Privacy International defends the right to privacy across the world, and fights surveillance and other intrusions into private life by governments and corporations. Read more »


What does Twitter know about its users? #NOLOGS

Inspired by the Europe v Facebook campaign and further motivated by revelations that individuals associated with WikiLeaks and the Occupy movements in Boston and New York have had their Twitter data disclosed to American law enforcement authorities, Privacy International is launching a campaign to encourage European data subjects to get access to the personal information that Twitter holds on them.

Our campaign aims to achieve two objectives: to help European citizens exercise their rights and to raise awareness about data retention policies. We hope that by raising awareness we can also gain clarity on what information Twitter collects and stores about its users, especially after the recent news that Twitter has been storing the full iPhone contact lists of users who choose to 'Find Friends'.

Here are step-by-step instructions for people based in the European Union to follow to discover what data Twitter has about them. The entire process takes just a few minutes.

1) Send an e-mail to privacy@twitter.com that includes the following text:

Subject Access Request

[Your mailing address]

[Date]

Twitter UK Ltd
100 New Bridge Street
London
EC4V 6JA
United Kingdom

To the Twitter UK Legal Department,

Re: [Your Twitter username]

This is a request to access my personal data under Section V of the Directive 95/46/EC, transposed in Section 7 of the UK Data Protection Act.

As a Twitter user based in the European Union I request records of the following:

All personal data that Twitter holds about me, inter alia
All logs of IP addresses associated with my account (because these are bound to my password-authenticated account and are thus identifiable)
Any records of the contacts stored on my mobile device that may have been collected by Twitter via the 'Find Friends' function, or any other information collected from a Twitter mobile client
Any records of disclosures of personal data to other parties, including law enforcement (such records of disclosures themselves constitute personal data)
I request this information to be delivered in machine-readable form, to the e-mail address registered to my Twitter account.

Data Subject Authentication

My name: [Insert your name]

My current Twitter handle: [Insert your current user name] (former usernames associated with this account are: [Insert any previous usernames if you've ever changed your handle])

My e-mail address: [Insert the e-mail address from which you're sending the request. It should be the same e-mail that's linked to your Twitter account]

Please inform me, prior to processing this request, if you require a fee to be paid.

I look forward to receiving this information within 40 days. If you have any queries or questions regarding my request, please contact me by e-mail.

Yours faithfully,

[Insert your name]


2) You will receive an auto-response from Twitter that says you "need to reply to this email in order to open a ticket for review". Just paste your original message in the reply. This will allow you to open a ticket.

3) Twitter should then contact you by e-mail with a more personalised message requesting that you send a fax with a signed request providing consent to disclose this information. This request must explicitly grant Twitter permission to disclose your information to you ("I consent to the disclosure of any and all personal information associated with my Twitter account, including log data, IP addresses, contact list information, data collected from my mobile device, and records of disclosure to law enforcement.").

Be sure to include your username (e.g. @privacyint) and the e-mail address on the account, along with a scanned copy of a government-issued photo ID. We disagree with the photo ID requirement, especially considering that many Twitter accounts are pseudonymous without a 'real' identity attached to them, but Twitter insists on seeing photo ID. To help protect your privacy, we encourage you to mark out all the information on your ID except your name and photo. They don't need to know your birthdate, place of birth, ID number, etc.

The Twitter fax number is +1 415 222 9958 (this includes the international prefix so you don't need to add it). If you don't have a fax machine there are free online services that you can use, but be sure to check out their privacy policies first.

4) Once Twitter receives the fax, they will send a 'request-for-consent' e-mail to the e-mail address of record for your account, to which you need to respond affirmatively. Once they receive this confirmation e-mail they will e-mail you your records.

5) When you get your data, have a look through it and try to understand what's there and what's not. In particular, for what period has Twitter retained your IP logs? Their privacy policy says they can store up to 18 months of information. Is there other personal data that you know Twitter has that it didn't disclose? Let us know what you discover, especially if you find anything odd or anomalous.

