I can't help but think that EU situation has helped Google. A flood of new regulation just keeps entrenching them by killing off any potential upstarts that could compete in Europe.
Isn't this the argument free-marketers have always made? The people who said GDPR would stifle competition? It will be a long time before the outcome of these choices are obvious.
Note that the 2 main arguments and counter arguments: it helps protect people's information vs it increases the barrier of entry are NOT exclusive. Both can be valid at the same time and I believe that in many regulations they are both valid. That's how life works, a chain of compromises.
Trivial example but the nekochan community for SGI retrocomputing shut down because of it. It's particularly hard for small business or unprofitable things done for fun/sport/public benefit.
I've seen many people shut down their side projects citing gdpr. Without fail it's always people who haven't really researched the impact gdpr has on them and they didn't really want to keep the project going anyways so it's more of an excuse to shut it down without facing backlash.
It seems like you are contorting the blame to "well you should just do more work!" Bureaucratic regulations have costs in implementation, enforcement and non-compliance. Those costs are naturally easy for corporations to absorb because they can hire people to do it full time or whatever the case may be. Maybe several hours or $1000 for a lawyer or whatever to review some regulation are a bridge too far for someone already devoting time and dealing with whatever negatives the side project is coupled with like less free time, negative users/customers/competition, and other opportunity cost.
So yes, taking on new and unknown (to the creator) legal liability from some regulation is a great reason to shut down a side project.
If you’re a hobby project or small business that’s already not collecting customers’ personal information, then what hard work do you have to do to comply with GDPR?
An IP address counts as personal data, so that means you can't use any PaaS without having a privacy policy and vetting your platform's policy (which requires legal skills), just because they might keep the logs.
All public Trello power-ups have to be GDPR compliant, for example. The requirements are laid out on their developer documentation page [1]. You have to poll an endpoint every 14 days to remain compliant, delete data on request, etc. If you're building a power-up for free/fun, it might make you think twice (just because of the payoff/effort ratio). But I'm going to charge money for my power-up, so something like this isn't really a big deal.
If you have time/money or plan to make money, GDPR compliance isn't terribly difficult. But free/cash-strapped service providers would probably think twice before becoming compliant (which is why a lot of local US news websites just don't allow European visitors -- compliance is somewhat expensive, and local news in the US isn't doing too great right now).
The GDPR is intended to protect user privacy, not "competition". Everything has side effects, but if a monoculture of online services is the price, my guess is the drafters of that law (which I'm not a huge fan of, FWIW) would be OK with that. This is the tech industry, we're always just a few decades away from everything being disrupted anyway.
I'll have to go digging but there already was a good article that made it to the front page here about how much GDPR has helped google. It had some great numbers and graphs showing a sizable increase to googles marketshare once they were the first ones to be "GDPR compliant".
There's other new EU regulations than just GDPR. The recent copyright ones do nothing for users but severally cripples startup competitors to YouTube, as an example.
My favorite thing about the GDPR is that it's both a secret plot to ruin Google and also a secret plot to protect Google, and I doubt even Google knows which it is.
There's nothing secret about it. Good regulation can help but it's very rare. Instead we have poor regulation done by politicians that don't understand the market or technology, and that always helps the incumbents.
Helping the incumbents isn't always a bad thing, despite what the startup world may say. In living bodies, weakening 'incumbents' against 'disruptors' is called "immunodeficiency".
The market isn't a living body though, and it's not about whether it's good or bad, only that it helps. In this case, GDPR-style regulation only helps big companies that already have lots of users.
A country and its economy may be seen like one, though.
But regardless, the overhead-inducing parts of GDPR really kick in when a company grows past certain size (250 employees), at which point it should be perfectly capable of handling them. But more importantly, upstarts aren't some protected class. Just because an upstart can't compete against the incumbent without resorting to abuse of personal data, doesn't mean abuse of personal data should be allowed. GDPR protects regular citizens from collateral damage to their privacy caused by market competition. If incumbents can do a better job not abusing the data, maybe they should get the benefits.
(Also, it's adtech we're talking about. Personally I want neither the upstarts nor the incumbents to exist, and I couldn't care less who GDPR privileges here.)
Nobody is arguing against data privacy. It's how that's done which is the problem with GDPR. If you call every criticism of bad regulation as a defense of "abuse of personal data" then it's nothing more than an emotional argument.
Adtech powers the internet and lets 99% of the content exist. Let's avoid the endless conversations over it. If you want every company to be treated the same, then every industry should be too.
I don't find much bad with GDPR. You can call this an emotional argument, but for me, it's a difference of priorities. I do believe GDPR is right and creating regulatory friction in the marketplace isn't something to be avoided at all costs - in particular, it's desirable when the regulated behavior is potentially harmful.
RE adtech, I don't think we can avoid this conversation as long as all the problems this industry is causing persist. And I don't want to have every industry treated the same. In my books, adtech is right there with selling hard drugs on street corners, and factories polluting rivers; I'm fine with getting rid of all of them. I do not want that industry to grow. As for the "99% of the content", I'd honest to god happily see it disappear. It's mostly garbage that wastes people time; in particular, mass-produced content marketing tends to have negative information value, making people wronger than they were before reading it.
Again, it's not about the regulation or privacy. It's about how the regulation actually works and the processes and procedures it requires that are being debated, with the current implementation being a poor example that isn't really having the intended effect.
> "adtech is right there with selling hard drugs on street corners, and factories polluting rivers"
Those aren't industries and the trillion-dollar market caps of advertising companies speak to commercial value. The world is more than just you, so you don't speak for everyone and your singular interests do not matter at all in this discussion and you use an adblocker or stay off the internet if you want.
I always take the time to have in-depth conversations about adtech here but you haven't said anything other than state an emotional position about what you want the world to be like. That leaves nothing to discuss.
Their intention was very likely ruining Google (and other US techs). But the result is inadvertently protecting Google. There's no conflict here; you're simply confused.
That is assuming Google's continued surveillance empire is actually found to be legal in the EU. Google claims they are complying with GDPR, but that's... unlikely.
We won't really know until they get taken to court over it.
