Connect with us


Data Breach: Twitter Hit With €450,000 Gdpr Fine Nearly Two Years



Twitter Logo

Ireland’s Data Protection Commission (DPC) has fined Twitter €450,000 (around $546,000) over a data breach it disclosed back in January 2019, the regulator announced today. The security flaw exposed some supposedly private tweets from the service’s Android users for over four years. Twitter was found to have violated the EU’s General Data Protection Regulation (GDPR) because it failed to notify the regulator within 72 hours of discovering the breach, The Wall Street Journal reports.

Download & Install The New ANE Android App To Your Device
Hello!! Have you heard about the deadly virus called Coronavirus? No? See What It Is & How To Prevent It Here. Also Stay Connected & Get Latest Updates On Coronavirus Here. Please be safe! We LOVE You.

The fine is notable because it’s the first time a US tech giant has been hit with a GDPR fine in a cross-border case, meaning one in which the Irish regulator consulted its EU counterparts as part of the decision. The investigation was headed by Ireland’s DPC because Ireland is where Twitter’s international headquarters are based.

This cross-border process is part of the reason why it’s taken so long to issue this fine. Ireland’s DPC posted its draft decision back in May as part of the GDPR’s comments process. However, several other regulators raised objections to several points in its decision, which eventually led to a dispute-resolution process.

One key objection raised was to the amount the DPC wanted to fine Twitter, the WSJ reports. A fine of €450,000 is well short of the 2 percent of Twitter’s global annual revenue that can be levied under GDPR for failing to properly disclose a data breach. The Irish regulator originally wanted to fine Twitter even less than this, but through the dispute-resolution process, it was told to increase the amount. The DPC had argued for a smaller fine because it believed Twitter’s failing was through negligence, rather than being intentional or systematic.

READ ALSO  Sanwo-Olu commence online campaign, holds Twitter chats

The fact that this dispute resolution took so long has led to criticism of GDPR’s effectiveness. The head of the Irish Data Protection Commission, Helen Dixon, has previously admitted that “the process didn’t work particularly well” but added that it’s the first time the process has been used and expressed optimism that it would get better in future, the WSJ reports.

Responding to the fine in a statement given to TechCrunch, Twitter said it respects the regulator’s decision. “An unanticipated consequence of staffing between Christmas Day 2018 and New Years’ Day resulted in Twitter notifying the IDPC outside of the 72 hour statutory notice period,” the company said, “We have made changes so that all incidents following this have been reported to the DPC in a timely fashion.”

“We take responsibility for this mistake and remain fully committed to protecting the privacy and data of our customers,” the company added.

The WSJ describes the Twitter case as being “the first in a long pipeline” of cases involving US tech giants. Other open cases include more than a dozen that have been opened into Facebook and its subsidiaries, such as WhatsApp.

Get More Stories Like This On: Facebook: @AllNaijaEntertainment, Twitter: @AllNaijaEntertainment

Click to comment
Notify of
Inline Feedbacks
View all comments

Don’t Miss!

Join "ANE sabi" clique

Don't miss a thing, get ogbonge ANE latest updates to fuel your conversation daily.

Latest Exchange Rate

Donate To ANE!

Mind buying a coffee to support us here at All Naija Entertainment?. Yes?

Donate Now

ANE Billboard Hots!

Join "ANE sabi" clique

Don't miss a thing, get ogbonge ANE latest updates to fuel your conversation daily.

Copyright © All Naija Entertainment.