[sparrish]

EU-enabled DDoS attacks. Expect automation developments on both the attack and the mitigation side to grow until it's cost prohibitive to do business with those in the EU and companies simply stop offering services to its members.

[mike-cardwell]

Hopefully. It will be a good thing to see these privacy abusing services/companies ceasing to exist in the EU.

[emteycz]

At least 90% of sites [in the Czech Republic] required to implement GDPR are not abusing privacy

[yeppie]

What does that even mean? Where did you get the 90% from? Do you have a list of said sites? Not abusing privacy according to whom?

[TomMarius]

Well abusing privacy is a punishable crime here, so according to our courts - do you say you don't trust the courts of a western, functioning, EU member country? The figure is definitely way higher than I said since only a handful of website operators have been found guilty ever since the law is active. The law is not an exhaustive list btw.

> Do you have a list of said sites?

You are the one who claimed that all sites required to implement GDPR are privacy abusers. Do you have a list? In my country we adhere to the concept of "innocent until proven guilty" and we don't keep lists of innocent websites.

[solarkraft]

So it should be really easy for them to implement.

[TomMarius]

I had to implement it and it is definitely not easy for me. It involves e.g. setting up, collecting, reading and reacting to snail mail.

[nxc18]

Or companies might just make the effort to take their governance of user data seriously. Once you've complied once, you should be able to comply for everyone else automatically. See Google takeout.

[vonmoltke]

> Once you've complied once, you should be able to comply for everyone else automatically.

How do you automatically comply with a free-form letter sent via e-mail or, even worse, snail mail? You need one or more humans in the loop to identify these requests, even if it is just to send a canned response back.

[theamk]

Yes, but the balance of power is in the favor of the company.

You can have thousands of people send GDPR requests. Each person will take at least half an hour to print, compose, wrap and send letter. And someone at the company will take under a minute to reply to each one, because all they'd need to do is a quick scan of the letter, then send a pre-printed response.

[vonmoltke]

> Each person will take at least half an hour to print, compose, wrap and send letter.

The point of this site is that there is no composition. Just print, address, and send if you want to snail mail. If that takes you half an hour, I don't know what to tell you.

> And someone at the company will take under a minute to reply to each one, because all they'd need to do is a quick scan of the letter, then send a pre-printed response.

Under a minute to 1) identify the letter and the sender; 2) pull the correct pre-printed response; 3) address and send the response? How does your hypothetical employee do this so much faster than your hypothetical private citizen?

[TomMarius]

I don't even have a mailbox and now I need to have one, and actually read the mail - which I'm unable to even reach as I'm often thousands of kilometers far. Will you do it for me? I just wanted to have comments on my site...

Not all websites are ran by huge companies. Actually, most are not.

[solarkraft]

... Or the companies that don't abuse users' data implement simple mechanisms to comply with GDPR and gain/keep access to a huge market.