Be Sure to Secure Your Twitter Account: The NJCCIC’s Guide to Accessing Twitter’s Security & Privacy Settings

The NJCCIC is providing this guide to help our members and website visitors manage their cyber risk and maintain the security and privacy of their information. This guide provides users with the steps needed to access and change privacy and security settings, as well as instructions on how to view the user data collected by Twitter. It has become increasingly important for users to be aware of the type of personal data being collected – and often sold – by these free online services.

Your Twitter Archive

To review your settings, click on the small version of your profile picture, either located on the top left (mobile version) or top right (desktop version) of your screen and then select “Settings and Privacy.”

 
 

When you get to the next screen and scroll all the way to the bottom under the section labeled “Content,” there is a button labeled “Request your archive.” This archive contains all of the information that Twitter has collected from you since you opened the associated account. If selected, Twitter will email you a link to download the archive after the request has been processed.

 
 

Your Privacy and Safety

To secure your Twitter account, it is very important to review your privacy settings. To do so, select “Settings and Privacy” from the settings menu and then locate the “Privacy and Security” tab on the left side of the screen.

 
 

A) Privacy

Twitter allows users the option of having their Tweets viewed either publicly or restricted only to whom the user approves. Additionally, users have the option of geotagging their Tweets, which allows a location to be included with each Tweet. You can choose to modify these settings via the checkbox that Twitter provides. You can also delete the location information included with previous Tweets by using the button provided.

 
 

The photo tagging and discoverability options listed under the Privacy section allow users to control who is permitted to tag them in photos posted to the platform and how others can find their accounts using Twitter’s search function. Twitter also provides a link to a resource that explains how this data is utilized to connect you to other Twitter users.

 
 

Users who have permitted Twitter to access and upload their contact list, either from their mobile devices or from desktop applications can view and manage that data by clicking the “Manage your contacts” button. Twitter stores this information and uses it to provide users with suggestions of other Twitter accounts to follow. The NJCCIC strongly recommends deleting this information and restricting permissions settings on devices to protect your personal information as well as the personal information of the people in your contacts list.

Twitter also allows users to control how Twitter personalizes content and shares certain data. By selecting “Edit,” you can enable or disable the personalization of ads and Twitter’s ability to track you when visiting other websites. You can also grant or deny Twitter permission to share your data through “select partnerships.”

 
 

The Twitter for teams and Direct Messages options allow users to decide whether or not other Twitter users can add them to a team, receive Direct Messages from anyone on the platform, and to control message read receipt notifications.

 
 

B) Safety

The Safety subsection displayed under the “Privacy and Safety” header consists of two topics: Search and Tweet media. Search gives users the option to hide sensitive content from Twitter search results as well as the option to eliminate blocked user accounts from search results. Tweet media allows users to control how sensitive content is displayed on their own Twitter feeds.

 
 

Your Twitter Data

To view this section, select “Settings and Privacy” and select “Your Twitter Data.” You will be prompted to enter your Twitter account password to confirm your identity as this section contains personal information such as your user ID, email address, phone number, gender, and age.

 
 

This section also includes information about devices currently logged into the account, as well as previously linked devices and account access history. It also displays “Places you’ve been” if you previously enabled the “Personalization and Data” option that allows Twitter to track you across different applications and websites. “Apps on your devices” displays data from other apps installed on the same devices you use to access Twitter.

 
 

The last section contains three topics: “Interests from Twitter,” “Interests from Partners,” and “Tailored Audiences.” “Interests from Twitter” displays a list of interests that Twitter has matched to users based on their profiles and activity. “Interests from Partners” is a list of audiences that Twitter’s partners will build around users’ shopping decisions, lifestyles, and other online and offline behaviors. “Tailored Audiences,” a list compiled from email lists or browsing behaviors, is used by advertisers to market their products and services to prospective customers. You can request the list of advertisers who have access to this data.

 
 

At the very bottom of this page, Twitter provides shortcuts to the previously mentioned collected data and another link for users to request the data that has been collected from, and associated with, their Twitter accounts.

 
 

 

Additional Resources:

  • Users can read Twitter’s Privacy Policy to learn more about how their data is collected and shared.
  • More information about public and protected Tweets is available here.
  • To learn how Twitter utilizes user data to personalize user experience across multiple devices, visit their guide here.
  • For information about geolocation, visit the Tweet location FAQs page.
  • More information about Twitter’s app graph is available here.
  • Twitter provides additional information about account security and privacy here.

The NJCCIC recommends all Facebook users regularly perform a security audit on their accounts to prevent unauthorized access, external account compromise, and the theft and misuse of personal and potentially sensitive data.