`
`
`
`
`
`Laurence M. Rosen (SBN 219683)
`THE ROSEN LAW FIRM, P.A.
`355 South Grand Avenue, Suite 2450
`Los Angeles, CA 90071
`Telephone: (213) 785-2610
`Facsimile: (213) 226-4684
`Email: lrosen@rosenlegal.com
`
`Counsel for Plaintiff
`
`
`UNITED STATES DISTRICT COURT
`CENTRAL DISTRICT OF CALIFORNIA
`
`
`WILLIAM BAKER, Individually and
`on behalf of all others similarly
`situated,
`
`
`
`Plaintiff,
`
`
`
`
`v.
`
`
`
`TWITTER, INC., JACK DORSEY,
`NED
`SEGAL,
`and
`PARAG
`AGRAWAL,
`
`
`Defendants.
`
`
`No.
`
`CLASS ACTION COMPLAINT
`FOR VIOLATIONS OF THE
`FEDERAL SECURITIES
`LAWS
`
`
`CLASS ACTION
`
`
`
`JURY TRIAL DEMANDED
`
`Plaintiff William Baker (“Plaintiff”), individually and on behalf of all other
`
`persons similarly situated, by Plaintiff’s undersigned attorneys, for Plaintiff’s
`
`complaint against Defendants (defined below), alleges the following based upon
`
`personal knowledge as to Plaintiff and Plaintiff’s own acts, and information and
`
`belief as to all other matters, based upon, inter alia, the investigation conducted by
`
`and through his attorneys, which included, among other things, a review of the
`
`Defendants’ public documents, conference calls and announcements made by
`
`
`
`CLASS ACTION COMPLAINT FOR VIOLATIONS OF
`THE FEDERAL SECURITIES LAWS
`
`1
`
`2
`
`3
`
`4
`
`5
`
`6
`
`7
`
`8
`
`9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`28
`
`29
`
`30
`
`31
`
`
`
`Case 2:22-cv-06525 Document 1 Filed 09/13/22 Page 2 of 22 Page ID #:2
`
`
`
`Defendants, public filings, wire and press releases published by and regarding
`
`Twitter, Inc. (“Twitter” or the “Company”), and information readily obtainable on
`
`the Internet. Plaintiff believes that substantial evidentiary support will exist for the
`
`allegations set forth herein after a reasonable opportunity for discovery.
`
`NATURE OF THE ACTION
`
`1.
`
`This is a class action on behalf of persons or entities who purchased
`
`or otherwise acquired publicly traded Twitter securities between August 3, 2020
`
`and August 23, 2022, inclusive (the “Class Period”). Plaintiff seeks to recover
`
`compensable damages caused by Defendants’ violations of the federal securities
`
`laws under the Securities Exchange Act of 1934 (the “Exchange Act”).
`
`JURISDICTION AND VENUE
`
`2.
`
`The claims asserted herein arise under and pursuant to Sections 10(b)
`
`and 20(a) of the Exchange Act (15 U.S.C. §§ 78j(b) and 78t(a)) and Rule 10b-5
`
`promulgated thereunder by the U.S. Securities and Exchange Commission
`
`(“SEC”) (17 C.F.R. § 240.10b-5).
`
`3.
`
`This Court has jurisdiction over the subject matter of this action
`
`pursuant to 28 U.S.C. § 1331, and Section 27 of the Exchange Act (15 U.S.C.
`
`§78aa).
`
`4.
`
`Venue is proper in this judicial district pursuant to 28 U.S.C. §
`
`1391(b) and Section 27 of the Exchange Act (15 U.S.C. § 78aa(c)) as the alleged
`
`misstatements entered and the subsequent damages took place in this judicial
`
`district.
`
`5.
`
`In connection with the acts, conduct and other wrongs alleged in this
`
`complaint, Defendants, directly or indirectly, used the means and instrumentalities
`
`of interstate commerce, including but not limited to, the United States mails,
`
`interstate telephone communications and the facilities of the national securities
`
`exchange.
`
`PARTIES
`
`1
`
`CLASS ACTION COMPLAINT FOR VIOLATIONS OF
`THE FEDERAL SECURITIES LAWS
`
`1
`
`2
`
`3
`
`4
`
`5
`
`6
`
`7
`
`8
`
`9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`28
`
`29
`
`30
`
`31
`
`
`
`Case 2:22-cv-06525 Document 1 Filed 09/13/22 Page 3 of 22 Page ID #:3
`
`
`
`6.
