In an effort to comply with GDPR, Twitter is blocking users who were underage when they signed up for the service – even if they’re now well over 18.
The company instituted a wave of account suspensions on 25 May, the day the new privacy regulation came into effect, locking the accounts of any user whose self-declared date of birth suggested that they may have been under 13 at the point they signed up for the account.
“I received a message saying my account was now locked, and would require parental consent in order to process my data, or my account will be deleted,” one user, who is 20, told the Guardian. He had signed up for an account in 2009 without entering a birthday, and then put a fake age in once the company introduced the ability to add that information, before recently updating it to his actual birthday.
Twitter declined to comment, but a source at the company confirmed that it now has a policy to retroactively lock accounts created by children. Since it does not have the tools to separate the content a user created while under 13 from content created when over 13, the Twitter source explained, it instead decided that the only way to comply with GDPR was to suspend users who have a date of birth that may mean they were under 13 when they signed up.
All is not lost for those users: Twitter is apparently working on a more permanent solution, and some former children online have reported being able to restore access to their accounts by repeatedly submitting documentation proving their current age.
The issue stems from stronger requirements under GDPR around data protection for children. GDPR mandates new ages of consent in the EU, and reinforces the previous minimum of 13. That means that some users, depending on location, will be able to restore access with parental consent, even if they are now adults in their own right, while others will not regain access to their account at all.
Twitter appears to be the only social network that has interpreted GDPR in this way. Snapchat, Facebook and Instagram were all unable to provide an immediate response to queries about their own application of the regulation, but none of the companies has enforced similar bans on users who are currently overage.