The issue caused the Twitter for Android app to disable the “Protect your Tweets” setting for some Android users who made changes to their account settings, such as changing the email address associated with their account, between November 3rd, 2014 and January 14th, 2019.
Although Twitter says that they have fixed the bug and started notifying the affected users, and also turned the setting back on for them. But Twitter recommends its users to do a cross-check of their privacy setting to make sure it reflects the desired preference.
However, the iOS and Web users were not affected by the flaw. Twitter has not disclosed how many Android users were affected.
Fortune reported that Twitter is now facing a new privacy investigation for the protected tweets security flaw by the Irish Data Protection Commission (DPC). Failure to improve its privacy practices would cost the company a hefty EU privacy fine, which, under GDPR, would be 4 percent of the company’s annual revenue. Moreover, we like to mention that Twitter is already been under EU investigation for its data-collection issues under the new General Data Protection Regulation (GDPR) rules, and now one more user's privacy concerns issues came up.