So we've moved from companies trying to make compliance to GDPR look like they are doing us a favor out of the goodness of their hearts to now tech sites trying to take the credit for that too. Who will be the next I wonder.
Phone companies in the UK at least do this boasting EU free roaming as a "feature" they're so nice to provide, except that it's UK law. Three are the only network that did this voluntarily (and their Feel at home thing is also many places outside the EU which is nice)
And more importantly, surfing while on vacation in the EU ( 100 mb) won't cost you 200 €'s anymore. Some people had a vacation bill of 9.000 € of their provider ( source: newspaper & victim was local politician)
It used to be really hard to gather all that information and package it up in a nice little bundle. It used to be hard for a company to get their software engineers to quietly implement such functionality across all products without getting internal angst and bad press leaks.
But now, companies can just tell their software engineers that they're writing user-friendly data-portability features. Across all product lines, they'll happily code away, completely oblivious to the fact that their code is also going to be used for this other purpose.
That's probably the least charitable way of looking at this. It's a tool for data portability that gives users access to their own content, in a way they weren't previous able to do. If the government wanted some data on a user I think they're going to get it from the company whether this service exists or not.
To be clear, that's not my logic.
You can use pretty much anything for good or bad. Rocks, Nitrogen, Automobiles, Thoughts.. it's an endless list.
If a developer was not oblivious to the fact that their code might be used for this other purpose, what do you think a typical developer a) would do and b) should do?
Now, as soon as Legal signs off, the production of the ZIP file is probably completely automated. And the programmers who made that possible probably believed their code was going to be used solely for their users' data portability.
(Disclaimer: Though I used to work there, all of the above is pure speculation.)
Its true that the Data Liberation Front did start as a group of 20%ers, but like the much less successful GMail, we got turned in a real team and now we have reorgs and TPS and everything.
 Check out the new My Activity service as an example of some of the new data we have added: https://takeout.google.com/settings/takeout/custom/my_activi...
Running a quasi-official blog without blessing didn't last either . Glad to hear the team got turned into a permanent one internally, but the lack of a public info on its existence doesn't fill me with confidence that this is something Google wants or prioritises at a management level.
The gp was talking about companies' engineers writing "user-friendly data-portability features. Across all product lines". Is that the case with Takeout at Google, or is it just a job given to one relatively small team of self-starters working on a project that was never spearheaded by management?
i see the ability to download and delete your account as a good improvement
Any network platform is creating lock in through network effects and your data that is stored there is also creating some amount of lock in. You could choose to abandon that network for any other one, there will be some pain felt in regards to personal data but that's about it.
In a lack of choice context, you literally have no choice. Like with many locations and the cable provider that you use. If you don't use them, you have no alternative.
Most of these lock-in platforms are really not a necessity, and the reality is that it's not the data as much as the network itself that becomes the large lock in mechanism.
But either way, it's not the same thing as having only one option available. Then you truly have no ability to move elsewhere.
~44% net income margins; 50% operating income margins; on $40 billion in sales. Nothing like that has ever existed before. Apple, which is of course a huge profit generator, is typically closer to 20-25% net income margins. Microsoft got pretty close to Facebook type figures at its margin peak in 1999-2000.
Facebook has absolutely nothing to fear from GDPR. They can permanently abandon the entire EU market in terms of advertising, provide their product with zero advertising in that market, and they'd still have one of the most profitable businesses on earth and would continue growing larger yet.
A 4% tax on global revenue? Laughable for Facebook. And that's the maximum hit. That's $1.6 billion last year for Facebook. That drops their net income margin down to 40% instead of 44% (~$16b in profit instead of ~$17.6b).
They could pay a $1.6 billion fine every year for the next century just out of cash and never notice it (profit would continue adding to their cash, and then returns yielded on the cash-equivalent holdings would pay for the $1.6 billion fine).
Unless the EU dramatically increases the penalties, it's barely even a speeding ticket for Facebook. And in reality, they can easily avoid it just by complying with GDPR as it pertains to the EU. Facebook has such an extraordinary profit machine they can afford to drop the profitability of that market, and simply not care.
