5 things lawyers need to know about Twitter right now

After months of drama and lawsuits, Elon Musk now owns Twitter. Since purchasing the company for $44 billion USD, Musk fired 50 per cent of his staff. The Tesla CEO also removed the company’s work from home policy and put forward an ultimatum to employees to work in “extremely hardcore” conditions or leave. This led to nearly 1,200 resignations, and Twitter was forced to close its offices.

Here’s what you need to know:

1. Workers’ rights

The first round of layoffs potentially breached the Worker Adjustment and Retraining Notification (WARN) Act. Under the act, employers are required to give 60 days’ notice when initiating a large-scale layoff. Several lawsuits have been brought by former employees who allege they were not provided this notice.

Others have accused Twitter of breaching their employment contract by failing to provide severance pay and promised benefits. Musk’s enactment of recent policies requiring staff work “long hours” in the office “at high intensity” may be in violation of several workplace laws. For example, increasing work hours and limiting one’s ability to work from home may make it harder for employees with a disability to obtain reasonable accommodations under the Americans with Disabilities Act. Moreover, the policies could disproportionately affect women with childcare responsibilities and constitute sex-based discrimination.

2. Exposure to cyber-attacks

With fewer staff to defend Twitter from cyber-attacks, the platform is at risk of a massive data breach or security incident.

David Kennedy, CEO of the incident response firm TrustedSec, said Twitter has neglected their security for a long time and recent changes have increased the level of risk. “There’s a lot of work to be done to stabilize and secure the platform, and there is definitely an elevated risk from a malicious insider perspective due to all the changes occurring,” said Kennedy.

CEO of SocialProof Security Rachel Tobac said the new verification system has multiplied security threats on the platform. “From users impersonating emergency service providers to spread panic to extortionists stealing and leaking private messages stored on Twitter, it’s staggering to imagine the amount of risk that this platform has opened itself up to,” said Tobac.

3. Compliance with regulations

Reducing content moderation may create issues with regulators worldwide. Under German Law, social networks are required to remove illegal content or they will be fined. “Either you have content moderation, or you don’t have it,” said UCLA professor Sarah Roberts. “You don’t just kind of have content moderation, removing child sexual exploitation material is content moderation,” she said.

NewsGuard CEO Gordon Crovitz said that hate speech and misinformation had surged on the platform since Musk’s take over. “The kinds of content they were spreading had disproportionately more misinformation than they usually had, and that is what leads to engagement,” said Crovitz.

According to former employees, Musk’s new legal department is asking engineers to “self-certify” compliance with privacy laws and Federal Trade Commission (FTC) rules. An unnamed FTC spokesperson said the agency was “tracking recent developments at Twitter with deep concern. No CEO or company is above the law, and companies must follow our consent decrees. Our revised consent order gives us new tools to ensure compliance, and we are prepared to use them”.

4. Data

In the event that Twitter collapses, experts recommend users take steps to protect their data. Users are advised to download their Twitter archive, set up two-factor authentication, lock down their privacy settings and delete old tweets and DMs. Deleting direct messages from Twitter may prove more difficult. Currently, users can only remove a direct message if all people in the group consent to delete the message. Cybersecurity experts have long called on Twitter to encrypt its direct messaging however it remains unencrypted and vulnerable to being hacked. Twitter provides no system to bulk-delete direct messages.

Silas Cutler, senior director of cyber threat research at the Institute for Security and Technology, said that the difficulty in deleting data from Twitter has resulted in more people using third-party Twitter apps that promise to delete data but require access to the user’s account. “I think deleting DMs and old posts is more dangerous for general folks,” said Cutler. “There are a lot of sketchy services offering ‘verification’ and cleanups, and it’s only going to lead to account takeovers.”

Pieter Zatko, the former head of cybersecurity at Twitter who filed a whistle-blower complaint in June, said in his complaint that the company does not understand its own data retention systems. The company deliberately calls deleted accounts “deactivated” in case the data isn’t actually deleted.

5. Impact on advertisers

Major brands such as General Motors, United Airlines and General Mills have temporarily ceased purchasing ads on Twitter. Lou Paskalis, a media and marketing executive, said the biggest concern for advertisers is avoiding risk and brand safety. Initially, Elon Musk threatened a “thermonuclear name & shame” of companies that quit Twitter but has since retracted his threat.

“The best way to understand what’s going on with Twitter is use Twitter,” Musk told advertisers. Some advertisers are skeptical about appearing alongside more risky content that Elon Musk has allowed. Musk attempted to quell advertisers’ concerns by indicating some content moderation would remain.

“Twitter obviously cannot become a free-for-all hellscape, where anything can be said with no consequences,” Musk wrote. “Twitter aspires to be the most respected advertising platform in the world.”