The DPC also plans to refer the matter to the European Data Protection Board. Kaur noted that X, already with a history of GDPR non-compliance, now faces heightened pressure to improve data protection practices, enhance transparency, and restore user trust, particularly in Europe.
The DPC’s actions also underscore a broader trend of stringent data protection enforcement across the EU, signaling regulators’ readiness to take swift and decisive measures against perceived GDPR violations. This move sets a significant precedent for future cases.
“Meta, for instance, halted its AI training plans in June following GDPR complaints, demonstrating the regulatory pressure on tech companies to comply with data privacy laws,” Kaur said. “The involvement of the European Data Protection Board indicates that this issue may influence data protection policies and enforcement strategies across the EU.”
