[bjornedstrom]

This is the most well-intended (I hope, assuming no ill intent on your part) but dangerous message I've read today.

What you are really saying here that public officials should only be allowed to publish on approved enterprise communications systems that has the budget to pay for compliance certifications.

I think Facebook and Twitter would love this kind of regulatory capture because it would cement their position, hindering startups from taking over in their space (which, we know, is prone to being out-innovated every 5 years or so).

Having worked professionally in information security for a while now, let me tell you these kinds of certificates mean very little for actual security.

[adrianN]

Public officials should be completely banned from using communication systems that are not state owned for professional purposes. It makes absolutely no sense that politicians use Twitter as an official communication channel.

[KeepFlying]

The last 4 years have been a terrible example of how to interact on Twitter as a politician, but in general the idea of a politician being able to connect directly with their citizens is still a great dream. I'm not sure if social media is the right approach, but right now I don't think there is a great alternative.

Especially when during campaigning it is necessary to grow that kind of following organically and to leverage social media. Saying that the day you get elected that you must disable your online presence feels like the wrong solution.

I do think there should be some higher standard though. I just am not sure what it is. The same threats exist in Email that exist on Twitter in a lot of ways. I can register "JoeBidden.com" and email you about "my" campaign all day. There's no official registration of your "official" domain anywhere. And even if there were, that can be hacked too.

[dkonofalski]

That's a great take from an idealist perspective. The reality is that governments are under-resourced and under-funded for these types of things and American citizens aren't going to register for a state-owned version of Twitter nor fund it. They're already on Twitter and governments should meet them where they're already at.

[indymike]

A public official should have the same rights and responsibilities as any other citizen.

[nemothekid]

How do you plan on telling Trump, who had a sizable Twitter following before he was elected, then leveraged social media to grow his political fanbase, that all of the sudden on Jan 1, he can't use Twitter?

You are trying to close Pandora's Box.

[sanderjd]

We have a mechanism for doing just that: Congress. A law that government communication must be primarily through an official channel (even if it is also mirrored to unofficial channels).

This was exactly my first thought when I saw Sen. Hawley's open letter to Twitter, aghast at the idea that the President's own account could be affected by this. I share his concern, but not his determination of blame. It is not a private company's job to protect the communications of our government. It is the job of our government's defense and intelligence apparatus. They can't do that job without the requirement for communication to be done through channels they control.

[Andrex]

> You are trying to close Pandora's Box.

Anything is possible through legislation, I'm not sure this is such a big leap.

[the-pigeon]

I say just the opposite.

Let's remove the blue checks and make it difficult to know who's legit and who's impersonating people again. Twitter is used way too seriously.

I know that's the opposite of what Twitter as a company wants. But it'd be nice as a user.

[btmiller]

Oof yeah you're not wrong! It was well-intended for sure, but you've made a good point regarding regulatory capture. How can we achieve both a) increased security beyond a your basic acronym certificate* and b) democratized access to startups?

Which set of levers can we pull to achieve the best outcome for everyone, I have no idea. Is it fair to compare this to the current aviation dilemmas? I don't want just anyone building a passenger jet, slapping a compliance sticker on it, and hop on board; very high stakes system. Yet at the same time, it's clear to see how Boeing infected the FAA to simply get their way and lockout newcomers.

* are PCI, PII, SOX, et. al. really that trivial and meaningless?

[davinic]

Knowing that absolute security is a myth, it makes more sense to assume all the systems are insecure and proceed from there, placing only the appropriate level of trust in any system.

[jimktrains2]

Or perhaps a more generous reading of gp is official message should only be issued via official channels (which have been vetted for security) and everything else is just pr only.