Twitter launched a new feature last Thursday: “Tip Jar,” which allows users to let their followers give them money through a variety of payment services without Twitter taking a cut.
It makes sense: Users have been swapping Venmo and PayPal handles for years, so this streamlines the process of crowdfunding an unexpected vet bill or applauding a particularly good tweet.
But there's a catch. In some cases, users might expose their home address or their personal email account. Here's why your data privacy is at risk, and how to prevent it.
What's Going On?
To be fair, the problem does not lie on Twitter's end, or even with most of the payment processors that users can use the tipping service with (Venmo, Cash App, Patreon, and Bandcamp). It's just PayPal.
When selling a physical product through PayPal, it's important to know where you're shipping to. So, PayPal defaults to making each payer's home address visible to the person they're paying — even if the payment is just a tip.
Huge heads up on PayPal Twitter Tip Jar. If you send a person a tip using PayPal, when the receiver opens up the receipt from the tip you sent, they get your *address*. Just tested to confirm by tipping @yashar on Twitter w/ PayPal and he did in fact get my address I tipped him. https://t.co/R4NvaXRdlZ pic.twitter.com/r8UyJpNCxu
— Rachel Tobac (@RachelTobac) May 6, 2021
That's the first issue. The second issue exposes the data of the person being paid: The tipper will be able to see the tip recipient's email address, even if they chose not to fully complete the tip payment.
PayPal intends this to verify the payment is going to the right person, but since many Twitter users don't make their email address public, the upshot is that anyone who visits their profile can get information that they likely didn't intend to make public.
Warning all: @Twitter's new "Tip Jar" feature reveals the recipient's email address that's linked to their account, even when you don't send them any actual money
(I got permission from @jason_kint to show his email in this video)
Thread here: https://t.co/Z6WFuXSlgO https://t.co/e8f9J58db7 pic.twitter.com/6u4Vjwkinf
— ashkan soltani (@ashk4n) May 7, 2021
Both cases are a big deal, given Twitter's history of cyberbullying, doxing, and general abuse. For a troll, knowing your target's email address opens up a simple and easy harassment channel.
Luckily, both issues can be fixed, as long as you know how to do it.
Keeping Your Home Address Private
As the person sending a tip, your address will be made available to the person you're tipping by default. Users can opt out of making their address visible, but the process of doing so might not be immediately clear.
To turn off your address visibility:
- Click “Send with Purchase Protection” when sending the tip
- Click “Shipping Address” on the next screen
- This gives you a dropdown of potential addresses, as well as a “Not Applicable” option, which is the one you want
It's just a few taps, but since it's not the default option, it will definitely result in plenty of exposed addresses.
Keeping Your Email Address Private
As the person receiving the tip, the email address connected to your PayPal account may be used as your account name.
Here, the solution is even more simple: Just set up your Paypal.me “nickname,” which is essentially a screenname for your PayPal account. Without it, PayPal defaults to just using your email address as if it's your account name.
In response to these concerns, Twitter has noted the home address issue in an FAQ, though it hasn't updated to mention the recipient-side email address issue:
The option to send money to someone's social media account is a great update, as the polarized creator economy needs all the help it can get to build out a healthy middle-class.
Still, the potential privacy violations here remain under-explained, so pass the word on to anyone who plans to send or receive Twitter tips. And the next time you hit that tip button… maybe opt for Venmo.