By Dustin Volz
(Reuters) – Twitter Inc faced questions on Friday about its approach to internal security after a company employee briefly deactivated U.S. President Donald Trump’s account.
The 11-minute blackout of the @realDonaldTrump account late on Thursday drew widespread attention to the microblogging site.
Trump frequently uses Twitter to announce policy, assail his adversaries and to tangle with countries, including North Korea, over world affairs. Some users voiced fears that future employee interference or technology glitches involving Trump’s account could threaten national security.
The incident also came as Twitter grapples with overall criticism of its handling of account suspensions, user abuse and ever-changing terms of service.
Twitter said in a tweet on Friday: “We have implemented safeguards to prevent this from happening again. We won’t be able to share all details about our internal investigation or updates to our security measures, but we take this seriously and our teams are on it.”
A company representative declined to answer questions including how many employees can suspend an account or what special protections there are for high-profile users like Trump.
Trump was back on Twitter soon after the account was restored, and the employee did not send or alter any tweets.
Cyber security experts had previously speculated Twitter could have installed special protections on Trump’s account, such as the ability to only access it from certain devices.
“We have learned that this was done by a Twitter customer-support employee who did this on the employee’s last day. We are conducting a full internal review,” Twitter said in a tweet late on Thursday.
“We are continuing to investigate and are taking steps to prevent this from happening again,” the company said in an earlier tweet.
Reuters could not determine how many Twitter employees had the authority to delete accounts or if any had the ability to tamper with them in other ways, such as by sending bogus tweets.
“In all seriousness: We need accountability for social media sites,” Ken Meyer, who served as digital director for former Vice President Joe Biden, tweeted. “Lone employees shouldn’t be able to change statements from the President.”
Speaking on condition of anonymity, a former Twitter employee said it was unlikely a worker with suspension privileges would also be able to hijack an account to send out messages.
“Different types of access,” the former employee said. “I’m not sure anyone at Twitter can tweet from someone else’s account.”
Another person familiar with Twitter operations, speaking on condition of anonymity, said employees currently cannot post from a user’s account, change or even view a user’s password, which is encrypted.
Joseph Lorenzo Hall, chief technologist at the nonprofit Center for Democracy and Technology, said the suspension reflected a need for Twitter to be more transparent about its ability to control accounts but also demonstrated the perils of a head of state relying on digital technology as a primary mode of communication.
“It would be nice to rely on older forms of policy communication with solid foundations,” he said, adding that Twitter should require two-person controls for certain high-profile accounts.
The New York Times on Friday reported the rogue employee was in fact a contractor, citing two anonymous sources familiar with the incident.
Twitter and other tech companies have ramped up their reliance on contractors due to pressure to respond more quickly and thoroughly to content violations.
While the companies “are desperately reliant upon human nuance and sophistication for decision making, human will is quite a risk,” Sarah Roberts, a UCLA professor who studies such contractors, said in a tweet. “Ain’t that a bind?”
The company on Friday separately announced minor updates to its rules, including more clarity on what actions could result in an account suspension. It was the latest in a string of iterative changes amid criticism the platform too slowly and inconsistently responds to abuse.
Twitter shares were up 1.9 percent in afternoon trading.
Trump, who has nearly 42 million Twitter followers, responded to the temporary loss of his account by boasting about his wide reach on the service.
“My Twitter account was taken down for 11 minutes by a rogue employee,” Trump said on Twitter early on Friday. “I guess the word must finally be getting out-and having an impact.”
He has used Twitter to attack opponents and promote his policies, both during the 2016 presidential campaign and since taking office in January.
Thursday’s incident also raised questions about how Twitter secures the official @potus presidential account and other accounts that could potentially influence world events.
Technology companies including Twitter are, meanwhile, under attack from U.S. lawmakers for failing to stem the spread of Russian propaganda and misinformation on their platforms.
Twitter in particular has long been criticized for not doing enough to police its platform and respond to complaints of harassment.
Though the temporary deletion of the Trump account sparked a flood of criticism from Twitter users, many of the president’s critics also said they were happy to see the account disabled.
In 2013, hackers took control of the main account for the Associated Press and tweeted that explosions at the White House had injured then-President Barack Obama, causing stocks to briefly plunge.
(Reporting by Dustin Volz and David Ingram; Additional reporting by Shalini Nagarajan, Jonathan Weber and Jeffrey Dastin; Editing by Meredith Mazzilli and Bernadette Baum)