Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

> The problem is that the GDPR has been largely a failure protecting citizens from corporations, but it has hurt everyone else.

This is just laughably incorrect. Literally every Fortune 500 that I work with who has operations in Europe has an entire team that owns GDPR compliance. It is one of the most successful projects to curtail businesses treating private data like poker chips since HIPAA.



Is their job to reduce private data to the minimum needed, or the maximum allowed?


Probably to find loopholes and questionable interpretations.


Would you consider GDPR a failure if businesses collected the maximum allowed under the law?


A requirement to minimize data collection is part of it.


It would really hard to believe that Google and Facebook do comply with the (spirit of the) GDPR and deletes all personal data when it is no longer necessary. That would simply go against their business model.

Anyways, GDPR doesn't protect your data, it just specifies how companies can use it. So all my name, address, phone number, etc. will still be stored by every webshop for 10 years or so just waiting to be breached (because some tax laws).




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: