What is twitter.com?
The prevalence of twitter.com in our data is almost certainly due to its social buttons ("share" or "follow"), which feature on web pages across the internet. These appear to use web beacons.
What information is twitter.com tracking?
If you have an account with Twitter, you will have a cookie set on your browser providing a unique ID. This will also record if you are signed in to Twitter or not.
If you visit a page that uses Twitter social sharing, this cookie can be used by the social sharing buttons to identify your account.
If you interact with a Twitter share button, twitter.com will record log data such as your Twitter account ID, IP address, browser type, and the website you were on.
What is a bit unclear is how this data is used (if at all) in aggregate. It is also unclear what happens if a browser loads Twitter sharing buttons but is not logged in to Twitter or does not click any of the buttons.
How long is the data stored for?
If it's not deleted earlier, Twitter says it will delete log data – or will anonymise it (remove any common account identifiers, such as your username, full IP address, or email address) – after 18 months.
When a Twitter account is deleted, it will remain retrievable for 30 days (in case it was accidentally deactivated). After this, the account begins to be deleted; this can take up to a week.
Does Twitter circumvent privacy enhancing software?
No, Twitter says: "Some recent news coverage has focused on companies blocking privacy-enhancing software or circumventing privacy settings. We intend to do the opposite by building privacy enhancements into our products and policies."
Twitter has publicly announced plans to update its privacy guidelines after it was discovered in February that some iPhone applications had the ability to download and store the entire contents of your address book.
- Wall Street Journal article on tracking potential of sharing buttons
- Developer notes on the tweet button
- Developer notes on the follow button