1 min read

Twitter Fined €450,000 Under GDPR Over "Protected" Settings Bug

Filip TRUȚĂ

December 16, 2020

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Twitter Fined €450,000 Under GDPR Over "Protected" Settings Bug

A bug in Twitter for Android discovered in late 2018 has come back to bite the microblogging company in the form of a hefty fine from the Data Protection Commission (DPC), the authority upholding EU citizens” data protection rights.

A press release from the commission this week says its investigation into Twitter, launched after a receipt of a breach notification, has found that Twitter infringed Articles 33(1) and 33(5) of the GDPR “in terms of a failure to notify the breach on time to the DPC and a failure to adequately document the breach.”

The commission has thus fined Twitter €450,000 ($550,000) “as an effective, proportionate and dissuasive measure.”

So what happened two years ago that led to this week”s penalty? As some users might remember, a bug in Twitter for Android discovered in late 2018 led to some users exposing their Tweets to the world thinking they were “protected” – the setting that allows a user to let only a specific set of followers see those Tweets.

In the Background section point 1.11 of the decision (PDF), the DPC explains the bug as follows:

“The personal data breach that is the subject of this Decision (“the Breach”) relates to a “bug” in Twitter”s design. A user of Twitter can decide if their tweets will be “protected” or “unprotected”. In the former case, only a specific set of persons (followers) can read the user”s protected tweets. The bug that resulted in this data breach meant that, if a user operating an Android device changed the email address associated with that Twitter account, their tweets became unprotected and consequently were accessible to the wider public without the user”s knowledge.”

Twitter would have handled the problem in due time, had it not been understaffed at the time, the social media giant said in a statement to TechCrunch.

tags


Author



Right now

Top posts

The Holiday Guide to Tech Support: Fixing the Family Computer

The Holiday Guide to Tech Support: Fixing the Family Computer

November 24, 2021

2 min read
Bitdefender Celebrates 20 Years of Cybersecurity Leadership

Bitdefender Celebrates 20 Years of Cybersecurity Leadership

November 04, 2021

3 min read
Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

October 26, 2021

3 min read
What are drive-by download attacks and how do you prevent them?

What are drive-by download attacks and how do you prevent them?

October 25, 2021

2 min read
Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

October 22, 2021

2 min read
Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals

Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals

October 20, 2021

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Half of consumers don’t follow up on data breach notification practices, do you? Half of consumers don’t follow up on data breach notification practices, do you?
Alina BÎZGĂ

November 23, 2021

2 min read
Unsecure Server Exposed 200 Million Records of Adult Webcam Models and Users Online Unsecure Server Exposed 200 Million Records of Adult Webcam Models and Users Online
Alina BÎZGĂ

November 19, 2021

2 min read
Don't Let Cybercriminals Steal Your Digital Thunder Don't Let Cybercriminals Steal Your Digital Thunder
Alina BÎZGĂ

October 29, 2021

2 min read