
Tunngle is shutting down tomorrow due the new GDPR - fmavituna
https://www.tunngle.net/community/topic/219881-important-information/
======
Rjevski
And yet as soon as I clicked on their brand in the navbar I was greeted by 10+
redirects and a shady ad for mobile games (probably including malware).

Good riddance, you will not be missed.

------
dcbadacd
This sounds to me more like:

"Abusing your data is vital for our business model and we will stop our
operations before you have the right to request information how we use your
data"

------
rdlecler1
Most startups simply don’t have the resources to figure out what to do to be
compliant. I’m guessing that Facebook had a dozen lawyers working on this and
even more engineers. This is only going to put up a barrier to startup
creation and give large corporations more power.

~~~
ohazi
Bullshit. For most startups, the recipe will look something like:

Write a set of scripts to pull user-related lines out of your database(s),
write another script to sanitize the output, write another script to delete
the lines from script #1 and act as the big red delete button.

This is giving large corporations more power? Seriously?

~~~
existencebox
Context: I'm currently responsible for GDPR compliance within a small corner
of a Very Large Company.

I'm going to avoid making a statement about GDPR as a whole or about the OP,
but I will say that I don't think large companies having an advantage at this
phase is "bullshit."

One specific aspect of GDPR seems a good example of this. Third party data
processors. If you use various third party products that provide tracking,
testing, or other shims, you're responsible for ensuring export and delete of
any PII associated data that flowed to those channels as well. Now, you can
say the response is "if your partner doesn't have responsive channels, you
have to pull the data" to make onesself compliant, but BigCos have the
implicit advantage of being able to push the other direction, and get
systems/functionality built into the third party product to allow them to be
supported easier.

The amount of face to face time, support, and "deep touch" I can get with
third party companies when compared to prior smaller corps is very apparent to
me, and I'd be lying if I said it didn't make my task of ensuring GDPR
compliance easier. Whether that translates to "more power", I don't know. But
it's certainly an enabler.

~~~
apahwa
except BigCo also has tons of systems, autobackups, legacy code, and S3
buckets that's no one understands or has enough knowledge about. you know it's
secure but you don't know what the downstream impact would be of making
changes to those systems. so now you have to divert a ton of resources to
figure things out - and no SWE in the company will willingly move to _that_
project.

while small companies don't have the big legal teams, they can just hire a
consulting firm to go over it with them. they also have the benefit of being
nimble, having smaller dependency trees, and typically using 3rd party tools
which will generally implement this tooling anyways since their customers will
likely need it. BigCo likely did a bunch of roll-your-own projects that have
become black boxes over time.

~~~
rdlecler1
Just hire a consulting team? Yes, that’s the first thing you should do as you
start a company in your basement with $0.

------
ericb
I think there might be some pretty draconian side effects to properly
implementing GDPR, but I'd like to hear from someone who knows to what extent
these things might be true:

* The legal tracked information includes IP addresses, which means all logs must be able to selectively expunge IP address info.

* You can no longer have soft-deletes as a safety mechanism to maintain referential integrity if your data is (as is common) related to a user/account as you are responsible for being able to expunge that data.

* There are no exemptions for first time visitors, which means you can't just put up a no-EU unwelcome mat and serve up any third party tracking.

* The penalties are pretty draconian for a small business.

* It looks like retargeting businesses might be in trouble? Maybe?

~~~
dbbk
The penalties given are a max figure. A small business isn't going to be fined
20 million euros for slipping up. In fact, in the UK the ICO have stated that
their preference is to avoid having to impose penalties as much as possible.

------
Mave83
GDPR issn't that hard to achieve. You simply need to follow the rules and fill
out some "paperwork". If you are smart, you make your life easier with
ISO27001 (don't need to certify, but build upon it).

------
EdSeegar
Goodbye, old friend.

------
williamxd3
RIP