N.B. Thanks to @runasand for leading the beta run to help us work out the kinks.

Comments

Submitted by pogue25 (not verified) on

I just wanted to mention that there are some third party services available that access the Twitter API and can access some of the things you're asking Twitter directly what they have records for.

Tweetdownload.net will download all your old tweets, replies, mentions, etc. from Twitter and send it to you in an easy to read and formatted HTML file. This services is written by the same people who host the is.gd URL shortening service. Their ToS is rather non-specific though, so just FYI.

www.whendidyoujointwitter.com will tell you the date you joined Twitter.

If you want to wipe your Twitter account out, suicidemachine.org can do this for you. They used to have his service for Facebook as well, but FB forced them to stop.

Someone who is familiar with JSON could probably write a script to cleanup the query from Twitter's API directly (posted by D. ECKNAME) to show you what information its displaying about your username, but a lot of this will also be in your own personal settings inside Twitter.

But, basically, this request from Twitter pretty much confirms what we already know. Twitter saves everything you do and its logged and stays there indefinintely. Twitter claims it keeps records of tweets associated with your IP address for 18 months (you'll have to check a source for this, I don't have one handy). Whether or not Twitter tells you if they comply with law enforcement requests may not be valid. For example, US law enforcement agencies can request information under what is called a National Security Letter which requires any ISP to comply with the request and not tell anyone they are doing so. http://en.wikipedia.org/wiki/National_Security_Letter<br />
Whether or not these can be done to people outside of the US - I don't know, but I would guess most likely they can.

If your tweet is requested to be taken down in a copyright infringement issue, such as the US DMCA, it will be reported to ChillingEffects.org, operated by the EFF<br />
http://chillingeffects.org/twitter

[N.B. This comment was automatically migrated, without edits, from our old website. The timestamp above is the date of migration, not original posting.]

Submitted by Rin (not verified) on

worked fine for me. (Germany)

it took 4 weeks from my first mail to twitter until I received the data.

the only difficult thing was getting the fax through, I think I tried about a dozen times at different times of the day until it finally worked.

the zipped data is 2,4MB (17.000 tweets).

[N.B. This comment was automatically migrated, without edits, from our old website. The timestamp above is the date of migration, not original posting.]

Submitted by George Maschke (not verified) on

I also found the data I requested in my e-mail inbox this morning. It seems that the oldest IP data goes back to 1 February 2012.

This is the text of Twitter's response (excluding attached data files):

We're responding to your request for information about your Twitter<br />
account @georgemaschke. We've attached the following files:

- USERNAME-account.txt: Basic information about your Twitter account.<br />
- USERNAME-email-changes.txt: Any records of changes of the email<br />
address on file for your Twitter account.<br />
- USERNAME-tweets.txt: Tweets of your Twitter account.<br />
- USERNAME-favorites.txt: Favorites of your Twitter account.<br />
- USERNAME-dms.txt: Direct messages of your Twitter account.<br />
- USERNAME-contacts.txt: Any contacts imported by your Twitter account.<br />
- USERNAME-following.txt: Accounts followed by your Twitter account.<br />
- USERNAME-followers.txt: Accounts that follow your Twitter account.<br />
- USERNAME-lists_created.txt: Any lists created by your Twitter account.<br />
- USERNAME-lists_subscribed.txt: Any lists subscribed to by your<br />
Twitter account.<br />
- USERNAME-lists-member.txt: Any public lists that include your<br />
Twitter account.<br />
- USERNAME-saved-searches.txt: Any searches saved by your Twitter account.<br />
- USERNAME-ip.txt: Logins to your Twitter account and associated IP addresses.<br />
- USERNAME-devices.txt: Any records of a mobile device connected to<br />
your Twitter account.<br />
- USERNAME-facebook-connected.txt: Any records of a Facebook account<br />
connected to your Twitter account.<br />
- USERNAME-sources.txt: Links and authenticated API calls that<br />
provide information about your Twitter account in real time.