`
`Plaintiff, as set forth in the accompanying certification, incorporated
`
`by reference herein, purchased Twitter securities during the Class Period and was
`
`economically damaged thereby.
`
`7.
`
`Defendant Twitter purports to be a global social media platform for
`
`public self-expression and conversation in real time. Twitter is incorporated in
`
`Delaware with offices located all throughout the world, including in Los Angeles.
`
`Twitter’s common stock trades on the New York Stock Exchange (“NYSE”)
`
`under the ticker symbol “TWTR.”
`
`8.
`
`Defendant Jack Dorsey (“Dorsey”) is the co-founder of Twitter and
`
`served as its Chief Executive Officer (“CEO”) from at least the start of the class
`
`period to November 29, 2021.
`
`9.
`
`Defendant Parag Agrawal (“Agrawal”) served as the Company’s
`
`CEO from November 29, 2021 and at all relevant times thereafter.
`
`10.
`
` Defendant Ned Segal (“Segal”) served as the Company’s Chief
`
`Financial Officer (“CFO”) at all relevant times.
`
`11. Defendants Dorsey, Agrawal, and Segal are collectively referred to
`
`herein as the “Individual Defendants.”
`
`12. Each of the Individual Defendants:
`
`(a)
`
`directly participated in the management of the Company;
`
`(b) was directly involved in the day-to-day operations of the
`
`Company at the highest levels;
`
`(c) was privy to confidential proprietary information concerning
`
`the Company and its business and operations;
`
`(d) was directly or indirectly involved in drafting, producing,
`
`reviewing and/or disseminating the false and misleading statements
`
`and information alleged herein;
`
`(e) was directly or indirectly involved in the oversight or
`
`implementation of the Company’s internal controls;
`
`2
`
`CLASS ACTION COMPLAINT FOR VIOLATIONS OF
`THE FEDERAL SECURITIES LAWS
`
`1
`
`2
`
`3
`
`4
`
`5
`
`6
`
`7
`
`8
`
`9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`28
`
`29
`
`30
`
`31
`
`
`
`Case 2:22-cv-06525 Document 1 Filed 09/13/22 Page 4 of 22 Page ID #:4
`
`
`
`(f) was aware of or recklessly disregarded the fact that the false
`
`and misleading statements were being issued concerning the
`
`Company; and/or
`
`(g)
`
`approved or ratified these statements in violation of the federal
`
`securities laws.
`
`13. Twitter is liable for the acts of the Individual Defendants and its
`
`employees under the doctrine of respondeat superior and common law principles
`
`of agency because all of the wrongful acts complained of herein were carried out
`
`within the scope of their employment.
`
`14. The scienter of the Individual Defendants and other employees and
`
`agents of the Company is similarly imputed to Twitter under respondeat superior
`
`and agency principles.
`
`15. Defendant Twitter and the Individual Defendants are collectively
`
`referred to herein as “Defendants.”
`
`SUBSTANTIVE ALLEGATIONS
`
`Background
`
`16.
`
`In 2010, the Federal Trade Commission (“FTC”) filed a complaint
`
`against Twitter for mishandling users’ private information and the issue of too
`
`many employees having access to Twitter’s central controls.
`
`17. On March 11, 2011, the FTC agreed to a settlement with Twitter. As
`
`part of the settlement, Twitter agreed it would be “barred for 20 years from
`
`misleading consumers about the extent to which it protects the security, privacy,
`
`and confidentiality of nonpublic consumer information, including the measures it
`
`takes to prevent unauthorized access to nonpublic information and honor the
`
`privacy choices made by consumers.”1
`
`
`1 https://www.ftc.gov/news-events/news/press-releases/2011/03/ftc-accepts-final-settlement-
`twitter-failure-safeguard-personal-information-0, (last accessed September 13, 2022)
`
`3
`
`CLASS ACTION COMPLAINT FOR VIOLATIONS OF
`THE FEDERAL SECURITIES LAWS
`
`1
`
`2
`
`3
`
`4
`
`5
`
`6
`
`7
`
`8
`
`9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`28
`
`29
`
`30
`
`31
`
`
`
`Case 2:22-cv-06525 Document 1 Filed 09/13/22 Page 5 of 22 Page ID #:5
`
`
`
`Materially False and Misleading Statements Issued During the Class Period
`
`18. On August 3, 2020, Twitter filed a form 10-Q for the quarterly period
`
`ended June 30, 2020 (“2Q 2020 10-Q”). Attached to the 2Q 2020 10-Q were
`
`certifications pursuant to the Sarbanes-Oxley Act of 2002 (“SOX”) signed by
`
`Defendants Dorsey and Segal.
