Twitter is the latest internet giant facing scrutiny over its data transparency in Europe.
Ireland’s Data Protection Commission has launched an investigation into the social network after it declined to provide t.co web link tracking data to researcher Michael Veale, potentially violating the EU’s allowance for requests under the General Data Protection Regulation.
The privacy expert said Twitter rejected his request citing an exception to GDPR for demands that would involve “disproportionate effort.” Veale, however, believed that Twitter was misinterpreting the law to limit the information it handed over.
He believed that Twitter was recording device info and timestamps when people clicked the shortened links, and that it was technically feasible for the company to gauge someone’s approximate location. This was about exercising a “right to understand” what Twitter is doing with that info, Veale added.
Twitter has declined to comment. However, it’s new to GDPR disputes — Facebook and Google have faced complaints for a while. It could prove costly if the DPC and the EU’s Data Protection Board find that Twitter has violated the GDPR, though. It’s unlikely that Twitter would face a severe punishment, as officials would have to determine that this was a particularly serious violation. It could, however, force Twitter to comply with similar requests in the future.