Hacker News new | ask | show | jobs
by ben_w 1619 days ago
I believe a significant part of enforcement is supposed to be a deterrent. If the U.K. fully enforced speed limits, the only people who would have not had their licenses revoked would be people like me who don’t drive or aren’t in the country any more.

It’s not clear to me that any particular analytics service needs to be run by an American firm, so the point about USA rules forcing actions on USA feels situational rather than permanent.

(I won’t pretend to know if the GDPR allowance for handing data over due to legal obligations is or isn’t relevant here, even normal law is way outside my ken, let alone international).
1 comments
Silhouette 1619 days ago
If you have a law that would be impractical to enforce fully and in all cases because you'd end up penalising almost everyone it affects, it's a bad law. I don't believe we should legally prohibit normal behaviour for fallible humans, particularly if no real harm is caused and no ill intent was present.

Selective enforcement is rarely a good solution to that problem. With selective enforcement you have not only reduced the risk to those who really are doing something seriously wrong, so also reducing the deterrent effect, but also penalised those who paid a price or gave something up to do the right thing and were then left disadvantaged relative to the wrong-doers.

link
ben_w 1619 days ago
> If you have a law that would be impractical to enforce fully and in all cases because you'd end up penalising almost everyone it affects, it's a bad law.

I think this describes almost every law, not just speed limits and GDPR but also copyright violation and drug use and… well perhaps not literally every law, but enough of them.

> I don't believe we should legally prohibit normal behaviour for fallible humans, particularly if no real harm is caused and no ill intent was present.

I don’t believe this describes GDPR. First because websites don’t really need to grab analytics, because stuff you genuinely need to provide a service is explicitly exempt from the GDPR informed active consent requirement; second because website and app development isn’t normal behaviour for normal humans, it’s a profession; third because this data does cause harm.

Yes, there are all those risks you list from selective enforcement.

link