In recent news, Google has put forth a proposal known as the "Web Environment Integrity Explainer", authored by four of its engineers. On the surface, it
The year is 2023, every single major tech companies are racing each other to become Public Enemy No. 1. And the only Hero we have is the EU, will it be able to save the day?
Don't have too much faith in the EU. Corporations are still heavily influencing politics. They will probably come with half assed laws that have loopholes or workarounds.
The #GDPR is absolutely a perfect example of ½-assed laws & loopholes. I have filed reports on dozens of GDPR violations; not a single one of them lead to enforcement. The GDPR is just a prop to make people feel comfortable as the EU destroys the offline infrastructure.
I did as well for the Catholic Church. I don't want to have my name associated with a gang of child molesters so I invoked the right to be forgotten. The church told me that baptism is sacred and cannot be undone. The Dutch institution for GDPR claims never did anything about it because they're overloaded with requests.
Oh well, I'm not willing to give it more energy either. It's mildly annoying but doesn't affect my day to day life.
Maybe you misunderstand the enforcement part of the GDPR. It's not made for you to get personal enforcement out of it. It works on the basis of multiple infractions being recorded and then escalating the agencies response level.
I work with many companies as IT consultant and I can assure you, that they all FEAR the GDPR and treat natural person data very well because of that. Enforcement of GDPR does happen and you can review every enforcement on a public website called enforcement tracker. There are almost 1980 enforcement actions in their database.
I have also personally requested information about me and my family through the rights bestowed by the GDPR regulations and have EVERY TIME gotten the information within 30 days.
Maybe you misunderstand the enforcement part of the GDPR. It’s not made for you to get personal enforcement out of it.
You obviously have not read article 77. This article entitles individuals to report GDPR violations to a DPA for enforcement. Article 77 does not distinguish violations against an individual (which I suppose is what you mean by “personal enforcement”) and violations against many. Some of the violations I have reported can only be construed as violations against the general public. E.g. an org fails to designate a DPO.
The problem is there is nothing to enforce article 77 itself. When a DPA neglects to act on an article 77 report, there is no recourse. There is only a provision that allows lawsuits against the GDPR violators. But then when someone did that, and then claimed legal costs, an Italian court decided for everyone in a precedence-setting case that legal costs are not recoverable. Which essentially neuters the court action remedy. So we have an unenforced article 77 and a costly & impractical direct action option.
It works on the basis of multiple infractions being recorded and then escalating the agencies response level.
It’s not even doing that much, in some cases. The report has to get past the front desk secretary and be submitted into the litigation chamber before it’s even considered as something that would indicate a trend. If it doesn’t get past the secretary it does nothing whatsoever. Some of my reports were flippantly rejected by a pre-screening secretary for bogus reasons (e.g. “your complaint is ‘contractual in nature’” when in fact there is no contractual agreement, apart from the fact that the existence of a contract does not nullify the GDPR anyway).
I work with many companies as IT consultant and I can assure you, that they all FEAR the GDPR
So you’re only seeing the commercial response. Gov agencies & NGOs are also subject to the GDPR, which is where you see the most recklessness (likely due to the lack of penalty). On the commercial side banks also don’t give much of a shit about the GDPR because when they violate it there’s a shit ton of banking regs they point to and the DPAs are afraid to act against banks because of the messy entanglement of AML/KYC laws that essentially push #banks to violate the GDPR.
Enforcement of GDPR does happen and you can review every enforcement on a public website called enforcement tracker.
Indeed I’ve browsed through the enforcement tracker. It’s a good prop for making the public believe that the #GDPR is being well enforced. They are cherry-picking cases to enforce to convince the public that something is being done, but people who actually submit reports know better. We see the reports that are clearly going unenforced.
I have also personally requested information about me and my family through the rights bestowed by the GDPR
I have had article 15 access requests denied which I then reported to the DPA, who opened a case but just sat on it. For years, so far.
(edit)
By the way, I suggest you leave Lemmy·world for a different instance. If you care about privacy at all, you don’t use Cloudflare nodes. I cannot even see the msg I wrote (which you replied to) because #lemmyWorld blocks me (which I give some detail here: https://lemmy.dbzer0.com/post/1435972). I had to reply to you based purely on your msg without context.
Forcing this might very well be something EU opposes. While there is a lot of corporate lobbying, Google would be forcing everyone to either use chromium or make compatibility changes into other browser. While not a total monopoly, it still limits the options radically. Therefore there might be hope that EU forbids this type of action. Let's see...
Thinking about it, a lot of these companies created astounding products on a relatively unusual business model of delivering for free (not totally unheard of, tv for example but still not the most traditional way of doing business) and absorbed, cannibalized or destroyed a lot of other services and functions with their ubiquity and unbeatable price.
The way they say it was funded was through advertising, but nonetheless much of the big banner services remained unprofitable for years or even decades. Sometimes the master plan is to get everyone hooked (users and advertisers) and then when they have little choice anymore, start making things cost, a lot more. The trouble with this though is that none of them are the only one's doing it and even with only a handful of big titans controlling it all, there's still the risk of one of your tech bros stealing your lunch when your start trying to cash-in and piss of your users and your customers alike so really I guess all of them doing it at once kind of makes sense. Kind of a "I'll jump when you jump" mentality and at least one has jumped. I somewhat wonder if they all planned to go this route at around the same time together or if they all just concluded that the short term gain in market share by taking advantage of one of them jumping wasn't worth the risks from the intense competition and just decided to instead cash in at the same time.
Or I'm just rambling and have no business sense or idea what I'm talking about. It just seems that might explain why this all seems to be coming to some kind of a crescendo at about the same time.