Last week, Twitter implemented a series of policy changes including restricting how many tweets its users could read, requiring users to log into the platform to see content, and putting the popular TweetDeck application behind a paywall. The decisions have had far reaching implications for users on the platform, including those working in security and open source intelligence.
To shed light on these developments and their effects on corporate security, we sat down with Neil Spencer, Director of Market Strategy and Partnerships here at Liferaft Inc. In this short Q&A series, he delves into the details of Twitter's policy updates, explores the potential consequences for security professionals, and discusses alternative strategies to ensure comprehensive coverage in the face of these changes.
Robert Baillieul: What are the recent changes Twitter has made to its post limit and putting TweetDeck behind a paywall?
Neil Spencer: Twitter has limited the number of posts that a single user can see in a day. After some back and forth on Twitter, Elon Musk settled on the following tiers of access:
- Verified Accounts (Blue Check) 10,000 posts per day.
- Unverified 1000 posts per day
- New Accounts 500 posts per day
As of 4th July, Twitter has also stated that TweetDeck will only be available to verified accounts (subscriptions starting at $8 per month) in the next 30 days. Rate limits will also apply for the foreseeable future.
Robert: How will this impact users and security teams?
Neil: While it’s not the only source of value, Twitter has been the cornerstone of social media intelligence (SOCMINT) programs for years. With a global footprint and 450 million monthly active users, Twitter has been relied upon for identifying threats and growing trends before they impact business continuity.
If security teams rely on free tools such as TweetDeck, or utilizing a paid service that is not a subscriber to the Twitter Enterprise API, and, therefore reliant on scraped data, threats may be missed and trends not identified. Under the current restrictions, if a security team is utilizing TweetDeck with a verified account (as will soon be mandated), it will only be able to access 0.002% of the data generated daily.
Outside of security teams, other business partners, such as cyber security and marketing teams, utilize Twitter’s data for insights. These changes have broad ripples across an enterprise. If a security team is utilizing a product that Twitter’s changes have not impacted, this is an excellent opportunity to connect with its enterprise partners and understand if support can be given.
Robert: Are there any alternative social media monitoring tools or strategies that you recommend to ensure that coverage is adequate?
Neil: Social media monitoring tools that utilize Twitter’s enterprise API are not impacted by these changes. LifeRaft’s Navigator is one such product. It enables security teams to identify and verify threats across a number of mainstream and alternative social media platforms, deep and dark web sources. Of course, this includes complete coverage of Twitter.
Robert: Looking ahead, what trends or developments do you anticipate in the industry as a result of these new policies at Twitter?
Neil: Twitter has stated that these changes are only temporary. However, when and/or if full access will be returned is still being determined.
Furthermore, the landscape continues to fragment. Musk’s acquisition saw a shift of users from Twitter to alternative social media platforms such as Mastodon and Mewe. Meta has now announced the launch of Threads, the platform dubbed as being a ‘Twitter killer’.
Wherever the landscape may shift, Twitter remains an important part of the OSINT and SOCMINT puzzle. Security teams need to ensure that they have access to the best coverage across Twitter and beyond.