alt Hacker NewsThere are so many more ways one could screw up, and you only need to screw up once. For example, does X do browser fingerprinting and did you ever use similar setup to use a more identifiable Twitter account? Are you using unique phrasings or behavioral patterns? These things can be solved to a satisfactory degree, but I don't think "it's not hard" captures it - for an average user it _is_ hard.
> Are you using unique phrasings or behavioral patterns?
Why would Twitter voluntarily run that sort of query to satisfy a subpoena?
Whether it's difficult and risky for the average user depends on the threat model. "Twitter doesn't directly have my name, address, or phone number sitting in their database next to my account" is easy. Other things are more difficult.