Peiter Zatko was been thrust into the limelight ever since his whistleblowing allegations regarding malpractice at Twitter were made public in August. 

The former head of security at Twitter was called before a Senate Judiciary Committee on September 13 to answer questions about the allegations that he made in the whistleblowing complaint. Zatko sent his complaints to the  the Securities Exchange Commission, Federal Trade Commission and the Justice Department back in June this year. 

The night before the hearing, the committee sent Twitter a detailed list of questions and invited the CEO of Twitter, Parag Agarwal, to testify at the hearing. Agarwal declined. Nonetheless, Twitter is expected to answer the committee’s questions by September 26. Twitter has declined Zatko’s charges, with Agarwal writing that the the whistleblowers allegations are “riddled with inconsistencies and inaccuracies, and presented without important context.”

The former DARPA researcher has also received a subpoena from Elon Musk who is seeking to withdraw from the $44 billion deal to buy out Twitter that he made in April.

The tech billionaire had earlier alleged that Twitter had not adequately provided information on the number of spam and bot accounts on its platform. Musk was given permission by the Delaware Chancery Judge, Chancellor Kathaleen McCormick to amend his countersuit to include the whistleblower’s complaint. 

Here’s a breakdown of what happened at the committee hearing.

Gaps at Twitter

When Zatko first filed his 84-page complaint with regulators back in June, he alleged that the Twitter’s data protection standards were sub-par and that users were most at risk if anything were to go wrong at the company. But his testimony provided deeper insight into his complaints and the way that Twitter allegedly functions.

At the Senate hearing, the hacker said that Twitter was “over a decade behind industry security standards.” He added that the company doesn’t know the data they have, where it comes from or where it originated from. 

Further, he alleged that given the amount of access that Twitter’s engineers have to the system of the platform, it would be possible for a company employee to tweet from somebody else’s account. However, he did say that such a thing had not happened before. 

““An employee could take over the accounts of all of the senators in this room,” he said. 

Foreign interference was a concern raised by the Judiciary Committee chairman Dick Durbin (Democrat-Illinois), pointing to the whistleblower’s allegations that Twitter allowed foreign agents to be on their payroll. 

A week before he was fired, the FBI warned Twitter that there was an employee who might potentially be a part of China’s intelligence agency, MSS. 

Zatko mentioned that he wasn’t surprised but that if an intelligence agency wasn’t putting in a person at Twitter, then they weren’t doing their job. 

He also mentioned a conversation with a high level executive whom he told about his concerns regarding a foreign agent, to which they replied, “Since we already have one, what does it matter if we have more? Let’s keep growing the office.”

Bipartisan consensus towards regulating tech

Over the past few years various social media companies have been asked to show up to Senate hearings. Last year Facebook whistleblower Frances Haugen was called in front of the Senate and the year before that, Jack Dorsey. Back in 2018, Mark Zuckerberg was asked to testify for the Cambridge-Analytica Scandal. 

While partisan issues remain, mostly over the degree of content moderation, the hearing on Tuesday saw Democrats and Republicans presenting a united front, calling for tech companies to be held accountable for their actions. 

The unfortunate reality however is that bills regarding data, privacy and tech aren’t making it across the finish line. This is despite the fact that several bills, like the American Online Innovation and Choice Act and the Children’s Online Privacy Protection Act have made it past committees. 

Senator Amy Kolbuchar (Democrat-Minnesota) said that despite the hearing with Zatko being the 50th one,  the US Senate had not passed a single bill relating to competition, privacy, better funding for agencies and child protection.

Senator Lindsey Graham (Republican-South Carolina) offered to work with Democrats to ensure that Zatko’s testimony would not go “in vain”. 

“There’s no way to deal with this without bipartisanship, from my point of view, so I’m working with [Senator] Elizabeth Warren [Democrat-Massachusetts] of all people. We have different perspectives on most everything else, but Elizabeth and I have come to believe it’s now time to look at social media platforms anew, and we have this general understanding among ourselves that the regulatory system regarding social media is not working effectively,” he said at the hearing. 

Zatko said that in order for future legislation to be effective, they need to involve audits and quantifiable results which can’t be circumvented by tech companies.

Ineffective regulation

During his testimonial, Zatko offered up an interesting tidbit of information, alleging that Twitter was more concerned about fines that it would have to pay France’s data protection agency CNIL, as compared to US regulators like the SEC and the FTC. 

Zatko stated that the rationale behind Twitter’s strategy vis-a-vis regulators was because American regulators impose only one-time fines or penalties for violating the law. In foreign countries like France, and soon the rest of the European Union, Twitter is concerned about ongoing penalties or business restrictions. 

“One-time fines are priced in,” said Zatko. He said that the other reason that foreign regulators like CNIL are feared is because they “dig in technically” and identify “more quantifiable results”, making it harder for tech companies to “sort wordsmith around.”

Calls for restructuring

The hearing lead to calls for Twitter to be restructured. Senator Chuck Grassley (Republican-Iowa) called for the removal of Parag Agarwal as CEO of the company.

“If these allegations are true, I don’t see how Mr. Agrawal can maintain his position at Twitter,” Grassley said.

Zatko agreed with the assessment saying that the entire management of the company should be changed from the bottom up. He added that management was complicit in misleading regulatory agencies and involvement went all the way till the CEO level.