First major EU GDPR decision soon on Twitter, Facebook data practices

Ireland's Data Protection Commission (DPC), which looks into big tech companies and their data practices, submitted a preliminary decision in a probe into Twitter whether it complied with the General Data Protection Regulation (GDPR) to other member states of the European Union (EU).

The Twitter probe is related to a bug in its Android app in 2019, where some users' tweets were made public. The Irish watchdog also also sent a preliminary decision to Facebook-owned WhatsApp for their submissions and made further progress in three other investigations related to Facebook, news agency IANS reported. 

Ireland's DPC is the lead regulator for the EU.

"The draft decision focusses on whether Twitter International Company has complied with Articles 33(1) and 33(5) of the GDPR," the DPC in a statement.

Twitter may be the first big technology firm to face a fine over tougher data protection rules after the European Union's new law that came into force in May 2018. Twitter is the subject of two of the 20 other inquiries the DPC had open into big tech firms at the end of 2019. Facebook has come under the most scrutiny, with eight individual probes and two are into WhatsApp and one into Instagram.

The new rules give regulators the power to impose fines of up to four per cent of a company's global revenue, or 20 million euros ($22 million), whichever is higher. The DPC Commissioner Helen Dixon said recently the first cross border decisions would be coming "early" in 2020.

The DPC is currently dealing with at least 20 cross border investigations, with active probes into Apple, Facebook, Google, Instagram, LinkedIn, Tinder, Verizon and WhatsApp. Twitter in 2018 faced an investigation by the privacy regulators in Ireland over data collection in its link-shortening system.

Privacy regulators launched an investigation into exactly how much data Twitter collects from t.co, its URL-shortening system.