Twitter is apologizing for ads targeted at users based on their phone numbers and email addresses. The social media company said it can't definitively know how many people were affected, but is alerting people about the issue now, because they want to be "transparent," Twitter said in a statement.
"When an advertiser uploaded their marketing list, we may have matched people on Twitter to their list based on the email or phone number the Twitter account holder provided for safety and security purposes," said the company. "This was an error and we apologize."
Twitter is apologizing for using data gathered for security reasons to match users to advertisers
Twitter collects this personal user data —phone numbers and email addresses — as part of its security protocol, using it for something called two-factor authentication. When users enter their password to log on to Twitter, those who have opted in two-factor are then asked to enter a second code, which is typically sent to their email address or to a phone number in the form of a text message. That code is then entered on the site as well, and then the account is unlocked.
Twitter is making it very clear — however — that the actual phone numbers and email addresses of users were never directly shared with advertisers or others. Instead, the information was matched through Twitter's backend, through its Tailored Audiences system, a program where advertisers can target ads on Twitter to customers based on their emails and phone numbers. But in this case, Twitter allowed advertisers to match up with customers on phone numbers and email addresses that had only been given to Twitter for security reasons — and should not have been used for marketing reasons.
The company says it had fixed the problem as of September 17, 2019 and stated that users' personal data collected in this matter will not be used to target advertising to them in the future.