Twitter Gets One-Two Punch As Whistle-Blower Piles On After Musk

Zatko, the ex-hacker who was Twitter’s head of security, is scheduled to testify before the Senate Judiciary Committee on Tuesday.

<div class="paragraphs"><p>Photo by Souvik Banerjee on Unsplash</p></div>
Photo by Souvik Banerjee on Unsplash

Twitter Inc. whistle-blower Peiter Zatko’s first public appearance since his explosive allegations against the social media giant couldn’t be more awkwardly timed for the company that billionaire Elon Musk no longer wants to buy.

Zatko, the ex-hacker who was Twitter’s head of security, is expected to tell the Senate Judiciary Committee on Tuesday that the company misled its board, investors and users about the security of its platform and the prevalence of bots. 

The testimony comes as lawmakers and regulators seek to rein in or break up tech companies, and as Musk tries to get out of his offer to buy the company. A judge last week ruled that Musk’s legal team can use Zatko’s whistle-blower claims in his defense against Twitter’s lawsuit seeking to force him to complete the $44 billion deal. 

A Delaware Chancery judge is set to hear that case in the coming weeks, deciding whether Musk -- chief executive of Tesla Inc. and the world’s richest man -- was justified in backing away from the deal because of some of the same issues Zatko has raised. 

Twitter’s user base is large, but not compared to other social media companies with a more global reach. Twitter has 237.8 million daily active users that it counts as monetizable compared to 1.97 billion daily active users on Facebook’s original platform.

That means the company has escaped the antitrust scrutiny aimed at larger companies. Meta Platforms Inc., Alphabet Inc.’s Google, Inc. and Apple Inc. are being investigated by federal antitrust regulators and are targeted by proposed legislation that would curb their power in the internet economy. 

But now it’s Twitter’s turn to have its business decisions and policies picked apart in public. 

In his complaint filed last month with the Securities and Exchange Commission, Federal Trade Commission and Justice Department, Zatko accused Twitter of “fraudulent and material misrepresentations” to its board and investors, as well as allowing foreign governments to infiltrate the platform. He also said Twitter violated a 2011 consent decree to tighten security controls and respect user privacy. 

Twitter declined to comment in advance of Zatko’s testimony. But in an email to employees after his complaint was filed, Twitter Chief Executive Parag Agrawal disputed the allegations.

“We’re reviewing the redacted claims that have been published, but what we’ve seen so far is a false narrative that is riddled with inconsistencies and inaccuracies, and presented without important context,” he wrote.

Lawmakers have highlighted national security concerns raised by Zatko as particularly troubling, especially allegations that Twitter had Indian government agents on the payroll with unsupervised access to “vast amounts of Twitter’s sensitive data,” according to his complaint. Zatko also alleged that outdated operating systems left the platform vulnerable to outside attacks. 

Senate Judiciary Chair Dick Durbin described Zatko’s allegations as “pretty serious business” and said he expects new legislation to be introduced to address issues that come up in the hearing.

“If it’s anywhere along the lines of what’s been suggested, I think it’s a matter of grave personal and privacy concerns,” Durbin told reporters Monday. “The question is whether information being gathered by Twitter is being used for purposes that we’re not aware of.”

Congress is already considering several measures to protect user privacy and security -- including some from members of the Judiciary Committee -- but Tuesday’s hearing probably won’t improve their chances of becoming law. Republicans, who expect to win control of the House in November’s midterms, have signaled that they plan to focus on what they describe as censorship of conservative viewpoints and reforming liability protection for online platforms.

Lawmakers are likely to use the hearing to call for legislation to protect user privacy, which hasn’t advanced as far as several tech-focused antitrust bills. There is bipartisan support for new internet regulation, but little agreement on the best approach.

Zatko, 51, first testified before Congress in 1998 as a young hacker known as Mudge, warning a Senate committee about fundamental weaknesses in the internet’s infrastructure. He then went on to work at US Defense Advanced Research Projects Agency, Google and the payment service Stripe Inc. before being hired by Twitter founder and former CEO Jack Dorsey in 2020 to help address security concerns. 

Second Whistle-Blower

Zatko is the second high-profile whistle-blower to level accusations at a major tech platform, joining former Facebook product manager Frances Haugen, who publicized reams of internal documents and testified in a Senate hearing last October. Meta, the parent of Facebook, has since lost half of its market value and saw usage of its original platform decline in North America for the first time.  

Twitter representatives haven’t been called to testify before Congress since Dorsey appeared remotely in a hearing about the 2020 election on November 17 of that year. The San Francisco-based company wasn’t included in the Senate’s investigation last year of social media’s impact on youth mental health sparked by Haugen’s revelations. Zatko will be the only witness in Tuesday’s hearing. 

Musk’s lawyers have been most interested in Zatko’s claims that Twitter misled investors about the prevalence of bots -- or automated accounts that aren’t valuable for advertisers or for monetizing the platform. The whistle-blower complaint cites tweets from Musk and Agrawal about how to measure and remove bots.

Agrawal fired Zatko in January over what the company said was poor performance. 

More stories like this are available on

©2022 Bloomberg L.P.