(no title)
throwaway_sb666 | 4 years ago
Yeah, but it's hard to enforce a law at scale when the difference between legal and illegal behavior is not obvious to a layperson. The law is too technical.
It also has shouldn't have options where a user can simply allow further data collection, since this makes it hard clearly say whether a certain practice is legal or not, since it "will depend".
This creates more friction to enforcement. If things were more clear-cut, enforcement could be automated, and you would probably see those fines roll out.
It is harder to say "this software library is illegal to use in the EU" if there are certain circumstances where it's not.
mnw21cam|4 years ago
GDPR and cookie law is not hard to understand, so that excuse is a little bit lame to be honest. Besides, if you really need to understand what you must do by law, you should hire a lawyer. That's the same as with any other law.
throwaway_sb666|4 years ago
What I meant to say was that pressure to enforce laws only happen if there is public pressure to see the law implemented, and when the concepts are too abstract/intangible, the public disengages more easily from the issue.
Political will for improvements and funding is more likely to happen with more public support as counter to the influence of industry lobbists.
Public support is easier to rally when people can personally relate, or ideally share a pain point. A good candidate would be the annoying pop-up boxes. Frame them as dangerous because increasing the risk of online data and identity leaks. Solution to this threat to public security is to eliminate them by default answer. Simple law proposal.