(no title)

But big tech can handle a few government penalties every decade. It even creates moat - artificial barriers to market entry. The multiplicity of penalties is insurmountable for new market entrants, but pocket change for the established ones. For example, the UK Online Safety Act is putting all the small social media sites out of business in the UK, but it won't change moderation standards at Facebook. Ergo, it has become Meta's moat. "If a fine is set for a crime, then it's only a crime for poor people".

Tech is full of clever and fast people who run circles around slow-moving government bureaucracies (even judicial). These courts need to resolve these cases every week. If it's 1 week for first-instance, 1 week for appeals, that's the pace that would stop big tech. Twenty-seven fines with a bite a year would have the intended effect.

But we're talking about a "landmark" GDPR win in this thread that took about 5 years. And the fines so far are less than 500 euros per data collector (250k euro fine / 600+ companies in IAB). It will not even warrant a footnote in GAAP financial statements at the end of the year for these companies; they'll just put it in operating expenses (along with the 1,500 euro office coffee machine, 3x more expensive than the privacy violations). A small blogger collecting analytics data incorrectly may not have much to eat in the month they get fined 500 euros (not that they will have had much to eat in the months of expensive court proceedings), but of course, they also risk the full extent of the penalties.