Guide to Accessing Twitter’s Security & Privacy Settings
Technical Guide
Original Release Date: 8/23/2022
The NJCCIC is providing this guide to help our members and website visitors manage their cyber risk and maintain the security and privacy of their information. This guide provides users with the steps needed to access and change privacy and security settings, as well as instructions on how to view the user data collected by Twitter. It has become increasingly important for users to be aware of the type of personal data being collected – and often sold – by these free online services.
Your Twitter archive:
- To review your settings, click on the small version of your profile picture, either located on the top left (mobile version) or top right (desktop version) of your screen, and then select “Settings and privacy.”
- When you get to the next screen and click the section labeled “Your Account,” there is a button labeled “Download an archive of your data.” This archive contains all the information that Twitter collected from you since you opened the associated account. If selected, Twitter will email you a link to download the archive after the request has been processed.
Your privacy and safety:
- To secure your Twitter account, it is important to review your privacy settings. To do so, select “Settings and privacy” from the settings menu and then locate the “Privacy and safety” tab on the left side of the screen.
Audience and tagging:
- Twitter allows users the option of having their tweets viewed either publicly or restricted only to whom the user approves. Additionally, users have the option of geotagging their tweets, which allows the inclusion of a location with each tweet. You can choose to modify these settings via clicking the “Protect your Tweets” button.
- The photo tagging and discoverability options listed under the privacy section allow users to control who is permitted to tag them in photos posted to the platform and how others can find their accounts using Twitter’s search function. Twitter also provides a link to a resource that explains how this data is utilized to connect you with other Twitter users.
- Users who have permitted Twitter to access and upload their contact list, either from their mobile devices or from desktop applications, can view and manage that data by clicking the “Manage your contacts” button. Twitter stores this information and uses it to provide users with suggestions of other Twitter accounts to follow.
- The NJCCIC strongly recommends deleting this information and restricting permissions settings on devices to protect your personal information, as well as the personal information of the people in your contacts list.
- Twitter also allows users to control how Twitter personalizes content and shares certain data. By selecting “Ad preferences,” you can enable or disable the personalization of ads and Twitter’s ability to track you when visiting other websites.
- The “Direct messages” options allow users to decide whether other Twitter users can add them to a team, receive direct messages from anyone on the platform, and control message read receipt notifications.
Your Twitter data:
- To view this section, select “Privacy and safety” and scroll to “Data sharing with business partners and off-Twitter activity.”
- This section also includes information about devices currently logged in to the account, as well as previously linked devices and account access history. It also displays “Places you’ve been” if you previously enabled the “Allow use of where you see Twitter content across the web” and “Personalized ads” options that allow Twitter to track you across different applications and websites. “Allow additional information sharing with business partners” displays data from other apps installed on the same devices you use to access Twitter.
- At the very bottom of this page, Twitter provides shortcuts to the previously mentioned collected data and another link for users to request the data collected from, and associated with, their Twitter accounts.
What to do if your account is compromised or hacked:
If you are still able to log in:
- Change your password by sending a reset email.
- Turn on two-factor authentication.
- Confirm the phone number and email address in your account settings are correct.
- Revoke access to any suspicious third-party apps.
If you are unable to log in:
- Inform your friends and family about the breach to keep them safe from scams.
- Contact the Twitter help center regarding the issue.
Additional Resources:
- Users can read Twitter’s Privacy Policy to learn more about how their data is collected and shared.
- More information about public and protected Tweets is available here.
- To learn how Twitter utilizes user data to personalize user experience across multiple devices, visit their guide here.
- For information about geolocation, visit the Tweet location FAQs page.
- More information about Twitter’s app graph is available here.
- Twitter provides additional information about account security and privacy here.
The NJCCIC recommends all Twitter users regularly perform a security audit on their accounts to prevent unauthorized access, external account compromise, and the theft and misuse of personal and potentially sensitive data.
The NJCCIC is a component organization within the New Jersey Office of Homeland Security and Preparedness. We are the State's one-stop-shop for cyber threat analysis, incident reporting, and information sharing and are committed to making New Jersey more resilient to cyber threats by spreading awareness and promoting the adoption of best practices.
View our Privacy Policy here.
View our Site Index here.