The Federal Trade Commission is opposing a bid by X Corp. (formerly Twitter) to terminate a consent decree that requires the company to maintain a privacy and security program.
“The company has not identified a change in circumstances that renders the order’s safeguards unworkable or contrary to the public interest,” the FTC writes in papers filed Monday with U.S. District Court Judge Thomas Hixson in the Northern District of California.
The agency added that it has legitimate reasons to investigate X Corp.'s compliance with the prior order given well-publicized changes at the company after Elon Musk acquired it last October -- including the departures of key members of the privacy and security team.
The prior order, entered into in May 2022, stemmed from allegations that Twitter misled users by asking for their phone numbers and email addresses for security purposes, but then drew on the information for ad targeting. That activity, according to the FTC, violated a 2011 settlement that prohibited the company from misleading consumers about privacy.
X Corp. in July sought to terminate the order, arguing that the FTC had recently “embarked on a new campaign of unceasing demands, demanding responses to long lists of wide-ranging questions and requiring burdensome document productions.”
Among other specifics, X Corp, said the FTC issued 16 letters demanding information since last October. By contrast, the agency issued a total of 28 demand letters between 2011 and last year, according to X Corp's complaint.
The company also said the FTC was wrongly attempting to question Musk at a deposition.
The FTC counters in its new court papers that recent charges at the company justify the investigation.
“Shortly after the Musk acquisition, X Corp. laid off or fired at least half of its workforce ... and by April 2023 the company had reportedly lost about 80% of its workforce through subsequent rounds of terminations and resignations,” the agency writes. “This exodus significantly impacted X Corp.’s privacy, data security, governance, risk, and compliance functions.”
The FTC adds that X Corp.'s entire “data governance committee” resigned, and the former head of information security “issued dire warnings about X Corp.’s data security and privacy practices under new leadership.”