The Baden-Württemberg state data protection officer Stefan Brink is withdrawing from the short message service Twitter. The news agency dpa said Brink that he would delete his account with around 5,400 followers as of January 31, 2020. Twitter was no longer compatible with his work as a data protection officer, as the service collected user data and processed it into user profiles for advertising purposes. Brink initially made his decision on December 30, 2019 announced on Twitter,
The background to this is a decision of the European Court of Justice (ECJ) on Facebook, which has now been applied to German law by the Federal Administrative Court. Accordingly, users of social networks such as Facebook and Twitter also share responsibility for how the data is handled. With their site or their account, they are a kind of door opener for the data collection of the corporations.
Abstinence for all authorities and companies?
According to the judgments, abstinence from social networks is not only mandatory for him as data protection officer, "but for all authorities and also private companies that use social media", The General Data Protection Regulation does not apply to private individuals. This year he would therefore first talk to authorities, especially ministries, and then also to companies. These could cause "that we may exercise our supervisory powers and order that, for example, authorities leave social media."
Brink now wants to communicate with Internet users via other channels, for example via non-commercial and decentralized networks such as Mastodon. Farewell to Twitter "already hurts"said Brink the dpa, "but we have to try to build a legitimate alternative."
Hope to give in to Twitter and Facebook
Brink had prepared an impact assessment at the end of 2017 in which he considered the use of Twitter to be unproblematic. At that time, however, the GDPR was not yet valid and the Facebook judgment of the Federal Administrative Court had not yet been made either. In data protection circles, however, the twittering of his supervisory authority was considered critical. In addition to the Federal Data Protection Officer Ulrich Kelber and the French and British data protection supervisory authorities, the European Data Protection Committee also maintains a Twitter account. This is also viewed critically, since the committee is currently preparing an opinion on the use of social media with invasive range analysis tools.
The regulatory authorities would not have to hold users responsible if the services they use, such as Twitter and Facebook, do not include non-transparent range analysis tools for users. However, the responsible data protection supervisory authority in Ireland has been refusing to clarify the issue directly with Twitter and Facebook for two years. The Irish authority is supported in its course above all by the supervisory authorities in small European countries such as Luxembourg or Malta, who want to prevent large states from interfering in their data business markets. Since each authority has one vote on the committee, the small states can outvote the large states like France and Germany, which want a clear course.
The hope of the German supervisory authorities, who have already clearly positioned themselves on the subject of shared responsibility on Facebook fan pages in the past few years, is that Facebook and Twitter will give in and make their service privacy-friendly as soon as it becomes clear that they will not tolerate use by authorities and companies , But for the time being, this ultimately failed data protection policy is carried out on the back of the users.