Comment by throw10920
6 days ago
> compliance can hit the small guys relatively harder and entrench the big guys
This is almost always the case, actually. Regulation and compliance are taxes on the productivity of an organization. And the "shape" of the tax is mostly flat - the burden is sublinear in the size of the organization, so the relative effects on smaller companies are bigger. And smaller companies already have significantly less available resources, and especially less legal resources (no lawyers on retainer), to handle it.
Obviously that doesn't mean that regulation shouldn't be passed, just that you have to write it very, very carefully - think embedded systems rather than web frontend - minimizing complexity and aggressively red-teaming it for loopholes and edge-cases.
OTOH an indie dev probably isn't running some massive server farm with 20 linked microservices that would be hard to replicate.
Yes, that's true, but to be clear, even if the actual compliance isn't that much of a problem (as you correctly point out here), just determining how to comply is burdensome and may require expensive experts (or even lawyers) to verify - see the confusion around GDPR, for instance.
Again, I'm not saying that it isn't worth regulating, just that you need to design the regulation as carefully as possible. You'd probably agree that the best regulation is that that minimizes burden on companies while maximizing positive effects for consumers, no?