Twitter fined half a million dollars for late data breach reporting
Better late than never? Not under GDPR.
Image: Jakub Porzycki / NurPhoto via Getty Images
Twitter has been issued a big fine for late reporting of a data breach under GDPR rules.
Irelandâs Data Protection Commission slapped a fine of â¬450,000 ($547,000) on the social media company for failing to report an issue â which saw protected tweets become unprotected for some Android users â within the legally required timeframe per Europe s General Data Protection Regulation.
The DPC made its final decision on Tuesday after an investigation that commenced in Jan. 2019. Following a data breach in the 2018 holiday period, Twitter did notify the DPC, but the commission found that the company had reported it outside the 72-hour statutory notice period required under GDPR, and in doing so, infringed Article 33(1) and 33(5) of the GDPR in terms of a failure to notify the breach on time to the DPC and a f