This story seems to have largely unreported by the UK media and it was a Russian online newspaper – RT which flagged the news that Twitter admitted that it had recently “found issues” which meant that users’ settings choices “may not have worked as intended” and personal data was consequently shared with advertisers. But since it was kind enough to apologize, it looks like Twitter thinks it should all just be water under the bridge.
You trust us to follow your choices and we failed here. We’re sorry this happened, and are taking steps to make sure we don’t make a mistake like this again.
We recently discovered and fixed issues related to your settings choices for the way we deliver personalized ads, and when we share certain data with trusted measurement and advertising partners. We want to share more context around this with you: https://t.co/jDn5zeWVwU— Twitter Support (@TwitterSupport) August 6, 2019
The company said it resolved the issue on August 5, but didn’t mention when exactly it “realized” that it was sharing its users data without consent, only saying that it had been “recently.” That’s a crucial point, because according to TechCrunch, it may indicate that Twitter is in breach of Europe’s GDPR framework, which came into effect in May 2018 (around the same time Twitter says the issues occurred), and which mandates disclosure of data breaches.
The glitch meant that people who clicked on or viewed ads for mobile applications and then interacted with that application “may have” had certain data shared with the company’s advertising partners, “even if you didn’t give us permission to do so.”
Users may also have been shown ads “based on inferences we made about the devices you use.” In plain English, that means Twitter may have shown users ads based on their interests, which were tracked unknowingly.