Comment by lompad
2 days ago
And not only are those cries wrong, reality is quite the opposite. The vast majority of fines are towards european businesses. Big Tech aren't the only ones who violate data privacy standards all the time. [0] You just don't read about those here, so people like to just assume those fines don't exist.
Additionally, it helps to actually learn how the current law developed - it primarily was modeled after the german Bundesdatenschutzgesetz, which was put into law in a modern form in the 90s, long before FAANG.
[0] see the tracker: https://www.enforcementtracker.com/
Worth noting the tracker does not track which fines are currently being contested (in an obvious manner). i.e. do not assume all the fines you see there have actually been paid
Though probably safe to assume the smaller fines against smaller companies with smaller lobbying^H^H^H^H^H^H legal teams most likely have :-)
I went to the site and sorted by fine - I needed to go to the bottom of second list to find a non US company ? By the time I get to pages that are mostly non US companies the fines are two orders of magnitude smaller and dropping fast - do you have any aggregate view to compare ? I would not be surprised at all that indeed most of the fines were towards US companies in total amount.
I saw TikTok at #3 and #5, Enel (Italian) at #15, Vodafone at #19 (British) and starting at around #21 the list is basically dominated by European companies.
Speaking from personal experience, American companies, especially the big ones, tend to treat everyone else as "Americans that they don't know they're American yet" or alternatively "slightly dumb Americans".
At least for one of them, yeah, they apply the legal laws, but the general decisions are taken in the US with little regard for local "non-impeding laws", I would call them. "Impeding laws" would be laws that would block the launch of something (for example they wouldn't attach an AR-15 to every product sold). "Non-impeding laws" would for example be, labor laws. They just assume that what works in the US sort of works everywhere else and deal with the consequences along the way.
I count TikTok as big tech non-EU so I automatically put it in to that bucket but you are right it is not a US company. Still fits the theme that EU is using GDPR to shake down big tech it does not own. I missed Enel (did not know about them) and yeah Vodafone was bottom page 2 first EU brand I recognized from the list, but OK middle of page 2 for non-EU.
Again just a rough feeling from the list but I would speculate that over 50 percent of fines in total were towards US or non-EU based companies.
17 replies →
Its because American companies are much larger than most European companies in terms of revenue. And because the impact of their infringements are much larger due to the nature of their business. If Bumfuck LLC from Sweden with maybe a 1000 customers fucks up they arent impacting millions of users, unlike when Google or Meta does things.
IME as an American, US companies play much more fast and loose with laws. Especially tech, which has "disrupt first, ask questions later" approach to ethics.
I was surprised to see doctors and even a bakery on the list!
One of the earliest enforcement actions was against a mailing list. If I remember it was because it CCed all the participants instead of BCCing them.