Hacker News new | ask | show | jobs
by blibble 1597 days ago
getting anything sensitive data out of large companies with the GDPR seems to be impossible unless you want to resort to lawyers

I was trying to get my matchmaking data out of Activision Blizzard and they flat out refused, saying my data was their property

their exact response was:

> "the information requested are trade secret and/or intellectual property needed to preserve our game integrity"

I complained to the regulator, who agreed with my assessment, but to enforce it I'd have to go to court

seems the GDPR is basically useless
2 comments
rognjen 1596 days ago
That's a very interesting situation for two reasons:

1. Arguably your matchmaking data is someone else's as well. Meaning, they'd be potentially exposing other people's data to you.

2. Arguably you don't own the matchmaking data. You only own the initial request for matchmaking. The end result is actually a product of their proprietary algorithm. You didn't generate it.

Perhaps it might be a good idea getting in to touch with a privacy campaigner, or if the European equivalent of ACLU exists, and have them test this in court because it affects two different and important aspects.

link
jdavis703 1597 days ago
I hear people saying laws that require police reports, police enforcement or interactions with the court are useless. For people like yourself who feel this way, what alternatives do you propose?
link
blibble 1597 days ago
what's the purpose of a regulator if they agree with you and can't do anything to enforce the law?

it's privacy theatre, nothing more

link
jdavis703 1596 days ago
The purpose is so they can make rules about complex situations. It’s like how in the US the aviation authority (FAA) and crash investigator (NTSB) don’t really enforce the law, even if a criminal act contributed to the crash. They’ll either forward the information to law enforcement or leave it up to the insurance companies and civil courts to arrive at justice.
link
blibble 1596 days ago
believe it or not not every country has the same regulatory system setup as the United States

(thank god)

the data protection regulators have no ability to create rules... their job is (supposedly) to enforce it

link
jdavis703 1595 days ago
So you’re telling me ordinary cops and prosecutors in Europe are capable of investigating highly technical, civil crimes? I’m not an expert in European justice, but based on a few high-profile cases I’ve followed, this doesn’t seem to be the case.
link