According to Twitter, the 55,000 published accounts include 20,000 duplicate accounts, a large number of suspended spam accounts and others where the password and username are not associated with each other. Nevertheless, “we have pushed out password resets to accounts that may have been affected," said a spokesman.
Twitter needs to be particularly careful in maintaining its users’ privacy following an agreement with the FTC last November (this itself following breaches dating back to 2009). Under the terms of this agreement, Twitter “must establish and maintain a comprehensive information security program, which will be assessed by an independent auditor every other year for 10 years.” Any violation of the agreement carries a charge of $16,000.
Meanwhile, however, Twitter is currently fighting a court subpoena demanding the account details of Malcolm Harris, an Occupy Wall St protester being prosecuted for disorderly conduct. Twitter informed Harris of the order, and Harris sought to have it quashed. On April 20, 2012 the court refused, deciding that “the defendant does not have standing to quash the subpoena.” This effectively states that a Twitter user does not have interest in his or her own tweets.
Now, on May 7 2012, Twitter has issued its own motion in support of Harris and has moved to quash the subpoena. Its two primary arguments are firstly that Twitter terms of use clearly state that tweets remain the property of the user, in that users “retain [their] rights to any Content [they] submit, post or display on or through" Twitter. Secondly, says Twitter, “the Order imposes an undue burden on Twitter by forcing it to violate federal law,” quoting the Fourth Amendment.
The ACLU has come out in strong support for Twitter. “If Internet users cannot protect their own constitutional rights, the only hope is that Internet companies do so,” it says. “Twitter did so here, and Twitter should be applauded for that. We hope that other companies will do the same thing. Our free speech rights may depend on it.”