The FTC had charged that Twitter let hackers take it over and accessed private accounts and let them, for example, send out fake tweets from Barack Obama, Fox News, and other famous phenomena of nature.
David Vladeck, director of the FTC, said that when companies promise people personal information is secure, they have to live up to their promises.
The FTC said Twitter was vulnerable to the attacks because it didn’t implement enough security to prevent hackers gaining access to systems.
Twitter is now to be banned for 20 years from misleading people about how it maintains and protects the security, privacy and non-confidentiality of its system. It has also been ordered to start an information security programme, assessed by a third party every other year for 10 years.
The FTC voted by five to zero to the consent agreement. Twitter doesn’t have to pay any money to anybody. Which may be just as well, because it hasn’t figured out a way to make money out of Twitter. Yet.