Ask HN: Non-Eu Developers how do you plan to handle users from GDPR countries?
"The EU's General Data Protection Regulation is going to be implemented in May next year."*
Multinationals operating in GDPR-compliant countries will face MASSIVE fines if a request to delete PII isn't fulfilled within some time-frame. In addition, proof needs to be provided.
Given that data-sprawl is an insufficient term to describe the organizational-complexity of consumer-data within large firms, what's the plan???
* - Inspired-by/stolen-from: https://news.ycombinator.com/item?id=15932232
15 comments
[ 2.0 ms ] story [ 22.0 ms ] threadIn theory any person should be able to ask a service to remove all his personal data if he wishes. EU just makes this a law which, IMO is very good.
It's funny how people praise privacy and at the same time don't want to do anything about it for their userbase.
If a user asked me to remove their data I would, but I don't want to do this because some entity on the other side of the world decides to apply their laws to me. Allowing this sort of activity is only going to end in tears.
GDPR mainly resolves flaws in how companies relying on IT use their customers data. Blocking EU customers is just delaying the inevitable since GDPR equivalents will be established in US or whatever too.
I still get the occasional angry user complaining that my website deleted something of his after he clicked the delete button and the confirm button. So I make his day by flipping .IsActive back to 1.
If you really don't want something to be on the internet, don't upload it to the internet.