The regulator of digital protection data of Ireland (DPC) imposed a fine of € 450.000 on Twitter for failing to properly inform the regulator within 72 hours of a error recorded in protection of the data of its users, as defined by the General Data Protection Regulation of the European Union (GDPR). In particular, Twitter did not notify the regulator of an error that resulted in some private tweets.
This is the first fine imposed on a major US technology company under the European Union's new dispute resolution mechanism. However, the fine is much lower than what some European countries have called for on the popular social media.
The Regulation entered into force in the EU. on May 25, 2018, while it was implemented quickly after four separate complaints against Google, Facebook, Instagram and WhatsApp on the same day due to the use of "mandatory consent". However, the Twitter case is the first to use the new dispute resolution system, under which a state regulator decides before consulting other EU national regulators.
DPC, which has launched more than 20 searches for its technology giants USA, can impose fines for violations up to 4% of a company's total revenue or € 20 million - whichever is higher. Authorized to fine Twitter $ 60 million for application error Android recognized in early 2019, published private user tweets. However, the fine was set at 2% of annual turnover, as it was judged to be a much lower infringement.
In addition, the Austrian regulator sought a fine of at least € 25 million and Germany between € 7,3 million and € 22 million, according to the European Data Protection Council, as an objection to Ireland's preliminary decision in May.
Twitter, for its part, said in a statement that the fact that it was late in announcing and recording the security incident was an "unexpected consequence of manning between Christmas Day 2018 and New Year's Day" and that it has done changes so that future events are notified in a timely manner. He also stressed that he takes full responsibility for this mistake and remains fully committed to protecting the privacy and data of its users.