Hacker News new | past | comments | ask | show | jobs | submit login

Data protection laws are so strong in Germany that they let registration offices sell your data if you don't explicitly opt out. Most people don't even know whats going on and that they have to opt out to avoid that. Or German credit scoring institutions, who are allowed collect data about you even if you don't have any mutual agreement with them.

German credit scoring institutions collect data on behalf of banks, insurances, etc., and you need to consent that they send data to the credit scoring company. So you are actually consenting. If you never give consent to any such party, the scoring company must not store data about you (and most probably won't, they are tightly observed by data protection agencies).

It will become interesting with GDPR, when customers start to revoke their consent to exchange data with credit scoring companies.

I guess he wants to hint you to the fact that the "Einwohnermeldeamt" is allowed to sell your data to a "Addresshändler", see https://www.teltarif.de/datenweitergabe-adresse-einwohnermel...

Yes, that is a legitimate complaint.

I was only referring to the remark about credit scoring companies which I believe to be wrong

I agree with you that not everything is perfect in Germany with respect to data protection. Not even close. However, our data protection laws are uncontroversially stronger than elsewhere (specifically compared to the US), and I'm almost certain that the courts will find that Facebook violated them.

Maybe, but what sucks about Germany and the EU is the arbitrary nature of many laws, enabling them to selectively punish those who don't play their game. By not being able to define clear boundaries, you give them the power to rule over who can succeed and who not. Data is what fuels businesses in the end.

> but what sucks about Germany and the EU is the arbitrary nature of many laws,

In what way is the law used arbitrarily? I would like some sources for this claim.

AFAIK the law in the US is much more arbitrary in the sense that a lot of it is case law. Until such a case has been before a jury, and jurisprudence has been established it's basically a coin toss.

The thing that may feel arbitrary is simply the fact the laws in Europe actually enforce privacy, whereas a company, and people, form the US expect that these laws are teethless.

This registration office law has finally been changed to opt-in just this year.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact