Home News Twitter’s Latest Feature “Tip Jar” Draws Privacy Concerns

Twitter’s Latest Feature “Tip Jar” Draws Privacy Concerns

The privacy issue found was at the third party’s (PayPal) end. However, Twitter missed clarifying this in its tipping prompt and Help Center.

SHARE
Twitter’s Tip Jar privacy issue, Irish Data Regulator Fines Twitter $547K for 2019 Data Breach, the twitter data breach, the twitter hack
Read Aloud

On May 6, Twitter added a new feature, the Tip Jar. The intent behind this innovation, as Twitter says, “is to support voices of creators, journalists, experts, and nonprofits.” However, within hours of the launch, security experts raised concerns over the privacy of people sending the tips, which according to Twitter’s policies seemed like a violation.

What is Twitter’s Tip Jar

Tip Jar allows the Twitterati to generate an additional income source directly via the social media platform. It is a new way of sending and receiving tips so that people can support each other not only in terms of Follows, Retweets, and Likes but even monetarily.

 How to enable Twitter’s Tip Jar? 

Setting up the Tip Jar feature is just a matter of few clicks. Follow these simple steps:

  • Go to the Edit Profile
  • Switch On the “Tip Jar” setting.
  • Toggle and activate Allow Tips. This will display a list of all payment services and platforms available for setting up your tip receiving account.
  • Select one or multiple services and add a $Cashtag.
  • Once done, the Tip Jar account for your profile is successfully set up and a small button appears on the profile next to the “Follow” button.

 How to send a tip using Tip Jar? 

Users can send or donate a tip using Tip Jar by:

  • Click on the Tip Jar
  • Select the payment service which you want to send money from (eg. Bandcamp, Cash App, Patreon, PayPal, and Venmo. Additionally, on Android, tips can also be sent using Spaces).
  • Once selected, a Tip Jar prompt appears indicating that the tipper will be redirected to a third-party service outside the platform. Click Continue.
  • Go to the platform and complete your payment.

Twitter’s Tip Jar Privacy Issue

Though Twitter seems to have nailed this function, some privacy advocates stated that it was exposing the tipper’s identity under certain scenarios.

Problem 1: Security researcher Rachel Tobac found out that while sending someone money via PayPal, it revealed the receiver her home address.

Problem 2: Former Federal Trade Commission chief technologist, Ashkan Soltani, also dug deeper and found that using PayPal for the Tip Jar not just revealed users’ addresses but even their email addresses, although no transaction took place.

Following these discoveries, Twitter quickly worked around the problem and noticed that the privacy issue was not at their end but the third party i.e. at PayPal’s end. After working out the permutations, they decided that they cannot change PayPal’s functionality but update its notification process. Twitter’s support handle backed this by tweeting,

“We’re updating our tipping prompt and Help Center to make it clearer that other apps may share info between people sending/receiving tips, per their terms.”

The Real Problem

On the other hand, PayPal, in its terms and conditions, has already mentioned under which scenarios will the receiver get the address in the receipt. When people are receiving payments through the platform, they need to either select a “goods and services” or “friends and family” payment. In the case of the former, their address is shared, and in the other case, it is not.

At this point, these Tip Jar privacy issues are still limited to a smaller subset of Twitter’s worldwide users because it has only been made available to “Twitter in English.” Thus, expect Twitter to work overtime before its wider roll-out.

Related News:

How to Report and Regain Access to Your Hacked Twitter Account