Hacker News new | past | comments | ask | show | jobs | submit login

Actually, in Europe it is illegal to collect personally identifiable information of people without their consent. GDPR and all that.

I am surprised they haven't been fined out of existence yet.

Just a correction - consent isnt the only legal basis. Thought it was important to correct you here so others reading the comment wouldn't get the impression that no consent = illegal

Probably because nobody in the EU currently has this company on their screens. Or because those who are critical of this company and its practices have not yet reported it to the relevant authorities.

In Germany not only the GDPR regulation but also the so-called "right to the own picture" applies here.This means that no one may use/sell pictures of a person without explicit consent. Therefore, photographers must also have an explicit release of the person for the respective context of use.

There has been recent activity (article in german).

The article claims you could ask for deletion of your data without uploading your ID.


Clearwater did not obtain consent, so the data shouldn't be there in the first place. Each and every data protection Behörde here in Germany should be investigating this.

Well I would advise everybody to file a complaint to their local DPA. Even if you can oppose the processing, they rely on legitimate interest (doubtful their balancing act is acceptable) and they acquired the data in a legal way, they failed to inform the user of a second-hand data collection[1].

So If they have data on you, that is older than a month, and did not contacted you to inform you of it, you can file a complaint!

[1]https://github.com/LINCnil/Guide-RGPD-du-developpeur/blob/ma... (In French sorry)

Google and Facebook are still around, so the GDPR is an absolute joke of a law that nobody cares to enforce.

You might be surprised: https://www.enforcementtracker.com/

Search for how many of those enforcements came from Ireland. Now look up what country's GDPR authority Google and Facebook and most American companies are choosing to be subject to. It's not a coincidence that the place that hosts all US company's remote headquarters isn't participating in GDPR enforcement.

Ireland tried to give a great deal to Apple. The EU didn't take it very well [1]. I wouldn't be surprised if the EU will investigate Irish GDPR enforcement.

edit: also France did fine Google just fine.

[1] https://en.wikipedia.org/wiki/EU_illegal_State_aid_case_agai...

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact