undefined | Better HN

0 pointssgift9y ago0 comments

German data law is very strict, so yes, it is useful:

- You can only take as much as you need

- You cannot ask for data for one thing and use it for another

- You have to clearly state what data you will use for what purpose

- The opt-in has to be distinct from other opt-ins (so, 100 pages of EULA and then a checkbox "I accept" doesn't cut it)

The only problem here is that the penalities for breaking the data protection laws aren't very high .. I'd like to see percentages of a companies revenue.

0 comments

1 comments · 1 top-level

rmc9y ago

> German data law is very strict

Technically this law is European-wide, not just Germany. It's from the EU, and the Charter of Fundamental Rights of the European Union (Basically the EU's Bill of Rights). Article 8 lists your personal data rights.

The EU/US Safe Harbour was invalidated by the Court of Justice of the EU, after an Austrian person took a case against Facebook in Ireland.

> The only problem here is that the penalities for breaking the data protection laws aren't very high ..

DPAs have the authority to force companies to stop doing things. They might not be able to fine Facebook a meaningful amount, but they can get a court order to stop them doing it.

> I'd like to see percentages of a companies revenue.

That is being proposed.

j / k navigate · click thread line to collapse