Loyola University Chicago School of Law, JD 2024
Over the last several weeks we have seen mass layoffs across big tech, including Salesforce, Twitter, and Meta. This comes after big tech peaked during the COVID-19 pandemic when it was essential to the nation in keeping us virtually connected. During the lock down tech giants’ profits soared as consumers upgraded devices, maximized increased storage, and were forced to get creative in communicating in the workspace. However, inflation, rising interest rates, and digital spending are driving big tech companies to implement large-scale layoffs as the economy prepares to take a downturn. While Meta CEO, Mark Zuckerberg, described the announcement as one of his hardest decisions, Twitter CEO, Elon Musk, has taken a different approach, causing continuous chaos that has led to compliance risks.
Elon Musk reign and its impact on compliance risk
Tesla CEO, Elon Musk, took over Twitter at the end of October upon closing a $44 billion deal after a tumultuous acquisition process. Musk wasted no time as he fired its CEO, CFO, general counsel, and other top executives. To further add chaos to the company’s security and safety, top privacy executives all resigned within weeks of Musk’s arrival. The departures come as Musk continues to take the approach of publicly announcing policy changes before considering the risk.
Among the many changes that have led to security risk and potential fraud was the infamous Twitter blue check mark system. Originally, the Twitter blue check mark was used as a verification mechanism for active notable users including companies, celebrities, and governmental officials. However, upon takeover, Musk implemented a paid monthly verification subscription model through Twitter Blue that would allow anyone who paid a $8.00 monthly fee to become verified. Having already lost many of its staff members, collecting additional consumer credit card information further exposes its users and causes a security risk that could lead to an increase in hackers and identify theft. Hackers could view the loss of integral staff as a weakness, and become incentivized to test Twitter’s security, as the exposure is publicly known.
The paid verification caused havoc when users began to abuse the service by impersonating individuals and brands forcing Musk to temporarily halt the subscription service. However, the damage was done when a user impersonated a pharmaceutical company Eli Lilly and tweeted that insulin was “now free.” The real Eli Lilly account took to social media to apologize for the misleading message from the fake account. However, that tweet sat on the platform for hours before being removed, but not before its stocks plummeted. The deception was widespread amongst other integral accounts as well. Subsequently, the mayhem compelled major ad firms like Omnicom to urge its clients to pause on their Twitter adverting spend. The uncertainty of substantial risk to client brands is exorbitant until clarity can be provided surrounding safeguards. The loss of revenue will likely continue to spread when other marketing firms follow suit, causing Twitter to financial hemorrhage, resulting in irreparable damage.
Federal Trade Commission consequences
The mass layoffs and resignations of essential executives has left the company vulnerable to Federal Trade Commission (FTC) violations. The FTC poses certain standards to protect consumers data and protect the public from deceptive or unfair business practices that could cause businesses to face potential sanctions for exposing its consumer data.
The former Twitter team was responsible for ensuring compliance with the consent decree issued by the FTC that ordered Twitter to establish and maintain a comprehensive security program to protect nonpublic consumer information. Non-compliance may result in large fines against Twitter. Not having an adequate team in place to carry out the responsibilities of protecting its users, places their data at risk of privacy and data breaches and opens Twitter up to financial liability.
The lack of experienced employees and turnover causes a great deal of concern that could potentially create a negative impact due to noncompliance with privacy and security laws. I believe Twitter would benefit from a leader who has knowledge in the realm of social media and its compliance needs. Musk should have listened and learned from the original team in place before making decisions that places Twitter at risk of violations. Additionally, before making such abrupt and extreme changes, he should have at least considered creating updated written policies and procedures rather than simply announcing vague stances publicly without considering the implications of such changes on user privacy and compliance with the FTC.