Comment by roenxi
1 year ago
The typical formula is: if you aren't confident that you are complying with the law, maybe don't operate a business that way. Welcome to compliance!
That is the thing with bureaucracy; it isn't there to help people run just-acceptable privacy violating businesses. It is there to squelch the ones that are unacceptable. If you want the EU to write an acceptable business plan it'd be "don't start this business, it might violate privacy". And there does seem to be support for the EU regulating in that manner. I haven't met many people who are pro-privacy-violations.
> if you aren't confident that you are complying with the law, maybe don't operate a business that way
Sure, and that's why there's far fewer EU startups.
>The typical formula is: if you aren't confident that you are complying with the law, maybe don't operate a business that way. Welcome to compliance!
And the result is that they get exactly what they asked for: people not operating businesses that they otherwise would have, because of onerous, burdensome, complex, bureaucratic and uncertain rules.
Any business can "violate privacy" because the EU has made up a definition of "privacy" that is totally absurd. It created from thin air (with no public debate) the idea that information about you belongs to you. I say that is rubbish.
Privacy used to have a clear and narrow meaning. It meant freedom from interference with your things. It meant the state could not break into your house, set up cameras or microphones, snoop on your documents, read your mail, or listen to your phone conversations.
Somehow we have a world where we are under constant CCTV surveillance by the state (Britain is the worst for this but other states aren't far behind, and are all very bad) and that is supposed to be fine. But if you contact someone's previous employer to ask your opinion of the employee, without the employee's permissions, you have "violated their privacy". This is because a "privacy principle" is that if you "collect" "personal information" about someone, you should collect it from them, directly, except with their permission.
Nobody understood "privacy" to mean you couldn't do casual reference checks until 5 minutes ago. Now it is supposedly a fundamental human right!
Even if you were confident you were within the bounds of privacy law when you started your business, by the time you get off the ground and start making money they'll have expanded the definition of "privacy" to encompass something new. It is completely reasonable for people to choose not to bother with all this crap, IMO.
The fundamental thing behind this is revealed by your comment, actually:
>And there does seem to be support for the EU regulating in that manner. I haven't met many people who are pro-privacy-violations.
Exactly! The word "privacy" has strong cultural power. If you can put your pet concept into that category by stretching then idea to breaking point, people will support it by accident. People care about "privacy" because they care about privacy (the real, coherent, original concept). They mostly don't even realise how much the term has been twisted and changed over the last 10 or so years. If they did, they either would change it back or they'd stop caring about the term. Because, remember, words are just labels. In the long term, this language twisting shit doesn't work. In the short term, though, you can trick people into supporting things by calling them "privacy" or "human rights" or "equity" even though those terms didn't mean, even 10 or 20 years ago, anything like what they supposedly mean today.