Twitter fined $546,000 for violating the EU's GDPR privacy law, marking the first time a US firm has been penalized over the 2-year-old law
- The Irish Data Protection Commission fined
EU's GDPRprivacy law and failing to notify the regulator of a data breach within 72 hours of one occurring.
- The case pertains to a breach during the 2018 holiday period that left users' private tweets exposed, an incident for which Twitter told Business Insider it takes responsibility.
- The EU's GDPR privacy law, passed in mid-2018, mandates that companies handling EU citizens' data ring the alarm within 72 hours of discovering a data breach.
Newsof the fine also comes after the US Federal Trade Commission ordered Twitter and seven other tech companies to disclose how they collect and track people's personal information. They have 45 days to respond from the day they received the order.
Twitter is the first US company to be fined for violating the European Union's relatively new GDPR privacy law, The Wall Street Journal reported on Tuesday.
Ireland's Data Protection Commission said Tuesday that it's fining Twitter $546,000 for failing to note or alert regulators within 72 hours of discovering a data breach over the 2018 holiday period, which left some users' private tweets vulnerable. The General Data Protection Regulation (GDPR) includes a mandate that if companies that handle EU citizens' data realize there has been a breach, they must inform those affected within 72 hours.In a statement to Business Insider, Twitter's Chief Privacy Officer Damien Kieran said the company takes "responsibility for this mistake and remain fully committed to protecting the privacy and data of our customers, including through our work to quickly and transparently inform the public of issues that occur." He also said the issue was the result of an "unanticipated consequence of staffing between Christmas Day 2018 and New Years' Day."
The fine comes after officials deliberated for nearly two years over this specific Twitter case. Helen Dizon, head of the Irish Data Protection Commission, told the outlet that the process was "too long," but it still marks the first time that EU authorities have completed such a process. Twitter said it fixed the issue in January 2019, as the WSJ notes.The EU's GDPR privacy law was passed in May 2018 and marked a sweeping step toward holding tech companies more accountable. The law includes a series of stipulations, like granting customers the right to have their data deleted if they ask and requiring companies to inform people on how or why their data is being processed.
The federal agency is ordering the company, as well as Amazon, Facebook, Snap, and five others, to disclose how they collect and track people's personal information online. The companies have 45 days to respond to the order from the day that they received it. The FTC's order signals a move toward a tougher crackdown of the tech industry, which has largely enjoyed little oversight in its history.
- Best broadband plans in India in 2021 – JioFiber, Airtel Xstream Fiber and ACT Fibernet
- IPL 2021: Royal Challengers Bangalore have beaten Sunrisers Hyderabad 7 out of 18 times they played each other
- Publicis Groupe consolidates Data Science, Programmatic and Media Tech with Zenith and Starcom, under a common leadership
- Here are the 7 Indians who will be a part of Cannes Lions Jury this year
- CBSE Class 10 board exams cancelled, Class 12 exams postponed as COVID-19 cases surge