"Abusing your data is vital for our business model and we will stop our operations before you have the right to request information how we use your data"
Most startups simply don’t have the resources to figure out what to do to be compliant. I’m guessing that Facebook had a dozen lawyers working on this and even more engineers. This is only going to put up a barrier to startup creation and give large corporations more power.
Bullshit. For most startups, the recipe will look something like:
Write a set of scripts to pull user-related lines out of your database(s), write another script to sanitize the output, write another script to delete the lines from script #1 and act as the big red delete button.
This is giving large corporations more power? Seriously?
I think there might be some pretty draconian side effects to properly implementing GDPR, but I'd like to hear from someone who knows to what extent these things might be true:
* The legal tracked information includes IP addresses, which means all logs must be able to selectively expunge IP address info.
* You can no longer have soft-deletes as a safety mechanism to maintain referential integrity if your data is (as is common) related to a user/account as you are responsible for being able to expunge that data.
* There are no exemptions for first time visitors, which means you can't just put up a no-EU unwelcome mat and serve up any third party tracking.
* The penalties are pretty draconian for a small business.
* It looks like retargeting businesses might be in trouble? Maybe?
The penalties given are a max figure. A small business isn't going to be fined 20 million euros for slipping up. In fact, in the UK the ICO have stated that their preference is to avoid having to impose penalties as much as possible.
GDPR issn't that hard to achieve. You simply need to follow the rules and fill out some "paperwork". If you are smart, you make your life easier with ISO27001 (don't need to certify, but build upon it).
Rjevski|7 years ago
Good riddance, you will not be missed.
dcbadacd|7 years ago
"Abusing your data is vital for our business model and we will stop our operations before you have the right to request information how we use your data"
rdlecler1|7 years ago
georgebarnett|7 years ago
“My company is small and so can’t afford to manage our customers data properly” doesn’t hold water with me.
If this causes cull of a part of the current crop of companies and have them replaced with companies that are able to meet requirements them so be it.
ohazi|7 years ago
Write a set of scripts to pull user-related lines out of your database(s), write another script to sanitize the output, write another script to delete the lines from script #1 and act as the big red delete button.
This is giving large corporations more power? Seriously?
Angostura|7 years ago
Bombthecat|7 years ago
"Oh we are bad and abuse our power"
Oh you want more regulations? Whoopsi.
Only huge corp's can finance that? Oh well.
ericb|7 years ago
* The legal tracked information includes IP addresses, which means all logs must be able to selectively expunge IP address info.
* You can no longer have soft-deletes as a safety mechanism to maintain referential integrity if your data is (as is common) related to a user/account as you are responsible for being able to expunge that data.
* There are no exemptions for first time visitors, which means you can't just put up a no-EU unwelcome mat and serve up any third party tracking.
* The penalties are pretty draconian for a small business.
* It looks like retargeting businesses might be in trouble? Maybe?
dbbk|7 years ago
Mave83|7 years ago
EdSeegar|7 years ago
williamxd3|7 years ago