Explained | What are the concerns on Twitter whistleblower’s claims?

The story so far: On August 23, CNN and The Washington Post newspaper reported that Peiter ‘Mudge’ Zatko, a former head of security at Twitter, had filed a whistleblower complaint with the U.S. Securities and Exchange Commission, which among other things alleges that the Indian government forced the social media network to hire its agent, who then had access to sensitive user data. The disclosure document, put out by the Post, identifies him as a “security lead” and “a member of the senior executive team,” someone who “uncovered extreme, egregious deficiencies by Twitter in every area of his mandate including… user privacy, digital and physical security, and platform integrity/content moderation.” Mr. Zatko, whose services were terminated by Twitter in January this year, has accused his former employer of making false statements to users and the Federal Trade Commission regarding security, privacy and integrity. Significantly, the whistleblower has said in the disclosure that Elon Musk’s suspicions about the accuracy of Twitter’s claims that less than 5% of its accounts are spam — which eventually led the Tesla founder to pull back from a deal to buy the social media network — “are on target.” That’s because, “Agrawal knows very well that Twitter executives are not incentivised to accurately ‘detect’ or report total spam bots on the platform.” On a broader level, in the disclosure, Mr. Zatko has written about Twitter’s lack of real progress on the issues of security and privacy over the years. Its response, which was published in The Hindu, has made it a point to mention that Mr. Zatko was fired for “ineffective leadership and poor performance.” Also, it has said: “What we’ve seen so far is a false narrative about Twitter and our privacy and data security practices that is riddled with inconsistencies and inaccuracies and lacks important context.” Twitter hasn’t made a specific comment on the Indian angle in the disclosure.