure and us accountable.