Twitter paid $7 million to former security chief Peiter Zatko before he filed a whistleblower complaint against the company. A judge has ruled that Zatko’s allegations can be part of Elon Musk’s defense in his legal battle with Twitter.
Zatko alleges the social media giant covered up known security issues and used weak safeguarding measures to protect its users’ sensitive data.
The settlement between Zatko and Twitter occurred before Zatko filed his whistleblower complaint in July and concerned Zatko’s lost compensation after being fired from the company in January. It contained a nondisclosure agreement restricting him from speaking poorly about the company or releasing information about his time as cybersecurity head at Twitter.
The settlement contained a clause that allows him to speak at congressional hearings and governmental whistleblower complaints, as many NDAs do.
On Tuesday, Zatko will testify before the U.S. Senate Judiciary Committee about his knowledge of the security flaws in Twitter’s infrastructure. Zatko claims that he “uncovered extreme, egregious deficiencies by Twitter in every area of his mandate.”
Employees had access to integral company software, which led to the “commandeering of accounts” held by high-profile figures. Several heads of state, government officials and well-known celebrities have long used the website to communicate with the public.
Since July, Musk has been trying to back out of his deal to buy the company for $44 billion. Twitter has begun a legal battle against him, citing Musk’s bad faith in breaching his contract with the company. In a 62-page legal document, Twitter documented Musk’s behavior throughout the ordeal with colorful language and photos of his many tweets regarding the acquisition.
“Having mounted a public spectacle to put Twitter in play and having proposed and then signed a seller-friendly merger agreement, Musk apparently believes that he—unlike every other party subject to Delaware contract law—is free to change his mind, trash the company, disrupt its operations, destroy stockholder value and walk away.”
Musk’s lawyers plan to use the information Zatko divulged about Twitter’s security vulnerabilities as a central part of their case. Twitter’s shareholders will also cast votes on Musk’s takeover of the company Tuesday.
Musk’s defense to back out of the acquisition is that the company did not disclose the number of bots its userbase contains, tweeting, “Twitter deal temporarily on hold pending details supporting calculation that spam/fake accounts do indeed represent less than 5% of users.”
The timeline of Musk’s tech deal with Twitter is erratic and turbulent. The lawsuit document cites many of Musk’s posted memes and tweets, which Twitter’s legal team will use to show how Musk treated the process as an “elaborate joke.” At one point, he responded to a Twitter thread by Twitter’s CEO Parag Agarwal, which explains Twitter’s handling of spam accounts, with a “poop emoji.”
On April 4, Musk was revealed to be Twitter’s largest shareholder at 9% of the company’s shares.
On April 5, CEO Parag Agarwal announced that Musk would join Twitter’s board of directors with the agreement that Musk could not acquire more than 15% of shares before 2024. Musk had been purchasing shares since January.
On April 10, Agarwal revealed that Musk would no longer be joining the board.
On April 14, Musk offered to buy the remaining Twitter shares for $41.4 billion. In response to this, Twitter adopted a “poison-pill strategy,” which allows other shareholders to buy more shares at a discounted rate if a person or entity purchases more than a certain percentage of common stock without the board’s approval. It is used to prevent a company takeover by a hostile buyer.
On April 25, Twitter agreed to sell itself to Musk for $44 billion.
On May 13, Musk tweeted that the deal was temporarily on hold, citing his concerns about spam accounts. Shares of the company immediately plummeted.
On July 8, Musk tried to terminate the acquisition agreement.
On July 12, Twitter sued Musk for failing to meet contractual obligations.
Zatko’s complaint supports Musk’s allegations about the percentage of bots the website’s user base contains.
“There are many millions of active accounts that are not considered “mDAU,” either because they are spam bots or because Twitter does not believe it can monetize them. These millions of non-mDAU accounts are part of the median user’s experience on the platform. And for this vast set of non-mDAU active accounts, Musk is correct: Twitter executives have little or no personal incentive to accurately “detect” or measure the prevalence of spam bots.”
Twitter believes that Musk started to back out of the deal when Tesla stocks began to decline due to stock market trends. Most of Musk’s wealth is not liquid, and he was planning to finance most of the deal with Twitter using Tesla stock.