Twitter’s new Tip Jar feature, which lets you send money to your favorite Twitter users, is nice, but it also has a glaring privacy issue which you should be aware of.
Security researcher Rachel Tobac has noticed that tipping someone via the Tip Jar might reveal your home address to that person, which is a potentially dangerous privacy problem (not to mention that it’s completely unnecessary in most cases).
It doesn’t happen in all instances. Tip Jar lets you choose a payment provider before you “tip” a Twitter user, and if you choose PayPal, the receiver will see your home address when they receive the tip.
Huge heads up on PayPal Twitter Tip Jar. If you send a person a tip using PayPal, when the receiver opens up the receipt from the tip you sent, they get your *address*. Just tested to confirm by tipping @yashar on Twitter w/ PayPal and he did in fact get my address I tipped him. https://t.co/R4NvaXRdlZ pic.twitter.com/r8UyJpNCxu
— Rachel Tobac (@RachelTobac) May 6, 2021
Twitter product lead Kayvon Beykpour has acknowledged the issue, saying that it’s a problem on PayPal’s side. “We can’t control the revealing of the address on PayPal’s side but we will add a warning for people giving tips via PayPal so that they are aware of this,” he tweeted.
this is a good catch, thank you. we can’t control the revealing of the address on Paypal’s side but we will add a warning for people giving tips via Paypal so that they are aware of this.
— Kayvon Beykpour (@kayvz) May 6, 2021
According to PayPal (via Gizmodo), this only happens if you send the tip as “goods and services;” if you choose a different category, such as “friends and family,” your address won’t be shared. It also appears that this doesn’t happen if you choose to tip using a payment provider other than PayPal.
This is not the only privacy issue on Tip Jar. According to technologist Ashkan Soltani, the Tip Jar feature reveals the recipient’s email address, linked to their account, even when you don’t send them money. Note that this is different from the issue above, which has to do with the sender’s physical home address.
Tip Jar is currently in beta and is not available to all users. Still, having your real name and home address (or even just the email address) revealed to strangers for no good reason is a pretty serious problem, even if it affects a small subset of users.
In its FAQ for Tip Jar, Twitter says the following: “When you add a third-party payment service to your profile, please note that your username on that service will be publicly linked to your Twitter account. Information about you, including your full name or address and your tip may be shared with the recipient or others, subject to the terms of the third-party payment service. Please review each service’s terms for more details.”
It’s hard to tell, however, how many users will read this FAQ or be acquainted with PayPal’s terms of services well enough to know that their address might be shared. Would it be too much to ask for Twitter to sort it out with PayPal and make sure it cannot happen?