The company formerly known as Twitter is “unfit” to hold banking licenses because of its alleged “intentional complicity” with human rights violations in Saudi Arabia and treatment of users’ personal data, according to an open letter sent to federal and state banking regulators that was signed by a law firm representing a Saudi victim’s family.
The allegations by lawyers representing Areej al-Sadhan, whose brother Abdulrahman was one of thousands of Saudis whose confidential personal information was obtained by Saudi agents posing as Twitter employees in 2014-15, comes as Twitter Payments LLC, a subsidiary of X (the company formerly known as Twitter), is in the process of applying for money-transmitter licenses across the US.
Elon Musk, X’s billionaire owner, has said he wants X to begin offering financial services, like allowing users to make payments across the social media company. The banking plan is a critical new element in Musk’s effort to increase revenue at the company following his controversial $44bn acquisition of the platform last year.
In their letter, which is addressed to “attorneys general and banking commissioners across 50 states” and was obtained by the Guardian, lawyers at Walden Macht & Haran LLP argue that X’s prior and current conduct deserves “serious and careful investigation”, including allegations that X acted at the direction of Saudi Arabia in furtherance of the kingdom’s campaign of transnational repression.
“We believe Twitter is unfit to hold money-transmitting licenses. But, regardless of each state’s decision on the licenses, we urge [regulators] to use these [X’s] applications to fully investigate Twitter’s prior conduct and its current financial and other entanglements with Saudi Arabia,” the letter states.
Saudi Arabia’s campaign to infiltrate Twitter and identify users who were anonymously criticizing its government online led to Abdulrahman al-Sadhan’s “arrest, torture, and imprisonment”, the letter says.
His family have not heard from Abdulrahman, who received a 20-year sentence for allegations that he used his anonymous Twitter account to make fun of the royal family, since 2021.
The California company was infiltrated by three Saudi agents, two of whom were posing as Twitter employees, in 2014 and 2015. Abdulrahman and thousands of other anonymous Saudi Twitter users were identified in the breach, including some who were later reportedly detained and tortured as part of the government’s crackdown on dissent.
“While Twitter has protested that it was a ‘victim’ of its employees’ misconduct, the evidence we found tells a much different story,” the letter claims, pointing to data that shows that, once the breach was discovered by federal investigators, Twitter began approving Saudi requests for confidential information, including “emergency disclosures”, in “droves”.
In 2016, 85% of these requests were approved, the lawyers say – a much higher approval rate than those for Canada and the US. It also pointed to Musk capitulating to Saudi’s existing stake in X – investors there are the second largest in the company – even though he was “fully aware” of Saudi’s prior actions.
X has not commented on al-Sadhan’s claims. A request for comment sent to X from the Guardian got an automatic reply that said “Busy now, please check back later.”
The question of Twitter’s “fitness” to hold financial services licenses, said Walden Macht & Haran, includes whether it can be trusted to abide by federal and state laws protecting consumer data and records. The Department of Justice has said it believes the Saudis accessed the confidential data of about 6,000 Twitter users.
The lawyers face a difficult task. Banking regulators in eight states have already approved license applications for Twitter Payments.
Al-Sadhan’s case against X is now pending before US district judge Edward Chen.