The European General Data Protection Regulation (GDPR) came into effect in May 2018. It requires organizations to give European users access to their data. Although several requirements are contained in the GDPR, such as machine-readable format and easily understandable information, these kinds of regulations leave flexibility on how to achieve them. In order to understand the past and the current practices emerging from the GDPR, we evaluate data exports from 2018 and 2023 of one reference account from the social media platform Twitter. We analyze the service’s compliance with the requirements of the GDPR, the changes within the time span, and the differences between accounts. To compare and verify the results, we incorporate the findings of data exports of four verification accounts. The results show that the information presented to the users is easier to understand with the present version. However, the data is not provided in a machine-readable format and additional files, such as more than 3,000 emoticons, are incorporated. In addition, not all practices are according to GDPR. Based on the results, the study suggests future research topics and practical improvements.    «

The European General Data Protection Regulation (GDPR) came into effect in May 2018. It requires organizations to give European users access to their data. Although several requirements are contained in the GDPR, such as machine-readable format and easily understandable information, these kinds of regulations leave flexibility on how to achieve them. In order to understand the past and the current practices emerging from the GDPR, we evaluate data exports from 2018 and 2023 of one reference acco...    »