Twitter made a bold move, but it did not pay off. Twitter took over one of its user’s accounts for fun and then tweeted jokes about reading the private messages in the user’s private messages, amid the growing the call for social media platforms to improve security processes following a series of security breaches and leaks involving the tech giants.
For a little context: the owner initiated the take over of the account and willingly volunteered to do the prank. The account owner was Matt Navarra, a famous tech researcher known to be one of the first to spot new features rolled out by different social media platforms like Facebook, Twitter, and Instagram.
Navarra is a widely credited individual for different tech-related news as the person to have discovered a lot of things in the tech world. Many news agencies have been in contact with Matt which means his Direct Messages probably include a lot of conversations between himself and journalists.
He is also one of those who is tipped first for new features and revelations in the tech world. It can be assumed that his DMs are also full of conversations and confidential information from tipsters. Not to mention that it probably also includes a massive amount of private conversations with him and his family and friends.
One of Navarra’s friends in the tech world was not happy with what happened. Jane Manchun Wong, a tech researcher who, like Navarra, has become famous after publishing her findings as she research for undisclosed and unreleased features from different apps and websites, has expressed on her Twitter account her disappointment for what had happened and called it an “invasion of privacy.”
“I am not comfortable with Twitter accessing our conversation with Matt Navarra because I’ve talked about my personal matters and I expected Matt would only have access to. Not cool going through someone else’s DM inbox. This is an invasion of privacy,” Wong posted in her Twitter account.
Navarra had the idea on Monday and tweeted out a call for someone to run his account for a day. He said that he was experiencing a family emergency during the day that he posted the ‘call’ for account take over and he wanted to offer someone the chance to tweet as him for a day as he takes his day off. He said that he thought that would be fun.
When Twitter, through its official handle, “raised hand” to volunteer to take Navarra’s offer, many of his followers have initially supported it – which they touted as “epic,” “gold” and a “great idea!” – without realizing the security and privacy implications of the plan.
Wong, in her Twitter post, said that people should not be sharing their login credentials and two-step authentication codes, “especially not over the internet without end-to-end encryption. Wong also slammed what happened as a bad security practice. She said:
“Sure, the whole parody is interesting and all, but this is an example of bad security practice.”
She further questioned why Twitter needed to take over Matt’s account if their purpose was only to post on his behalf. This is something, said Wong, could have been done by the tech giant with Twitter API.
“If the only purpose of this “takeover” is to post something from Matt’s twitter account, it can already be achieved with Twitter API (with limited permission granted). Better yet, Twitter should implement scoped team account permission (e.g., only letting team members to post),” she added.
Apparently, a screenshot of the DMs between Matt and Twitter, the tech researcher even offered Twitter his DMs personally telling Twitter to “enjoy [his] DMs.”
Wong slammed the idea that her personal and private communications were compromised just for fun. She blamed herself for telling her personal hardships to someone because privacy and security will be disregarded just because it’s “fun.”
“Lesson learned, I should not trust anyone on telling them about my personal hardships because it will eventually be exposed to someone else in the name of the fun takeover,” she posted.
Nonetheless, she received some hate for expressing her feelings in the possible violation of her privacy related to the event. She said that people have been telling her that she “shouldn’t have sent that DM in the first place,” “you’re just bitter about it,” and to “stop being overly sensitive about it.” /apr