Of course, Europe has had no startups at all since the Data Protection Directive (95/46/EC) was passed in 1995. /s

Europe does not have anything comparable to Silicon Valley, and heavy regulations are often cited as making it hard to do business there.

Yet they still seem to find a way. That tells me the regulations aren't as onerous as some businesses would have you believe.

Who is "they"? Sure there are some companies, but clearly nothing like SV.

There are plenty of startups in Europe.

No, it means you shouldn't create a startup if you're not qualified to handle the data correctly. Way too many bootcamps grads running around saving unencrypted PIA in databases and with root AWS keys because of the "move fast and break things" mentality. (obviously most startups wouldn't be affected by this law, but the principles still apply)

That's preposterous. Healthcare startups are doing just fine managing HIPAA, which includes up to $1M fine and prison time for violating patient privacy.

No. This will stop you from building the kind of startup that is built on a bad ethical foundation. Don’t collect data you can’t protect. It’s that simple!

I’m reading the text of the bill and, so far, it appears it targets only large corporations with 50mil annual revenue and 100,000+ consumer data.

I don’t think start ups will be affected.

Startups aren't even covered by this bill until they've gained lots of traction (1 million users and 50MM+ gross receipts). At which point, again again IFF their business is data hoarding, they will need to hire approx. one additional employee.

I'm sure startups/consultants will step in to provide regulator compliance as a service as well, so maybe not even that.

no it doesn't. a large portion of the bill refers only to 1B+ companies.

also if you start a company, take care of user data, or if you can't just don't gather it in the first place.