Twitter once again finds itself in hot waters as it fails to impress privacy advocates after security researcher Karan Saini discovered some damning activities the popular microblogging network is involved in. This should come as a shocker to millions of users who use the platform's Direct Message (DM) feature to communicate.
Twitter is all about having conversations openly via tweets, but users can also communicate privately via DMs, for which either users must follow each other or have the setting open to receive DMs from anyone. In both cases, DMs allow private conversations, which can be deleted like any regular message. But as it appears, even if you delete your DMs, Twitter doesn't get rid of them.
Saini discovered that it is possible to dig up direct messages dating back several years, even if they have been deleted or associated with deactivated or suspended accounts. Twitter appears to be keeping a copy of your messages on its servers, which seem surprising considering the platform's Privacy Policy clearly states that deactivated accounts will be deleted, TechCrunch reported on Friday.
Additionally, Twitter's law enforcement policy says that "there is a very brief period in which we may be able to access account information, including Tweets" even after the account is deactivated. But it doesn't say anywhere that a "very brief period" could be as long as a few years.
Even though this isn't an imminent threat as the data is well tucked behind password authentications and multiple steps, nothing is forever safe. Only account users can request all the data from Twitter to see for themselves that all those DMs aren't really deleted completely. But what is actually concerning is the fact that Twitter isn't deleting stuff when it says it is.
In response to this, a Twitter spokesperson was quoted as saying that the company was "looking into this further to ensure we have considered the entire scope of the issue." Stay tuned for updates.