Whistleblower and former Twitter-employee Peiter Zatko Tuesday testified to the US Senate Judiciary Committee on Data Security. As Twitter’s former “Security Lead,” Zatko told the committee that Twitter prioritized profits over security, creating serious risks for American users.
Zatko, also known as dotMudge, was Twitter’s Security Lead from 2020-2022 for the company’s global support and enforcement division. Zatko stated he was testifying because “Twitter’s unsafe handling of the data of its users and its inability or unwillingness to truthfully represent issues to its board of directors and regulators have created real risk to tens of millions of Americans, the American democratic process, and America’s national security.”
On national security, Zatko testified that there was “at least one agent” of a Chinese intelligence agency on Twitter’s payroll. Zatko described how, while internal suspicions existed about certain employees acting as foreign agents, it was “extremely difficult” for the company to internally log what information was accessed by what employee.
Zatko stated that federal regulators let tech companies “grade their own homework” and emphasized that Twitter’s actions to deceive federal regulators go up “to the CEO.”
Asked why Twitter chose not to mitigate risk, Zatko stated the common dilemma of corporate risk-mitigation applied. Zatko described how financial disincentives, the company’s drive to respond to crises and focus on to crises and concentration on growth took priority over security. Senator Mazie Hirono of Hawaii asked, “[D]o people need to go to prison?” Zatko replied, “[T]his starts at the top.”
While most Senators seemed concerned with the security issues Zatko came to discuss, other senators used the platform to criticize Twitter.