Twitter’s Blue Tick Saga: How Privacy, Reputation and Security Is Being Impacted

Allan Dunlavy 29 Nov 2022

Partner Allan Dunlavy delves into the drama behind Twitter’s blue tick system under Musk – and explores the consequences for users’ reputation, privacy and security

There’s no doubt that the situation at Twitter since the completion of Elon Musk’s takeover in October has been chaotic – and it seems to be getting more so by the day. Among the most concerning developments is what appears to be a decreasing focus on online privacy and reputation since Musk’s appointment as CEO.

Quoted as having ‘torn through the social network’s headquarters like a hurricane’ in his first few days of taking over, Musk’s actions have so far resulted in a decimated workforce, a severe dent in Twitter’s reputation, and ultimately, little confidence in the future of the 200 million user strong platform.

What’s changed at Twitter?

Amidst the sacking of nearly 4,000 Twitter employees, thousands of contractor content moderators are rumoured to have been let go; which is obviously concerning from an online safety perspective. Without a significant, trained and empowered team of content moderators, and with Trump’s (and others’) accounts reinstated, charities, brands and users are rightfully worried about the potential increased toxicity of the platform and the very high likelihood of even more harmful content and disinformation.

These changes could well have been made with money in mind.  The widespread view is that Musk and his investors significantly overpaid when they offered to buy the social media platform in April of this year (forking out $44 billion when Twitter’s fair value could be just $25 billion). This, it seems, will come to overshadow and dictate everything that he does.

More concerning, though, is that these changes appear likely to throw online reputation and privacy under the bus.

The blue tick saga

Since Musk’s takeover, in terms of the platform and its attractiveness to users, the biggest blow so far appears to be the plans for the famed Twitter Blue Tick.

Prior to Musk, the blue tick worked relatively well (insert large disclaimer here!) to identify the authentic accounts of well-known individuals. A blue tick alongside an account demonstrated that Twitter had taken steps to ensure that the account was actually owned by the person or organisation it claimed to be. Twitter’s online help centre explains that ‘Twitter used the blue checkmark to indicate active, notable, and authentic accounts of public interest that Twitter had independently verified based on certain requirements’.

The blue tick programme originally came about so users could be informed as to which accounts were real and which were fake: Twitter launched their ‘Verified Accounts’ programme in 2009 after being sued by Tony La Russa, manager of the St. Louis Cardinals baseball team at the time, over an impersonation account. This was a huge step in Twitter recognising the need to know who exactly was behind ‘public interest’ accounts: removing this assurance will no doubt cost the platform in users. Users wanted to be confident that they were interacting directly the actual person or organisation – one of the key attributes of the platform.

The instigation of the blue tick service also allowed users seeking to be authenticated an opportunity to have a verified account and seek the reasonably swift removable of fake accounts seeking to impersonate those individuals or companies (again, insert large disclaimer here!). From an online security and privacy perspective, although no panacea, the blue tick at least worked to make Twitter feel like a place of relative authenticity.

Paying for authentication

In early November, however, rumours began floating around about a potential new, paid-for blue tick programme. The plan to launch this was delayed due to a number of reasons – including the firing of technical and other staff required to implement it. The implementation was further pushed back due to the midterm elections, as – ironically – Twitter were supposedly worried about the spread of misinformation from impersonator accounts. Clearly, the risks of this system were accepted and understood internally.

Unfortunately, the reality of the paid-for blue tick service (‘Twitter Blue’), which launched on 9 November (only to be halted two days later) seems to have been a complete abandonment of any enforceability of the existing blue tick, authenticated accounted rules.

Notably, Twitter’s help centre now states that after November 9th, ‘accounts that receive the blue checkmark as part of a Twitter Blue subscription will not undergo review to confirm that they meet the active, notable and authentic criteria that was used in the previous process.’ In line with nearly everything else at Twitter since the takeover, authentication appears to have been thrown into complete disarray and fundamentally undermined seemingly without any proper thought or strategy.

Impersonation and reputation

This lack of verification under Twitter Blue risks opening the floodgates to impersonation accounts posting large numbers of fake and damaging Tweets, threatening individuals’ and brands’ reputations, impacting user privacy and safety and sending a message that uncensored and harmful content may not be as strongly policed going forward. Ultimately, this could undermine the user experience for all users who want to interact with the real individuals and businesses – not fake accounts advancing their own agendas.

From George Bush to Elon Musk himself, impersonation accounts began publishing content within hours of the new Twitter Blue service launching. The impact of these accounts have ranged from the comical – such as a Nintendo parody account publishing an uncensored picture of Mario – to the financial, when a user posing as pharmaceutical company Eli Lilly & Company tweeted ‘insulin is free now’, causing stock share prices to drop by over 4%.

Amid the chaos, Twitter stopped taking new Twitter Blue subscribers just days after launching. Just to confuse matters, they then added back in an ‘Official’ label, to ‘combat impersonation’: this would essentially replace the previous blue tick, signalling verification. But despite this move, and despite the fact that a number of impersonation accounts have since been taken down, it appears that the Twitter disaster is starting to undermine users’, advertisers’ and regulators’ trust in the safety and privacy of the social media platform.

Where next for Twitter’s blue tick?

So what are the possible outcomes of this blue tick saga?  Going forward, we might well see litigation against Twitter for actual damages caused as a result of the platform’s failure to enforce authenticated accounts – and worse – for giving them the authority to speak for brands. Given Twitter is allowing this to happen and allowing them to present as verified accounts, they may be potentially liable.

The disorder at Twitter may also lead many brands to rethink their presence on the social media platform, and question whether having a ‘verified’ account means anything anymore and whether this is a valuable way to engage with their customers and other followers. This of course could be hugely damaging to Twitter, who need these valuable accounts and the thousands of followers they bring with them in order for a monetised blue tick system to actually work.

And it’s not just the big players that are affected: unhappy users worldwide appear to be choosing to leave the platform too, many taking their custom and followers over to alternative platforms such as Mastodon.

In my eyes, it won’t be easy for Twitter to even get back to where they were, never mind move forward and improve (which was very necessary from even where Musk started), especially given their legal and privacy teams have seemingly all resigned as well.

And with a ‘decimated’ communications team on top of all of this, surviving the reputational storm is looking extremely challenging for Twitter.