back to article Twitter sued for 'reading' private direct messages

Twitter is being sued for invading users' privacy over its practice of replacing hyperlinks in direct messages with its own "t.co" short links. Californian Wilford Raney filed a class action lawsuit [PDF] against the company in San Francisco this week and is seeking millions of dollars in damages. According to Raney, Twitter …

  1. jgarry

    Read the effin' TOS

    Right there, section 5, "Your Rights" "...By submitting, posting or displaying Content on or through the Services, you grant us a worldwide, non-exclusive, royalty-free license (with the right to sublicense) to use, copy, reproduce, process, adapt, modify, publish, transmit, display and distribute such Content in any and all media or distribution methods (now known or later developed)."

    "...you grant us... license... to... modify... such Content in any and all media or distribution..."

    Of course, with lawyers and adhesion contracts, it's white there in black and right, or what's left.

    1. Anonymous Coward
      Joke

      Re: Read the effin' TOS

      Reminds me of the Standard Model. Up. Truth. Charm. Etc. Does that make lawyers frustrated (mathematically-challenged) physicists?

    2. Graham Marsden
      Thumb Down

      Re: Read the effin' TOS

      TOS != The Law.

      Just because it says "By using this service you agree to let us do all this", does *NOT* make it legal.

  2. Destroy All Monsters Silver badge
    Facepalm

    Next up

    How compressing a data stream is actually "reading it". Give me some money!!

    1. Grikath

      Re: Next up

      You forgot parsing a url in Facebook PM to get a thumbnail. or the Gazillion tracking cookies meant for "Optimising the User Experience".

      Given the way you're milked using any of the "free" social outlets anyway, any PM is at best "non-public" , but it's never Private. The wise user takes that into account.

    2. Kevin McMurtrie Silver badge
      Boffin

      Re: Next up

      Somewhere there's a big database of every link ever found in a private message, and I'm betting that it's pretty easy to get other people's original URLs back out. Each recipient who clicks a shortened link is going to generate an access log entry. That's how it's not even remotely private.

      They could get around this by not substituting the entire URL. Just substitute the domain and throw the rest after a '#'. A sent URL of "http://some.domain/private/secret/mystuff" becomes "https://t.co/domaincode/#private/secret/mystuff" when received. The part after the '#' anchor delimiter is never sent to servers by browsers but Twitter could return a document that can see it and reconstruct the original URL. Advertising metrics would be reduced but not entirely lost.

    3. A Non e-mouse Silver badge

      Re: Next up

      If they were just compressing, there would be no issues. But they're not "just" compressing. They're altering the message so as to force the user to go through their servers and gain more information about sender & receiver (and as the article mentions, screw advertisers for more money). They're also obfuscating the message by hiding the real website you're going to visit.

      Going off on a tangent, I have a general dislike for these URL shortening services as you never know where you're going to end up. Normally, I can use a bit of common sense and avoid clicking on a www.eebay.com link. But with shortening services, I have no idea where I'll end up or what crap is going to be sent to my browser.

      1. Simple Si
        Alert

        Re: Next up

        I can't stand them either for the exact same reason although depending on the url shortening service, there is usually a method to preview the url - E.g bitly url's can have a plus sign suffix to reveal the url before visiting the page (full(!) link: http://support.bitly.com/customer/portal/articles/1765767-can-i-preview-a-bitlink-before-clicking-on-it-?b_id=5611)- still a pain when clicking as you have to copy the url (sometimes made harder when the hyperlink on the page points to the current website's link tracking/checking service) and make a quick url change. Perhaps an idea for a a browser plug-in would be to convert those url's and make them visible when hovering - suspect that might exist already...

        1. ratfox

          Re: Next up

          Yes, short URLs are fairly dangerous, as you never know where you're gonna end up.

  3. Henry Wertz 1 Gold badge

    Torn

    "How compressing a data stream is actually "reading it". Give me some money!!"

    No, I do not expect my private, direct messages to be compressed in-transit. If a company (I'll use Umbrella Corp. as an example, because I feel like it)... if Umbrella Corp. advertises a private direct messaging service, then no, I don't expect Umbrella Corp. to compress my communications. Because the communications should be encrypted so Umbrella Corp. cannot make heads or tails of it (including to compress it.)

    Anyway, I'm torn here. On the one hand, I'm really not sure if replacing URLs with shortened URLs (or the compression example), if they should have the book thrown at them. After all, they were not intentionally violating privacy. On the other hand, I don't think they should be able to use the term "private direct message" for a message that is going through Twitter's servers without end-to-end encryption; this term implies the message is going straight from one user to the other, and it's not.

    1. Anonymous Coward
      Anonymous Coward

      Re: Torn

      Unless it is encrypted by the client, it is not end to end encryption.

      Also if they scan such messages for malicious code... (as most email providers do) is that reading the message?

      I agree with you that its hazy at best and a cash driven spurious law suit at worst.

      I think there are lots of words that need some definition in this (based on previous re-definition for lawyers)...

      "Private", "Direct", "Reading"...

      I would argue that the only true private direct messages that can be read are ones you write in code on a piece of paper and hand to your buddy in high school... (as recently seen in that Turing movie).

  4. Anonymous Coward
    Anonymous Coward

    "Twitter has been desperately chasing revenue for its service"

    There was a time when instead of "services" we would just have protocols, and whoever felt like it could implement them and run them, all in a distributed and more or less voluntary fashion.

    Nowadays, however, all information flows through a tripoly of American companies: Google, Facebook, and Twitter. I am, let us say, rather uneasy about this.

    1. Anonymous Coward
      Anonymous Coward

      Re: "Twitter has been desperately chasing revenue for its service"

      Once upon a time, anyone could send computer-generated tweets to Twitter through an open API.

      These days you have to go through a Byzantine OAuth process which gives Twitter the ability to terminate to block access to any apps it doesn't like or become too popular for their own good so that TWTR$ can then replace them with their own versions.

      see:

      http://hueniverse.com/2007/09/16/oauth-isnt-always-the-solution/#more-144

      http://seriot.ch/abusing_twitter_api.php

      http://seriot.ch/resources/abusing_twitter_api/abusing_twitter_api_hitb.pdf

    2. Ben Bonsall

      Re: "Twitter has been desperately chasing revenue for its service"

      Nowadays, however, all noise flows through a tripoly of American companies: Google, Facebook, and Twitter. I am, let us say, rather uneasy about this.

      I'm yet to find actual information on them.

  5. Anonymous Coward
    Anonymous Coward

    As soon as...

    People realise we can do without social networks the world will be a better place.

    Yes, webmail services will scan your words, the NSA and GCHQ will infiltrate your privacy. but for fuck's sake let's all stop using these loss making wealthy scammers purporting as your friend.

    But I can't see it happening.

    1. Drudgery Leak

      Re: As soon as...

      I can see it happening. This social networking thing is less than ten years old. It'll probably still be around in another ten years time, but usage will have shifted. Another ten years on and things will be totes diff yeah.

      1. Paul Woodhouse

        Re: As soon as...

        hmm, seem to remember using friendster more than 10 years ago... I might have even looked at faceparty once or twice as well :P...

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like