After Facebook and Snapchat, it's Twitter's turn to find itself once again in the middle of a scandal linked to the use of the personal data of its users. The social network of 330 million Internet users announced in the night from Tuesday to Wednesday that personal data of its users had been used for advertising purposes since May 2018 without their explicit consent.
The network said the error was corrected Monday and an investigation is underway to determine how many users may have been affected. He advises users to review their data sharing settings.
"Passwords or email addresses" are not affected
"Since September 2018, we have been able to show you ads based on deductions we have made from the device you use, even if you have not given us permission," said the social network in a statement. explanatory note posted on its online help center ( document in English ). According to Twitter, this concerns two particular cases: if a user has watched or clicked on an advertisement for a mobile application on the one hand, or by sending advertisements based on the device used to connect to the network on the other hand .
"The data involved remained in the hands of Twitter and did not include information such as passwords or email addresses," Twitter continued. The company, which apologizes to the users concerned, ensures that the "steps necessary to ensure that it does not happen again" are implemented, and invites users to contact their data protection office via a form.
A use framed by the RGPD
These two problems, related to the respect of the explicit consent of the users in the use of their personal data, appeared after the entry into force of the European Data Protection Regulation (RGPD) in May 2018.
In particular, the RGPD requires platforms and websites to ensure the explicit consent of users to collect their data, in particular for advertising targeting purposes and when such collection is for third parties.
The RGPD also obliges any company victim of a loss of personal data to inform the competent authorities of the country where its European headquarters is located, Ireland regarding Twitter, within 48 hours after the discovery of this leak, and the people concerned as soon as possible.