top | item 46874749

(no title)

> A flat minimum, say 5,000€ per violation, no matter how small the company, applied automatically when non-compliance is confirmed.

No wonder Europe is such a laggard in tech when even software devs write non sense like this.

One one hand they want independence from the evil US hyperscalers but on the other hand they are ready to kill any new company in the EU.

discuss

petcat|27 days ago

Many of the "evil US hyperscalers" are headquartered in California, and the CCPA [1] has this exact penalty structure codified in law:

> (b) A business shall be in violation of this title if it fails to cure any alleged violation within 30 days after being notified of alleged noncompliance. Any business, service provider, or other person that violates this title shall be subject to an injunction and liable for a civil penalty of not more than two thousand five hundred dollars ($2,500) for each violation or seven thousand five hundred dollars ($7,500) for each intentional violation, which shall be assessed and recovered in a civil action brought in the name of the people of the State of California by the Attorney General. The civil penalties provided for in this section shall be exclusively assessed and recovered in a civil action brought in the name of the people of the State of California by the Attorney General.

$7,500 per intentional violation, $2,500 per unintentional.

[1] https://leginfo.legislature.ca.gov/faces/billTextClient.xhtm...

konne88|27 days ago

But it also doesn't apply to small companies:

The CCPA applies to any business, including any for-profit entity that collects consumers' personal data, does business in California (regardless of where it is located), and satisfies at least one of the following thresholds:

Has annual gross revenues in excess of $25 million in its most recent tax year;[11] Buys, receives, or sells the personal information of 100,000 or more consumers or households; or Earns more than half of its annual revenue from selling consumers' personal information.[12][13]

https://en.wikipedia.org/wiki/California_Consumer_Privacy_Ac...

mytailorisrich|27 days ago

Those numbers are maximum fines per violation if I understand the wording correctly ("not more than") while the suggestion was that €5,000 should be a minimum.

blell|27 days ago

In Spain the fines are like 60k for data protection violations, no matter how small you are, and if you’re self employed, you can’t declare bankruptcy and you have to pay the fine with your own personal assets.

wincy|27 days ago

Sounds like a great reason to never start a company in Spain, ever.

fc417fc802|27 days ago

Perfect recipe to discourage individuals from innovating. I'm all for holding actual companies with user bases and counsel and insurance and a business model and etc accountable. But "private party just getting started with a bespoke solution was a bit careless or ignorant; luckily no serious harm was caused" should never be financially ruinous.

throwmeaway820|27 days ago

why would anyone risk starting a business in such an environment?

jjp|27 days ago

Or perhaps they want to stop any company that doesn’t want to play by the rules as defined by the laws of society. So doesn’t matter whether it’s a US hyperscaler or an EU wanna be.

unknown|27 days ago

[deleted]

avh02|27 days ago

Then don't violate it, you won't get fined.

blell|27 days ago

This comes from the same website that tells you that the average person commits a thousand crimes every day and that prosecuting criminals is therefore meanie mean.

rmonvfer|27 days ago

You wouldn’t even believe the stuff I’ve heard in “startup” and “innovation” spaces about regulation and stuff like government grants.

I usually hear the “we [europe] have some of the brightest minds, we can do anything” and sure, granted, but that’s not the issue and it has never been. Why would those bright minds want to build something in a place that’s so obviously against the very same idea of free competition? Of course they don’t, those who can just flee and those who can’t usually end up building some useless grant-ware in an endless cycle. That’s not to say that we don’t have great startups and entrepreneurs, we do, but I find myself fighting every day against a system that’s built for the state to decide what, when and how citizens must innovate (and live).