A former security chief of Twitter alleged on Tuesday that the Indian government placed an agent at the social media giant’s office to “understand the negotiations” about new restrictions on social media, the Associated Press reported.

The Twitter employee-turned-whistleblower, Peiter “Mudge” Zatko, alleged in a testimony before the United States Senate that Twitter knowingly allowed India to add agents to the company roster, possibly giving the Indian government access to sensitive data about users.

Zatko, a well-known hacker, in his first public appearance expanded on an 84-page complaint that he shared with regulators and the The Washington Post last month, stating that government agents had access to vast amount of sensitive data due to Twitter’s “basic architectural flaws”.

He had said that Twitter executives “violated the company’s articulated commitments to its users” by letting an Indian government agent have unsupervised access to its systems and data.

Since last year, there have been conflicts between the social media company and the Indian government in connection with the new Information Technology rules, which became effective in May last year.

Among other things, the “Information Technology (Guidelines for Intermediaries and Digital Media Ethics Code) Rules, 2021” regulations require these platforms to appoint chief compliance officers, in order to make sure the rules are followed, nodal officers, to coordinate with law enforcement agencies, and grievance officers. All of them should be based in India.

It also requires social media platforms with over 50 lakh users to help in identifying the “originator” of messages upon the government’s request.

On June 5 last year, the Ministry of Electronics and Information Technology told Twitter that it has one last chance to comply with the rules or face “unintended consequences”. In response, the social media giant had said that it appointed a nodal contact person and a resident grievance officer on contract basis. It added that the company was in “advanced stages of finalising” a chief compliance officer.

Commenting on Zatko’s claims on Tuesday, United States Senator Christopher Coons asked him for his view on how common it was for foreign entities to install “sympathetic actors” at Twitter, and their possible reasons for doing so.

In response, the former Twitter security chief said that this could be done to identify persons or to track groups of interest. He added that this could be done to gauge whether Twitter has “identified your agents or your information operations – what other governments has Twitter possibly identified”.

In a possible reference to India, Zatko said that a government “was even threatening to put Twitter employees in jail” if the company didn’t change particular activities on the platform.

In February last year, the Indian government asked Twitter to remove hundreds of accounts that had criticised its handling of the farmer protests against three agriculture laws that have now been repealed. When the company refused to act on its request, the government threatened prison time for some employees in India. Twitter later complied with the request.

On Tuesday, Zatko also alleged that the Chinese government had placed at least one agent of the country’s intelligence agency on Twitter’s payroll.

In a statement, Zatko’s legal team said on Tuesday that the Senate hearing was a watershed moment.

“Members of the Senate Judiciary Committee and the public were provided with detailed and sobering testimony from our client, Peiter “Mudge” Zatko, regarding the serious and pervasive security and privacy failures that Twitter leadership has been covering up for years,” the legal team said. “Mr. Zatko is hopeful that the Committee’s work today has helped educate the public about just how dire the security and privacy situation is at Twitter and how impacted we all are by these failures.”