BreachExchange mailing list archives
Dublin Circuit Court confirms €450,000 fine for Twitter delay in reporting data breach
From: Terrell Byrd <terrell.byrd () riskbasedsecurity com>
Date: Wed, 20 Oct 2021 11:41:25 -0400
https://www.jurist.org/news/2021/10/dublin-circuit-court-confirms-e450000-fine-for-twitter-delay-in-reporting-data-breach/ The Dublin Circuit Court (DCC) on Monday confirmed the Irish Data Protection Commission (DPC) decision to fine Twitter €450,000 for its delay in reporting a data breach. The fine, imposed in 2020, was implemented when Twitter failed to report a General Data Protection Regulation (GDPR) data breach in enough time. The breach related to Android users who had changed their settings to make tweets private and could have had their data exposed due to a bug. It was found that the delay in reporting this breach infringed Article 33 (1)(5) of the GDPR. Article 33(1) requires the “controller” to report any personal data breaches within 72 hours of becoming aware of the breach. Article 33(5) further states that the controller must report personal data breaches. The inquiry, which began in January 2019, found that Twitter failed to notify the breach and adequately document it. The fine imposed by the DPC was to act as a deterrent to further breaches of GDPR. The DCC confirmed the legitimacy of the fine, in line with section 143 of the Data Protection Act 2018. This case was one of the first media giants to go through the Article 65 dispute resolution process since the introduction of the European Data Protection Board published decision.
_______________________________________________ BreachExchange mailing list sponsored by Risk Based Security BreachExchange () lists riskbasedsecurity com If you wish to Edit your membership or Unsubscribe you can do so at the following link: https://lists.riskbasedsecurity.com/listinfo/breachexchange
Current thread:
- Dublin Circuit Court confirms €450,000 fine for Twitter delay in reporting data breach Terrell Byrd (Oct 21)