Twitter has revealed that their Apple iOS app collected and shared users' location data (at the zip code or city level) and went on to share this user data "unintentionally" with what the social media company called a "trusted partner company." The bug apparently only affected iOS users that had more than one account using the Twitter app logged in.
The company says it has since fixed the bug.
"Specifically, if you used more than one account on Twitter for iOS and opted into using the precise location feature in one account, we may have accidentally collected location data when you were using any other account(s) on that same device for which you had not turned on the precise location feature," wrote Twitter in a statement.
Twitter violating user privacy
Compared to Facebook, Twitter has been considered generally safer given that it collects less user data compared to its counterpart. However, the micro-blogging company has previously violated users' privacy. During January 2018, a senior engineer at Twitter stated on camera that "we can actually read your DMs" in reference to how, as part of some staff work they review users private DMs. As if that wasn't bad enough, during February 2019, security researcher Karan Saini revealed that Twitter doesn't actually delete your supposedly deleted DMs going as far back as 10 years.
How the bug worked is that the Twitter iOS app would collect user location data when users where signed into multiple Twitter accounts on the same Apple device, and “precise location” was active on just one of them.
"We have fixed this problem and are working hard to make sure it does not happen again. We have also communicated with the people whose accounts were impacted to let them know the bug has been fixed. We invite you to check your privacy settings to make sure you’re only sharing the data you want to with us. We’re very sorry this happened. We recognize and appreciate the trust you place in us and are committed to earning that trust every day."
Cover image credit: Charles 🇵🇭/Unsplash