The Twitter API teaches me that at best anyone on Twitter can follow anyone else on Twitter without anyone followed knowing anything about it. The Twitter API reveals this through the resource ‘GET statuses/user_timeline‘, a resource which allows anyone with a little programming know-how to anonymously download 3,200 of the most recent tweets made by any public Twitter user. While following Twitter users in this way is readily available to those with a coding background, it is itself not particular to people with such knowledge. Any Twitter user can do it. It is as simple as typing a phrase into the search field (or the search field of the search page) and hitting enter on the keyboard. All those tweets that barrel down the Twitter stream arrive in this way, literally without warning. Advanced search options also exit, but you get the idea. The ability to search and recall tweets anonymously on Twitter is not a defect, it’s a feature.
While Twitter allows users to get some content from other users without contacting them about it first, it, as a problem, is not entirely out of control. Twitter does offer privacy settings and, to be fair to Twitter, these settings provide some aggressive protections. In setting tweet privacy to ‘Protect my Tweets’, Twitter states that a person, in this way, can prevent those without unauthorized permission from viewing their tweets. More specifically, Twitter safeguards include:
- Your Tweets will only be visible to users you’ve approved.
- Other users will not be able to retweet your Tweets.
- Protected Tweets will not appear in Twitter search or Google search.
- @Replies you send to people who aren’t following you will not be seen by those users (because you have not given them permission to see your Tweets).
- You cannot share permanent links to your Tweets with anyone other than your approved followers.
In this way, Twitter makes their service available to a number of people who don’t want everything they have to say on Twitter made publicly available. But even with privacy settings in place, some pieces of user information aren’t protected.
Even with security settings in place, Twitter makes certain pieces of non-tweet, user information publicly available. Some of these include:
Tweets directed at private users
Any Twitter user can see some of what other users are saying about any other user on Twitter.
Twitter users share with other Twitter users their basic profile information, information which includes tweets, following, and followers counts. At most this can include a location, say a city or state, and a personal webpage.
Detailed profile summary (available through the API)
A Twitter profile can be seen in greater detail through the API, so that any Twitter user can know when any other Twitter account was created.
Social network connections
Who follows a Twitter user and who else these followers follow is not entirely hidden, connections which can help reveal social networks.
Not everything a user does on Twitter is hidden from sight, even when privacy settings are in place. This issue is problematic in that it leads to a false sense of data security, where in which what Twitter and Twitter user’s think is hidden do not necessarily correspond with one another. I have no reason to suspect the social media organization Twitter of actively threatening the security and privacy of its users, but they could make more of an effort to identify and present, in an accessible way, the metrics about their users which are publicly knowable. They know these things. It’s not necessarily outrageous to think they could let us know these things too. Twitter probably knows as well as anyone else that they doesn’t know what’s best for their users; and that only their users actually know what’s best for themselves, but users can’t adequately weigh the pros and cons of their use when they themselves don’t know what’s not hidden. By taking the time to do this, Twitter can better inform their users (and potential users) about their social media presence and better support us all in our use of social media.
Hypothesis to test
On average, when setting their security options, users implicitly assume that what they can allow or deny others to see, as provided by any social media service, is an exhaustive list of all accessible information.