Twitter’s Lack of Transparency, Leadership
DH | Jan 05, 2009 | Comments 24
Twitter, the popular online mini-blogging service, is in serious, deep PR trouble that has the potential of cratering the online company’s value. It is all self-inflicted, I believe, due to the company’s own arrogance and lack of respect or understanding for transparency and openness.
I just returned home to D.C. after a series of lectures and consultations in Europe where I spoke of the value of using Twitter to, among other things, openly exchange news and information with people in countries that impose press restrictions. And, what do I find when the planes lands?!
Twitter users are being bombarded by malicious phishing messages enticing them to enter their @IDs so they can innocently be used to post more phony messages. I didn’t realize the magnitude of the problem until getting an email early today from David Meerman Scott, and reading his blog. Here’s an excerpt:
In my opinion, Twitter has not been communicating as well as it should be during this crisis. As I look at my friends feeds, nearly everyone is talking about this issue. Yet, Twitter has three feeble communications as of this writing.
1) Three tweets from the @twitter ID providing a bit of information.
2) A short post on the Twitter blog
3) A warning on the Twitter home page.
David also wrote about reading an interview with Biz Stone, head of Twitter, who turned down a $500 million offer to buy Twitter from Facebook. By a humorously cruel twist of fate, the interview appeared this past weekend, when the phishing problem began:
Stone’s interview seems a bit arrogant based on what was happening this weekend.
Many people rely on the Twitter service. Sure, it’s free and we get what we pay for. But if Biz Stone and his colleagues (and the VC firms backing the company) want a bigger payday than a half a billion, then they’ll need to manage this crisis better. Much better. Starting now.
I think Twitter should be doing more to inform users.
I’d suggest hourly updates on the Twitter blog. Maybe set up a new Twitter ID that can be the official place where people go. A YouTube video that you put on the Twitter homepage to inform people. Whatever. But you’ve got to do more than you’re doing.
The Design for Users blog has an excellent post on this subject called Communicate, Inform, Address Users When Things Go Wrong Online.
What do I believe Twitter should do to handle this crisis?
- Seek the help and counsel of Twitter’s most frequent and skilled users, who also happen to be very smart people.
- Openly and prominently warn Twitter users of the problem, and ask users to send solutions to a special email address (Twitter, the company, is currently very insular).
- List what Twitter users can do to avoid phishing.
- Publicly and opening admit the problem and list steps being taken to find a fix.
- Not hire a big PR company because, chances are, they don’t know what Twitter is and will only make matters worse … in the interest of maximizing billable hours.
- Humbly ask Facebook for help.
Filed Under: Blogging • Featured • Public Relations • Strategic Communications
David, although I do not seem to have been affected by this yet, I am a devoted Twitter user and want the service to improve. Your post is informative and it is awesome that you provide suggestions for solutions. Great post.
@Bryan Eye,
Bryan,
Actually, hats-off to David Meerman Scott for alerting all of us to the seriousness of this issue which can erode Twitter’s credibility.
Appreciate your words.
David
I think the criticism expressed here is a bit harsh and excessive. Microsoft recently exposed practically everyone on the planet to a much worse threat due to a security flaw in Internet Explorer that could enable a phishing attack to successfully gain access to a person’s bank account. The threat on Twitter is only access to a person’s Twitter account, which is basically annoying at its worst. Twitter took faster and more reasonable steps than Microsoft did, but where was the harsh criticism that Microsoft so richly deserved? Hmmmmm.
@Robert Morrison,
I, respectfully, do not agree. I am addressing Twitter’s lack of professional response to a serious problem that can undermine the credibility of everyone on the service. I am not comparing it with Microsoft, which is an inaccurate comparison. Twitter’s so-called response is amateurish and pedestrian.
David
@Robert Morrison,
Let’s discuss over coffee next time I am in Prague.
