The DPC has this week opened a new statutory inquiry into the latest data breach it received from Twitter on 8 January, 2019.
Twitter’s lead regulator in the European Union, the Irish Data Protection Commissioner (DPC), said on Friday it was investigating the company for a breach notification received from the social networking site.
“The DPC has this week opened a new statutory inquiry into the latest data breach it received from Twitter on 8 January, 2019,” said the Commission in a statement posted on its website.
“This inquiry will examine a discreet issue relating to Twitter’s compliance with Article 33 of the GDPR.”
“We actively notify the Office of the Irish Data Protection Commissioner and the public of these issues as appropriate,” Twitter said in a statement on Friday.
“We are fully committed to working with the Data Protection Commissioner’s Office to improve the already strong data and privacy protections we offer to the people who use our services.”
Article 33 of the EU’s General Data Protection Regulation states that a personal data breach must be referred to the commissioner within 72 hours after becoming aware of it, and sets out the amount and type of information that must be supplied with the notification.
Under the new GDPR European privacy regulations, which came into effect in May, breaking privacy laws can result in fines of up to 4 percent of global revenue or 20 million euros ($22.82 million), whichever is higher, as opposed to a few hundred thousand euros previously.
The DPC has been investigating Twitter since November for a number of other breach notifications received from the company since the introduction of the GDPR.
BRUSSELS (Reuters) - Europe’s data protection regulators have received more than 95,000 complaints about possible data breaches, eight months after the adoption of a landmark EU privacy law, the European Commission said on Friday.
The General Data Protection Regulation (GDPR) gives new powers to privacy enforcers, allowing them to levy fines of up to 4 percent of global revenue or 20 million euros ($23 million), whichever is higher.
Last week, the French data protection watchdog slapped a 50 million euro fine on Alphabet-owned Google for failing to properly obtain users’ consent for personalized ads, the largest sanction under GDPR rules to date.
More penalties could come as Europeans become more aware of their rights, EU digital chief Andrus Ansip, European Commission Vice President Frans Timmermans, EU justice chief Vera Jourova and EU digital economy commissioner Mariya Gabriel said in a joint statement.
“What is at stake is not only the protection of our privacy, but also the protection of our democracies and ensuring the sustainability of our data-driven economies,” they said.
The majority of the complaints focused on telemarketing, promotional emails and video surveillance by closed-circuit televisions. Privacy regulators have opened 225 investigations to date.