Who Else Can Access Your Tweets?
26th September, 2018 | Cyberprivacy | Entropic
In our previous article we reviewed the current options available for boosting your Twitter sign-in security.
The need to continue delivering information efficiently to its users over the years has driven Twitter to establish a vast global computing infrastructure spanning five continents, with data centers consisting of thousands of servers.
To ensure efficiency and redundancy, much of the information that flows through this infrastructure is copied and duplicated across many different servers, for instance in caches, which helps to ensure information can be accessed efficiently across different regions.
Each of the countries that host Twitter computing infrastructure also have their own distinct regulations that designate access to the information that reaches those regions, such as access by local government authorities and law enforcement.
In this article we'll discuss the options Twitter provides to control your Tweet privacy - who can read your Tweets, and based on these options, who else might be able to access and accumulate your Tweet history over time.
Types of Twitter Accounts
Twitter offers two options for controlling the visibility of your Tweets - public and protected. Once you are signed in to Twitter, this "Protect your Tweets" option can be found under Settings and Privacy - Privacy and Safety.
Public Tweets (Default)
Since Twitter is focussed more on more open communication and outreach, when you create an account on Twitter, your Tweets are public by default. This is important to know, because it means that anyone can view and interact with your Tweets, and that your Tweets can be immediately accessed by third parties who use the Twitter APIs or the Twitter Search portal. Twitter offers it's Search Portal for free, and it's API in several tiers, including free and paid versions. In addition, this information is also crawled and duplicated by search and archive sites, such as Google, Baidu, Bing, and The Internet Archive, making it more searchable.
Though Twitter imposes rate limits on their APIs, which controls how much Twitter information can be gleaned by third parties who access them, these limits can be easily be overcome simply by using the Twitter API to incrementally query and accumulate controlled amounts of Twitter data over time.
Enabling the Protect your Tweets option applies controls on who your Tweets are distributed to - limiting them from being accessed by anyone other than your Twitter followers, and apps you or your followers have authorized. Your protected Tweets cannot be publicly accessed from the Twitter API or Search Portal, and are not made available to search and archive sites. However, this picture gets a bit more complicated.
Regardless of whether your account is public or protected, vulnerabilities in the Twitter infrastructure that are exploited by hackers can reveal information that was previously assumed to be protected. Information can also be gleaned by your authorized followers, and apps you may have intentionally or unwittingly authorized to access your Twitter account, as highlighted earlier this year. Finally, depending on the region, local governments and law enforcement authorities might effectively have eminent domain over any information that reaches data centers in their region of the globe.
Below, we have a simplified view of the types of Tweets discussed, along with the entities that can potentially access them.
A Repository of Who We Are...and Were
Over time, different aspects of our personality, such as our opinions and overall level of maturity can change. Your tweets can represent a static record of this change, and this means there is the ever-increasing possibility that Tweets you made years ago can be uncovered, and used to discredit you in some way. This is also why there has been a more recent trend by some to delete old Tweets to mitigate the effects of this opposition research instigated by others.
Regardless of the motivations Twitter and non-Twitter entities might have behind analyzing your public and protected Twitter footprint, the results of gathering and profiling your accumulated Tweets over time can yield more information about you than you might realize, such as details about your family, friends, lifestyle, location, behavioral patterns - sleep, work, play, beliefs and more.
If you're thinking of enabling the Protect your Tweets option, we suggest reviewing Twitter's guide on what you can expect to happen when you enable this option, since you are going to lose some visibility that you may currently depend upon.
When it comes to cyber-attacks and the theft of personal information, a less advertised benefit of blockchain-based payment systems has been used by law enforcement with cyber-crime investigations for several years. Information about Bitcoin transactions made available on the public blockchain ledger can be used to correlate historical payments made by cybercriminals, as part of their overall cyber-attack operations. This can then be cross-referenced with more detailed personal information obtained from private entities, such as cryptocurrency exchanges. This is discussed further in this article by Elizabeth Gail originally posted on CoinCentral.com.
If you have any feedback, questions, or suggestions, please let us know.
Photo by Andrea Reimen on Unsplash