Hacker News new | past | comments | ask | show | jobs | submit login

I work in medical software and I can tell you from first hand experience that regulations absolutely affect how companies gather and handle data. That regulations don't constrain what they don't regulate is sort of tautological. That's an argument against specific regulations, not against regulation. At any rate, it simply isn't true that all regulations have special carveouts for government.



i think the idea is less that the regulations aren’t followed, but more that the companies are maliciously compliant.

GDPR and the cookie banners are the perfect example. GDPR never says you need the gigantic banner, just that you cannot track without consent and it must be as easy to retract consent as it is to give it. somehow, this devolved into the cookie banners/walls, which are not required and in fact likely not compliant as very often there is no way to reject everything. i travel a lot in europe and asia and google is a clear example of a sort of malicious compliance. some countries in eu they show the reject all option easily. for others you have to log in and go through many settings pages. most other big companies are not much better or even worse.

that is the issue in my opinion. the goal of the privacy laws is very clear but the companies just do not care usually. i am very happy when a site truly respects my choice on their cookie/tracking consent banner, and even more so if they just don’t collect anything in the first place or ask for telemetry data instead of assuming it’s their right.

that is why i personally am not happy with the regulations from the US so far as they’re anaemic; the companies still treat your privacy and personal life’s details as if it’s their right to mine for data. until there is effectual law stopping all this and making such broad data collection something extremely rare and limited, nothing will change. and with how much of this data governments are buying, i’m not holding my breath that it’s going to get better.

until then i guess we need to continue to teach people that the technology they buy and use often is actively hostile towards the users in favor of giving the companies more personal data.


The GDPR devolved into (non-compliant) consent popups because it's not being enforced strongly enough. The majority of those consent popups aren't compliant with the regulation.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: