Twitter fined 450,000 Euros by Irish regulator for GDPR fail

Twitter fined 450,000 Euros by Irish regulator for GDPR fail

Twitter has been clobbered with a fine of €450,000 (~$546,300) after Irish courts found it had breached Europe’s strong data protection laws, known as GDPR. The fine was brought by Ireland’s data regulator, making it the first scalp for US big tech under the legislation.

Twitter was investigated under GDPR rules after an incident in 2019 which saw private, so-called ‘restricted’ Tweets made public, due to a bug in the platform’s Android app. After an initial investigation, some EU member states complained that Twitter’s proposed punishment of $150k-$300k wasn’t enough. As most big tech firms use Ireland as a European base, Ireland’s Data regulator is often considered the lead on such cases and an arbitrator of disputes via the European Data Protection Board (EDPB). Reuters reports that it’s the first time that the GDPR Dispute Resolution process has been used to increase a fine.

In handing down the fine, Ireland’s DPC said that it was a “proportionate and dissuasive measure” based on Twitter’s “failure to notify the breach on time and… failure to document the breach”. Twitter had said, in its defence, that the oversight was caused by reduced staffing over the Christmas period in 2018. Twitter responded by acknowledging the situation: “We take full responsibility for this mistake and remain fully committed to protecting the privacy and data of our customers…”.

Under GDPR rules, Twitter remains liable for the data leak, even though it wasn’t considered to be deliberate or malicious. The rules, which are some of the strictest in the world, require compliance from all companies that allow data to travel in or out of the European Union. The fact that the leak happened at a time when Google was actively cracking down on third-party Twitter clients, only served to compound the problem, given that it was their own official app that sprung the leak.

Twitter
Twitter
Developer: Twitter, Inc.
Price: Free+

About author

Chris Merriman
Chris Merriman

I am the UK News Editor at XDA Developers. I’ve been writing about technology for over a decade for the likes of The Inquirer, where I was Associate Editor, Computer Shopper UK, and IT Pro. I’ve also appeared on Sky News, BBC, Al Jazeera and recently left a long-running weekly tech news spot on TalkRadio UK. My love of technology comes from my family who hail from the pioneering days of Silicon Valley - in fact my Grandfather worked on Mercury, Gemini and Apollo. I’ve been using smartphones (and reading XDA) since the HTC Canary in 2003. I’m also a smart home obsessive. You can find me tweeting as @ChrisTheDJ or email me at [email protected]