Hacker News new | past | comments | ask | show | jobs | submit login

Anyone who didn't see this as the predictable end-result of requiring cookie awareness and consent was hopelessly naive about how large vs. small organizations respond to unfunded government mandates.

The money and time could have been a lot better spent on international awareness campaigns arming consumers with more privacy knowledge instead of expecting website owners to shoulder the informational burden (because those orgs in aggregate have no core incentive to treat user's privacy as an inherent good).




These organizations do have such an incentive. The very essence of GDPR is to create these incentives. The EU's goal with GDPR was to make user data a liability, and to encourage organizations to reconsider their need to hoover and hoard it.

The GDPR is unlikely to be overturned, and there are plenty in the EU who are eager to enforce it. Just because it's not being enforced right this second doesn't mean the law won't catch up to offenders.

Especially if Margrethe Vestager replaces Jean-Claude Juncker as president of the European Commission, you can expect a ton of action on this front.


> Especially if Margrethe Vestager replaces Jean-Claude Juncker as president of the European Commission, you can expect a ton of action on this front.

the odds of this are essentially zero

she's in a minor EU party and her own country won't put her forward as candidate


> there are plenty in the EU who are eager to enforce it

But we haven't yet seen it enforced, have we?



we have definitely seen movement (plenty of data protection authorities have issued warnings), but it really hasn’t been that long (it’s been less than a year)

the only way that a law like the GDPR that’s purposefully vague and broad can work is to allow plenty of lead time for warnings and fixes before fines

it’s a process; you shouldn’t expect it to change everything overnight


>The EU's goal with GDPR was to make user data a liability, and to encourage organizations to reconsider their need to hoover and hoard it.

And as a consequence we're going to continue sinking into irrelevance.

>The GDPR is unlikely to be overturned, and there are plenty in the EU who are eager to enforce it.

I think it will be overturned a couple of decades from now, when an economic crisis hits and we find that we've fallen significantly behind other countries due to our fear of technology.


"The market is the solution". Er nope.


This is not the end-result at all. It is an intermediate result. European data protection agencies will start handing out fines, then courts will start ruling, and in a few years we will see the end-result.

My prediction is that these Cookie shenanigans will be ruled as illegal according to GDPR, and then they will disappear.


I’ve been hearing this since 1997 when the first Data Protection directive happened. The enforcement never happens unless it’s serving a political goal, such as singling out a Chinese company or whatever.


GDPR is the result of many lessons learned in prior attempts. The EU Commission put particular attention on not repeating the mistakes being made in the Cookies directive, which rendered it essentially useless and only annoying.

Fines are to be handed out by the national data protection agencies. In Germany, the data protection agency regularly goes after violators since the 1990s. They audit German administrations and companies with respect to data protection, and request changes where necessary. See here for yearly reports of one of the state agencies: https://lfd.niedersachsen.de/startseite/allgemein/taetigkeit....

So at least for Germany there is no foundation for your claim.


I have to concede that German regulators have set the pace, but the penalties are still negligible on the global or even regional scale. If every member state went in with as much conviction as Germany, we might see some results after two decades of mostly-empty promises.


Too bad that the EU has yet to learn what collateral damage is.


It’s rather obvious it learned nothing. After seeing cookies banners, it was entirely evident and predictable that GDPR will result in more aggressive banners.

Which it, surprising no one competent, did.


There's one important caveat you're missing: the vast majority of these cookie banners are illegal under GDPR. So yes, it's rather obvious the EU learned a lot.

The law forbids dark patterns, coercing into accepting, delegating opt-outs to third party sites, and requiring collection of more data than is strictly necessary to operate the site.


This. Completely this.

Thank you




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: