From The Blogroom:
Over the past year, a trend has emerged of increased government inquiries into the inner operations of social networks and other premier tech firms. The trend continued again on Thursday as data privacy regulators in Ireland are now opening up an investigation into Twitter’s data collection practices. Specifically, the regulators are looking into how much data Twitter receives from its URL-shortening system, t.co.
The Ireland Data Protection Commission is investigating the social network since they refused to provide their t.co web link tracking data to UK professor, Michael Veale. Their refusal to comply with the request is potentially a violation of the EU’s allowance for requests under GDPR. The privacy expert said that Twitter refused to cite an exception to GDPR for requests that required ‘disproportionate effort’.
By contrast, Veale believed that twitter was distorting the law in order to limit the information they handed over to the authorities. A new GDPR regulation, which was first enforced in May, requires that tech companies aim towards a more transparent relationship with user data and provide their customers with data privacy rights.
He also suspected that Twitter was recording private device information and timestamps every time people clicked on the shortened clink, and claimed that it was technically within the company’s aim to determine someone’s approximate location. Veale claimed that the investigation was a matter of exercising our “right to understand” how Twitter is using our personal information.
He then wrote to the relevant privacy regulator to see if Twitter was holding up some data. He complained to the Irish DPC rather than the British equivalent since Twitter’s European headquarters are in Dublin.
Now, it appears as though the investigation is in motion. First reported by Fortune, the official inquiry is in a letter sent to Veale from the office of the Irish Data Privacy Commissioner.
The letter reads:
“The DPC has initiated a formal statutory inquiry in respect of your complaint. The inquiry will examine whether or not Twitter has discharged its obligations in connection with the subject matter of your complaint and determine whether or not any provisions of the GDPR or the Data Protection Act have been contravened by Twitter in this respect.”...MORE