David
@DH, I think your expectations from Twitter and its founders are maybe a little high, they certainly haven’t endangered anyone like Microsoft did. And I would expect a professional and honest response from Microsoft, which wasn’t forthcoming, even though the problem was entirely caused by them. Twitter did not cause the phishing problem, and there is no way to guard against a malicious link other than to ban links entirely, which would cripple Twitter, don’t you think? The best they could do was inform people, which they did, and this is more than Microsoft did (their public statement was misleading). THe comparison is justified, since you are talking about the company’s value. I don’t think Twitter’s value should (or will) “crater” because of a stunt pulled by someone external to Twitter. This clever phishing threat was not Twitter’s fault, really. Ask Citicorp about how easy it is to phish in e-mails for account, if you don’t like the Microsoft comparison. Is Citicorp responsible? And Citicorp didn’t even inform me of these phishing attacks until I had already received many of the e-mails trying to get my account info. Caveat emptor in all cases, but in the case of Twitter the service is free, so “freeloader beware” is maybe more appropriate. In any case I look forward to that coffee with you someday in Prague, I’m sure it will be an interesting discussion, so thanks!
@Robert Morrison,
I do not believe you have witnessed or understand the destructive power of adverse publicity. Microsoft can weather such a storm; Twitter cannot.
@DH, Quite the opposite, I have felt adverse publicity on my own skin and as a co-founder in a pan-European startup, too! So you can believe it, now. But that’s really the subtext of my comments, don’t you think? I’m pointing out that what happened on Twitter today is not Twitter’s fault, so they shouldn’t be beaten up quite so badly over it. I’ve been on Twitter for a while now, and consequently I have more followers than 99% of the community, so I’ve had lots of interaction with their technical staff, who react very quickly to things that are in fact “their fault”, which this phishing incident wasn’t. So beating them up for something that wasn’t their fault is not only bad publicity, but completely unfair publicity. It’s my opinion, and an expert one at that. You don’t have to agree with it, so call it a “rebuttal”, if you will. Hopefully, not an arrogant one, either.
@Robert Morrison,
Let me just say that I love Twitter. But an issue like this illustrates that the company’s management, while brilliant with dreaming up online technology, are novices with handling crisis communications. A tiny warning box on the site is not enough.
Twitter could get past this, and achieve applause and outstanding media coverage were they simply to be more enlightened about handling such challenges.
By comparison, would Steve Jobs behave this way? Absolutely not! Neither should the CEO of Twitter.
David
@DH,
Bad example, David, Steve Jobs is so quixotic that it’s difficult to say how he would behave. Most would probably say “badly”, based on his recent behavior. He’s even abandoned Macworld, for goodness sake, and he also leaves everyone wondering now what the heck is going on health-wise, but unlike Castro, he’s got a bunch of investors with money riding on this.
Also, Twitter is not Union Carbide, and the phishing stunt that the jerk-off (through NO fault of Twitter) pulled today was just that, a “stunt”, relatively harmless, and not a lethal airborne toxic event that killed thousands, so does Twitter really need such advanced “crisis management”? I don’t think so…
Anyway, I still think all this criticism is too harsh. After all, Twitter is a free micro-blogging platform already well-known for its quirkiness because of the technical problems involved with scaling to the level of messages it handles daily. Twitter has been dealing with this problem admirably, if you understand the underlying weaknesses of the original software (you can Google for articles about this).
I even think it would have been quite weird and inappropriate for Twitter management to make a bigger deal out of this, since it was nothing that they could predict, control, or even fix. It’s simply NOT a Twitter problem. And they DID warn people, and right where everyone can see the warning, in red below the text input box directly on the site.
So maybe give the guys a break and criticize the real culprit, the jerk-off who is responsible for the actual phishing stunt?
Seriously, anyone who falls for this deserves it. How dumb can you be? I received a Phish e-mail. But not being a complete moron, I realized what it was. Mass stupidity is not Twitter’s fault.
I’m not being snarky here, but how is the phishing attack that happened on Twitter any different than when somebody’s email has been either spoofed or had their password compromised and phish attacks have gone out from that? There weren’t any compromised api’s, that I’m aware of. And as to the social phishing, this is a problem that everybody (not just twitter) should be talking about. Just because it looks like it is coming from a friend, doesn’t mean that it is actually your friend on the other end. Just my 2 cents worth.
This is certainly a big problem to have. But also keep in mind that all great log-in-based sites are being targeted by this scam. Salesforce.com has put a few very stringent security measures in place to address this.
From what I have seen, twitter’s management style is laissez-faire. I believe it is exactly this that has helped twitter stay exactly what it is. Twitter has never been huge on making big and potentially harmful decisions. The way they have handled this phishing issue is in line with their everyday behavior. That said, I think there is no such thing as being too safe when it comes to private information. So why doesn’t twitter manage this differently? I think its because the average twitter user is an above average social media user who is, mostly likely, on a different level when it comes to internet savvyness. So in defend of twitter: their response to this risk is to be expected. I think many users will agree. Although, I must admit, it is a tough cookie to swallow.
