[alerighi]

They can't, and I would like to know what Europe wants to do about it. Block wayback machine in Europe ? Well, I can still access it with a VPN if I want. Also I want to know what they will do about git and GitHub, or even blockchain project (how you delete something from a blockchain ?)

The problem is that GDPR is a stupid legislation written by incompetent people that doesn't understand the subject and imposed with no possibility of choice on member states, like all the regulations from the EU (cookie banner law, for example).

And of course GDPR doesn't impact to much the companies that they aim to fight, like Facebook, Google, etc, they have teams of layers payed millions with the sole purpose to find ways to circumvent these regulations, they will just update the terms of services and done, the ones that will be more affected are small companies, startups, personal no project side projects, people that doesn't have money to spend in a layer for a project that doesn't make him any revenue.

I think that in Europe it's not more possible to do anything, if you have a good and innovative idea and you want to realize it, better take a flight to the US...

[simion314]

The law is meant to allow me to delete my account from your cool SV startup, and delete meaning actually delete the data and not deactivate the account but continue using or selling my data.

The cookie law is a problem because lazy web developers did not implement it right, probably you complain about don't spam me law because it adds a bit of extra work for adding the unsubscribe link and implement the requierements.

The laws are done for the good of the society and not for helping a minority to implement some move fast break things, pivot and try again.

[jfaucett]

There is big difference in law and regulation between intention and real-world effects. For instance, making marijuana illegal has the intention of decreasing drug addiction and dependence but has the effects of disproportionately encarcerating youth aka "criminals" under the new law for drug consumption, and thus limiting their opportunities in the socio-economic system.

If you look into it I think parent is most likely correct with his predictions since they are easily verifiable i.e. big coorps do have massive teams and monetary funds to deal with this legislation, startups and one-man shops do not. This is completely ignoring the deontological question of what should be the case, where I think most would be in agreement.

[matthewmacleod]

big coorps do have massive teams and monetary funds to deal with this legislation, startups and one-man shops do not.

That applies to literally every piece of legislation. Yet we don't decide that small restaurants should be exempt from food hygiene laws, or that small construction teams should be exempt from health and safety laws.

[jakeogh]

Conflating information with feeding someone poison food is so par.

[matthewmacleod]

Your objection is not helpful.

Being careless with personal data has harmful consequences.

Being careless with food safety has harmful consequences.

This is why these things are related.

[walshemj]

what personal data is being exposed - the EU isn't keen on anonymous publishing in general eg in the UK any thing published by a political party during elections etc must have both the printers name and their agents - the penalties are quite severe .

[mattmanser]

We haven't seen how they're going to enforce it yet, people throwing tantrums about it doesn't help.

If it's the same as the cookie law or spam rules, they'll come in and say "we've had a complaint, you're doing this wrong, fix it". Then if you don't fix it, they'll fine you.

Not only that, but many of the regulatory enforcers responsible for this in the EU are not particularly well funded and why would they spend the limited resources they have investigating one man bands?

[TheSpiceIsLife]

> For instance, making marijuana illegal has the intention of decreasing drug addiction and dependence

That’s not right, is it?

Didn’t that Nixon aide admit the drug war was a ruse?[1]

1. https://www.vice.com/en_au/article/xd7jkn/a-former-nixon-aid...

[merinowool]

But the public is presented as if its purpose was to curb drug addiction. Could be the same with GDPR - great intentions, but the true reason is to entrench big corporations and introduce more barriers of entry for the small guy, which is inline with socialist agenda.

[simion314]

Are you from US? In EU we had many similar rules that were in the public favor and hit the big corporations, the one I am thinking now is the roaming phone charges, big companies lost a lot of profit from this, so you can see that this big companies do not have the power yet to change the laws for their own profits.

But I see a lot of anti EU sentiments here on HN, anything EU does is painted as anti american or anti startups when from inside EU we see it as for the people/society

[jfaucett]

> from inside EU we see it as for the people/society

No we don't. Some of us do and some of us do not. You are self-admittedly in the former group, I am not.

