Skip to Content

Privacy & Data

Twitter’s Privacy Policy Update Is a Material Change Done Right

Yesterday, Twitter rolled out a material update to its privacy policy. While we don’t agree with all of the updates, Twitter’s revision and the process by which it informed users of the change should be applauded.

Twitter will now retain information about off-Twitter browsing habits for a longer period of time, and the company announced it has discontinued support for Do Not Track, a web browser signal that requests applications disable tracking of an individual user, particularly across sites and via third-party analytics services, advertising networks, and social platforms. This is unfortunate as Twitter was one of the highest-profile supporters of the standard, but even as Twitter taketh away, it giveth a wealth of new features relating to transparency and user control.

As part of these efforts, Twitter launched a new Personalization and Data settings tab, which includes the ability to see more information about “Your Twitter Data” and access more granular controls over some of this information. In addition to targeted advertising controls and the ability to edit user interest categories (based off of user profile and activity), Twitter now offers controls over whether content is personalized based on location history and across devices. The privacy concerns related to cross-device tracking were raised by CDT in comments to the Federal Trade Commission, where we advocated for increased transparency for users and a robust and meaningful opt-out system. Twitter should be commended for its efforts to address these concerns (though it could do more to tell me how it has linked approximately 35 different browsers to my own account).

Twitter should also be applauded for offering users the ability to request the full and complete list of advertisers that have targeted them. That platform’s “targeted audience” feature allows companies to use external emails and other online browsing behaviors to target advertising. The new tool provides a great deal of insight into the company’s data practices: for instance, I learned that I am currently part of 4,506 different audiences from 1,137 different advertisers. This arrived via a lengthy 20-page PDF document that detailed an alphabetized list of Twitter handles. The scope and breadth of companies, organizations, and individuals attempting to advertise to me was eye-opening.

These new user tools point to a potential path forward in reducing opacity around the advertising ecosystem. To be truly informed, users need to know about the types of data being collected about them and the array of third parties using and sharing that information. This is one of the reasons CDT has been supportive of state-based efforts such as the Illinois “Right to Know Act,” which requires commercial websites and online services to tell users what data they collect about them and what types of third parties with whom it is shared. Companies have been critical of the proposed legislation, suggesting these disclosures already exist via privacy policies. Twitter’s tools, however, make clear the benefit in making these disclosures more immediately accessible and on-demand for users. The end result is better transparency and more meaningful user control.

At the end of the day, Twitter’s privacy policy update gives the company the ability to do much more with the data is has on its users, but it has not hidden this fact behind a lengthy or confusing privacy policy. Instead, it has provided users with granular controls, detailed explanations, and, if that doesn’t work, a giant “Disable All” button.