All our records are maintained in UTC, which is the same as GMT for<br />
time zone purposes. Any files or fields that are blank, or any files<br />
that have no content between the PGP header and signature block,<br />
indicate that no responsive records were found.

No records were found of any disclosure to law enforcement of<br />
information about your Twitter account. It is our policy to notify<br />
users of requests for their information prior to disclosure unless we<br />
are prohibited from doing so by statute or court order. For more<br />
information, please see our Guidelines for Law Enforcement at<br />
http://support.twitter.com/articles/41949-guidelines-for-law-enforcement...

We searched for the specific information identified in your request<br />
and have also provided other information associated with your Twitter<br />
account. We have not provided all information that may be related to<br />
you because of the difficulty of providing it, or because it may not<br />
be to you or may reveal the nonpublic information of another user or<br />
of Twitter. If there is other information that you are looking for,<br />
please let us know so that we can consider your request. Our Privacy<br />
Policy at http://twitter.com/privacy describes the information that<br />
Twitter may collect and use and the limited circumstances in which<br />
your private personal information may be shared.

Regards,

The Trust &amp; Safety Team<br />
Twitter, Inc., 795 Folsom Street, Suite 600, San Francisco, California 94107

[N.B. This comment was automatically migrated, without edits, from our old website. The timestamp above is the date of migration, not original posting.]

Submitted by D. Eckname (not verified) on

On 24 March I wrote another mail to Twitter, that I still didn't get my data. Three days later I got a zip-folder with 16 text files.

The text ist the same as Georg Maschke received. Of course my zip-file with the Twitter data is a little smaller (125 kB), because I tweet less.

Six of the textfiles are empty, too: contacts, facebook-connected, lists created and three others. That's reasonable for me, because I didn't use these services.

[N.B. This comment was automatically migrated, without edits, from our old website. The timestamp above is the date of migration, not original posting.]

Submitted by Angus (not verified) on

Hello,

I sent them a photocopy of the (risibly) required personal ID and it went through first time on a real fax, but they replied to say it wasn't legible and asked me to resend using one of the online services. That took two days and about 20 attempts before it got through. I had an email saying they would be "gathering" my data and would send them in due course. That was three weeks ago and since then I've heard nothing, despite emailing them to ask for an update. Is this normal, in the experience of those here who've been through the process?

Overall I've got the impression not that they're inundated with requests and too busy to process them promptly, but that their corporate policy position is that if they make the process as difficult, time-consuming and frustrating as possible, eventually most people concerned about the issue will forget about it.

Cheers,

Angus<br />
UK

[N.B. This comment was automatically migrated, without edits, from our old website. The timestamp above is the date of migration, not original posting.]

Submitted by Angus (not verified) on

My data arrived yesterday (March 27). Same format as that listed above. It appears that they've sent me every tweet I posted going back to joining the service in 2009, as well as all direct messages sent and received. I did register a phone number to the account for a while but removed it - they don't still have that information, which is reassuring (ie, that it implies that when the user deletes data from their servers, the company doesn't retain a copy).

This raises a number of issues which I've yet to fully think through, but my initial feeling was of partial relief in that the information I'd been most concerned about them retaining, from earlier press reports - data taken from my phone when I selected the option to link Twitter follower accounts with names in my address book - isn't included. That said, they do note that they may not have sent everything they hold, so it's possible that those data are held and they've for some reason declined to say so, possibly on the grounds that it's not "my" personal data so much as it's other people's. I'm going to write back at some point to try to clarify whether this is the case or not. Would be interested to hear if anyone else has got clarity yet on this issue.

Cheers,

Angus

[N.B. This comment was automatically migrated, without edits, from our old website. The timestamp above is the date of migration, not original posting.]

Submitted by Anonymous (not verified) on

I just done the process to test the strength of it.

It's a paradox that to get your personal data you have to give more data. But apart from that, this process could be faked if you gain access to your target e-mail account. Faking an ID through a fax machine is really easy and as I didn't send my ID in the first place to twitter, they have no clue if the photo is mine or not.<br />
So to retrieve someone twitter info you just have to gain access to the associated e-mail account...

