Five months following the launch of the GDPR (General Data Protection Regulation), Twitter becomes the target for the first time. The social network has refused to tell a researcher how its data was used.
Google and Facebook have led the way and are already investigated by European regulators. All regarding mishaps in the GDPR. It is no surprise that Twitter has joined them. Those three companies are the biggest users of private data and those that have the most secretive privacy policies (prior to GDPR). They were under high scrutiny.
A bonus cookie in the web-browser
A private data protection researcher from University College London, Michael Vaele, suspects Twitter to gather more private data through the use to URL shortener service « t.co ». When the user clicks on the shortened link, the social network places a few more cookies.
To be sure, the researcher asks Twitter for details. He asks for a complete set of the collected data, especially those coming from « t.co » which is possible since the GDPR. Twitter refused. The efforts needed would be « disproportionate ».
A complaint filed against Twitter with the Irish data protection authority
Twitter insists the GDPR allows such exceptions. Michael Vaele believes the exception cannot be brought forward for such a demand. He, therefore, files a complaint with the Irish Data Protection Authority.
An inquiry was launched and many will await the conclusions. It will rule on the legitimacy of the request of the researcher. But most of all, it will probably enlighten us on the data collection from « t.co ».