undefined | Better HN

0 pointslagadu8y ago0 comments

> Most startups are doing their best to be good stewards of data, and they didn't need big global regulation to force them.

If that were true we wouldn't be seeing daily threads here (like this one) that effectively amount to "I don't want to follow the law/protect the data I collect" for months now.

0 comments

3 comments · 1 top-level

manigandham8y ago· 2 in thread

...you just repeated it again. Not wanting regulation does not mean not wanting to follow the law or protect data.

Complying with GDPR can involve a significant cost, but as said multiple times already, the issue isn't data privacy and security but the vast ambiguity of the law. Costs and risk explode when the rules are vague and applied "on-principle".

There are numerous comments on this page that keep saying you need "a good reason" without realizing that is absolutely useless in a legal sense and can open up a large volley of litigation against any business.

Spivak8y ago

If you're a small company and making a good faith effort to acquire express consent from your users for data collection, follow best practices to secure that data, and allow users to delete their data (even if it's a manual customer service driven process) then I don't see why you have any reason to be afraid.

You're not opening yourself up to litigation from random 3rd parties -- they can only file complaints to regulators who will decide how to respond.

jeremyt8y ago

Well then, you’ve never been the target of a lawsuit.

Forgive me if it doesn’t make me comfortable that the decision whether to file a lawsuit against me or not is left to some often uneducated and inexperienced regulators.

j / k navigate · click thread line to collapse