Skip to content

Turkish data authority slaps X with fine for misusing user data

X The new logo of Twitter is seen in this illustration taken, July 24, 2023. (Reuters Photo)
By Newsroom
Nov 14, 2024 11:50 AM

The Turkish Personal Data Protection Authority (KVKK) has fined social media platform X for misusing user data. X collected personal data for security purposes but then used it for targeted advertising.

The authority imposed ₺1.47 million ($42,774) administrative fine on X, citing violations of data security regulations.

KVKK initiated an investigation following reports, including a statement on X’s website, revealing that email addresses and phone numbers collected for “security and safety purposes” were inadvertently used for advertising.

The authority concluded that X had not implemented the necessary technical and administrative measures to ensure adequate security in line with Türkiye’s Personal Data Protection Law No. 6698.

Data authority warns of potential third-party access

The KVKK expressed concern that personal data collected for security purposes might have been accessed by third parties.

Given the large number of X users in Türkiye, the authority determined that this data usage violated fundamental data protection principles, specifically “compliance with law and good faith” and “limitation to purpose.”

Last Updated:  Nov 14, 2024 1:55 PM