Twitter revealed the error in operation "Protect your tweets”At the beginning of last year. Some users Android who had applied this arrangement to make their tweets non-public, may have exposed their data on the public internet since 2014.
Meanwhile, a new data protection regime entered into force in the European Union in May 2018 - which means that the 2014-2019 breach falls under the EU General Data Protection Regulation (GDPR).
The Irish DPC is the main oversight body in the Twitter case, but the cross-border nature of the platform means that all EU data protection agencies have an interest and the opportunity to raise "relevant and reasoned" objections to the plan. Objections to the DPC draft decision were particularly voiced over the summer, triggering a dispute settlement process for cross-border cases set by the GDPR.
The DPC of Ireland now has up to a month to make a final decision on the incident.
"The Irish SA [supervisory authority] shall issue its final decision under the EDPB decision, which shall be addressed to the controller without undue delay and no later than one month after the notification of his decision by the EDPB," the European Protection Council said. Data.
Details of any penalties Twitter may face, such as fines, have not yet been confirmed. The Twitter breach case is probably much less complicated than some other GDPR cases, which are based on complaints made in high-tech platforms, which include research into the legal basis for Facebook for processing user data and the way in which its ad exchange Google uses Internet users.