zlacker

[parent] [thread] 9 comments
1. kingof+(OP)[view] [source] 2018-05-18 09:45:43
It takes time, and real money to be compliant, and getting slow on this quite plausibly can make one a repeat offender. You can, of course, say "don't be slow then", however, when for an out-of-EU entity (be it biz, or NGO) simple math doesn't show it is worth the effort, then it makes perfect sense to stop offering services to EU. Which is a side effect of the legislation. OP apparently understands it puts GDPR in a bad light, so he says about "overreaction" in every topic related, and this post is likely comes as the response to the latest one.
replies(3): >>DanBC+X2 >>matwoo+fd >>M2Ys4U+ye
2. DanBC+X2[view] [source] 2018-05-18 10:22:01
>>kingof+(OP)
But merely being a repeat offender isn't enough to trigger the maximum fine.

You'd have to be a consistant repeat offender, with no effort made at remediation, with no cooperation with the regulator, and probably handling sensitive or financial data.

Here's a list of recent actions taken. I think the current maximum fine is £500,000. Have a look through a few of these hopefully it's somewhat reassuring.

https://ico.org.uk/action-weve-taken/enforcement/

replies(1): >>kasey_+S4
◧◩
3. kasey_+S4[view] [source] [discussion] 2018-05-18 10:44:56
>>DanBC+X2
Note that this is the UK agency, you might see different behaviors if you scanned the Belgian regulators enforcement list.
replies(1): >>DanBC+Kc
◧◩◪
4. DanBC+Kc[view] [source] [discussion] 2018-05-18 12:27:49
>>kasey_+S4
Sure, but the people spreading FUD about this are not referencing anything at all.
5. matwoo+fd[view] [source] 2018-05-18 12:32:07
>>kingof+(OP)
> It takes time, and real money to be compliant, and getting slow on this quite plausibly can make one a repeat offender.

When I read things like this I realize how many companies are not treating user data as they should. Protecting user data should already be built into the company software and process.

Given FB revelations and additional scrutiny to Google, I see some form of this law coming to the US.

replies(2): >>DanBC+Ad >>kingof+Ei
◧◩
6. DanBC+Ad[view] [source] [discussion] 2018-05-18 12:34:28
>>matwoo+fd
Yes. We've had PECR for years. If companies are surprised by GDPR they're probably already violating PECR.

But, dispite this widespread non-compliance and fierce fines available to the regulators the sky hasn't fallen. Why do people think GDPR is sudden;y going to make things so much worse?

replies(1): >>kingof+Vk
7. M2Ys4U+ye[view] [source] 2018-05-18 12:43:38
>>kingof+(OP)
The whole world has had TWO YEARS to be compliant. "It takes time" is not an excuse.
replies(1): >>kingof+u11
◧◩
8. kingof+Ei[view] [source] [discussion] 2018-05-18 13:23:35
>>matwoo+fd
As a user I suppose they should do whatever satisfies me, and I'm not always need a bunch of populists from EU parliament, who can't write a clear text, run to save me, making field even more favorable for big corpos at the expense of SMEs, and small non-profits in the course of action.

>Given FB revelations and additional scrutiny to Google, I see some form of this law coming to the US.

That would be good news for the EU, of course. Even before GDPR, entrepreneurs were routinely advised to incorporate in US instead, and the legislation likely added incentives for that.

◧◩◪
9. kingof+Vk[view] [source] [discussion] 2018-05-18 13:41:32
>>DanBC+Ad
The OP reacts to news of businesses stopping serving EU, and those businesses are from outside of the Union. So PECR is not so relevant.

>dispite this widespread non-compliance and fierce fines available to the regulators the sky hasn't fallen

Don't you really see how absolutely wrong is this? When law is composed in a way which makes it in practice only selectively applicable, it leads to erosion of justice, and invites for corruption.

◧◩
10. kingof+u11[view] [source] [discussion] 2018-05-18 18:55:13
>>M2Ys4U+ye
I didn't see the text TWO YEARS ago. Did you?
[go to top]