The GDPR is applied by each member state, and Facebook operates in them all. I see no reason in the GDPR why each member state can't apply its own fine. How does 28% sound?
EDIT: To expand on this a bit more, I do wish there was more industry standardization when it comes to data import/export. Is there any standardized format for chat history, for example?
Is it because of the contacts you have and would that data be in any usable format?
While I can see the appeal of a photo sharing site to share pictures I would have to be incredibly reckless or stupid to use such a site for archival purposes (let alone that I certainly wouldn't trust them not to wreck my pictures with some heavy handed compression or scaling).
Is it just me who cares about my original images enough to archive them redundantly on a variety of storage media? And if that's not so, why would I ever care to be able to retrieve my pictures from such a site?
I would imagine many people lose photos over the years, whether it's getting a new phone or simply not understanding how iCloud/Google Photos etc. works. Photos from Instagram will also have any filters you added.
I'd say pretty much yes, especially when talking about pictures taken with smartphones and "variety of storage media" not just meaning the somewhat automatic (requiring just an one time setup) platform cloud backup.
I wonder if I come back in 6 months and try to revive my account by contacting Instagram they will still have the account on file.
I assume this is some kind of first draft or staged rollout?
I also think it's hilarious that Techcrunch is acting like it's their doing that this is coming.
On top of that, many times images won't just load. And Videos play automatically, consuming much internet traffic.
Why should this be a priority for anyone?
This article is a bit old, but on the Galaxy S6 at full brightness displaying an image with 40% average picture level saves half a watt compared to full white.
That's fine for Instagram, but what about startups that want to compete with them? They'll find that users will build up collections of photos and videos (perhaps using proprietary filters that make a given application popular for a while) at their expense, and then instantly abandon their platforms. GDPR is great, or at least not a negative for large platforms, but a disaster for startups.
> That's fine for Instagram, but what about startups that want to compete and find that users can now build up collections of photos and videos (perhaps using proprietary filters that make a given application popular for a while) at their expense and then instantly abandon their platforms? GDPR is great, or at least not a negative for large companies, but a disaster for startups.
So what are you saying? That startups should have the right to lock up their users just so they can have a business?
No, sorry. If your business depends on "locking up users", maybe you shouldn't have a business.
A better law would be one that simply required a disclosure and transparency of what a company does with the user data.
I'm amazed how people have such a strong faith in "technology will solve everything", but the moment you suggest that a piece of regulation might make anything trickier, all of a sudden technology isn't good enough any more.
Isn't this a business oppportunity? You've just spotted a difficult problem that (seemingly) you're convinced will be a big issue soon. Go solve it!
I'm saying that startups should have the right to engineer their platforms in the way that they see fit. Because of GDPR, no startup (at least those that accept EU traffic) will ever achieve the social lock-in that Instagram has.
Instagram built their user base in an era where it was difficult for average users to get their pictures out. Did your startup come up with a new set of filters that make photos go really viral? Awesome! Users will just make it in your app and then export it to Instagram, where people will actually see it. You'll go bankrupt...but Instagram usage will increase as a result of your efforts.
Do you realize how backwards that is?
All throughout history it's been the case that circumstances change. Maybe what was a viable business to start before, isn't now. Well, those that took the chance when this was allowed are banking on it, but now no one else can.
Your argument is: person X exploited bad thing Z before, so we must continue to allow back thing Z just in case person Y also wants to exploit it. No, that's completely backwards.
Some people got rich off slavery, so we shouldn't make slavery illegal because my startup wants to take advantage of it too. /s
You're not allowed to launch a service that provides X, and if you want to, you must also include X + Y + Z.
Am I allowed to even open a port to a server on my local machine that allows users to voluntarily enter some information and does something with it, without being subjected to the full force of the legal system?
I have some experience with the US medical software industry, and this sort of feature-checklist regulation doesn't improve anything. All it does is lock in the existing players and prevent any innovations that aren't explicitly outlined in the law.
> You're not allowed to launch a service that provides X, and if you want to, you must also include X + Y + Z.
If you stop for a bit you'll realize that most things in society work like that. It's called regulation. Once you get used to it you'll stop being astounded and wonder how things were ever done differently.
Nobody is forcing you to look at, interact with, or even acknowledge the existence of my local web server. There is no stronger sense of the word "voluntary" than the one that can be used to describe web services. My service doesn't even exist to you, unless you explicitly choose to engage with it.
You, on the other hand, believe that it should not be allowed to exist for other people (at legal gunpoint!), unless it conforms to the features that you believe it should have.
This is more akin to not being allowed to invite people into my home, unless my bathroom and kitchen meet certain (arbitrary, non-structural) requirements.
Defending a laissez-faire model of society, only with restrictions on externalities, is reasonable, but it's also very far from how societies currently operate. The GDPR is not an exception. In fact, not even on websites - the Data Protection Directive, from 1995, already implemented restrictions on how EU sites can be run. The GDPR is only an expansion on that.
This is perfectly analogous to the real world where e.g. pollution has tangible negative externalities. It will always be the case that when responsive governments exist, and a thing comes into existence that people perceive as a threat, people will leverage the government to mitigate that threat.
If your home were perched on a cliff above a school playground, to use a contrived example, the townspeople would have a keen interest in the integrity of your home including the kitchen and bathroom.
Like fire code? :)
Nobody is going to die from not exporting their data - except in medical software, where the current U.S. feature checklist regulations haven't helped. For many websites, GDPR is next to pointless while adding broad legal requirements.
And you can totally set up a port on a server to allow users to voluntarily enter some information and do stuff with it. The law does not prevent that at all.
Does the law prevent it, if I don't want to spend time adding a full account verification system for personal data dumps, permanent data deletion, and other requirements?
Anyway, I hope you enjoy Instagram if you are in a GDPR-affected country, because no competitor will ever emerge as a result of this law. They'll have all of your data, and you'll have to agree to it being analyzed in whatever way they choose because there is not and never will be another service to go to (which renders this entire point of this law moot).
Why would I address your absurd “point” that it’s good to have laws that lock-in entrenched competitors and stifle competition and innovation from new startups? I just assumed people would read and instantly dismiss such an absurd notion, as I did. I guess I saw no “point” in it.
You're being dishonest. My point was NOT that it's good to have laws that lock-in entrenched players. It was that there are bigger things to consider than each one's business model, and that just because some people took advantage of something in the past isn't a reason not to correct something, and that when things change some businesses die others are born new, and it's always been like that. It's called capitalism, works quite well.
But I was saying: you're being dishonest, wittingly misrepresenting my point, and so I have no further interest here. Good luck.
And yet here you are defending GDPR.
We don't let people build homes or other buildings as they see fit because over time we've realized that the failure of one building can adversely affect the neighborhood.
We don't let businesses handle their financials in any way they see fit because over time we've realized that using a generally accepted set of accounting principles helps avoid cascading financial disasters.
Now, honestly, how can you say with a straight face that we should let businesses manage data in any way they see fit because it's "their platform"?
Nonsense, we have an obligation to regulate how data is collected, processed, and used or sold to protect society against the adverse effects of data that is used to abuse.
Is a building on Pluto subject to the same building codes? If my server spontaneously combusts, should I warn those with IPs near mine that theirs may catch fire?
You have no obligation to visit my web service, enter data into it, or interact with it. It takes up no space, and you have no "passing" interactions with it.
The contention is that others should not be allowed to use my web service, unless it provides you certain features.
I'm believe we should support privacy on the web, but this is not the way to do it.
So, that's pretty nasty, and yes, I want it to be regulated.
If this was just about third-party trackers, the EU could have written a law similar to the cookie warning. People who care about that (including myself) can use browser addons or block third-party cookies.
This isn't punishment any more than making sure your electrical box is 72" off the ground and your gas meter has nothing around it within 5'.
>startups that want to compete and find that users can now build up collections of photos and videos at their expense
If users using your service is 'at your expense' and not 'for your profit' then that seems to be mostly a problem with the company's business model.