`
`19. The 2Q 2020 10-Q stated, in pertinent part:
`
`Our products may contain errors or our security measures may be
`breached, resulting in the exposure of private information. Our
`products and services may be subject to attacks that degrade or deny
`the ability of people to access our products and services. These
`issues may result in the perception that our products and services
`are not secure, and people on Twitter and advertisers may curtail or
`stop using our products and services and our business and operating
`results could be harmed.
`
`Our products and services involve the storage and transmission of
`people's and advertisers’
`information, and security
`incidents,
`including
`those caused by unintentional errors and
`those
`intentionally caused by third parties, may expose us to a risk of loss
`of this information, litigation, increased security costs and potential
`liability. We and our third-party service providers experience cyber-
`attacks of varying degrees on a regular basis. We expect to incur
`significant costs in an effort to detect and prevent security breaches
`and other security-related incidents, and we may face increased costs
`in the event of an actual or perceived security breach or other security-
`related incident. In particular, the COVID-19 pandemic is increasing
`the opportunities available to criminals, as more companies and
`individuals work online, and as such, the risk of a cybersecurity
`incident potentially occurring is increasing. We cannot provide
`assurances that our preventative efforts will be successful. If an
`actual or perceived breach of our security occurs, the market
`perception of the effectiveness of our security measures could be
`harmed, people on Twitter and our advertisers may be harmed, lose
`trust and confidence in us, decrease the use of our products and
`services or stop using our products and services in their entirety. We
`may also incur significant legal and financial exposure, including
`
`4
`
`CLASS ACTION COMPLAINT FOR VIOLATIONS OF
`THE FEDERAL SECURITIES LAWS
`
`1
`
`2
`
`3
`
`4
`
`5
`
`6
`
`7
`
`8
`
`9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`28
`
`29
`
`30
`
`31
`
`
`
`Case 2:22-cv-06525 Document 1 Filed 09/13/22 Page 6 of 22 Page ID #:6
`
`
`
`legal claims, higher transaction fees and regulatory fines and
`penalties. Any of these actions could have a material and adverse
`effect on our business, reputation and operating results. While our
`insurance policies include liability coverage for certain of these
`matters, if we experienced a significant security incident, we could be
`subject to liability or other damages that exceed our insurance
`coverage.
`
`
`*
`
`*
`
`*
`
`
`In March 2011, to resolve an investigation into various incidents, we
`entered into a consent order with the FTC that, among other things,
`required us to establish an information security program designed to
`protect non-public consumer information and also requires that we
`obtain biennial independent security assessments. The obligations
`under the consent order remain in effect until the later of March 2,
`2031, or the date 20 years after the date, if any, on which the U.S.
`government or the FTC files a complaint in federal court alleging
`any violation of the order. We expect to continue to be the subject of
`regulatory inquiries, investigations and audits in the future by the FTC
`and other regulators around the world. Violation of existing or future
`regulatory orders, settlements or consent decrees could subject us to
`substantial fines and other penalties that would adversely impact our
`financial condition and operating results. For example, on July 28,
`2020, we received a draft complaint from the FTC alleging violations
`of the 2011 consent order with the FTC and the FTC Act. The
`allegations relate to our use of phone number and/or email address
`data provided for safety and security purposes for targeted advertising
`during periods between 2013 and 2019. We estimate that the range of
`probable loss in this matter is $150.0 million to $250.0 million. The
`matter remains unresolved, and there can be no assurance as to the
`timing or the terms of any final outcome.
`
`(Underlined emphasis added.)
`
`
`20. On October 30, 2020, Twitter filed a form 10-Q for the quarterly
`
`period ended September 30, 2020 (“3Q 2020 10-Q”). Attached to the 3Q 2020 10-
`
`Q were SOX Certifications signed by Defendants Dorsey and Segal.
