There has been some concern over the security of twittering under a private profile of late. Several rumours and blog posts have come up lately saying that the privacy of "only show my friends" profiles, has been violated. This article in the Guardian is one such article.

The team at Twitter Inc has been quick to point out that it is up to the developer to protect the users privacy.  It is not a flaw in the Twitter API but a flaw in the 3rd Party applications.   Here is the message from co-founder Biz Stone:

"So what the heck are they talking about? Some Twitter users willingly provided their usernames and passwords to a mash-up project called Twittervision (a service unaffiliated with Twitter except that it accesses our API). They did this so they could be part of the fun and access more Twittervision features. However, Twittervision was not checking to see if any of these folks had marked their updates as "protected." Starting today David Troy, the creator of Twittervision, tells us he'll make sure to check for this.

As a reminder, please note that mash-ups and other experimental projects built using the Twitter API are totally awesome and fun but developed by folks outside of Twitter. So, we don't necessarily test them all out. If privacy is a concern, we remind you to refrain from supplying your Twitter username and password to other people, sites, or services. For more information about privacy, please have a look at our Privacy Policy."

So there you have the official story..