Also, just because something cost big companies money on one front does not mean it doesn't increase the monopolistic power of said companies and even increase revenues on another. Let me use your own example as a hypothesis we will be able to observationally falsify or not in the coming years. By eliminating roaming charges many smaller companies in the space will have to compensate for the loss of funds and will therefore either have to reduce their current plans, drop service offerings outside of the current country, or eventually collapse entirely. Regardless of the outcome, the total market competition has decreased and ultimately the mega corporations stand to win through decreased overall competition in the space. Additionally, due to lack of monetary incentives, I would expect the rate of innovation in large-scale roaming technology and infrastructure to decrease compared to countries which do not have such legislation.

Socio-economical systems are complex and nonlinear in nature, unfortunately, we i.e. humans have not evolved to think well about nonlinearities neither have we built ourselves sufficient tooling to augment our prediction capabilities for such systems. IMHO, this is the well-spring for the difference between intentions and outcomes in regulatory policy.

[simion314]

We need this law, there are enough terms in it and range on how it will applied so the little guys won't have much trouble if their intentions are to comply.

I know that laws get abused but do you see the OP asking to remove laws that are in his favor like copyright law or patents law?

[merinowool]

And the effect is quite the opposite as consumption of drug and addiction is much more prevalent than in the places where it is legal. So regulation could have good intentions - and a lot of people believe in the intentions - but the effects are the opposite.

[icebraining]

Where are drugs generally legal?

[walshemj]

You just have to look at the effects of the 18th amendment to see the point the OP is making.

In the USA it caused massive increase in organized crime and corruption - the effects of which are still with the US today

[simion314]

But you do not know the effects if all drugs were legal and cheap

[vorpalhex]

> because lazy web developers did not implement it right

No, because the legislators fundamentally misunderstood cookies. Almost any website needs to have some basic tracking of users for fraud detection, bot detection, and yes, basic analytics.

Instead of writing out a thoughtful approach, we get a mandatory nag screen right up there with "This product is known to cause cancer in the state of California" on anything sold ever. Users ignore them because the information isn't useful - infinite noise, no signal.

This is the opposite of the CAN SPAM law which did have thoughtful requirements - allowing exceptions for account related emails, requiring one-click unsubscribe but also giving systems a period to obey that to handle mail already in transit.

GDPR has so far been grossly in the cookie nag screen category, except instead of a tiny bar on visiting a page I get a multi-select based dialog of doom. The answer most companies are going to take is simply not market services to folks in the EU, and those that do will implement annoying nag screens.

More rules blindly applied rarely solves problems.

[matthewmacleod]

For the love of god, please stop spreading these misinformed views.

1. Nobody in Europe will be blocking anything.

2. The Wayback machine will continue to operate.

3. GDPR is generally pretty well-written legislation, based on extensive experience by privacy regulators across Europe.

There are some questions about exactly how the rules will evolve in practice. The thing to bear in mind is that privacy regulators are interested in compliance, not in punishment.

[TomMarius]

I don't disagree (nor agree), but trusting Europe to not block anything is wrong. There are EU countries that are right now blocking something. Porn in UK, foreign gambling sites in Czech Republic and of course Telegram in Russia.

Edit: I of course know that Russia is not in the EU, lol. Parent said "Europe" and I added Telegram as a fun remark after two serious examples (and there are more). Calm down with the downvotes.

[Liquid_Fire]

Russia is not part of the European Union, and FWIW porn is not blocked in the UK right now.

[JetSpiegel]

Russia is not in the EU.

The porn block in the UK (or opt-in block, more like) is a voluntary measure taken by ISP.