`
`5
`
`CLASS ACTION COMPLAINT FOR VIOLATIONS OF
`THE FEDERAL SECURITIES LAWS
`
`1
`
`2
`
`3
`
`4
`
`5
`
`6
`
`7
`
`8
`
`9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`28
`
`29
`
`30
`
`31
`
`
`
`Case 2:22-cv-06525 Document 1 Filed 09/13/22 Page 7 of 22 Page ID #:7
`
`
`
`21. The 3Q 2020 10-Q stated, in relevant part:
`
`Our products may contain errors or our security measures may be
`breached, resulting in the exposure of private information. Our
`products and services may be subject to attacks that degrade or deny
`the ability of people to access our products and services. These
`issues may result in the perception that our products and services
`are not secure, and people on Twitter and advertisers may curtail or
`stop using our products and services and our business and operating
`results could be harmed.
`
`Our products and services involve the storage and transmission of
`people's and advertisers’
`information, and security
`incidents,
`including
`those caused by unintentional errors and
`those
`intentionally caused by third parties, may expose us to a risk of loss
`of this information, litigation, increased security costs and potential
`liability. We and our third-party service providers experience cyber-
`attacks of varying degrees on a regular basis. We expect to incur
`significant costs in an effort to detect and prevent security breaches
`and other security-related incidents, and we may face increased costs
`in the event of an actual or perceived security breach or other security-
`related incident. In particular, the COVID-19 pandemic is increasing
`the opportunities available to criminals, as more companies and
`individuals work online, and as such, the risk of a cybersecurity
`incident potentially occurring is increasing. We cannot provide
`assurances that our preventative efforts will be successful. If an
`actual or perceived breach of our security occurs, the market
`perception of the effectiveness of our security measures could be
`harmed, people on Twitter and our advertisers may be harmed, lose
`trust and confidence in us, decrease the use of our products and
`services or stop using our products and services in their entirety. We
`may also incur significant legal and financial exposure, including
`legal claims, higher transaction fees and regulatory fines and
`penalties. Any of these actions could have a material and adverse
`effect on our business, reputation and operating results. While our
`insurance policies include liability coverage for certain of these
`matters, if we experienced a significant security incident, we could be
`subject to liability or other damages that exceed our insurance
`coverage.
`
`
`6
`
`CLASS ACTION COMPLAINT FOR VIOLATIONS OF
`THE FEDERAL SECURITIES LAWS
`
`1
`
`2
`
`3
`
`4
`
`5
`
`6
`
`7
`
`8
`
`9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`28
`
`29
`
`30
`
`31
`
`
`
`Case 2:22-cv-06525 Document 1 Filed 09/13/22 Page 8 of 22 Page ID #:8
`
`
`
`*
`
`*
`
`*
`
`In March 2011, to resolve an investigation into various incidents, we
`entered into a consent order with the FTC that, among other things,
`required us to establish an information security program designed to
`protect non-public consumer information and also requires that we
`obtain biennial independent security assessments. The obligations
`under the consent order remain in effect until the later of March 2,
`2031, or the date 20 years after the date, if any, on which the U.S.
`government or the FTC files a complaint in federal court alleging
`any violation of the order. We expect to continue to be the subject of
`regulatory inquiries, investigations and audits in the future by the FTC
`and other regulators around the world. Violation of existing or future
`regulatory orders, settlements or consent decrees could subject us to
`substantial fines and other penalties that would adversely impact our
`financial condition and operating results. For example, on July 28,
`2020, we received a draft complaint from the FTC alleging violations
`of the 2011 consent order with the FTC and the FTC Act. The
`allegations relate to our use of phone number and/or email address
`data provided for safety and security purposes for targeted advertising
`during periods between 2013 and 2019. We estimate that the range of
`probable loss in this matter is $150.0 million to $250.0 million. The
`matter remains unresolved, and there can be no assurance as to the
`timing or the terms of any final outcome.
`
`(Underlined emphasis added.)
`
`
`22. On February 17, 2021, Twitter filed a form 10-K for the fiscal year
`
`ended December 31, 2020 (“2020 10-K”). Attached to the 2020 10-K were SOX
`
`Certifications signed by Defendants Dorsey and Segal.
`
`23. The 2020 10-K, in pertinent part, stated:
`
`Technology, Research and Development
`
`Twitter is composed of a set of core, scalable and distributed services
`that are built from proprietary and open source technologies. These
`systems are capable of delivering billions of messages, including
`images and video, to hundreds of millions of people a day in an
`
`7
`
`CLASS ACTION COMPLAINT FOR VIOLATIONS OF
`THE FEDERAL SECURITIES LAWS
`
`1
`
`2
`
`3
`
`4
`
`5
`
`6
`
`7
`
`8
`
`9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`28
`
`29
`
`30
`
`31
`
`
`
`Case 2:22-cv-06525 Document 1 Filed 09/13/22 Page 9 of 22 Page ID #:9
`
`
`
`efficient and reliable way. We continue to invest in our existing
`products and services as well as develop new products and services
`through research and product development. We also continue to
`invest in protecting the safety, security and integrity of our platform
`by investing in both people and technology, including machine
`learning.
