Hacker News new | past | comments | ask | show | jobs | submit login

That's because DPAs understand that if they reinforced GDPR properly then half the companies, particularly small businesses, in Europe would have to be fined. I'm not just talking tech companies either.

That's also because fining isn't the first step, its pretty much the last. You will have received a warning that you are not compliant and been given a deadline ito fix it in most cases.

Like Google did in France? (receiving a warning before getting fined)

All those small businesses mostly have data about subjects they are conducting business with. In general this is a valid reason to have that data and GDPR compliance is merely about implementation details.

The data subjects of ad networks however are completely different entities from their customers, which makes it a very different compliance problem. It might not be possible at all to conduct that kind of business in a compliant way.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact