Twitter fined €450,000 for GDPR violations by Irish DPA

According to The Verge, the Irish Data Protection Commission (DPC) has fined Twitter €450,000 over a data breach it disclosed back in January 2019. The DPC has found that Twitter infringed Article 33(1) and 33(5) of the EU’s General Data Protection Regulation (GDPR) in terms of a failure to notify the breach on time and a failure to adequately document the breach. The draft decision in this inquiry, having been submitted to other data protection authorities in the EU under Article 60 of the GDPR, was the first one to go through the Article 65 (“dispute resolution”) process since the introduction of the GDPR.