The Ireland’s Data Protection Commission fined Twitter $550,000 on Tuesday, for failing to report a data breach promptly and not adequately documenting the incident, according to the EU’s General Data Protection Regulation (GDPR).
Meanwhile, the Data Protection Commission called the fine effective, proportionate and dissuasive measure. On the other hand, Twitter found out about the breach in December 2018, but did not notify the commission until Jan. 8, 2019 well beyond the 72-hour window stipulated under GDPR, according to DPC.
Also, the commission reported that Twitter failed to comply with rules allowing for full documentation of which users were affected and when. GDPR went into effect in May 2018.
In contrast, the firm could only identify specific users affected by the breach from September 2017 onward — about 89,000 total over that stretch. The bug only affected users of Twitter’s Android app, the firm added.
Moreover, the EU lawmakers due to set out their next major pieces of digital policy later, as part of an ambitious push to accelerate regional digitization by rolling out a reassuring promise of European guardrails wrapping around all this tech.
Noteworthy, the firm announced that it will start letting people request verification in 2021, according to a draft document published later. In addition, the accounts must be active, notable and associated with a prominently recognized inpidual or brand.
Follow the latest news on Google News