They should erase associated data and keep only the message for a period you choose in your profile. But the data is worth money, no one is going to propose that. Anyway, we should keep in mind that what we post on Internet is public or can be made so.

[N.B. This comment was automatically migrated, without edits, from our old website. The timestamp above is the date of migration, not original posting.]

Submitted by Concerned (not verified) on

It is obvious tuat this will become a new exploit for hackers to obtain massive amounts of detail on individuals.

Submitted by D. Eckname (not verified) on

I’ve send my first request mail to Twitter UK Ltd yesterday morning at 11:18 CET (step 1). The response to open a request ticket came just a minute later. I answered that mail with a copy of my text at 11:26 CET (step 2).

In the evening at 18:49 CET (7 hours later) I got Twitter’s request to send a fax with a copy of my ID card. I tried to do so (step 3), but the fax at +1-415-222-9958 was busy at 22:30 CET (= 1.30 pm PST in San Franciso, where Twitter’s Trust and Safety Team is located).

I retried sending the fax just a moment ago (9:10 CET, 0:10 am PST), but the number still was busy. I’ll try it again in a couple of hours and will keep you informed.

PS: I come from Germany and use Twitter for about two years (≈ 940 Tweets, 66 Followers).

[N.B. This comment was automatically migrated, without edits, from our old website. The timestamp above is the date of migration, not original posting.]

Submitted by D. Eckname (not verified) on

Eventually I succeded in sending the fax on March the 1st, 13:00 CET. I also got the “request-for-consent” e-mail ten hours later and answered it (step 4). The Twitter Trust &amp; Safety Team wrote back that it takes some time to gather my data and that they will send them to me “when it’s ready”.

In their mail they also provided some ways to get information about my account via API, e. g.<br />
Account information:<br />
https://api.twitter.com/1/users/show.json?screen_name=USERNAME<br />
Your pending requests to follow accounts with protected Tweets:<br />
https://api.twitter.com/1/friendships/outgoing.json

(You have to be logged in and replace USERNAME with your actual username – without the @ sign)

I’ll write more about my data when I got them.

[N.B. This comment was automatically migrated, without edits, from our old website. The timestamp above is the date of migration, not original posting.]

Submitted by Anonymous (not verified) on

I've sent off a request substituting "Canada's Personal Information Protection and Electronic Documents Act (PIPEDA)" for "Section V of the Directive 95/46/EC, transposed in Section 7 of the UK Data Protection Act". I'll let you know how it goes.

Question: Does where requests get handled depend on residency or citizenship or both? I'm a Canadian resident and citizen, but I'm also a dual EU citizen, so not sure if I can make an EU request too.

[N.B. This comment was automatically migrated, without edits, from our old website. The timestamp above is the date of migration, not original posting.]

Submitted by pi (not verified) on

To be honest, we're not entirely certain how it will work out. It's worth trying nonetheless and seeing if this sets a precedent for other companies and countries.

It may be worth contacting the Canadian Privacy Commissioner for guidance on this as well. It all depends on whether Twitter believes you exist within a jurisdiction that matters legally to them.

[N.B. This comment was automatically migrated, without edits, from our old website. The timestamp above is the date of migration, not original posting.]

Submitted by @muqmeqe (not verified) on

Look's like Canadians can get their private data as well: just received my request for ID by fax, will be sending through on Monday by following the tips below. Thanks PI!

[N.B. This comment was automatically migrated, without edits, from our old website. The timestamp above is the date of migration, not original posting.]

Submitted by @muqmeqe (not verified) on

I received my records today, and here's what I found:

1) Twitter provided just under two months worth of IP logs, back to 01 FEB 2012. Whether they retained more...

2) I don't use my iOS device's contacts list, but I did put in a single dummy entry with a name and phone number and used the "Find Friends" feature before submitting my request to Twitter. The logs provided by Twitter included the dummy telephone number but not the dummy name.

3) Tweets went back 26 months.

4) There wasn't any information about disclosures of personal information to other parties, except to say no disclosures had been made to law enforcement.

