[EpicEng]

I don't think GDPR compliance is as onerous as you seem to think it is, but even if it were, would it matter? We don't give special provisions to start ups writing safety critical code or developing new health care technology, why would this be any different?

There's nothing inherently wrong with a high bar to entry if that bar exists for a very good reason. If it were hard to break into this space due to regulation (I don't believe it is or will be) then yes, competition will be less, but the alternative is worse.

[AnthonyMouse]

> We don't give special provisions to start ups writing safety critical code or developing new health care technology, why would this be any different?

Safety critical code and health care technology are life and death situations.

It's also important to understand that the regulations in those sectors have destroyed (or deterred) an incredibly large number of startups, and the net lives saved as a result is quite likely negative because the value of life-saving technological advances generally exceeds the cost of mistakes in developing them.

People have severe emotional reactions to this. A doctor's experiment may kill fifty already-terminal patients but uncover a cure that goes on to save five million. But the families of the fifty dead patients can blame a specific person for their deaths while the five million aren't even aware what they lost, so the regulations are biased against progress.

This is obviously not a good template for making decisions in other industries where emotions don't run so high.

[chc]

People's personal info can be a matter of life or death too. If yours isn't, you can count yourself fortunate.

[AnthonyMouse]

> People's personal info can be a matter of life or death too.

That's the point. If we pass regulations that result in continued and increased centralization because only large organizations can afford compliance, that is not advantage to the people whose lives are at risk.

If you're a homosexual in Russia or a democracy activist in China or an advocate for womens' education in parts of the middle east or a Jew in WWII Germany, "privacy laws" can't save you. A company's fear of the state can't protect anyone from a corrupt state. But structural and technological privacy protections might. Which are the things hamfisted regulations inhibit.

Debian is better at this than AT&T.

[richardwhiuk]

That's a very optimistic view.

It's fairly clear that giving away people's data without any care is unsafe.

[btilly]

I don't think GDPR compliance is as onerous as you seem to think it is, but even if it were, would it matter?

The answer is yes, it is onerous. And yes, it does matter.

Regulations always start as an idea that sounds good. The companies most impacted are then motivated to gain control of the regulations. Once they do, then they happily add on to regulations because that becomes a barrier to entry for new competitors, but do so in a way that ceases to be a problem for themselves. In the end the regulatory framework stops working and we have the very disaster that we were trying to block.

This is called regulatory capture. It is very, very common.

In the case of Facebook, here is the problem. The regulators are controlled by politicians who wish to remain in power. If Facebook breaks the rules in favor of those politicians, it becomes easier for the politicians to remain in power. The incentive is therefore for the politicians to become complicit in letting Facebook break the rules. However no new startup can provide the politicians with an incentive that matters - only Facebook, Google, and other similarly large players can bribe politicians in back room deals.

The payback for Facebook is that they get to solve their biggest existential crisis. The barrier to entry for a new social network just aren't as big as it seems. They can keep milking more from their users and buying up the Instagrams for only so long until something like Snapchat or Discord or someone not yet thought of succeeds. If Facebook is to avoid being replaced in the way that they replaced MySpace, and MySpace replaced Friendster, they need a new barrier to entry.

Regulation provides that for them. In public they will get chastised. You'll get speeches that you love. In private, they will happily become part of an effective surveillance state for those already in power in return for a blind eye being turned to their ongoing transgressions.

The result? The regulation that you are cheering won't accomplish the causes that you want. And if history is a guide, the very politicians whose speeches are the most to your taste will tend to be the ones who behind closed doors are selling you out. With their public speeches being nothing more than bargaining chips for private deals.

[birksherty]

You must be American. This is not the first regulation in EU and they are created to serve it's citizens.

The issue you are talking about is rampant in USA. The problem is not regulations but your politicians and your filthy rich businessmen.

[btilly]

See https://en.irefeurope.org/Publications/Online-Articles/Regul... for lots of examples showing that regulatory capture is a real issue in Europe. The fact that you turn a blind eye towards it shows that jingoism isn't a purely American trait.

And for the record, I grew up in Canada. I am not opposed to the idea of regulation in principle. However every approach has failure modes. And regulation works a lot better in practice when you exercise skepticism about the actual aim as opposed to the stated one.

If you wish to build your skills at skepticism, I highly recommend watching the series Yes, Minister. It is from the UK in the 1980s. However the lessons about how bureaucrats manage to get their way while pretending to listen to politicians are timeless. It also came out much later that it is less fiction than it first appears - most episodes were based on actual incidents. And some were downright prophetic - compare https://www.youtube.com/watch?v=37iHSwA1SwE with actual British policy towards the EU since.

I have no reason to believe that the picture painted then of the bureaucracy in Whitehall is significantly better than the bureaucracy that has sprung up in the EU.