So whats the fucking point of GDPR then.
Privacy
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
Exactly.
This will get challenged.
Max Schrems is an assassin but this one might be a bit more difficult to challenge compared to the previous ones. Will be interesting to see his argumentation, though. NOYB is doing good work and will certainly work on this next
Huge fan of NOYB, if I were religious I would say they're doing the Lord's work.
This doesn't make sense to me given it sounds like there was a pending case with facebook about privacy concerns. Someone has to bring that up in protest....
What does this really change for EU citizens?
It seems to mean that companies can get around all your privacy protections, such as GDPR, simply by hosting their servers in the USA. Then they can mine your data all they like and you have no recourse. I guess the right people were paid/threatened, because this undermines a lot of the EU's work on data protection over the past several years.
I guess the right people were paid/threatened
either that or this was the playbook from the beginning for more political theater. Probably got some nice votes and exposure to the people "fighting" it.
stealing our data. like in the US sadly . its like a bypass for google and facebook if i get it corectly.
As a EU (plus UK) citizen, you have a bunch of pretty neat rights over your data due to GDPR, and unlike most other laws, violating GDPR can really hurt the perpetrator (since they get fined as % of revenue, not % of profit)
GDPR also allows the transfer of data to other countries, but only if the receiving country has privacy protection laws equivalent to GDPR, which excludes pretty much anywhere outside the EU/Eurozone
So, they basically get to ignore GDPR altogether, with no consequences, if this isn't shut down by the EU right fucking now
The results include, but are not limited to:
-Storing cookies in your computer without your explicit consent (user tracking)
-Targetted ads that you can't opt out of
-Foreign actors having access to your data
-No way to request the deletion of your data, alongside the erosion of most rights about them
-probably many more
And the world is once again worse off.
Some folks got a big fat check it seems, they call it lobbying.
Can the US just please stop making the world worse?
Don’t be so negative, it is not a full loss as you all say.
The European Court of Justice already killed the previous 2 adequacy decisions in the Schrems cases, and it may happen in few years from now again.
Apart from that, though the US are clearly not adequate for data protection following GDPR standards, they have somehow to comply with GDPR. Businesses in the US are now applying 2-standards to EU citizens and the rest of the world, in order to comply with our data protection framework.
Until yesterday, all companies and public organisations using US services were not compliant with the law, because there was no legal basis available for data transfers to the US. Nevertheless we were all using their services. It’s best to have in place an adequacy decision which is not perfect (and probably not compliant) than nothing and living in a far west.
Good thoughts. But if you took care of your contracts and transfer impact assessments, it was possible to be compliant with the GDPR while using good US service providers. Also, the US are catching up in regards of privacy laws and California is just one good example for that. Some ideas in there exceed the GDPR in ways that protect people even better. And yeah, I’m speaking as a European data protection lawyer here and not the typical “USA, USA” fanboy. Credit where credit’s due
i kinda freak out tbh . mostly what my country do actualy (france) its..... not good at alls....
In France you have good practices too, qwant, ovh to name a couple
that the United States ensures an adequate level of protection—comparable to that of the European Union
I guess this makes sense, with the new French spying measures, they're now basically the same
It's apparently not much different than the last two tries. Expect a cancelation or revokation.
The US did not change that only US citizens have data/privacy rights. That can't confirm to EU rights.
Safe Harbour and PS1 were bad from the start. This one actually has the chance to grow into something. It’s a solid basis and they learned from some mistakes from the past. Will be interesting how / when the US actually implements the promises made in the framework. I hope this time they take it more seriously. From a European perspective the option to have a competent partner for dialogue and questioning in the US was a big issue in the past. Plus, if the companies certified under it don’t include the types of data that are of interest to you under this framework, you are still protected by the other mechanisms under GDPR (SCCs and BCR), so chill. Meta won’t qualify for this one anyway, but a good US company like Microsoft does and that fixes a lot of political questions here in the EU in regards of the use of M365.
NOYB have a good write up about how they came to the agreement by using this simple trick, the EU and US have different definitions of the word "proportionate" but the US's definition is undisclosed...
https://noyb.eu/en/european-commission-gives-eu-us-data-transfers-third-round-cjeu