Twitter: after Elon Musk, the CNIL launches an investigation against the social network and its fake accounts

It’s official, the CNIL will get involved in the affair between Twitter and Elon Musk. Following the whistleblower’s revelations this week about the number of fake accounts, the French organization has launched an investigation into the complaint launched by Peiter Zatko. The objective is now to find out whether the social network has violated European legislation on cookies.

It’s a case of countless twists and turns. A (very) brief reminder of the facts if you missed it: Elon Musk announces that he is buying Twitter, before retiring a few days later for a dark case of bots. Twitter would indeed refuse to provide the billionaire with the exact number of fake accounts, prompting him to cut short the transaction. Twitter files a complaint against Elon Musk, Elon Musk files a complaint against Twitter. Are you still following?

Everything could have ended there, but that was without counting on the arrival of a new character: Peiter Zatko. Peiter Zatko is a former renowned hacker, and former head of security at Twitter, before becoming a whistleblower this week. Indeed, the latter revealed particularly compromising information about the firm. This would have indeed lied about the number of fake accounts it hosts.

The CNIL Will Investigate The Twitter Case

But that’s not all, since Peiter Zatko also denounced serious breaches of the security of its users by Twitter. From then on, the case no longer concerns only Elon Musk and the company, but the whole world. What, inevitably, interest the European regulatory bodies, particularly straddling the data protection of their nationals?

Following the revelations, the CNIL, therefore, decided to launch its own investigation against Twitter. 

”At this time, we are unable to confirm or deny the accuracy of the alleged breaches,” explains the authority in the columns of TechCrunch. “If the accusations are founded, the CNIL could carry out checks which could lead to a formal notice or a sanction if breaches are noted. In the absence of a breach, the procedure would be closed”. 

The challenge now is to determine whether there has indeed been a breach of the GDPR. The CNIL is particularly interested in the management of cookies by Twitter, as well as in the data used to develop its artificial intelligence. A case that remains to be followed.