[verzali]

I will be honest, I am always very skeptical of these claims that the big tech companies are fine but small business is hurting. Many of them seem to originate with the big tech companies themselves and I highly doubt they really have the interests of small business in mind. Plus, I'm old enough to remember when everyone claimed EU tech law was about to ban memes, which didn't happen...

[miohtama]

Here

> The main burden falls on SMEs, which experienced an average decline in profits of 8.5 percent. In the IT sector, profits of small firms fell by 12.5 percent on average. Large firms, too, are affected, with profits declining by 7.9 percent on average. Curiously, large firms in the IT sector saw the smallest decline in profits, of “only” 4.6 percent. Specifically, the authors find “no significant impacts on large tech companies, like Facebook, Apple and Google, on either profits or sales,” putting to bed the myth that U.S. technology firms are the enemy of regulation because it hits their bottom lines.

https://datainnovation.org/2022/04/a-new-study-lays-bare-the...

[huijzer]

That is typically the problem with regulations. It’s usually easier for large companies to comply. It’s called regulatory caption.

[_joel]

> It’s called regulatory caption.

Regulatory Capture, no?

[bigfudge]

that's right, although that isn't quite the same concept. Regulatory capture implies the large companies have helped draft the regulations to their own advantage (and SME's disadvantage in this case).

[xp84]

You can be skeptical but I’ve worked at multiple small businesses since GDPR and CCPA came to be, and each of them has zero interest in “selling your data” - everyone just wants to run ads and track which ones work. And yet complying with GDPR has been onerous and costly in every one of them. And did nothing to benefit our customers or website visitors. The only winners are the lawyers and firms that specialize in selling “compliance as a service” basically.

[metalman]

zackly right. two words ,in this case "unacceptable risk", which is absolutely impossible to define, so then, ha ha!, there needs to be deciders, whole heaping flocks of deciders, who them imediatly throw up a paper screen of "privacy concerns", and with luck the holey grail of beurocrats "national security" and then they can get to work destroying there budget, so they can seek further grants, and invent internal auditing procedures that have ancient bizantines crawling from there graves to see such wonders. smaller sub beurocracys can be built on one word, such as "saftey", and of course there is no upper limit, but two well placed words, and zam!, your in!

[raron]

The ever biggest GDPR fine was against Facebook, and it was less than 0.3% of their revenue. That is just a let us ignore GDPR tax. I don't know about small businesses, but big tech from US is fine.

> I'm old enough to remember when everyone claimed EU tech law was about to ban memes, which didn't happen...

AFAIK those parts of that law was changed somewhat

[giancarlostoro]

We saw a bunch of small side project type of sites from the EU close down all over HN after GDPR became a thing. The risk for someone small is too high. The minimum fines are in the millions.

[jimmaswell]

Something has gone horribly wrong with your governance when you can 1. get fined a million euro under GDPR and 2. arrested for hate crimes, for 1. hosting a default Apache server with logs and 2. putting a joke video of your dog doing a "Hitler salute" on it.

[giancarlostoro]

Hey, Count Dankula is funny, maybe its not for everyone, but he really should not have been arrested for what his dog did. His youtube has really fascinating content on it.

[cccbbbaaa]

No, the minimum fines are in the hundreds, and that’s on the unlikely event where you actually get a fine. Fines over a million are definitely not the norm. See GDPR article 83 and https://www.enforcementtracker.com/

[guappa]

[citazione necessaria]