Ireland to become privacy regulator for 300m Twitter users

DPC says it plans to hold talks with Twitter over implications of move

Twitter has told all of its non-US users, who make up 77 per cent of all accounts, that from May 18th its services will be provided by Twitter International Company, the entity behind its Dublin operations.  Photograph: Reuters

Twitter has told all of its non-US users, who make up 77 per cent of all accounts, that from May 18th its services will be provided by Twitter International Company, the entity behind its Dublin operations. Photograph: Reuters

 

The Laois office of the Data Protection Commissioner (DPC) will from next month assume responsibility for policing the privacy of about 300 million monthly Twitter users, after the company changed its terms of service so that all of its non-US users will have their tweets provided by its Irish subsidiary.

Twitter has told all of its non-US users, who make up 77 per cent of all accounts, that from May 18th its services will be provided by Twitter International Company, the entity behind its Dublin operations.

“Twitter International Company will be responsible for handling your account information under Irish privacy and data protection law,” Twitter said.

The DPC said on Friday it had only “short advance notice” of the move, which adds to the already-heavy workload of the regulator.

It is already responsible for policing much of the European privacy issues of other online giants such as Facebook and Google, who have their European headquarters here.

The regulator said it plans to hold talks with Twitter to discuss the implications of the move.

“We have... noted [TWITTER’S]reference to Irish law,” said the DPC. “We will commence an engagement with them in relation to privacy matters as we do with other entities who have declared their Irish entity as being responsible for privacy.”

The move means that any non-US Twitter user who wants to make a privacy or data protection complaint must first complain to authorities in Ireland, which has recently come under European scrutiny for a perceived lax regime.

The DPC, which recently had its annual budget doubled to €3.65 million, is now the effective European data regulator of first instance for most big internet companies.

European Union plans are in place, however, to create a cross-continental super-quango, the European Data Protection Board, to which users can take their case if they are unhappy with rulings from Ireland or any other European data regulator.

The move to create the pan-European board, which was heavily pushed by Germany, has created tensions between Ireland and other European countries.

It is being viewed as a means of removing some of the power of this country in online privacy matters and eroding Ireland’s attractiveness as a location for the operations of the internet giants.

Thomas de Maiziére, Germany’s interior minister, recently referred to the issue as it pertains to Ireland: “We don’t want to have the same disaster like we’ve seen in the financial system a few years ago.”

This was viewed in some quarters as a slapdown of Ireland and evidence that Germany is irritated with this country for an alleged light regulatory touch.

Dara Murphy, the minister of state for data protection, has previously suggested commentary such as that of Mr de Maiziére is “unfair and inaccurate”.

Max Schrems, an Austrian privacy campaigner, is currently embroiled in a civil suit with facebook in Vienna over claims that its terms of service and data collection policies violate EU law.

He suggested last week it would have been “madness” to pursue his complaint under Ireland’s regime.