Twitter international company ULC – Court Ruling (Netherlands, 2024)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
The data subject is a user of the platform X (formerly known as Twitter) of which the controller is Twitter International Company ULC. On 11 October 2023, the controller temporarily restricted ("shadowbanned") the account of the data subject, for posting a message that included the word “child pornography”. The message read: “The chats of hundreds of millions of people will soon be scanned to detect a relatively small number of criminals, no matter how bad. Strong criticism of European plans against child pornography: 'Not proportionate'” [link to a newspaper article].The controller automatically detected the post as potentially violating their policy. The shadowban meant that the data subject's account and posted messages temporarily did not appear in searches or on the timeline of other users. The controller did not notify the data subject of the shadowban. The data subject only found out through other users that told him they could not find his account. Subsequently, the data subject did an access request on 13 October 2023, to, amongst other things, understand what the shadowban entailed and why this happened. On 16 October 2023, the controller lifted the restriction after an additional review. This was also not communicated to the data subject. On 14 November 2023, the controller responded to the access request, and referred to various sections of their privacy policy in response to the data subject's questions. On 17 November 2023, the data subject initiated proceedings by application (“verzoekschriftprocedure”) at the District Court of Amsterdam (“Rechtbank Amsterdam”). The data subject requested the court to order the controller to respond to his access request under Article 15 GDPR, and his request for information on automated decision-making under Article 22 GDPR. The data subject also requested the court to impose a penalty of € 4.000 on the controller for every day it did not comply. The controller argued that they complied with the data subject’s
GDPR Articles Cited
The data subject is a user of the platform X (formerly known as Twitter) of which the controller is Twitter International Company ULC. On 11 October 2023, the controller temporarily restricted ("shadowbanned") the account of the data subject, for posting a message that included the word “child pornography”. The message read: “The chats of hundreds of millions of people will soon be scanned to detect a relatively small number of criminals, no matter how bad. Strong criticism of European plans against child pornography: 'Not proportionate'” [link to a newspaper article].The controller automatically detected the post as potentially violating their policy. The shadowban meant that the data subject's account and posted messages temporarily did not appear in searches or on the timeline of other users. The controller did not notify the data subject of the shadowban. The data subject only found out through other users that told him they could not find his account. Subsequently, the data subject did an access request on 13 October 2023, to, amongst other things, understand what the shadowban entailed and why this happened. On 16 October 2023, the controller lifted the restriction after an additional review. This was also not communicated to the data subject. On 14 November 2023, the controller responded to the access request, and referred to various sections of their privacy policy in response to the data subject's questions. On 17 November 2023, the data subject initiated proceedings by application (“verzoekschriftprocedure”) at the District Court of Amsterdam (“Rechtbank Amsterdam”). The data subject requested the court to order the controller to respond to his access request under Article 15 GDPR, and his request for information on automated decision-making under Article 22 GDPR. The data subject also requested the court to impose a penalty of € 4.000 on the controller for every day it did not comply. The controller argued that they complied with the data subject’s
Outcome
Court Ruling
A ruling by a national court on a data-protection matter.
Related Cases (0)
No other cases found for Twitter international company ULC in NL
This is the only recorded case for this entity in this jurisdiction.
Details
About this data
Cite as: Cookie Fines. Twitter international company ULC - Netherlands (2024). Retrieved from cookiefines.eu
Last updated: