European privacy regulators are unlikely to issue a final ruling on Twitter’s handling of a 2019 data breach before the end of the year, Ireland’s data commissioner said.
Under the General Data Protection Regulation, the European Union’s 2018 data privacy law, Twitter faces a fine of up to 2% of its global revenue last year, or roughly $69 million, for failing to disclose the breach within 72 hours.
Helen Dixon, head of Ireland’s Data Protection Commission, in May submitted a draft decision to more than two dozen of the bloc’s privacy regulators for review, as required under the law. Eleven regulators objected to the proposed ruling, sparking a lengthy dispute-resolution mechanism, she said. The contents of the draft decision haven’t been disclosed.