zlacker

[return to "GDPR: Don't Panic"]
1. frereu+N2[view] [source] 2018-05-18 08:33:10
>>grabeh+(OP)
For those of you understandably intimidated by the GDPR regulations themselves, here's a good summary in plain English: https://blog.varonis.com/gdpr-requirements-list-in-plain-eng...

The UK's ICO also has a good structured summary: https://ico.org.uk/for-organisations/guide-to-the-general-da...

In general I agree with the sentiments in this article. I've probably spent a total of three to four days reading around the GDPR and I don't really see what's special about this law other than it's imposing decent standards on what was in effect a wildly unregulated industry in people's personal data. If you have a broad distrust of any government activity then I suppose any new laws with "fines up to €X" might feel like "I run a small site on a Digital Ocean droplet and I'm at risk of a €2m fine out of the blue." But that doesn't make it true.

◧◩
2. danthe+z4[view] [source] 2018-05-18 08:54:26
>>frereu+N2
The amount of discretion and lack of clarity in the penalties is part of the problem. It opens you up to risk based on the whims of politics and the regulators and increases uncertainty. Laws should be clear, limited, and understandable - this is not.
◧◩◪
3. lyscho+T6[view] [source] 2018-05-18 09:21:21
>>danthe+z4
The law says that the fines should be "effective, proportionate and dissuasive". That gives companies ample room to challenge a fine that is way out of proportion to the damages caused to their users.
◧◩◪◨
4. omgint+Od[view] [source] 2018-05-18 10:43:20
>>lyscho+T6
You say this as though "challenging a fine" were trivial.

After countless months spent in a courtroom and tens of thousands of Euros in legal fees, even if you win, you lose.

[go to top]