Hacker News new | past | comments | ask | show | jobs | submit login

Yes. Your point? It’s actually ridiculously easy to be compliant with GDPR.

Edit: That is, ridiculously easy for new companies. Incumbents have been hoarding data for too long and it was actually harder for existing companies to become compliant.

If you don’t think that lawyer fees scale linearly with regulation complexity you’re either an early Uber employee or mistaken.

When you’ve built a social consumer business in Europe that is profitable after compliance, send me a term sheet.

I enjoyed reading what you said as a different perspective on the backend of ad technology vs privacy up until this comment thread.

I didn't build a profitable social consumer business in Europe after compliance, but I was part of a team that implemented compliance for a long existing company within the US due to them having clients and client's clients in Europe. They're profitable. Do you want my term sheet? Or are you weakly attempting to flex while complaining that people's basic right to privacy is preventing you from earning obscene amounts of money?

As I’ve mentioned I think elsewhere in the thread I left that business in no small part because it didn’t feel right to be in anymore. It was at a significant cost. I’m really lost on where in the thread I started to sound like a shill for business practices I (knowledgeably) don’t care for.

What do you estimate the implementation costs of GDPR are? I've seen some research that put the numbers in the 10's of billions IIRC

It feels like a regulatory moat for the big players who can afford it. Sorta like a complex VAT policy.

Those numbers are for existing companies who have been hoarding and selling user data with utter disregard to existing laws and user privacy.

If you do everything right from the start, the costs are minuscule.

Why would you need lawyer fees? How is GDPR complex?

It literally is:

- you only store data you require to run your business

- you delete data if customer requested deletion

- you give the customer their data if they ask for it

If your profitable business is built upon selling customer data wholesale to third parties, then good riddance.

Google and Facebook et al stores and processes PII on non-customers, without informed consent given from users.

It's still early days. We'll see what will happen when the DPA's and the courts have fielded a few high profile cases.

This! I hope it costs them dearly. I have never (willingly) given them consent to have my data, yet I know they have loads of it, just because other people I know are careless with data about me.

Applications are open for YC Winter 2020

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact