'Another day, another social media platform issuing an apology for sharing users’ data without permission. Twitter is the latest to “discover” that some of its settings went awry and shared private information for ad targeting.
In a blog post on Tuesday, Twitter admitted that it had recently “found issues” which meant that users’ settings choices “may not have worked as intended” and personal data was consequently shared with advertisers. But since it was kind enough to apologize, it looks like Twitter thinks it should all just be water under the bridge.'
You trust us to follow your choices and we failed here. We’re sorry this happened, and are taking steps to make sure we don’t make a mistake like this again.
— TwitterSupport (@ITwitterSupport Aug 7th, 2019
The company said it resolved the issue on August 5, but didn’t mention when exactly it “realized” that it was sharing its users data without consent, only saying that it had been “recently.” That’s a crucial point, because according to TechCrunch, it may indicate that Twitter is in breach of Europe’s GDPR framework, which came into effect in May 2018 (around the same time Twitter says the issues occurred), and which mandates disclosure of data breaches.
The glitch meant that people who clicked on or viewed ads for mobile applications and then interacted with that application “may have” had certain data shared with the company’s advertising partners, “even if you didn't give us permission to do so.”
Users may also have been shown ads “based on inferences we made about the devices you use.” In plain English, that means Twitter may have shown users ads based on their interests, which were tracked unknowingly.
Read more: Oops! Twitter ‘sorry’ for sharing user data with advertisers without permission. What’s new?