Nightmare on Lemmy Street (A Fediverse GDPR Horror Story) - Michael Altfield's Tech Blog - eviltoast
  • kernelle@lemmy.world
    link
    fedilink
    English
    arrow-up
    3
    arrow-down
    2
    ·
    10 months ago

    Oh for sure they will try to fine, but being another sovereignty they have no authority to force a payment.

    • Maalus@lemmy.world
      link
      fedilink
      English
      arrow-up
      3
      arrow-down
      6
      ·
      10 months ago

      Yeaaaah no. Look it up, you still have to pay up. It’s insanely good for EU citizens. Look at the top fines - Meta, Google, Amazon, Instagram, Facebook, with fines being tens of milions of dollars. The US works with the EU and you still get fined.

      • kernelle@lemmy.world
        link
        fedilink
        English
        arrow-up
        6
        arrow-down
        1
        ·
        10 months ago

        Ofcourse they do, because they want to keep their business working in Europe. Which doesn’t apply to a decentralized system like the fediverse. But they do not have to pay the fine if they shut down all operations within Europe, which no company wants to do.

        • Maalus@lemmy.world
          link
          fedilink
          English
          arrow-up
          4
          arrow-down
          4
          ·
          10 months ago

          Most servers are in Europe. Also, yeah, that’s my point - if you shut down access for Europeans, your worries fade away. The thing is - people want to have the cake and eat it too - not comply with GDPR and still allow people in Europe to be able to reach all instances.

          Right now, Lemmy is too small to be noticed by anyone. But all it takes is some a-hole reporting GDPR noncompliance, and the entire project will get hit, and it will get hit hard.

          • kernelle@lemmy.world
            link
            fedilink
            English
            arrow-up
            6
            arrow-down
            1
            ·
            10 months ago

            “your point” was that the EU can force a fine on any foreign company operating outside the EU for not following local laws, which is ridiculous. But I agree with the rest.

            • Maalus@lemmy.world
              link
              fedilink
              English
              arrow-up
              4
              arrow-down
              5
              ·
              10 months ago

              It’s not ridiculous if you actually read up what GDPR is. They can place a fine on any foreign company. It probably won’t be enforced in China, Russia, Iran, etc. But GDPR isn’t a “local law”. Most countries comply with it, hence cookie notices and all that jazz

              • kernelle@lemmy.world
                link
                fedilink
                English
                arrow-up
                4
                arrow-down
                3
                ·
                10 months ago

                You might be missing the point. Again, the EU will send them a bill and a firm letter, but they don’t have any authority to actually demand payment. That fact has nothing to do with GDPR but with the fact that it’s an entirely different sovereignty.

                The EU could sue them, they could impose sanctions on other companies for dealing with said company. They have an enormous amount of power to make sure said company can never deal with anything EU related. They have tried to sue companies in the US for not complying but no outcome for that is known.

                That is why you see the cookie notices and general compliance, but also if you’re a relatively small company it’s actually not that hard to comply. It gets exponentially more difficult the larger you get but if you’re that large than you’ll definitely be dealing with world economics, including the EU which gives a lot of incentive to comply.

                if actually read up what GDPR is

                I have and was a part of my curriculum. Bit arrogant innit