After a full day of chaos on the timeline on Thursday evening, Elon Musk’s Twitter withheld new enrollments in its $8-a-month Blue subscription offer. Government officials, corporations and celebrities were widely impersonated, giving anyone the opportunity to put a verified badge on their account.
The resulting mayhem, which spawned memorable hoaxes from accounts misrepresenting itself as Eli Lilly, Tesla, Lockheed Martin, and others, pulled an advertiser and it was a common sense that the platform descended into chaos.
As the significance of all this began to register with Musk, he tweeted that satirical accounts should now include parodies in both his name and bio. But if any of the results came as a shock to Musk and his team, they can’t say they weren’t warned.
A few days before the launch on November 9, the company’s trust and safety team compiled a seven-page list of recommendations intended to help Musk avoid the most obvious and damaging consequences of his plans for Blue.
The document obtained by the platformer predicts some of the upcoming events with terrifying accuracy. Impersonation of world leaders, advertisers, brand partners, election officials and other high profile individuals” represents another P0 risk.
The team found that legacy verification provides an important clue in enforcing impersonation rules, the loss of which is likely to lead to an increase in the impersonation of high-profile accounts on Twitter. On November 1, when the document was circulated internally, Musk was considering a $99-per-year annual subscription to Blue.
Only later, after an online exchange with author Stephen King, did he lower the cost. The move increased the risk of scams, as the desire to mock brands and government officials became an impulsive buy at $8. The team also looked to remove the verified badge and associated privileges from high-profile users.
Unless they get paid with the increased risk of impersonation that will potentially put them off Twitter forever. Removing privileges and exemptions from legacy verified accounts can lead to confusion and loss of trust among high profile users.
We use health protection to manage the risk of false-positive actions on high-profile users, under the assumption that accounts are heavily scrutinized, they wrote. If that signal is removed we risk escalation and user flight as a result of higher rate limits such as false positives or loss of privileges.
The team identified several other vulnerabilities for which Twitter has yet to identify any solutions. For starters, there’s no automated way for the company to remove the Verified badge from user accounts. Considering that we will have a large number of legacy verified users (400K Twitter subscribers) on the platform.
We anticipate that if they decide not to pay for Blue, we will need to de-badge a large number of legacy verified accounts, this will require a high operational lift without the investment.