Hacker News new | past | comments | ask | show | jobs | submit login

>Once this is enforced properly

Which simply can't happen. There's a reason websites aren't manually indexed. And that same reason means you can never fully enforce these laws. What you can do, though, is score political points for selectively applying them to large unpopular players. It's always going to be a mess everywhere else, though.

You just need to set some examples. I'd pick a few violators and apply some reallyt painful fines with lots of publicity.

Other actors realize that noncompliance is more expensive (when multiplied by the risk of being caught) than compliance. Done.

No need to process thousands of violations. All that's needed is a few dozen with lots of publicity.

Obviously they can't literally apply it everywhere, but it's absolutely not true that they just go after large players. I've had complaints against very small players for relatively minor violations[1] enforced by my national privacy commission.

The GDPR opened the floodgates, but the wheels are in motion, and I know of multiple SMBs who got warnings to cut out their practices.

[1] The part-time manager of a three story building posted a "list of debtors" on the lobby (which contained false information, though that wasn't relevant for the commission, which focuses on the privacy aspect)

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact