Friday, September 29, 2023

Global: X’s new policy risks violating right to privacy for millions

Amnesty International issued the following:


Global: X’s new policy risks violating right to privacy for millions

Reacting to news that X, the social media platform formerly known as Twitter, has introduced new privacy policy which allows it to collect users’ biometric data and access encrypted messages Michael Kleinman, Director of Silicon Valley Initiative at Amnesty International, said:

“’Biometric’ is a broad term which relates to a person’s physical attributes and needs to be clearly explained. Even though X’s new policy asks users for their consent regarding the collection of biometric data, there is a real risk that their right to privacy will be violated.

“The new policy does not clearly spell out how that data will be stored and the safety measures in place to ensure that the information collected will not be used for unlawful purposes. With over 500 million users, such a system-wide collection of extremely sensitive data poses huge security and privacy risks. Even more concerning is the provision that X will collect information about the location of users and their private messages, which may constitute mass surveillance.

“Users’ information will also be used to train X’s machine learning and artificial intelligence models. Yet users are not explicitly given the option of agreeing that their data should be used for this purpose. X claims to be a platform that promotes freedom of expression but its carte blanche approach to profit-making poses a serious risk to individual rights.”

Background

X is the platform that was previously known as Twitter. Elon Musk changed the name in July following his takeover of the platform last year. The new “X Privacy Policy” replaces what was previously known as the “Current Privacy Policy.” The new policy takes effect today.

As well as the collection of biometric data, the new policy introduces the collection of information about users’ employment history and most notably, makes provision for the sharing of encrypted messages for security reasons.

According to X’s policy, it collects “metadata related to Encrypted Messages and when you use Direct Messages, including contents of the messages, the recipients, and date and time of the messages.”