Twitter’s former head of security will take part in closed-door briefings this week on Capitol Hill following his explosive whistleblower report alleging serious and widespread security vulnerabilities at the company, according to the group representing him.
The expected appearance by Peiter “Mudge” Zatko comes as Twitter faces increasing pressure in Washington, with some Democrats calling on the Federal Trade Commission to launch an investigation. Zatko’s team is due to brief staff in both the House and Senate, a spokesperson for Whistleblower Aid, the group representing Zatko, said.
The disclosure, which was sent last month to Congress and federal agencies and reported on exclusively by CNN and The Washington Post Tuesday, charged that Twitter has major security problems that pose a threat to its users’ personal information, to company shareholders, to national security and to democracy.
It painted a picture of a chaotic and reckless environment at a mismanaged company that allows too many of its staff access to the platform’s central controls and most sensitive information without adequate oversight. And it alleged that some of the company’s senior-most executives have been trying to cover up Twitter’s serious vulnerabilities, and that one or more current employees may be working for a foreign intelligence service.
Zatko, who has agreed to be publicly identified, was previously the company’s head of security, reporting directly to the CEO. He was fired by Twitter in January for what the company claims was poor performance.
According to Zatko, his public whistleblowing comes after he attempted to flag the security lapses to Twitter’s board and to help Twitter fix years of technical shortcomings and alleged non-compliance with an earlier privacy agreement with the FTC.
Democratic Sen. Richard Blumenthal of Connecticut wrote to the FTC on Tuesday calling for an investigation and urging it to impose fines and individual liability on specific Twitter executives if an investigation finds they were responsible for security lapses.
“If the Commission does not vigorously oversee and enforce its orders, they will not be taken seriously and these dangerous breaches will continue,” Blumenthal, who chairs the Senate subcommittee on consumer protection, wrote.
Democratic Sen. Ed Markey of Massachusetts called for investigations of the social media firm in a separate letter sent to the FTC and the Justice Department on Tuesday, saying the allegations revealed “a culture of impunity” at a company that seemingly “prioritizes profit over users.”
“Like other powerful online platforms, Twitter collected user data with deficient security measures, settled with the FTC for misleading users, and then continued operating with few changes,” Markey wrote.
The lawmakers’ letters highlight Twitter’s vast potential legal exposure following the whistleblower report, which stems from alleged violations of a 2011 consent order Twitter signed with the FTC.
Blumenthal wrote that “Mr. Zatko’s disclosures indicate that Twitter management has failed to honor the terms of the consent decree,” while Markey said that the accusations illustrate how Twitter has violated the 2011 privacy settlement with the FTC that committed the company to protecting user data.
Legal experts including Jon Leibowitz, who was the FTC chair at the time of the 2011 order, have said Twitter faces potentially billions in new fines or regulatory obligations if the FTC concludes that the company did in fact violate its commitments to the agency.
In an internal memo obtained by CNN, Twitter CEO Parag Agrawal vowed to challenge the allegations and sought to reassure employees. Agrawal called the allegations “frustrating and confusing to read,” and warned Twitter’s staff to expect further stories to emerge related to the disclosure.
“This will only make our work harder,” he wrote in the memo, which was sent companywide Tuesday morning, adding: “We will pursue all paths to defend our integrity as a company and set the record straight.”
CNN’s Clare Duffy contributed to this report.