Home > Knowledge > Blog

Before You Fleet That Tweet: The Newest eDiscovery and Privacy Risk Direct From the Twitterverse

Nov 19, 2020

Level Legal’s Leigh Vickery blogs about Twitter’s new feature “Fleet,” and some of the privacy and harassment risks hidden in this ephemeral feature launched to compete with Instagram’s “stories.”

In a world of rapidly proliferating apps and data types, eDiscovery is always at risk of falling a step behind. Just when you think your company has appropriate data security and eDiscovery protocols for all the modern collaboration tools necessary in today’s work-from-anywhere environment, Twitter releases what may be―at least from an eDiscovery, data privacy, and cyberbullying perspective―the most ill-conceived user-facing feature a social network has ever released into production.

Twitter deployed the new feature, “Fleet,” on November 17, hoping to mimic the success of similar disappearing “stories” on Instagram and other social media platforms. Fleets are essentially Twitter conversations that disappear in 24 hours. The disappearing feature is meant to encourage collaborative, casual sharing of stories without the “pressure” of having a public, permanent conversation.

It looks like nobody at Twitter did their “If this, then what” homework revealing what can happen if you allow ephemeral thoughts, opinions, and stories to proliferate and then magically disappear―with zero thought to privacy for its users. It’s also relevant to point out that Twitter is Twitter, not Instagram, and it is sometimes used in very different contexts (think bullying vs. birthday parties).

Here are a few immediate things to know and pass along to your compliance team, IT department, HR director, employees, family―anyone for whom data and safety are serious professional concerns.

When someone “fleets a tweet” (creates and shares a story from their tweet or someone else’s):

  • You can see any private Twitter accounts that viewed it, and the author of the original tweet does not get notified.
  • You can add a comment or give an instruction, and the author is not notified.
  • You can embed and link site content directly without notifying the owner of the linked content.
  • You can tag accounts that have blocked you (or that you have blocked) in Twitter, and the tag will circumvent those blocks and direct those followers to your account.
  • And, if you react to someone’s Fleet, Twitter automatically creates a direct message between you and them, even if you do not follow or even know them. And yes, this includes photographs. Unsolicited, of course.

Why does this need your attention now? The most obvious use case for Fleet right now is to cause harm by facilitating harassment, bullying, and viral amplification of disinformation without consequence.

And then disappear.

There is currently no mechanism for a person, company, or government targeted by a Fleet “mob” to identify, capture, and understand where all of the bullying, harassment, or misinformation is actually coming from. Even worse, Twitter is mainstream enough that it might not be blacklisted as an ephemeral app in your company or government agency.

The most immediate step for organizations that are serious about information governance, privacy, and security is to configure security policies to disable Twitter and Fleet (by name) if you have not already. It seems likely Fleet will be returned to Twitter’s UX department for redesign, and to the company’s privacy and security engineers to rectify some initial design flaws that were somehow overlooked. But until then, it seems unwise to expose your organization to these very real risks.

The second step is to check with your eDiscovery and compliance partners. Did they know about and immediately solve this unfortunate development, or did you have to tell them?

Find out how Level Legal can make a difference for you and contact us today.

Leigh Vickery is the Chief Strategy and Innovation Officer for Level Legal. She approaches her work holistically, always connecting the client’s legal, technology, financial, and business goals with the ethical and cultural impacts throughout their ecosystem for a more comprehensive, innovative solution.

Explore More
Close Modal

Our Framework

Understand.

During this phase, we work to step away from any assumptions and guesses about what our customers needs, and let our research findings inform our decision-making. We learn more about our customers, their problems, wants, and needs, and the environment or context in which they will use the solution we offer.

Our Framework

Define.

During the Define phase, we analyze our research findings from the Understand phase and determine what is the most important problem to solve — and why. This step defines the goal. Then we can give a clear problem statement, describing what our customers’ needs are that we are trying to solve, making sure that we heard and defined their problem correctly.

Our Framework

Solve.

This phase is an important part of the discipline in our process. People often settle for the first solution, but the most obvious solution is often not the right one. During the Solve phase, we brainstorm collaboratively with multiple stakeholders to generate many unique solutions. We then analyze our potential solutions and make choices about which are the best to pursue based on learnings in the Understand phase.

Our Framework

Build & Test.

This phase is critical in developing the right solution to our customers’ problem. An organized approach to testing can help avoid rework and create exceptional outcomes. Starting small and testing the solution, we iterate quickly, before deploying solutions across the entire project.

Our Framework

Act.

During this phase, the hard work of prior phases comes to life in our customers’ best solution. The research, collaboration, and testing performed prior to project kick-off ensure optimal results.

Our Framework

Feedback.

At the project completion, we convene all stakeholders to discuss what went well, what could have been better, and how we might improve going forward. We call these meetings “Retrospectives,” and we perform them internally as a project team, and with our external customers. The Retrospective is one of the most powerful, meaningful tools in our framework.

Next