`
`
`*
`
`*
`
`*
`
`
`In March 2011, to resolve an investigation into various incidents, we
`entered
`into a settlement agreement with
`the Federal Trade
`Commission, or FTC, that, among other things, requires us to
`establish an information security program designed to protect non-
`public consumer information and also requires that we obtain biennial
`independent security assessments. The obligations under
`the
`settlement agreement remain in effect until the later of March 2,
`2031, or the date 20 years after the date, if any, on which the U.S.
`government or the FTC files a complaint in federal court alleging
`any violation of the order. On July 28, 2020, we received a draft
`complaint from the FTC alleging violation of the order and the
`Federal Trade Commission Act (FTC Act). The allegations relate to
`our use of phone number and/or email address data provided for
`safety and security purposes for targeted advertising during periods
`between 2013 and 2019. The matter remains unresolved, and there can
`be no assurance as to the timing or the terms of any final outcome.
`Violation of other existing or future regulatory orders, settlements, or
`consent decrees could subject us to substantial monetary fines and
`other penalties that could negatively affect our financial condition and
`results of operations.
`
`
`*
`
`*
`
`*
`
`
`Our products may contain errors or our security measures may be
`breached, resulting in the exposure of private information. Our
`products and services may be subject to attacks that degrade or deny
`the ability of people to access our products and services. These
`issues may result in the perception that our products and services
`are not secure, and people on Twitter and advertisers may curtail or
`stop using our products and services and our business and operating
`results could be harmed.
`
`8
`
`CLASS ACTION COMPLAINT FOR VIOLATIONS OF
`THE FEDERAL SECURITIES LAWS
`
`1
`
`2
`
`3
`
`4
`
`5
`
`6
`
`7
`
`8
`
`9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`28
`
`29
`
`30
`
`31
`
`
`
`Case 2:22-cv-06525 Document 1 Filed 09/13/22 Page 10 of 22 Page ID #:10
`
`
`
`
`Our products and services involve the storage and transmission of
`people's and advertisers’
`information, and security
`incidents,
`including
`those caused by unintentional errors and
`those
`intentionally caused by third parties, may expose us to a risk of loss
`of this information, litigation, increased security costs and potential
`liability. We and our third-party service providers experience cyber-
`attacks of varying degrees on a regular basis. We expect to incur
`significant costs in an effort to detect and prevent security breaches
`and other security-related incidents, including those that our third-
`party suppliers and service providers may suffer, and we may face
`increased costs in the event of an actual or perceived security breach
`or other security-related incident. In particular, the COVID-19
`pandemic is increasing the opportunities available to criminals, as
`more companies and individuals work online, and as such, the risk of
`a cybersecurity incident potentially occurring is increasing. We cannot
`provide assurances that our preventative efforts will be successful. If
`an actual or perceived breach of our security occurs, the market
`perception of the effectiveness of our security measures could be
`harmed, people on Twitter and our advertisers may be harmed, lose
`trust and confidence in us, decrease the use of our products and
`services or stop using our products and services in their entirety. We
`may also incur significant legal and financial exposure, including
`legal claims, higher transaction fees and regulatory fines and
`penalties. Any of these actions could have a material and adverse
`effect on our business, reputation and operating results. While our
`insurance policies include liability coverage for certain of these
`matters, if we experienced a significant security incident, we could be
`subject to liability or other damages that exceed our insurance
`coverage.
`
`(Underlined emphasis added.)
`
`
`24. On February 16, 2022, Twitter filed a form 10-K for the fiscal year
`
`ended December 31, 2021 (“2021 10-K”). Attached to the 2021 10-K were SOX
`
`Certifications signed by Defendants Agrawal and Segal.
