US technology company in a cross-border case
Critics say that two and a half years after its entry into force, the European Union’s new privacy law received the first fine for a US technology company in a cross-border case a delayed development.
The Irish Commission for the Protection of Data announced on Tuesday that Twitter Inc. imposed a fine of approximately $ 546,000 equivalent to 1.45% TWTR of € 450,000 for failing to properly document or notify the regulator within 72 hours of notification of a breach by the regulator. data released in January 2019, which revealed part of it. He said he gave. private tweets from users.
“We take responsibility for this error and are committed to protecting our customers’ privacy and data,” said Damien Kieran, Twitter’s chief privacy officer, and the delay in reporting an unexpected consequence of the number of employees between 2018 Christmas Day and New Year’s Day.
The case raises a problem because Facebook Inc. in Ireland is a company of Apple Inc. and Google from Alphabet Inc., the first case in a long chain of privacy lawsuits involving major U.S. technology companies. The Irish Data Commission is leading the implementation of the EU General Data Protection Regulation, or GDPR, for those with local headquarters in the country and other US businesses.
The Irish Data Commission took almost two years from start to finish to make a decision in the Twitter case; a fine of about five months for the commission and its counterparts in other EU countries for discussions on the jurisdiction, the scope of the investigation, and quantity. This is disappointing for some privacy activists and privacy regulators in the EU, as the implementation of the bloc is very slow.
“We’re reaching a tipping point where the AVG really needs to start complying,” said David Martin, senior legal officer at BEUC, an organization that brings together European consumer rights groups, a strong supporter of the law. . “If the application does not improve, the reliability of the whole system is at stake.”
France’s privacy regulator CNIL Google and Amazon
One sign of disappointment is that some other regulators are starting to enforce their own privacy cases using laws other than the AVG, said Paul Nemitz, senior adviser on justice policy at the European Commission, the EU’s executive. Last week, France’s privacy regulator CNIL Google and Amazon.com Inc. fined a total of $ 163 million for violating a separate rule called the ePrivacy Directive. This has enabled the CNIL to effectively circumvent power-sharing with other EU privacy regulators embedded in the AVG, known as the single window.
SHARE YOUR THOUGHTS
Do you think that the amount imposed on Twitter is sufficient? Why or why not? Join the conversation below.
“It is important that the CEO of Google and other technology companies correctly implement the AVG to protect the operation of the single window,” said Nemitz.
Helen Dixon, chairwoman of the Irish Data Protection Commission, responsible for upholding the AVG for Google, said that maintaining the AVG and the division of powers is ongoing work and that her office’s decisions are based on legal challenges. plan.
I’m satisfied No. The process did not work very well. I think it is too long, “said me. Dixon said about her Twitter case in an interview published at a technical conference earlier this month.”On the other hand, EU data protection officials are taking the first step in this process, so maybe it can only get better from here.”
An Irish Data Commission spokesman said his decision was the first to go through the GDPR dispute resolution process, and it is the first time an EU privacy regulator has consulted all EU colleagues on a decision regarding a major technology company.
The lawsuit stems from a vulnerability that was corrected in January 2019, which exposed the private tweets of some users for more than four years. Ireland’s investigation later revealed that the company’s data protection officer did not initially copy himself into an incident book, which led to the regulator being notified.
From the Archives
The European Union’s General Data Protection Regulations came into force on 25 May 2018. This video explains how it can affect you, even if you do not live in the EU.
In May 2020, after 15 months of investigation and at least four rounds of back-and-forth conversations with Twitter, the Irish Data Commission, as part of the prescribed comment process on Twitter, pr.
Thanks For Reading
More Read On Mynewsfit