Reply to post: Re: muddy the waters

Twitter: No, really, we're very sorry we sold your security info for a boatload of cash

Nick Ryan Silver badge

Re: muddy the waters

Tha's how I read it too. I read it that Twitter generated a list of advertising targets, twitter account identifiers, having been given a list of various identifiers to try and produce this list. This externally provided list included telephone numbers and email addresses and while it would have been acceptable, to varying degrees of acceptable, to match these to published Twitter account profile records, it was definitely not acceptable to match these against data provided solely for the purpose of account recovery and verification. In other words, while Twitter is correct in that they did not provide these personal details to an external organisation (advertiser) they did process the provided personal data in a manner which was contra to its intended and published and agreed purpose and therefore the processing was in violation of the GDPR. Even if Twitter did not provide the list of advertising targets externally, which I'm reasonably sure that they didn't, the abuse of the personal data that was not provided for this purpose is the issue.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon


Biting the hand that feeds IT © 1998–2019