Ireland's DPC is the lead regulator for the EU.
"The draft decision focusses on whether Twitter International
Company has complied with Articles 33(1) and 33(5) of the GDPR," the DPC in a statement.
Twitter may be the first big technology firm to face a fine over tougher data protection
rules after the European Union's new law that came into force in May 2018. Twitter is the subject of two of the 20 other inquiries the DPC had open into big tech firms at the end of 2019. Facebook has come under the most scrutiny, with eight individual probes and two are into WhatsApp and one into Instagram.
The new rules give regulators the power to impose fines of up to four per cent of a company's global revenue, or 20 million euros ($22 million), whichever is higher. The DPC Commissioner Helen Dixon said recently the first cross border decisions would be coming "early" in 2020.
The DPC is currently dealing with at least 20 cross border investigations, with active probes into Apple, Facebook, Google, Instagram, LinkedIn, Tinder, Verizon and WhatsApp. Twitter in 2018 faced an investigation by the privacy regulators in Ireland over data collection in its link-shortening system.
Privacy regulators launched an investigation into exactly how much data Twitter collects from t.co, its URL-shortening system.