Twitter has failed to properly estimate the number of bots and spam users on its platform and misled federal regulators about its cybersecurity practices, said Peiter “Mudge” Zatko, Twitter’s former head of security from 2020 to January of this year, in a complaint with the Securities and Exchange Commission last month.
Zatko’s complaint says Twitter’s method of estimating the number of bot users is misleading and that executives are incentivized with bonuses of up to $10 million to boost user counts rather than remove bots. The complaint also accuses Twitter of violating an agreement with the Federal Trade Commission to uphold certain security standards.
These damning allegations came as Twitter and Musk prepare to face off in a Delaware court in October to argue whether the Tesla CEO is obliged to complete his proposed bid to buy the social media company. Their dispute centers on Twitter’s number of bot users. Zatko’s allegations, if proven true, could potentially affect the result of this case.
Twitter has repeatedly insisted that bots make up fewer than 5 percent of active users on the platform. Musk says he believes the real number is much higher, although he has yet to provide any evidence.
In a statement today, Twitter said Zatko’s complaint is “a narrative about our privacy and data security practices that is riddled with inconsistencies and inaccuracies, and lacks important context.”
“Mr. Zatko’s allegations and opportunistic timing appear designed to capture attention and inflict harm on Twitter, its customers and its shareholders,” Twitter said. “Security and privacy have long been company-wide priorities at Twitter and we still have a lot of work ahead of us.”