Elon Musk was about to violate a federal privacy order when he took over the microblogging site
X
(formerly known as Twitter) in 2022. The US Federal Trade Commission has claimed that the company’s data security employees prevented a breach and saved its billionaire owner from violating the law. In a letter sent by
FTC
Chair Lina Khan to Republicans (seen by Bloomberg), the regulator noted how X employees saved Musk from violating the law.
However, the agency mentioned that the investigation against the company is still ongoing.
In the letter, Khan wrote: “FTC staff efforts to ensure Twitter was in compliance with the order were appropriate and necessary, especially considering Twitter’s history of privacy and security lapses,” Khan wrote in the letter.
How X employees saved Elon Musk
In December 2022, the FTC initiated an investigation into X after a group of journalists published the “Twitter Files”. These files offered insights into the company's activities before it appointed Musk as CEO soon after he took over it.
Despite Musk's orders, X workers decided not to comply with his demand to provide unrestricted access to the company data to journalists. The FTC letter claims that this act of defiance may have saved Musk from potential legal consequences from the regulatory watchdog.
The letter claims that the testimony submitted to the FTC revealed that Musk insisted X employees on granting reporters "full access to everything at Twitter”. In the meantime, the company faced government regulations that imposed restrictions on the platform's data and security practices.
The letter also confirmed that X had not violated any regulatory terms as the company’s IT personnel did not follow Musk's instructions and prevented journalists from accessing the platform's internal systems.
FTC fined X $150 million in 2022
Earlier, in May 2022, the FTC imposed a fine of $150 million on the social media platform for misleadingly collecting user data by selling users' phone numbers and email addresses to advertisers. Apart from the fine, the regulator also added stipulations that were required to improve user data security measures, which included limitations on employee access to personal data.