Oh, Twitter. You’re so funny.
Remember the Twitter impersonator incident from 2014? Since then, every once in a while, I report harassment or impersonation of me on Twitter just to see what will happen. (Yes, there are impersonators. Which somewhat mystifies me, but at least one of them is a stalker, so…yeah. Anyway.) When I report harassment, exactly nothing beyond a form reply rejecting my complaint happens.
When reporting impersonation, however, the form letter comes with a demand for something very specific: a readable picture of my driver’s license or passport.
Twitter’s insistence on this particular piece of information–state-issued photo ID–is perplexing in more ways than one. Ever since 2014, they’ve been asking me for it. I write back explaining why I won’t be sending one, and giving links to my website, my official FB, my verified Amazon Author pages, my Goodreads page, all clearly sporting links to my Twitter account. Since I wouldn’t turn over a scan or fax of my sensitive personal information because their implied handling of such data in 2014 was questionable at best and they have not actively sought to regain my trust since, they issue a form rejection of my complaint, and when I respond to the form rejection with another explanation, I get back a form letter saying the support case is closed and further replies will be sent to to an unmonitored address.
Charming, isn’t it?
Now, when they opened up verification a little while ago, I figured I’d try it out, just to see if the horrendous parts of the process had been fixed. I figured I’d play at least part of the game, however, and sent in the links to my website, my Amazon Author pages, my Goodreads author page and Facebook fan page–you get the idea–all with clear links to my Twitter profile, and, bonus, a scan of my driver’s license with the number, my birthdate, and my address blacked out. I held out no great hope.
Well, on August 8th I received a form letter rejection, and when I wrote back asking how my profile/bio didn’t meet the requirements for verification, the email bounced. It wasn’t quite as classy as the unmonitored email address ploy, but perhaps they were losing patience with my gadfly self.
Imagine my surprise when, after a very clear rejection, this landed in my inbox earlier today:
FROM: Twitter Support
Case#*REDACTED* RE: Verification Request for @lilithsaintcrow
We received your request to verify @lilithsaintcrow.
We need to confirm the identity of the account owner in order to further investigate this request. Please provide a copy of their valid photo ID (e.g. driver’s license or passport) within 48 hours of receiving this email.
If the legal name does not match the stage/artist name, please include a letter from the management company stating the following:
The legal name stated on the official identification provided is the authorized account holder of @lilithsaintcrow.
Please scan and upload the required documentation using the following link:
We must be able to see the full name and photo, so please try to send a legible copy. This information will be kept confidential, and will be deleted once we have used it to confirm their identity.
Reply to this email to let us know once you’ve uploaded the documentation. We appreciate your patience and cooperation in this matter.
Twitter, Inc. 1355 Market Street, Suite 900 San Francisco, CA 94103
I’ve redacted the link, case number, and reference number above for obvious reasons.
So, just to get this straight, they rejected my verification request outright, bounced my request for further explanation, and are STILL, after all this, determined to get their hands on my driver’s license. They do say the information will be kept confidential, yet how can I trust their policies won’t be changed in the future? “Will be deleted” once you’ve used it to confirm? Why not just spend the two seconds to google me or for God’s sake, READ THE REPLIES AND THE APPLICATION I SENT YOU? Wouldn’t that be easier than me sending personal, sensitive information to a company that exists to sell user’s eyeballs to the highest bidder?
I mean, yes, Twitter is convenient as all get-out and it’s really great for interacting with fans, and it’s ubiquitous right now, but let’s not think this service is offered out of the goodness of any Silicon Valley bro’s heart, okay?
However, being just enough of a contrarian, and being just irritated enough, to try again for the purposes of blogging about the whole damn thing, I sent a reply. Here it is:
As I have told Twitter multiple times, this is unnecessary and somewhat insulting, especially after I was impersonated on Twitter in back in 2014. (I wrote about it here: Then, I was told that harassers and impersonators could gain access to whatever information I gave Twitter. Your assurance that the data will be deleted is not sufficient for me to risk my safety or the safety of my family.
I am a New York Times Bestselling author. Here are (a few of the many) places where my official Twitter account is referenced and linked to:
My website: http://www.lilithsaintcrow.com
My Facebook and Facebook fan page: https://www.facebook.com/lilithsaintcrow https://www.facebook.com/pages/Lilith-Saintcrow/172118402032
My Goodreads page: https://www.goodreads.com/author/show/131208.Lilith_Saintcrow
My Amazon Author Pages: http://www.amazon.com/-/e/B002BLOSOU http://www.amazon.com/Lili-St.-Crow/e/B002TN3418/ref=ntt_athr_dp_pel_1
However, I am fully expecting to receive another form letter rejecting me for verification, like the one I received a few weeks ago (on August 8, to be precise) when I initially requested verification. I have no idea why you are asking for sensitive personal information again after initially rejecting me and ignoring my request for further information about said rejection.
I added the NYT Bestselling thing because my agent tells me it shows I’m Serious.
Now, why am I bothering, especially since I might not even take verification when offered? Because this has irritated the bejesus out of me. Twitter is a complete and utter mess when it comes to dealing with harassment, despite Randi Lee Harper’s clear, cheap, and effective fixes, which she’s offered for free. Also, their insistence on getting hold of critical personal information about me is thought-provoking, to say the least. Why are they so set on gaining this information? What happens to it when their policies change?
Someone remarked to me that the company Just Doesn’t Get It, “it” being harassment. I don’t think that’s strictly true. I think they get it, but it’s not profitable to care. So, Twitter doesn’t.
*gets out the popcorn* I’ll probably get another form letter in response.
I can hardly wait.
ETA: Well, I didn’t have to wait long. Another form email, exactly the same as the one above, landed in my inbox at 5:23pm. *gets more popcorn*
ETA 8/25/16: I just received this email back from Twitter Support.
FROM: Twitter Support
Case#*REDACTED* RE: Verification Request for @lilithsaintcrow
Thanks for the followup email. Unfortunately, we are unable to verify you if you are unable to provide the required documentation. Thank you for understanding.
WELL. THERE IT IS THEN. *melts more butter* *screeches with laughter* I wrote back. Of course I did.
So, you mean to say that despite my concerns about stalking, harassment, and impersonation, and despite the fact that you can verify that @lilithsaintcrow is my official Twitter account by a few moments spent on my website, my verified Amazon Author page, and my official Facebook, despite the fact that this email address is clearly my official one, you cannot “verify” me unless I hand over sensitive personal data I cannot trust you to guard responsibly due to your track record? This is what you’re saying. If there’s another explanation, please, enlighten me.
I see two options here. Either Twitter wants my driver’s license information because they plan to monetize it in some fashion later down the line, OR they don’t have the staff to run verification properly, which means they don’t have enough staff to handle the data properly. What happens when they’re hacked? They say they delete the information just after they use it, but really? Once it’s on their servers, I’m just supposed to trust them? Especially when they were very clear back in 2014 that they reserved the right to share a scan of my driver’s license with someone I had reason to believe was a stalker who had already threatened me? Neither of these options induce me to a great deal of confidence.
So. No blue ticky-check for me. I’m not even sure I’d take it, were they to suddenly pay attention and offer one. Marginalized folks, and people at risk of harassment, or people who are ALREADY being harassed, are not served well by this, and I would caution them to reconsider verification. Either it’s a data grab, or they don’t have the staff to keep that sensitive data safe. I don’t want to risk it, I won’t give out information that can possibly impact the safety of my family, and I really, really urge everyone considering verification to think about this.