Twitter's had a bad couple of weeks.
First, the Boston marathon bombings and subsequent manhunt led many (including me) to question the role of fast-moving, potentially inaccurate real-time Twitter reporting and its effect on mainstream news.
Then today, a false tweet from a hacked Associated Press Twitter account claimed that the White House had been bombed and that President Obama had been injured. The news caused a sudden plunge in the stock market (and, one can probably assume, some massive profit-taking by the hackers).
Twitter has always had an accuracy problem. It's a lot of voices, its information flows quickly, and in all fairness it was never meant to be a medium for reliable delivery of news. But we may be reaching a tipping point where Twitter starts to face actual legal scrutiny or even lawsuits if it can't take steps to ensure the security of its accounts, if not the accuracy of its information.
By law, Twitter is very well protected in the U.S. from claims of defamation arising from misinformation published on the service. The Communications Decency Act of 1996 pretty well takes care of that; its section 230 means that ISPs or other service providers (for a notable example, forum hosts such as Reddit), can't be held liable for things that their users post via that service. So, for example, the family of missing Brown student Sunil Tripathi can't sue Twitter or Reddit for libel after mistaken claims that he was connected to the marathon bombings. (Side note: in the modern world, libel is dead.)
But although Section 230 has served us well, if badly aimed tweets can lead to massive stock market drops, ruined lives, or other pain and suffering, financial or otherwise, don't be surprised if some lawmaker starts to take a harder look at the statute -- and that would be bad news for everyone.
In addition, today's AP feed hack caused a 145-point drop in the stock market that, despite a quick recovery, has securities analysts talking about whether the SEC should take steps to protect the security of the market from fast-moving, unverified information. That's too bad, because the SEC just this month stepped into the digital age, allowing U.S. companies to post earnings and other company announcements on Twitter (or Facebook), and those feeds can now be broadcast on Bloomberg data terminals.
That victory was hard fought, and took complaints by Netflix CEO Reed Hastings to prompt an investigation that led to the decision.
But if the SEC decides Twitter is a sufficiently insecure source of information, it may roll back approvals like that one or even levy other restrictions on traders and securities firms that could minimize the use of Twitter in the financial sector. Anything and anyone can be hacked: Reed Hastings' Twitter feed on a Bloomberg data terminal just makes it a juicier target. If Twitter can't be trusted in the financial sector, it loses out on user growth, Dick Costolo's main focus. And if it loses out on user growth, it can't make money.
And aside from legal or regulatory concerns, there's user trust. Social media, at the end of the day, is all about the content. If Twitter's content can't be trusted, whether because it's easily hacked or because it's just plain dodgy, it becomes less important and less interesting as a source of news and information. Users may defect or just stop signing up -- and again, Twitter misses out on the chance to grow and eventually make money.
Twitter should start by stepping up security, immediately. When asked about improved password security measures like two-factor authentication, Twitter's responses have been vague, at best. It's time to change that, and offer better security. Period. Microsoft, Google, Apple, and Dropbox have all beaten it to the punch, and none of those companies has real-time services that can wreak as much havoc as Twitter.
And Twitter can't do much about its users sharing false information or tweeting broken news -- but it can, as Wired's Mat Honan and others have suggested, give users tools to retract or correct wrong information (ideally, with technology that could even retract automatic retweets). Take responsibility for your digital record, Twitter.
Twitter is or should be, like most of the Internet, in the "trust but verify" category. But it's creating a feedback loop that bypasses all verification and moves straight into damage mode. It's increasingly untrustworthy, and it's headed toward a tipping point of more noise than light. If it gets to that point, it's a problem for more than just users and the market and journalists. It's a problem for Twitter's business model. Twitter needs to prove that it takes its power seriously and operate accordingly, before it's replaced.