Hacker News new | ask | show | jobs
by danpalmer 2953 days ago
They have said this.

a) they have said they don't want to punish companies for the sake of it, they want to use it as an incentive to fundamentally change the approach to the handling of user data. This means not suing tiny companies for more money than they are worth.

b) they have said that the standards will roughly increase with the size of the company and resources it has. A company with 27 users (and few employees) would not be expected to have a data protection officer, or many of the control processes that a company with data on 1.5B people.
2 comments
zerostar07 2953 days ago
I think everyone is talking about the UK 's ICO, which is just 1 of the 28. We have heard nothing from others and its best not to make assumptions - the ICO may be following different rules in a year.
link
danpalmer 2952 days ago
True, some of this is more from the UK ICO, but some is from the official guidance from the EU.
link
merinowool 2953 days ago
> This means not suing tiny companies for more money than they are worth.

Which effectively kills that company even if court finds their violation was minimal.

link