My sense from @runasand and @_nomap is this is only a fraction of the data Twitter has. If that's the case, I may register a formal complaint with the Office of the Privacy Commissioner of Canada or the P.C. of British Columbia. In particular, I found this statement in Twitter's response troubling: "If there is other information that you are looking for, please let us know so that we can consider your request." Under Canadian legislation, its not up to me to specify - I can ask for any or all, and they are obligated to to provide.

*What do people think is missing from Twitter's disclosures?*

- - - - - - - -

Text of email reply from Twitter:<br />
We're responding to your request for information about your Twitter<br />
account @[...]. We've attached the following files:

- USERNAME-account.txt: Basic information about your Twitter account.<br />
- USERNAME-email-changes.txt: Any records of changes of the email<br />
address on file for your Twitter account.<br />
- USERNAME-tweets.txt: Tweets of your Twitter account.<br />
- USERNAME-favorites.txt: Favorites of your Twitter account.<br />
- USERNAME-dms.txt: Direct messages of your Twitter account.<br />
- USERNAME-contacts.txt: Any contacts imported by your Twitter account.<br />
- USERNAME-following.txt: Accounts followed by your Twitter account.<br />
- USERNAME-followers.txt: Accounts that follow your Twitter account.<br />
- USERNAME-lists_created.txt: Any lists created by your Twitter account.<br />
- USERNAME-lists_subscribed.txt: Any lists subscribed to by your<br />
Twitter account.<br />
- USERNAME-lists-member.txt: Any public lists that include your<br />
Twitter account.<br />
- USERNAME-saved-searches.txt: Any searches saved by your Twitter account.<br />
- USERNAME-ip.txt: Logins to your Twitter account and associated IP addresses.<br />
- USERNAME-devices.txt: Any records of a mobile device connected to<br />
your Twitter account.<br />
- USERNAME-facebook-connected.txt: Any records of a Facebook account<br />
connected to your Twitter account.<br />
- USERNAME-sources.txt: Links and authenticated API calls that<br />
provide information about your Twitter account in real time.

All our records are maintained in UTC, which is the same as GMT for<br />
time zone purposes. Any files or fields that are blank, or any files<br />
that have no content between the PGP header and signature block,<br />
indicate that no responsive records were found.

No records were found of any disclosure to law enforcement of<br />
information about your Twitter account. It is our policy to notify<br />
users of requests for their information prior to disclosure unless we<br />
are prohibited from doing so by statute or court order. For more<br />
information, please see our Guidelines for Law Enforcement at<br />
http://support.twitter.com/articles/41949-guidelines-for-law-enforcement...

We searched for the specific information identified in your request<br />
and have also provided other information associated with your Twitter<br />
account. We have not provided all information that may be related to<br />
you because of the difficulty of providing it, or because it may not<br />
be to you or may reveal the nonpublic information of another user or<br />
of Twitter. If there is other information that you are looking for,<br />
please let us know so that we can consider your request. Our Privacy<br />
Policy at http://twitter.com/privacy describes the information that<br />
Twitter may collect and use and the limited circumstances in which<br />
your private personal information may be shared.

Regards,

The Trust &amp; Safety Team<br />
Twitter, Inc., 795 Folsom Street, Suite 600, San Francisco, California 94107

[N.B. This comment was automatically migrated, without edits, from our old website. The timestamp above is the date of migration, not original posting.]

Submitted by Anonymous (not verified) on

"We have not provided all information that may be related to<br />
you because of the difficulty of providing it.." - can they really use that as a reason to not give you the information? Surely you are entitled to it or not (if you are European at least).

"..or because it may not be to you.." - what does that mean exactly?

[N.B. This comment was automatically migrated, without edits, from our old website. The timestamp above is the date of migration, not original posting.]

Submitted by @muqmeqe (not verified) on

Exactly. I ended up filing privacy complaints with the Privacy Commissioners of the Province of British Columbia and Canada. We'll see where it goes.

