From blue bird to black swan: What X means for disaster and emergency management

A black swan event is unexpected, high-impact, and obvious in hindsight, much like the post-acquisition transformation of Twitter, now X, but still colloquially known as the blue bird.

Prior to Elon Musk’s 2022 acquisition of Twitter, the social media and networking company was a vital tool for disaster and emergency management (DEM) agencies and officials. The DEM field relied on the platform to carry out mitigation, preparedness, response, and recovery functions such as issuing evacuation orders and extreme weather warnings, announcing area and road closures, locating stranded and trapped disaster victims, directing search and rescue operations, developing crisis maps, conducting post-disaster damage assessments, and so on.

For instance, in response to the 2020 Red Lake forest fire, Emergency Management Ontario took to Twitter to issue evacuation orders. During the 2020 Nova Scotia mass shooting, the deadliest in Canadian history, the RCMP tweeted hold-and-secure orders to warn and protect the public. And at the height of the pandemic, Alberta’s chief medical officer of health turned to the platform to “communicate policy changes, COVID-19 case counts and the latest information on vaccine rollouts.” Similar examples exist outside of Canada. In the United States, for example, disaster data scientists leveraged Twitter to conduct rapid damage assessments in the aftermath of Hurricane Sandy, and many agencies like California’s Santa Barbara County Fire Department use Twitter as their primary tool for “[disseminating] coverage as it is happening.” Finally, global humanitarian organizations like the Red Cross and Médecins Sans Frontières relied on Twitter to connect thousands of victims of the 2015 Nepal Earthquake with food, water, shelter, clothing, and medical care.

However, post-acquisition, Twitter introduced new policies pertaining to account verification, staffing, rate limits, and application programming interface (API) access that pose real challenges to DEM agencies and officials, essentially turning the blue bird into a black swan.

While these policies are reasonable for a for-profit corporation, they have unintentionally “disrupted an emergency management system meant to be reliable during disruptions.” As a result, DEM agencies and officials must adapt their mitigation, preparedness, response, and recovery strategies and tools accordingly.

Account verification

Twitter’s verification policy was the first to be overhauled post-acquisition, going from identity-based verification to paid verification.

Originally, Twitter operated a rigorous, no-cost verification system that required account holders to confirm their identity with an official government-issued document and a confirmed email address or phone number, among other requirements. Now, however, the criteria for verification is a great deal simpler and a great deal more expensive: a phone number and an active Twitter Blue subscription, which has an annual fee of $105 on web and $154 in-app on iOS and Android.

The shift from identity-based verification to paid verification has led to a spike in social media identity theft. Cybercriminals are creating verified Twitter Blue accounts impersonating government agencies, corporations, politicians, journalists, and other prominent figures with the aim of spreading misinformation (false information shared unintentionally) and disinformation (false information shared intentionally).

Pre-acquisition, the majority of Twitter identity theft cases were committed by non-verified accounts, making them easier to detect and delete. Since the introduction of Twitter Blue, cybercriminals have created impersonator accounts of the National Weather Service, FEMA, Homeland Security, the Los Angeles Police Department, City of New York, and Ontario Premier Doug Ford, to name a few high-profile targets.

If these verified impersonator accounts were to post misinformation or disinformation about an emergency or disaster – issuing false declarations of emergency or nuclear alerts, ordering “people to evacuate when they should be sheltering in place,” and posting fraudulent offers of government disaster assistance – lives could be endangered, communities severely impacted, and trust in DEM authorities undermined.

Staffing

Twitter’s decision to layoff large parts of its trust, safety, and content moderation teams has further compounded the threat of impersonator accounts by placing the onus on users to monitor and report identity theft, misinformation, and disinformation. In other words, DEM agencies and officials are now responsible for monitoring and reporting impersonator accounts and false information pertaining to natural, technological, and intentional emergencies and disasters, bar from international armed conflict, which is the only event currently covered under Twitter’s crisis misinformation policy.

Unfortunately, publicly funded DEM agencies typically lack the expertise, bandwidth, and financial resources to act as content moderators.

To mitigate the threat of impersonator accounts and address gaps in content moderation, municipal, provincial, and federal DEM offices should consider taking the following five measures:

1. verify their Twitter account(s);
2. apply for an ‘Official’ profile label, which is not available for purchase and can be used to distinguish legitimate and impersonator accounts;
3. link their Twitter account on their website;
4. conduct periodic social media scans; and
5. maintain an active presence on the platform.

Regarding the latter mitigation strategy, it was endorsed by Tom Tarantino, who formerly led Twitter’s global crisis response program. As per Tarantino, authoritative sources should “continue to maintain their Twitter accounts in order to fill the site with as much trustworthy information as possible. Abandoning accounts leaves a vacuum for bad actors to fill.” It is important to note that Tarantino promoted this strategy after being let go from Twitter. That being said, DEM agencies and officials who have decided to join the ‘Twitter Quitters’ should develop an exit strategy that includes downloading a Twitter archive, removing all account data from Twitter, officially deactivating and deleting the account, and identifying a viable alternative social media platform for disseminating risk communications to the public.