`
`25. The 2021 10-K, in relevant part, stated:
`
`
`9
`
`CLASS ACTION COMPLAINT FOR VIOLATIONS OF
`THE FEDERAL SECURITIES LAWS
`
`1
`
`2
`
`3
`
`4
`
`5
`
`6
`
`7
`
`8
`
`9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`28
`
`29
`
`30
`
`31
`
`
`
`Case 2:22-cv-06525 Document 1 Filed 09/13/22 Page 11 of 22 Page ID #:11
`
`
`
`Technology, Research and Development
`
`Twitter is composed of a set of core, scalable and distributed services
`that are built from proprietary and open source technologies. These
`systems are capable of delivering billions of messages, including
`images and video, to hundreds of millions of people a day in an
`efficient and reliable way. We continue to invest in our existing
`products and services as well as develop new products and services
`through research and product development. We also continue to
`invest in protecting the safety, security and integrity of our platform
`by investing in both people and technology, including machine
`learning.
`
`
`*
`
`*
`
`*
`
`In March 2011, to resolve an investigation into various incidents, we
`entered
`into a settlement agreement with
`the Federal Trade
`Commission, or FTC, that, among other things, requires us to
`establish an information security program designed to protect non-
`public consumer information and requires that we obtain biennial
`independent security assessments. The obligations under
`the
`settlement agreement remain in effect until the later of March 2,
`2031, or the date 20 years after the date, if any, on which the U.S.
`government or the FTC files a complaint in federal court alleging
`any violation of the order. On July 28, 2020, we received a draft
`complaint from the FTC alleging violation of the order and the
`Federal Trade Commission Act (FTC Act). The allegations relate to
`our use of phone number and/or email address data provided for
`safety and security purposes for targeted advertising during periods
`between 2013 and 2019. The matter remains unresolved, and there can
`be no assurance as to the timing or the terms of any final outcome.
`Violation of other existing or future regulatory orders, settlements, or
`consent decrees could subject us to substantial monetary fines and
`other penalties that could negatively affect our financial condition and
`results of operations.
`
`
`*
`
`*
`
`*
`
`
`Our products may contain errors or our security measures may be
`breached, resulting in the exposure of private information. Our
`
`10
`
`CLASS ACTION COMPLAINT FOR VIOLATIONS OF
`THE FEDERAL SECURITIES LAWS
`
`1
`
`2
`
`3
`
`4
`
`5
`
`6
`
`7
`
`8
`
`9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`28
`
`29
`
`30
`
`31
`
`
`
`Case 2:22-cv-06525 Document 1 Filed 09/13/22 Page 12 of 22 Page ID #:12
`
`
`
`products and services may be subject to attacks that degrade or deny
`the ability of people to access our products and services. These
`issues may result in the perception that our products and services
`are not secure, and people on Twitter and advertisers may curtail or
`stop using our products and services and our business and operating
`results could be harmed.
`
`Our products and services involve the storage and transmission of
`people's and advertisers’
`information, and security
`incidents,
`including
`those caused by unintentional errors and
`those
`intentionally caused by third parties, may expose us to a risk of loss
`of this information, litigation, increased security costs and potential
`liability. We and our third-party service providers experience cyber-
`attacks of varying degrees on a regular basis. We expect to incur
`significant costs in an effort to detect and prevent security breaches
`and other security-related incidents, including those that our third-
`party suppliers and service providers may suffer, and we may face
`increased costs in the event of an actual or perceived security breach
`or other security-related incident. In particular, the COVID-19
`pandemic has increased the opportunities available to criminals, as
`more companies and individuals work online, and as such, the risk of
`a cybersecurity incident potentially occurring has increased. We
`cannot provide assurances that our preventative efforts will be
`successful. If an actual or perceived breach of our security occurs,
`the market perception of the effectiveness of our security measures
`could be harmed, people on Twitter and our advertisers may be
`harmed, lose trust and confidence in us, decrease the use of our
`products and services or stop using our products and services in
`their entirety. We may also incur significant legal and financial
`exposure,
`including
`legal claims, higher
`transaction fees and
`regulatory fines and penalties. Any of these actions could have a
`material and adverse effect on our business, reputation and operating
`results. While our insurance policies include liability coverage for
`certain of these matters, if we experienced a significant security
`incident, we could be subject to liability or other damages that exceed
`our insurance coverage.
`
`(Underlined emphasis added.)
