Data Protection Commission opens inquiry into Twitter

Social media platform notified DPC of GDPR breach around personal data safeguarding

The Data Protection Commission (DPC) has confirmed it has opened a statutory inquiry into Twitter.

A DPC spokesman said the inquiry, which will examine a “discreet issue” relating to Twitter’s compliance with a specific article of General Data Protection Regulation (GDPR) legislation.

It was opened after the DPC received a breach notification in early January that related to a flaw on the Android operating system.

The spokesman said the inquiry would look into Twitter’s compliance with article 33 of the GDPR.


Article 33 of the regulations states that a breach must be referred to the commissioner within 72 hours and also sets out the amount and type of information that must be supplied with the notification.

The statement said Twitter was also being investigated in relation to its compliance with its obligations under the GDPR to implement technical and organisational measures to ensure the safety and safeguarding of the personal data it processes.

This investigation began in November 2018 after the DPC was notified by Twitter of a number of breaches since the introduction of GDPR.