Twittter is facing a new proposed class action accusing the company of violating user privacy. The lawsuit says the company has been "systematically intercepting, reading, and altering" direct messages, most likely a reference to Twitter's long-standing practice of automatically shortening and redirecting any in-message links. While the practice could be used to monitor or redirect any URLs included in a direct message, it's generally seen as a benign extension of the company's broader link-shortening systems. In a statement to USA Today, Twitter called the allegations "meritless."
The suit has yet to be approved for class-action status, but observers are taking it seriously, in part because the plaintiffs have retained Edelson PC, a firm known for taking on high-profile tech privacy suits. At the same time, the expectation of privacy surrounding direct messages on Twitter is still unclear. Direct messages are encrypted between user's phones and Twitter's central servers, but similar to Gmail, the company still has the ability to observe the messages off company servers. It's also unclear whether automated scanning counts as a meaningful invasion of privacy. Google faced a similar lawsuit last year over its ad-serving mechanism in Gmail, although the company settled before a meaningful precedent could be set.