[xwowsersx]

> the vast increase in regulations and liability around handling data,

Can you elaborate on this or give examples where these bigger hurdles than they used to be? I'm curious to know in what domains this is the case. I've no doubt that it is true, but my sense was that there are still large swaths of "internety" products that are entirely or mostly unregulated and where there isn't much to be said about how you handle data, but I could be wrong. I'd be very interested in any concrete examples you may have had in mind.

[presentation]

Much of the clear low-hanging fruit are in automating or aggregating fragmented data in tech-neglected industries, and that often involves handling PII or payments data - which quickly exposes you to GDPR and equivalents in every country, for which there isn’t a obvious path to compliance (especially when considering that web tech trends go the opposite direction, like the trend toward edge computing = how do you satisfy data residency requirements? It gets complex fast).

[selfhoster11]

GDPR-like regulations certainly come to mind. Which is a good thing - too much unprotected data in one place is a disaster for all involved.

[brabel]

And that's one of the areas where there's a lot of innovation happening right now... for example, the push to decentralize identity ensures that businesses don't need to keep any data that is considered personal data under GDPR while still having provable "credentials" (things like proof of age, degree, medical records etc) needed to be provided with certain services. I won't link any particular businesses in this area, but a quick search should show there's a lot... and the European Commission is one of the leaders in pushing this: https://ec.europa.eu/digital-building-blocks/wikis/display/E...