[toast_coder]

GDPR is criminalizing all websites because compliance is impossible. It puts european officials in exactly the possition they want to be in, everyone is breaking the law an enforcement is a matter of who their friends are.

Majors websites are taking steps to remove access from eu. This will only get worse. Be prepared to live in the environmet your politicians have created, or be prepared to come back to planet reality.

I speak personally, as a technical architect for international sales organization. People who basically are not in that position don't realize the way the law is written that compliance is not feasible. You are simply gambling that the shakedown form the enforceres won't be to bad.

[zucan]

If compliance is impossible, it's probably because your business model is incompatible even with the spirit of GDPR - the notion that a person should have control over their data and other entities should handle it with care.

If compliance is expensive, it's probably because your business profitted somehow from handling personal data (or you let someone else reap the profits, e.g. tracking ad networks).

I find your situation similar to the one of an engineer in a chemical plant who got the task to make the whole place completely ecofriendly due to new regulations. The solution to just block the EU and resume business elsewhere is the best course of action if complying is indeed impossible or infeasible for your business. If your organization decides to gamble because there is still profit to be made in the EU, it's on them when enforcement comes around someday.

In any case, competitors will find a way to offer GDPR-compliant services and there might be enough demand for data protection laws in the US, changing how businesses have to deal with personal data. Time will tell.

[toast_coder]

I agree with your statement, my business model IS incompatible with the spirit of GDPR. You and I are just looking at GDPR differently. You think its somthing good.

You are wrong about the business profiting from personal data however. That doesn't happen. Again, my assumption is you are a lay person and you do not understand the complexities of data management. You are making assumptions about why data is handled the way way that it is, assuming the reason is greed or incompetence. You're wrong.

I certainaly conceed that it is possible that compotition could come along and be GDPR compliant and 'win' but from my perspective that wont happen. What will happen is the largest organizations will be fined into regularly spending large amounts of money to work on GDPR, hold the regulators off to to some extent and small players will never exist or get destroyed because one small wrong move and one wrong bureaucrat has that power over them.

Time never stops telling a new story, but what time is saying right now is the America is dominating the EU in information technology and that sure looks like it will continue throughout my lifetime.

[messe]

> GDPR is criminalizing all websites because compliance is impossible

I disagree, compliance isn't particularly difficult unless you're going out of your way to do something harmful to your users.

> be prepared to come back to planet reality.

Please refrain from hyperboly, I'd much rather a civil discussion about this.

[will4274]

> compliance isn't particularly difficult unless you're going out of your way to do something harmful to your users.

Please stop spreading this FUD. There are tons of architectures (e.g. Apache Kafka) which were totally sane and require total reorganization to become compliant. Dismissing this as "not very difficult" and adding a snide little attack on anybody who disagrees is untrue and an ad hominem to boot.

Complying with GDPR is costly and significant work. If implememtations match legislative aspirations, it could also be a significant boon to consumers. However, legitimate questions about the level of compliance, particularly from companies with unscrupulous business models leave it currently vague whether the boon will be realized in full, in part, or not at all.

Though I know hacker news discourages political discourse and meta, I would interject - almost all political topics have upsides and downsides. Pretending that the downsides don't exist on any policy isn't passionate advocacy - it's just degrading the level of discourse.

[bipson]

I think you have the definition of FUD backwards

[tzs]

> I disagree, compliance isn't particularly difficult unless you're going out of your way to do something harmful to your users

Article 27 is a big pain for those of us not established in the Union, regardless of whether or not we are doing anything harmful to our users.