`
`11
`
`CLASS ACTION COMPLAINT FOR VIOLATIONS OF
`THE FEDERAL SECURITIES LAWS
`
`1
`
`2
`
`3
`
`4
`
`5
`
`6
`
`7
`
`8
`
`9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`28
`
`29
`
`30
`
`31
`
`
`
`
`
`Case 2:22-cv-06525 Document 1 Filed 09/13/22 Page 13 of 22 Page ID #:13
`
`
`
`26. The statements contained in ¶¶18-25 were materially false and/or
`
`misleading because they misrepresented and failed to disclose the following
`
`adverse facts pertaining to the Company’s business, operations and prospects,
`
`which were known to Defendants or recklessly disregarded by them. Specifically,
`
`Defendants made false and/or misleading statements and/or failed to disclose that:
`
`(1) Twitter knew about security concerns on their platform; (2) Twitter actively
`
`worked to hide the security concerns from the board, the investing public, and
`
`regulators; (3) contrary to representations in SEC filings, Twitter did not take
`
`steps to improve security; (4) Twitter’s active refusal to address security issues
`
`increased the risk of loss of public goodwill; and (5) as a result, Defendants’
`
`statements about Twitter’s business, operations, and prospects, were materially
`
`false and misleading and/or lacked a reasonable basis at all relevant times.
`
`THE TRUTH EMERGES
`
`27. On August 23, 2022, before market hours, CNN published an article
`
`titled, “Ex-Twitter exec blows the whistle, alleging reckless and negligent
`
`cybersecurity policies”. The article states, in relevant part:
`
`“Twitter has major security problems that pose a threat to its own
`users' personal information, to company shareholders, to national
`security, and to democracy, according to an explosive whistleblower
`disclosure obtained exclusively by CNN and The Washington Post.
`
`The disclosure, sent last month to Congress and federal agencies,
`paints a picture of a chaotic and reckless environment at a
`mismanaged company that allows too many of its staff access to the
`platform's central controls and most sensitive information without
`adequate oversight. It also alleges that some of the company's senior-
`most executives have been trying to cover up Twitter's serious
`vulnerabilities, and that one or more current employees may be
`working for a foreign intelligence service.
`
`The whistleblower, who has agreed to be publicly identified, is Peiter
`"Mudge" Zatko, who was previously the company's head of
`
`12
`
`CLASS ACTION COMPLAINT FOR VIOLATIONS OF
`THE FEDERAL SECURITIES LAWS
`
`1
`
`2
`
`3
`
`4
`
`5
`
`6
`
`7
`
`8
`
`9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`28
`
`29
`
`30
`
`31
`
`
`
`Case 2:22-cv-06525 Document 1 Filed 09/13/22 Page 14 of 22 Page ID #:14
`
`
`
`security, reporting directly to the CEO. Zatko further alleges that
`Twitter's leadership has misled its own board and government
`regulators about its security vulnerabilities, including some that
`could allegedly open the door to foreign spying or manipulation,
`hacking and disinformation campaigns. The whistleblower also
`alleges Twitter does not reliably delete users' data after they cancel
`their accounts, in some cases because the company has lost track of
`the information, and that it has misled regulators about whether it
`deletes the data as it is required to do. The whistleblower also says
`Twitter executives don't have the resources to fully understand the
`true number of bots on the platform, and were not motivated to.
`The agency alleges male employees play video games during the
`workday while delegating responsibilities to female employees,
`engage in sexual banter, and joke openly about rape, among other
`things.
`
`
`*
`
`*
`
`*
`
`
`Zatko was fired by Twitter (TWTR) in January for what the company
`claims was poor performance. According to Zatko, his public
`whistleblowing comes after he attempted to flag the security lapses
`to Twitter's board and to help Twitter fix years of technical
`shortcomings and alleged non-compliance with an earlier privacy
`agreement with the Federal Trade Commission. Zatko is being
`represented by Whistleblower Aid, the same group that represented
`Facebook whistleblower Frances Haugen.
`
`
`*
`
`*
`
`*
`
`
`Some of Zatko's most damning claims spring from his apparently
`tense relationship with Parag Agrawal, the company's former chief
`technology officer who was made CEO after Jack Dorsey stepped
`down last November. According to the disclosure, Agrawal and his
`lieutenants repeatedly discouraged Zatko from providing a full
`accounting of Twitter's security problems to the company's board of
`directors. The company's executive team allegedly instructed Zatko
`to provide an oral report of his initial findings on the company's
`security condition to the board rather than a detailed written
`account, ordered Zatko to knowingly present cherry-picked and
`misrepresented data to create the false perception of progress on
`
`13
`
`CLASS ACTION COMPLAINT FOR VIOLATIONS OF
`THE FEDERAL SECUR