undefined | Better HN

0 pointsmmanfrin8y ago0 comments

  Just act in good faith and GDPR will not bite.

Do you have $20million to make that gamble?

0 comments

12 comments · 5 top-level

beberlei8y ago· 4 in thread

20 million is the max penalty for repeat offenders. See article 83 about fines being proportinate to the offense: https://gdpr-info.eu/art-83-gdpr/

This is a european thing, if any law says $x is the max fine or alike, then for a first time offense you usually get much less.

stickfigure8y ago

I would still be bankrupted by "much less" than $20 million.

bigbugbag8y ago

Good for you.

now understand that fines are proportionate to the offense. Are you engaging in doing very bad thing to personal data on a very large scale and having a business based on this ?

no ? then what are you afraid of ? that failing to answert to one guy asking for what data you have on him will cause you to be fined to bankruptcy level ? I pity the fool as said that one guy.

1 more reply

tlrobinson8y ago

"usually" is the problem.

beberlei8y ago

how is interpretation of the law not a problem with any law that was in effect before GDPR. It didn't stop anybody from starting businesses before and will not after.

1 more reply

foepys8y ago· 3 in thread

Nobody will fine an open-source project that amount of money. The goal of GDPR is not to bankrupt anybody but to nudge them into compliance. If you aren't maliciously handling user data, you are not a target of high fines.

malcolmgreaves8y ago

Then why does the law not have this an an exemption?

tambre8y ago

Have what as an exemption? Not applying GDPR to small-time open source projects? Being open source doesn't suddenly make it fine to mishandle users' information.

bigbugbag8y ago

GDPR has exemptions built in but being open source project is not one.

matwood8y ago

First, that is the maximum. Second, no one scare mongered about the old maximum fines of £500k (which BTW were never used).

https://government.diginomica.com/2017/08/10/ico-maximum-fin...

bigbugbag8y ago

Or 4% of your world revenue whichever is largest.

Then again you can stop brandishing this FUD as this kind of fine is not gonna happen to small actors. If you act in good faith and are found doing something wrong you'll receive a notification asking you to fix the issue.

Why do people think EU is dumb and will start distributing 20M fines right and left at the first offense ? Just look at how it's done up until now and what CNIL said about how GDPR will be applied.

jimnotgym8y ago

Let's not talk theory. I am making that gamble. Business is about risk judgement, and I have judged the risk to be miniscule.

j / k navigate · click thread line to collapse

0 comments

12 comments · 5 top-level

beberlei8y ago· 4 in thread

20 million is the max penalty for repeat offenders. See article 83 about fines being proportinate to the offense: https://gdpr-info.eu/art-83-gdpr/

This is a european thing, if any law says $x is the max fine or alike, then for a first time offense you usually get much less.

stickfigure8y ago

I would still be bankrupted by "much less" than $20 million.

bigbugbag8y ago

Good for you.

now understand that fines are proportionate to the offense. Are you engaging in doing very bad thing to personal data on a very large scale and having a business based on this ?

no ? then what are you afraid of ? that failing to answert to one guy asking for what data you have on him will cause you to be fined to bankruptcy level ? I pity the fool as said that one guy.

1 more reply

tlrobinson8y ago

"usually" is the problem.

beberlei8y ago

how is interpretation of the law not a problem with any law that was in effect before GDPR. It didn't stop anybody from starting businesses before and will not after.

1 more reply

foepys8y ago· 3 in thread

malcolmgreaves8y ago

Then why does the law not have this an an exemption?

tambre8y ago

Have what as an exemption? Not applying GDPR to small-time open source projects? Being open source doesn't suddenly make it fine to mishandle users' information.

bigbugbag8y ago

GDPR has exemptions built in but being open source project is not one.

matwood8y ago

First, that is the maximum. Second, no one scare mongered about the old maximum fines of £500k (which BTW were never used).

https://government.diginomica.com/2017/08/10/ico-maximum-fin...

bigbugbag8y ago

Or 4% of your world revenue whichever is largest.

Why do people think EU is dumb and will start distributing 20M fines right and left at the first offense ? Just look at how it's done up until now and what CNIL said about how GDPR will be applied.

jimnotgym8y ago

Let's not talk theory. I am making that gamble. Business is about risk judgement, and I have judged the risk to be miniscule.

j / k navigate · click thread line to collapse