zlacker

Are you sure there is a line between the tech companies and the governments? We’re in the middle of a massive intelligence scandal here in Denmark. Which at its core is about how a couple of high level figures might’ve leaked that our own government is sharing all our internet data with the US “illegally”. I put “illegally” in quotes because it’s not technically illegal for the US to use surveillance on us. Just like it’s not illegal for our secret police to gain access to US surveillance, which means that our secret police can use surveillance against Danish citizens indirectly even though it would be illegal for them to do so directly.

In the post Snowden world it’s hard to imagine that any massive tech service isn’t hooked directly into the NSA or that it’s being used for what isn’t exactly illegal surveillance but sort of is.

Not that you’re wrong of course, but I think we should still work on both issues. Even if you look at the EU the agencies which are working to protect and destroy our privacy aren’t the same. So it’s very possible to support one and not the other. Similarly I think we should absolutely crack down on tech company surveillance. What I don’t personally get is why it stops with Meta. Let’s not pretend TikTok and the others aren’t doing the exact same thing. I also think we should keep in mind that the consumer agencies aren’t only doing it to protect our privacy, they are also doing it to protect our tech industry, so it’s not exactly black and white, but I really don’t think we should stop just because other parts of the EU are also evil.

I’m also not convinced that they are doing a good job distracting anyone. Within the EU NGOs there is far more focus on end-to-end encryption and keeping our privacy safe from governments, especially in countries like Germany.

>>devjab+(OP)
> they are also doing it to protect our tech industry

Indeed. And due to the fact that such an industry basically doesn't exist, they are able to introduce such regulation.

>>devjab+(OP)
> they are also doing it to protect our tech industry

With these laws in place, EU companies face worse conditions than US ones. They may be protecting some bigger EU companies, but they definitely aren't protecting our IT industry.

GPDR was an annoyance for Google, and a complete disaster for anyone small(think companies that can't hire a Chief Data Protection Officer to work full time)

There's a good rationale for placing restrictions and rules on data privacy, but there are also some very ignorant and destructive decisions.

>>JAlexo+ZF
I've never had any real problems with this (as a developer). The GDPR isn't that hard to deal with, mostly its quite intuitive and obvious. The spirit of the law is simple, you need a good reason to have data on your customer, and the customer needs to know and consent to you having it, and remain in control in the sense that you must delete it on request. That is the core, which is very reasonable.

Of course, there is tons and tons of legalese, edge cases, interpretations etc. But if you abide by and implement these basic principles, especially as a small company, you can be quite confident you won't run into any real problems.

If you kind of cared about your customer data in the first place as part of your company culture, its not that hard to adapt. Maybe some really careless companies had a hard time. There must have been some kafkaesque situations killing small companies no doubt, but honestly I haven't heard of them. I only hear Americans complain about it.

To me, this means the law is just right.

>>Lutger+AR
GPDR, specifically, expanded the definition of personal data.

If you work in a B2C publicly accessible sector, I can assure you - you store more PII than you'd like to believe.