Twitter’s former top security official told lawmakers at a hearing on Tuesday that executives have prioritized the company’s business so heavily that they have misled concerns about foreign governments infiltrating its operations and regulators about its privacy practices, except would have paid attention.
Peiter Zatko, who was Twitter’s top security official before his sacking in January, testified that during his tenure, the FBI informed the company that “at least one agent” from China’s Ministry of State Security “was on Twitter’s payroll.” . In another conversation inside Twitter about a possible foreign agent, Mr. Zatko said an executive said because “we already have one, what does it matter if we have more.”
Members of the Senate Judiciary Committee, which convened the hearing, expressed concern over Mr Zatko’s allegations, which he first made in a whistleblower complaint released last month. Senator Charles E. Grassley of Iowa, the top Republican on the committee, said he doesn’t see how Twitter CEO Parag Agrawal could keep his job if the allegations were true.
“Twitter has a responsibility to ensure data is protected and out of the hands of foreign powers,” Mr. Grassley said.
Mr Zatko’s statement added to the turmoil engulfing Twitter as the social media service faces questions about its survival. The San Francisco-based company was embroiled in a fight with Tesla CEO Elon Musk, who agreed to buy Twitter for $44 billion in April before attempting to exit the business. The company has insisted the purchase go ahead and has sued Mr Musk, with a court hearing on the case set for next month.
A new office culture
The last two years have fundamentally changed the way we work.
Twitter shareholders voted Tuesday to approve the deal with Mr. Musk, although it remains uncertain whether the acquisition will close. Approval was awaited; Shareholders do not normally oppose transactions. The company said a preliminary count of shareholder votes showed support for the deal, but it didn’t immediately release a vote count.
Tuesday’s hearing showed that “Twitter is acting dangerously and recklessly to turn its back on user safety,” said Nora Benavidez, senior counsel at Free Press, an advocacy group that has urged Twitter to do more to address misinformation.
Twitter dismissed Mr Zatko’s allegations, saying in a statement: “Today’s hearing only confirms that Mr Zatko’s allegations are fraught with inconsistencies and inaccuracies.”
Mr. Zatko’s whistleblower complaint has become entangled in the dispute between Mr. Musk and Twitter over the company. Mr Musk’s lawyers have seized on Mr Zatko’s statements to support their argument that Twitter misled the billionaire about the volume of spam accounts on the service.
Mr Musk has claimed he should be able to abandon the Twitter acquisition because the company has downplayed the number of fraudulent accounts on the service. Mr Zatko said in his complaint that Mr Agrawal misled Mr Musk after the billionaire raised his concerns.
A spokesman for Mr Musk’s legal team did not immediately respond to a request for comment.
At Tuesday’s more than two-hour hearing, Mr. Grassley said Mr. Agrawal “declined the invitation of this committee, claiming that it would jeopardize Twitter’s ongoing legal battle with Mr. Musk.”
“Many of the allegations relate directly to Mr Agrawal and he should be here to address them,” said Mr Grassley.
Mr. Zatko, who reached a $7 million settlement with the company after his departure, described Twitter executives as unconcerned about possible security vulnerabilities, especially if it could jeopardize the company’s bottom line. He said he told an executive he was “confident” there was a foreign agent at the company.
“And her response was, ‘Well, since we already have one, what does it matter if we have more. Let’s keep expanding the office,’” Mr Zatko told lawmakers.
Prosecutors accused two former Twitter employees in 2019 of acting as Saudi Arabian government agents and said they used their positions to gain access to information about critics of the Saudi government. A California jury last month convicted one of them on a number of charges; the other man left the country before the authorities could arrest him.
During the hearing, Mr. Zatko also reiterated that Twitter misled the Federal Trade Commission about its data practices and violated the terms of a 2011 settlement with the agency. Twitter misrepresented to the FTC whether it deletes a user’s data when the user leaves the service, he said. He added that he was not directly involved in discussions between Twitter and the agency, but was briefed on the discussions by “people involved in the calls.”
Several senators questioned whether the regulations for tech companies were inadequate. Lawmakers have pondered legislation for years that would establish new privacy and competition rules for the largest technology platforms. But these efforts have yet to bear fruit.
“Something good will come of this. Do you believe that?” asked Senator Lindsey Graham, a Republican from South Carolina.
“I hope so,” said Mr. Zatko. “I’m basically risking my career and my reputation.”