Submitted by George Maschke (not verified) on

I don't know whether a second e-mail from Twitter will be forthcoming, but this is the reply that I immediately received upon sending the e-mail request outlined in step 1 above. There is no request that I send a fax:

Hello,

Thanks for your request. This email address is for the following issues:

•Questions regarding privacy on Twitter, and specifically our Privacy Policy<br />
•Reports of underage users<br />
•Report of deceased users

If you have one of these privacy-related questions, you'll need to reply to this email in order to open a ticket for review.

We are unable to review or reply to other support requests sent to this address. For any other request (such as questions about hacked accounts, reports of trademark violations, copyright notices, or support questions), you'll need to submit a ticket at http://twitter.com/help/escalate.

Our Help Center is also a great resource for information about Twitter.

We cannot accept attachments at this time; please include all relevant information in the body of your request.

Thanks,<br />
Twitter Trust &amp; Safety

[N.B. This comment was automatically migrated, without edits, from our old website. The timestamp above is the date of migration, not original posting.]

Submitted by Christopher Soghoian (not verified) on

See Step 2 in the instructions above:

2) You will receive an auto-response from Twitter that says you "need to reply to this email in order to open a ticket for review". Just paste your original message in the reply. This will allow you to open a ticket.

[N.B. This comment was automatically migrated, without edits, from our old website. The timestamp above is the date of migration, not original posting.]

Submitted by George Maschke (not verified) on

It is almost 24 hours now since I followed (the updated) Step 2 above. Twitter has not yet replied.

[N.B. This comment was automatically migrated, without edits, from our old website. The timestamp above is the date of migration, not original posting.]

Submitted by Anonymous (not verified) on

Any word yet?

[N.B. This comment was automatically migrated, without edits, from our old website. The timestamp above is the date of migration, not original posting.]

Submitted by George Maschke (not verified) on

No, I have received no further communication from Twitter regarding my records request.

[N.B. This comment was automatically migrated, without edits, from our old website. The timestamp above is the date of migration, not original posting.]

Submitted by pi (not verified) on

There are possibly two options for explaining this as our previous requests were processed on the same day.<br />
1. They are overwhelmed with requests and need time to respond.<br />
2. They are rethinking whether they are willing to do this altogether.<br />
We'll follow up; in the meantime please do let us know if you hear anything.

[N.B. This comment was automatically migrated, without edits, from our old website. The timestamp above is the date of migration, not original posting.]

Submitted by George Maschke (not verified) on

On 24 February, I received the following e-mail response from Twitter Support (and I have followed through with the instructions):

Hi,

We've received your request for a copy of your information. First we need to check your identity to make sure we're giving your information to the right person. Please send us a fax to +1-415-222-9958 with:

- a statement authorizing disclosure of the specific information you're requesting<br />
- your Twitter support ticket number, if you submitted a ticket for your request<br />
- your Twitter username, e.g., @Safety or twitter.com/safety<br />
- the email address on file for your account, and<br />
- a scanned copy of your valid, government-issued photo ID

We use this information only to verify your identity, and we delete the copy of your photo ID once we've completed our check. If you don't have or don't want to provide your photo ID, we'll try to work with you on another way to confirm your identity. However, this will delay our ability to respond to your request.

After we get your fax with this information, we'll email the email address on file for your Twitter account to confirm your authorization. Once you respond affirmatively to that email, we'll gather the information you requested and send it to you when it's ready.

Regards,

The Trust &amp; Safety Team<br />
Twitter, Inc., 795 Folsom Street, Suite 600, San Francisco, California 94107

p.s. If you have further inquiries, feel free to write us directly at privacy@twitter.com. Twitter, Inc. is responsible for user information and responds to user questions about their information as a courtesy and good practice. Twitter UK does not control user information in the Twitter service.

[N.B. This comment was automatically migrated, without edits, from our old website. The timestamp above is the date of migration, not original posting.]

Submitted by Daniel M. (not verified) on

Are there any updates on this?<br />
I have sent the reply email on Friday morning and haven't got any response until yet.