PS: I just thought about this; everyone is talking about these news. Isn’t that the most powerful way of communicating awareness? My .02.
PC
The fundamental issue here is one of credibility … trust. Twitter’s management has, in my opinion, failed to respond expeditiously to a threat to the credibility of Twitter as a channel for communications and news. They have failed at corporate leadership, from my perspective.
DH
@DH, They did, and the recovery may not be an easy one here.
The genius of Twitter is in its simplicity and eloquence. However, when a complex problem (crisis) hits home, it should be treated in a more thought-through way. Did they have a crisis preparedness plan at all?
@Geno Prussakov,
Geno,
Appreciate you taking the time to comment and really like your blog, http://www.amnavigator.com/blog/.
If Twitter’s management had any blush of a crisis plan (which I doubt), it failed at staying ahead of the crisis. The company should be out in front of the discussion at this moment. It’s not a time to hunker down and hope it will go away because only openness and transparency in leadership will help now to rebuild Twitter’s reputation.
David
David,
Thank you for your reply. Your blog post, together with all the other ones I’ve been reading over the past few days, has encouraged me to devote the today’s post in my blog to the topic of preparedness of crisis.
BTW, I am also based in the DC area. It’d been good to meet for a coffee one day.
Geno
Good discussions here David. At many of my keynotes and my discussions with executives, people ask questions more or less like: “is Twitter a viable platform for business?”
I always say “YES!” (and I still will say yes). However, an issue like the mass phishing undermines my hope that more corprates will adopt Twitter. It is too easy for people to say “It is not safe”.
If Twitter management helped its biggest fans (people like me and you, David) to keep supporting them by being more open and communicative, it would be valuable for them.
@David Meerman Scott,
Thank you, David. Appreciate you weighing in. As someone noted on Twitter, the service – even though it brought important news on the Mumbai situation last month – is still in its infancy and still fragile. Twitter management, clearly visionary from a technology standpoint, now has a responsibility to the reputation and credibility of the service in order to assure its viable growth into the future. I believe they have fallen down on the job in this area.
David
@DH,
David,
Just let me add that you are correct … we have both handled situations like this and, you are correct, unquestionably could turn a problem into praise and applause for Twitter’s management within hours.
David
When musing over this post, I asked myself in who I found authority and responsibility for Twitter. Social media is user-led and the community holds responsibility to help fix, uncover, and end problems in its community.
There is a responsibility for programmers to respond to user alerts and requests to block spam accounts, fix security leaks and update us on this progress. But I find that more people follow @kevinrose or @chrisbrogan than @twitter, and news is spread faster from these sources. Also, it is our community – we should be the ones alerting others of the possibility of phishing. I think Twitter should be held accountable as a tool – if we can utilize Twitter staff to help end a problem in our community then Twitter is doing its job.
@hidama,
Sarah,
Thank you for these superb comments. I, myself, keep comparing Twitter with any online responsible news or information resource, seeking a measure of responsible leadership behavior. Maybe I have simply looked too high, which is sometimes the case among visionary founders.
David
[...] it should have been, and (c) there has been an obvious lack of transparency and leadership [see David Henderson’s blog] are telling me that one of the main Twitter’s vulnerabilities is that they do not have a [...]
David,
You mean you want the same Facebook, that has watched a hacker push the Koobface virus turning thousands of computers into “zombie” bots rendering them useless to their unsuspecting owners, to be an adviser to Twitter?
Facebook fell down in a big way in dealing with this extremely brutal virus. The warnings and the so called “fixes” fell woefully short.
As for Twitter’s Biz Stone being arrogant, I can’t speak to that point. It may be true and it may not be true. This much I do understand. If an entrepreneur creates one of the most vital tools in Social Media history, to date, it is not easy to sell that invention. No matter what the price, if you have a personal stake you want to move your “project” forward.
In my opinion, $500m is far short of Twitter’s potential value in the market.
Finally I agree that Twitter should have and could have done more to warn people of the phishing problem(s).
In my opinion if they need to fix anything it would be to create a more vibrant internal search engine.