At the time of writing, several DEM agencies across Canada, the U.S., and the world have not verified their Twitter accounts, leaving them exposed and vulnerable to identity theft and impersonation – the Toronto Office of Emergency Management, City of Brampton Emergency Management Office, Mississauga Fire, Alberta Public Safety and Emergency Services, Nova Scotia Emergency Management Office, Idaho Office of Emergency Management, Alaska Division of Homeland Security and Emergency Management, the Luxembourg Crisis Communication Service, and the Luxembourg Police, to name a few.

Toronto Office of Emergency Management Twitter Account, Unverified.

Alaska Division of Homeland Security & Emergency Management Twitter Account, Unverified.

Luxembourg Crisis Communication Service Twitter Account, Unverified.

Rate limits

Twitter’s new rate limits have also disrupted the DEM industry by restricting the number of tweets emergency management and first response agencies can view per day, with verified accounts limited to 6,000 tweets and unverified accounts limited to 600 tweets. It should be noted that individuals and organizations that do not have a Twitter account and users who have not logged into their accounts are completely blocked from viewing Twitter content.

Not only do these rate limits prevent agencies from receiving and responding to messages from people and communities impacted by crises, but they also diminish the ability to detect, track, and assess potential, emerging, and evolving hazards and threats – after all, tweets from the public are a source of risk identification and assessment data. In fact, Washington State’s Spokane County Fire District 8 recently encountered these problems after reaching their daily rate limit in just 10 minutes during the 2023 wildfire season. For 14 hours, the district was unable to view essential tweets about the wildfire situation. Similarly, multiple U.S. National Weather Service offices were recently prevented from viewing tweets during severe weather events.

Canada has also been negatively impacted by Twitter’s new rate limits. This year, the British Columbia Ministry of Transportation reached its tweet limit on a weekend when it was sharing information about wildfire evacuations and the Greater Sudbury Police Service recently warned that Twitter’s policy changes have hindered their ability to feed information to the media outlets.

In light of these rate limits, agencies are relying more heavily on traditional risk communication tools – government websites, press releases, emergency alerts delivered via radio, television, and LTE-connected and compatible devices. Unfortunately, these tools lack Twitter’s shareability and speed in that they cannot be retweeted or distributed via text or e-mail and are more likely to cause alert fatigue. Alternate social media platforms such as Facebook, Instagram, and Threads are also an option, albeit an imperfect one because their algorithms favour user interactivity rather than chronology by default, meaning an “urgent notification could be buried in a user’s feed if it has fewer likes or shares.”

Application programming interface

Finally, Twitter’s decision to begin charging for access to its API ­– a minimum of US$42,000 per month – will have real ramifications for NGOs and research groups that rely on the tool to develop open-source, crowdsourced crisis maps. Since the 2010 Haiti earthquake, data scientists, programmers, journalists, academics, and civilians from across the globe have been scraping and analyzing social data from platforms like Twitter to develop maps that detect earthquakes, locate survivors, direct search and rescue efforts, monitor damage to critical infrastructure, and show disaster relief workers where to deliver aid – all in real time.

For instance, in the wake of the 2023 Turkey-Syria earthquake, over 22,000 volunteers from around the world relied on Twitter’s API to develop a heat map that visualized where tweets for help from survivors were concentrated. The map was subsequently shared with rescue crews in the field and organizations scrambling to provide aid. Twitter’s API has also been employed to co-ordinate response to flooding in Kenya, Sudan, and Uganda; assess the physical and economic damage caused by Hurricane Sandy; facilitate the provision of aid during the 2015 Nepal Earthquake; and track the spread of coronavirus in India, to cite a few examples. Such initiatives were only possible because access to Twitter’s API was completely free. Today, however, API access for nongovernmental organizations, including the volunteer-run non-profits that develop crisis maps, is prohibitively expensive.

Unfortunately, there are little to no solutions for this emerging policy risk, especially since alternative sources of social data like Reddit’s API are following Twitter’s lead and establishing paywalls. One idea I have proposed is a new form of philanthropy that sees individuals and corporations donate their Twitter viewing limits, posting limits, and API access to governmental, non-governmental, and non-profit humanitarian DEM agencies during disasters and emergencies.

Twitter’s transformation is arguably the most notable black swan event to occur since the pandemic.

The platform’s new policies pertaining to account verification, staffing, rate limits, and API access shocked the world and impacted society but, in hindsight, are reasonable measures for a publicly traded corporation. For DEM agencies and officials, Twitter was once a powerful and effective resiliency-building technology that enabled bidirectional risk communications and crisis mapping; today, however, the platform has become a conduit for social media identity theft, misinformation, and disinformation.

To be clear, the new Twitter, now X, does not spell the end of risk communications – officials can continue disseminating information to the public via wireless alert systems, email distribution lists, websites, press releases, the media, and government apps. That being said, DEM agencies and officials are now more susceptible to cybersecurity threats and have lost a free public amplification tool and source of risk identification and assessment data. Finally, Twitter’s post-acquisition changes serve as a warning to disaster and emergency managers – be cautious to rely on a private company’s willingness to provide a free communications service.

Tiana Putric, BDEM, ABCP is an emergency management specialist with experience in multi-hazard identification and risk assessment, strategic advising, and business continuity planning across all pillars of emergency management. Putric was the first disaster and emergency management undergraduate in North America to earn the Fulbright Killam Fellowship, a binational fellowship designed to advance Canada-U.S. relations.