[N.B. This comment was automatically migrated, without edits, from our old website. The timestamp above is the date of migration, not original posting.]

Submitted by Anonymous (not verified) on

The post has been updated to explain how to reply to the auto-response.

[N.B. This comment was automatically migrated, without edits, from our old website. The timestamp above is the date of migration, not original posting.]

Submitted by Terence Eden (not verified) on

I tried this a few weeks ago.

I got told "Twitter UK has no control or responsibility over the user information in the Twitter service and cannot respond to these sorts of requests."

I quickly blogged about it - http://shkspr.mobi/blog/index.php/2012/02/data-protection-and-twitter/

[N.B. This comment was automatically migrated, without edits, from our old website. The timestamp above is the date of migration, not original posting.]

Submitted by Christopher Soghoian (not verified) on

Two people beta tested this subject access request before PI published it. It does work.

You could either email their legal team to remind them of their obligations under the law, or simply appeal to the UK Information Commissioner.

Perhaps the folks at PI can give you some additional advice.

[N.B. This comment was automatically migrated, without edits, from our old website. The timestamp above is the date of migration, not original posting.]

Submitted by pi (not verified) on

Yes, it does work. Twitter may not enjoy having to respond to Subject Access Requests, but they must. Failure to do so could lead to a complaint to the UK regulator (as the Facebook case led to a complaint to the Irish regulator).

The two test cases with Twitter resulted in similar results.

[N.B. This comment was automatically migrated, without edits, from our old website. The timestamp above is the date of migration, not original posting.]

Submitted by Christopher Soghoian (not verified) on

Just because you don't live in the EU, doesn't mean you should miss out on all the fun.

I sent in a slightly modified version of this request, using this paragraph in the introduction:

This is a request to access my personal data which would be provided to EU residents under Section V of the Directive 95/46/EC, transposed in Section 7 of the UK Data Protection Act. I am not an EU resident, but a US resident. However, I am confident that Twitter will provide US residents with the same degree of transparency as it is required to provide its users located in the EU. Should Twitter not wish to do this, I will be sure to inform my elected representatives.

[N.B. This comment was automatically migrated, without edits, from our old website. The timestamp above is the date of migration, not original posting.]

Submitted by Anonymous (not verified) on

Hi there

how can someone in, say India access this information?

schizo

[N.B. This comment was automatically migrated, without edits, from our old website. The timestamp above is the date of migration, not original posting.]

Submitted by pi (not verified) on

It's worth trying regardless of your country. We can't tell what the results will be until it's tried, so please let us know!

And anyways, India may want to consider creating a privacy law to enable these rights for its citizens.

[N.B. This comment was automatically migrated, without edits, from our old website. The timestamp above is the date of migration, not original posting.]

Submitted by Anne Helmond (not verified) on

Thank you for providing the information on how to request my own data with Twitter. I received my data, after three weeks, yesterday and blogged about it: http://www.annehelmond.nl/2012/04/17/what-does-twitter-know-about-me-my-...

This was picked up today (also in combination with Tim Berners-Lee's call in the Guardian to request our data with Facebook and Google) by one of the major Dutch newspapers, NRC, who wrote an article about it: http://www.nrc.nl/nieuws/2012/04/18/50-mb-aan-tweets-adressen-en-al-je-n...

Submitted by @wiselar (not verified) on

I'm from Kenya and wondering how I can get this data in my country. Anyone willing to share their U.K address I could use?

Submitted by Barcar0ssa (not verified) on

I foillowed your instructions and everything went as expected until I sent the fax. I didn't get the requested information and when I sent an e-mail to ask when they will send it to me, the - automatic - reply was that my request had been closed and I needed to open a new one.

Am I the only one who got this reply (and no information)?

Thanks.

Submitted by Daniel Owen (not verified) on

They're obviously getting a lot more of these requests and have automated their internal processes a little because from my initial email request to receiving all the data (including all the email and fax stages in between) took less than nine hours. I used Freepopfax to send the fax - sorry, no idea what their privacy policies are.

Add new comment