[merinowool]

Certain types of porn are illegal in the UK (for example depicting female squirting or face sitting). In April they supposed to introduce age check to all porn websites willing to operate in the UK, which essentially means every website that has porn (for example Reddit) should be behind the pay wall, as age check supposed to be done via credit card transaction. Now this has been delayed, but I don't think they are backing out on that. Furthermore this is going to be a huge problem, because: 1) Payment processors are frowning upon the idea of servicing porn websites. That means it is going to be very expensive to implement unless government figures out a different way. 2) Companies will have to store more personal data about their viewers and users will be forced to give up that data. 3) That poses a huge risk in case of the data breach as someone sexual preferences are sensitive data forced to be collected.

[antihero]

There's a new one coming into effect that will force websites to verify people's age using their ID (possibly by an external provider). Or I guess be blocked? Still a fucking stupid idea.

[rad_gruchalski]

Russia isn't EU.

[dingaling]

> cookie banner law, for example

The 'cookie law' is actually subtle genius.

If your site only uses cookies for operational reasons, such as enabling login or maintaining a basket, you don't need to inform the user.

So anytime you see a cookie-banner that indicates that the site is doing something additional with cookies. Like tracking for ad-networks. It's a yellow-flag.

[vorpalhex]

Except every single website just has a banner anyways because it's easier to cover your back then get legal involved every time you tweak something. So it has no meaning at all, in any way, except it's very confusing to some users.

[raverbashing]

Sorry, can you explain to me what's stupid about it?

Not allowing information about people to be kept ad-infinitum (and sold ad-infinitum)?

Allow data breaches caused by sheer incompetence to go unchecked?

As much as I worry about its consequences, companies saw it coming.

[vorpalhex]

The average computer user has difficulty searching their email or scheduling a meeting. You expect them to complete a nag screen about how their personal information is going to be used, with sliders for opt-in versus opt-out, every time they visit a new website?

Like the cookie nag, users are going to blindly click through until the confusing nag screen goes away and then be upset that it wasted their time.

[ghostcluster]

Like many aspects of culture, we may have to rely on pirate outfits to archive and preserve things, until the original parties are no longer interested in fighting about it either way, or a long enough time passes that the archived history increases in value and decreases in personal stakes.

[tankenmate]

What a large number of people fail to realise is that the GDPR applies to any person (natural or legal; a data controller and/or data processor) that holds personal data on a EU citizen or EU resident, regardless of where the data controller (or data processor) is. Obviously EU law can only be enforced in the EU but if you are a business then any funds in the EU that belong to the data controller can be frozen or used to pay court levied fines. Or if an infringing data controller travelled to the EU (or a country with an extradition treaty and similar criminal code) they could potentially be held if a court decides that the behaviour was criminal in nature (some EU jurisdictions are more strict than others).

The only way to completely avoid the GDPR is to not hold personal data of EU citizens or EU residents.

[raverbashing]

> the GDPR applies to any person (natural or legal; a data controller and/or data processor) that holds personal data on a EU citizen or EU resident

Funny, because the GDPR explicitely says this is not the case.

Art2. Paragraph 2

This Regulation does not apply to the processing of personal data:

   c) by a natural person in the course of a purely personal or household activity;

[tankenmate]

I was talking about in the context of the medium post / businesses which is what I was replying to. I don't think I have seen anyone complaining about household activities. A red herring.

[icebraining]

Nitpick, but as far as I understand it, it's only EU residents (regardless of their citizenship). The specific text says "data subjects who are in the Union", and citizen never appears in it.

(This is for foreign businesses. EU businesses have to apply it to everyone, regardless of their location or citizenship.)

[merinowool]

This means this should be applied to everyone because how do you check that someone is an EU resident? Should websites display a page requesting visitor to upload their residency certificate to be complaint?

[icebraining]

No, it means they have to apply to people connecting from the EU.

[tankenmate]

Have you any document from a data protection authority or lawyer that makes this claim? or even close to it?

[icebraining]

He's not a lawyer, but as a "GDPR implementation leader" I bet he talked to some:

https://www.linkedin.com/pulse/gdpr-does-apply-eu-citizens-g...

But really, it's plain from the text.