Ha, I actually thought the comment was relevant for an article on blocking EU users with Cloudflare.
This regulation calls for legal expertise, trusting google to save on fees seems risky for a business. In all seriousness, biz owners should shell out for expert advice for compliance, or stop doing business in the EU.
Google and Fb have already seen litigious groups claim $9.3B in fines on the first day[1]. There will certainly be a cottage industry of lawyers going after online businesses that have erred with GDPR.
Those groups don't get to keep the fine money? What is with all the disinformation about people sueing companies for GPDR violations like it's a civil court issue and one side gets damages?
People can refer an issue to the regulators claiming that the GPDR has been violated. The regulators will determine if they believe the regulations have been violated and whether it's a large enough violation to enforce. If fines are levied they go to the government and are intended to be punitive, hence the percentage of revenue as the max fine so that you can't just ignore the regulation by being rich.
No individual or group other than the government is going to make money off of this, and the government has to balance the loss in taxes and cost to enforce against any gain from a fine.
This whole kerfuffle about the GPDR has just shown that american companies will lose their fucking mind if they have to follow anyone else's rules and can't just lobby the US government to force their laws on everyone else.
Irrespective of who gets to keep the fine money, it will cost money and time (and likely lawyers) to handle any regulator inquiries. These complaints barely a day after the law came into force clearly shows that this law has come as a bonanza invitation for "activists" to impose legal costs on whatever target catches their fancy. I wouldn't be surprised with anti competitive targeting. Large corporations will write off the risk and the cost. Small business will choose not to do business and avoid the risk.
The law has been in effect for 2 years and the regulatora have given everyone that much time to implement their GPDR compliance. These large companies have not done so. We're people supposed to just ignore them forever because they didn't feel like getting around to following the law?
Incorrect. They are civil right groups, which filed complaints with the authorities. Even if the complaints were fully accepted and the offenders fined to the maximum possible amount the groups would not "earn" a cent.
This regulation calls for legal expertise, trusting google to save on fees seems risky for a business. In all seriousness, biz owners should shell out for expert advice for compliance, or stop doing business in the EU.
Google and Fb have already seen litigious groups claim $9.3B in fines on the first day[1]. There will certainly be a cottage industry of lawyers going after online businesses that have erred with GDPR.
[1] https://www.cnet.com/news/gdpr-google-and-facebook-face-up-t...