I understand it’s hard to say no but it would perhaps be easier to say “we’ll build that but it’ll cost you 5x more because we would be taking a legal risk”.
Making the option to follow the regulation cheaper has to be the goal.
No, the solution is jail time for the founders and board members of these companies. Along with extremely harsh and vindictive confiscation of their assets.
And generous incentives for developers (such as the GP commenter) to snitch on these people for asking them to be knowingly complicit in their immoral activities.
It's about focusing on people with (1) the most leverage over the decision-making process and (2) perfect visibility into the consequences (legal and otherwise) of their actions.
That is -- when you're dealing with the mob, you doing go after the delivery boy. You go after the foot soldiers and kingpins.
There's potentially a lot of inherited DNA out there that could cause damage to society in the future.
I'm not sure that's the right thing here. You'd end up with some poor junior dev getting punished for what is essentially a decision by their boss.
"The client didn't want to pay for a GFI so it's not my fault he got electrocuted ¯\_(ツ)_/¯"
Modern weapons require cutting edge engineering. Going after web devs but leaving alone engineers who created litteral death machines would be an interesting position.
Now, engineers could decide to make software engineering a real discipline by getting a regulatory body with and start enforcing the tittle properly (but this is widely unpopular and as far as I know, not done anywhere).
Also, weapons manufacturing isn’t illegal I can’t see how there could be a case for going after anyone for it? We don’t have a morality and ethics police (at least not in most western countries)
That quickly turns in to, the rich guy who will profit from the lawbreaking needs a scapegoat. Always more dignified to tell important people they're out of line by punishing their serfs, don't you know.
I don’t mean developer as in an individual contributor, I mean an implementor, often contractor, which will normally be a company too.
Right now it’s too easy to cut out a niche of selling snake oil services like “automatic cookie banners” with dark patterns and batteries included. Meanwhile companies are fooled by these companies into thinking that if they just pay the $ for their “compliance solution” they are done. Here is where I’d like to see the sellers of the snake oil take part of the responsibility and not just the buyers.
Unless, of course, they have some weasel note in the terms, which is far easier to do in the B2B space.
There will be room in prisons when they let people out who used <blink> tags 20 years ago…
The developer knew what s/he was doing. We're not talking jaywalking here--this person (!!) made it slightly more difficult to make a choice that most users don't understand or care about anyway! And the result is more targeted advertising! How can you stand idly by?
You sound like a Stalin (I came from an authoritarian country).
Imprisonment usually does an amusingly bad job at "teaching a lesson". If you want to "teach a lesson", then why not torture?
https://en.wikipedia.org/wiki/Slippery_slope
There's nothing "authoritarian" about imposing criminal penalties on those responsible for not just violations -- but as in this case, egregious, massive and intentional violations of consumer protection regulations. It's just how a civil society works.
The vast majority of users like free websites and do not feel like targeted advertising is a serious problem. This was true before GDPR and these silly cookie warnings, and it continues to be true. Likewise, implementing a cookie dialog that requires more clicks to opt out completely is not so morally questionable as to justify the discussion I had responded to.
