[ascorbic]

Except this forum software does provide a tool that lets the user export their own data, as well as a tool that lets an admin strip all identifying data.

The only way this targets non-European businesses is because the litigious nature of US culture seems to lead to this sort of overreaction.

I'm also not sure how a malevolent user is any more incentivised to abuse this than DMCA. The DMCA lets them issue actual legal threats and action. This just allows requests.

The DMCA helps big business at the expense of the general public. This does the reverse. It's no wonder there's been so much noise and scaremongering.

[zeth___]

A lot of the US over reaction to the GDPR probably stems from the fact that they assume that Europe has a system where parties sue each other, the jury system, as opposed to the state suing parties, the inquisitorial system.

Getting sued in Europe is a huge deal, getting sued in the US is part of doing business.

[derReineke]

Yeah from what I have heard the main reason for this law is to stop obvious abuses to people's privacy. It seems that most overreactions are due to ignorance of the system behind the law or to make some kind of political statement.

[chx]

As a proponent of North American small businesses to just stop doing business with the EU my motivation doesn't stem from the ignorance of the system rather the knowledge if it: the fines will be issued by the relevant authorities of each and every EU state according to their own interpretation. Certain countries might see this as a neat little cash grab opportunity.

[derReineke]

I just don't see the EU giving fines to American small businesses. What kind of money could they expect to get out of them? I'm curious though, what EU countries do you think are so desperate for money that they would basically extort American small businesses?

[chx]

Hungary for sure! (I'm a dual Canadian-Hungarian citizen.)

[zeth___]

This is exactly what I mean. Europe has functioning government that can't be fathomed on the other side of the Atlantic.

[wooter]

seriously? spain, italy, and greece don't have malfunctioning governments?

[zeth___]

They still provide better service for their citizens than say New York or California.

[geocar]

Incorporating in the UK is a great way to stop this.

The ICO is extremely reasonable and personable in my experience.

[chx]

Ever heard of Brexit?

[geocar]

If Brexit has any impact (which is unlikely, but admittedly still unclear[1], [2]), incorporating again in Ireland or France is very easy and has similarly-minded regulators.

[1]: http://researchbriefings.files.parliament.uk/documents/CBP-7...

[2]: https://www.ft.com/content/afff45a0-1597-3f1c-a6da-79c3f61e6...

[LamaOfRuin]

I'm in favor of GDPR, but this is how it can be trivially used to target non-EU companies. EU regulators can be pressured to more aggressively pursue dominant foreign companies (or lay off important domestic companies) which many people already believe they do in various industries (banking/finance especially, as well as tech, automotive, aerospace, pharma...).

[lajhsdfkl]

>Except this forum software does provide a tool that lets the user export their own data, as well as a tool that lets an admin strip all identifying data.

Completely besides the point, there are hundreds of different pieces of forum software that may not have that feature implemented.

>The only way this targets non-European businesses is because the litigious nature of US culture seems to lead to this sort of overreaction.

Did I ever bring up litigation? What is your point here?

[ascorbic]

You brought up it targeting non-European business. That was the main way it seems to have disproportionately affected them.

[lajhsdfkl]

How about you try answering this question I posed to you

What is your point here? What is your point when you say that the EU is not litigious? Are you saying that I shouldn't expect to receive a fine for violating GDPR? Are you saying that I should just ignore GDPR data access requests if I am operating in a supposedly ethical manner and I am not selling user information?

[ascorbic]

I didn't see any question in there. My answer though is: respond to the request (which shouldn't be as hard as some are making out), but don't worry about fines unless you've been misusing the data or repeatedly ignoring warnings.

[taysic]

That's not how laws work. Someone has to prove they are innocent if another person claims they aren't to regulators. There is a cost to that. There is no way the law can know perfectly who is 'misusing data' beforehand.

[lajhsdfkl]

Then wtf is the point of GDPR if nobody will be sued for violating it?

[dang]

You've posted dozens of comments in GDPR flamewars. This sort of high-quantity, low-quality controversy quickly gets extremely repetitive and thus is off topic in addition to breaking the site guidelines (https://news.ycombinator.com/newsguidelines.html).

Since that's all this account has done and we don't allow single-purpose accounts here, I've banned it. Please don't create accounts to do this with.

[ascorbic]

The point is to make companies stop misusing data. The fines are the teeth for if they don't stop.

[DanBC]

> there are hundreds of different pieces of forum software that may not have that feature implemented.

"Can I have all my data?" is not new to GDPR. It has existed in previous data protection law. How did people cope before?