How to keep Twitter alive

How to keep Twitter alive
Fred Arndt

Twitter is in the woods. The company’s latest quarterly results, leaked ahead of schedule by a little known data miner called Selerity hours before the market’s closing bell, were, to put in mildly, terrible. Twitter registered lower than expected figures, investors jittered, and its stock price went down by a whopping 25% in one day. As the earning results showed, even with 300 million active users and a renewed ad targeting model, the social network’s bottom line is still more than a hundred million dollars in the red.

Thus far, Twitter’s business model has proven to be fairly successful at losing money. Unlike Facebook’s privacy dissolving terms of service, Twitter has consistently come up short in gathering sufficient metadata on its user base to monetise it and subsequently increase revenue flows. However this will likely change since Twitter is a publicly traded company that depends on the whim of investors to stay afloat. The company is bound to accelerate efforts to tap into the habits of its consumers and deliver the “right ad at the right time” for the right user.

Explaining its failures, Twitter said its new direct response ads, intended to encourage actions such as clicking on a link to an advertiser’s website, did not produce the revenue expected. Before business analysts go on a rampage about how the San Francisco-based social network should go about “monetising” its user base through better metadata collection, here’s a thing to consider: is there any value left in respecting a user’s privacy and security?

Let’s start from a simple fact: short of introducing highly unpopular subscription fees, customers’ data is the single most precious resource a free Internet service has at its disposal to make money. As the treasure trove of data grows, so does the need to protect it. Why? For one, you cannot monetise something that is not securely stored on your company’s server and secondly, any serious security breaches will automatically make users leave the service in droves. Business analysts, often oblivious to this simple equation, have aggressively pushed that Twitter should use the data it has on users in more imaginative ways by, say, analysing tweets and selling the data to government agencies.

For example, Twitter caused a media backlash when it was revealed that its iOS mobile app reported and saved all the apps installed on a user’s device. One Forbes columnist emphatically opposed Twitter’s plans, arguing that the social network has become “data greedy […] it wants to know absolutely every possible scrap of information about you” and that “I'll fight this sort of thing with every breath in my body”.

Indeed, many analysts miss this simple point about privacy and ignore the delicate balance that exists between a user’s desire to use a (free) service and the amount of personal data one is willing to share with the service provider. Consumers are increasingly concerned about their privacy and increasingly jittery at the idea that their private data could end up in the wrong hands. As Daniel Burrus correctly pointed out over at Wired, companies (and especially social networks) should start from a very simple question, “What are you doing to assure your customers that you’re acting in their best interests with the data you collect on them?” To which I would dare add, “How are you securing your users’ data?”

Even if Facebook’s and Twitter’s user data servers have so far escaped any hacking attempts – although Facebook was recently a target of a highly sophisticated attack – many other companies have had to admit to embarrassing breaches. Slack, Kickstarter, eBay, Sony Playstation, Xbox, UPS, Ubisoft, Stratfor are just some of the names that have fallen prey to hackers in recent times.

Indeed, business analysts would be wise to pay attention to cyber security issues when putting in their two cents on how Twitter or Facebook should increase their “monetisation ratio”. Privacy-as-a-Service (PaaS), a set of security protocols for ensuring the privacy and lawfulness of user data stored in the cloud, is viewed more and more by consumers not as a nice extra but as an absolute necessity. Moreover, there is a growing trend among users to share less of their private data online and be increasingly mindful of the liberties companies take in regards to metadata collection. Indeed, according to a recent study, a full 92% of Internet users worry about their privacy online, and 74% have stated that they’re more worried than one year ago.

However, in the post-Heartbleed, post-Stuxnet era, the notion that the vast amounts of processed data stored in the cloud are hidden from prying eyes is nothing more than a fantasy. Encouraging social networks not only to increase their metadata collection capacities but also to devise smarter and better algorithms to process it, in the name of providing more bang for the advertisers’ buck is clearly a mistake. As the value of the metadata increases, it is only a matter of time before these servers will be breached. For its part, Twitter needs to change the way it thinks about generating revenue. A more security-oriented analyst would simply suggest sitting tight in the face of the latest quarterly results and do some more of that thinking outside the box that created “tweets” in the first place.

Fred Arndt is an IT security professional currently based in London, UK. He has worked in over a dozen countries during his career, including long stints in Taiwan and Germany.