Over the past weeks, Twitter has been the topic of the latest buzz concerning privacy. It started when Twitter began locking users out of their accounts after the social media platform prompted users to add their birthdates. Once the birthdate was added, Twitter would lock the account almost immediately and flag it for violating Twitter's age guidelines. According to Twitter's policy concerning age, users must be at least 13 years of age when creating an account. So, when users are prompted to put their age in, if Twitter detects that the account could have been made before the user turned 13, it was locked. Upon trying to log back in to the account, users would receive this message:
Clicking on the "let us know" link would direct you to a page where you are prompted to put in your state issued ID. Some time afterward, users would receive an email that the issue had not been resolved.
After this, users went to Twitter's website to file a report, to which Twitter would deny the appeal. The website directs users to the @TwitterSupport direct message, which is inaccessible unless you message with a non-locked account. When users DM'ed the Twitter Support, they were met with this message:
The link that is given links back to the form where you send in your ID. Twitter has not made a public statement about this issue, and no one is sure why they have been so silent. So that leaves users asking, "why?"
The answer is actually more straight forward than we think. The short and simple answer is Europe's GDPR rules. So what is GDPR? GDPR stands for General Data Production Regulation, and it came into effect across the entire European Union on May 25th. It is the EU's new rules for internet privacy and protection which requires that any and all personal information submitted must be kept safe and confidential. As a part of this ruling, many businesses have started to require and enforce age as a factor. This has necessitated updated policies for almost all major businesses such as Facebook, WhatsApp, Google, and, you guessed it, Twitter.
Because of this, Twitter has started cracking down on certain privacy guidelines in order to adhere to the GDPR rules. So, as a result, Twitter has been locking accounts that it believes may be used by individuals younger than 13. This also goes for individuals that enter their birthday and reveal that the account may have been created when the user was under 13; even if those individuals are well into adulthood.
You may be thinking to yourself, "Twitter is worth billions, what happens if they don't comply?" While yes, it is true that Twitter is worth $15.7 billion (2016), the penalty handed down for not complying is a hefty one. Something to the tune of $23.5 million for a small company or 4% of the company's annual global sales. As an avid Twitter user and a victim of the lockout, I wonder why nothing was said prior to or after the lockouts. Twitter had to have known about the implications of the GDPR, but why stay silent? The purpose of the GDPR is to protect the privacy of users, so why not be transparent?
Here's the kicker, Twitter used to NOT require a birthdate when signing up. That's right, it was not required until 2015. So why is Twitter doubling down on age retroactively? Users were only locked out of their accounts when they were prompted to add their birthdates so "friends can celebrate with you!" So, Twitter got us to rat ourselves out. So far, Twitter has been deathly silent about the banning, even though the hashtag #TwitterLockout is gaining more traction by the hour.
So now, we wait. There was a shareholder's meeting at some point within the past week, but none of the information from that has been shared either. We are playing the waiting game at this point. When will Twitter make a statement concerning the direct link between the GDPR enforcement and the lockouts? Will we ever get an answer? The world may never know.