Hacker News new | past | comments | ask | show | jobs | submit login

Again - what are citizens possibly losing if the company Connor do business without tracking and selling their data? Because that sounds like it’s not those citizens losing - it’s US citizens losing.



Again - because they aren't tracking and selling their data, they are just managing risk. When doing business, it's not a blind "well, we're doing nothing wrong, we have nothing to worry about", it's "we're doing nothing wrong, but a mistake can bankrupt us in this market that is not required for us to sustain growth." Nobody wants to trust even-handedness application by regulators when it's just a ridiculously high penalty ceiling...well, nobody except those large companies that can absorb it. Citizens lose because they don't get to use products by otherwise well-intentioned companies that are scared of penalties because they are so high and subjectively enforced.


If I'm following your hypothetical situation correctly, you're claiming that an international company would rather not do business than to email the privacy commission for feedback? Which is standard procedure when in doubt...


It's not about doubt of the rules. Though there is extreme subjectivity, that's not my point in these posts. It's about risk mitigation (i.e. the extreme size of the penalties coupled with potential subjective enforcement). I'm not claiming anything about an international company, I am talking about small startups that might not even go completely international at first. Why, if I have all the customers I can handle right now as I grow would I subject myself to more regulations for no reason?

It's not that hypothetical as I've been in this with young companies where we were deciding where to launch first (for beta or actual launches). Granted there was nothing then precluding EU users in those times, in fact we preferred it to help w/ i18n vetting. Nowadays, I'd just as soon leave EU countries off of the select box on my signup form, and not worry about GPDR compliance (again, even though I am probably compliant and believe in the spirit of the rules).


Exactly. To a large extent, I - a citizen of an EU country - can already see the effect. Just look at how many electronics companies don’t sell in EU. There’s a Swiss company making great routers that outright says it’s because of RoHS.

And as of the earlier arguments like “no loss” or “competition would step up” - look how few EU tech companies there are. There’s a reason for that.

The armchair commenters here aren’t EU business people, and it shows. Around here, GPDR is considered a disaster, in the usual style of EU’s heavy-handed, poorly thought-out regulations. It adds so much bureaucracy and expenses - even for companies that do nothing shady - that it is absurd.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: