Ask HN: Legal compliance for small side projects

4 points by zawerf ↗ HN
To fix my paranoia, can I get some case studies for what's the worst that can happen for messing up terms of service / privacy policies?

Fines for $xx billions for messing up COPPA compliance like in Silicon Valley(the HBO show) is probably not real: https://youtu.be/JNuTcsp4SvA?t=40

But what's something more realistic that actually happened before?

My specific website has user generated content which blows up the legal complexity a lot (intellectual property rights, DMCA compliance, user accounts which means GDPR stuff).

Is there any scenario where I can't just fold up shop and run away? Do I need to be doing the project under some LLC?

7 comments

[ 2.8 ms ] story [ 33.2 ms ] thread
The worst that can happen is described in GDPR quite clearly https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CEL...

Note that I'm certainly NOT a lawyer.

..but still here in European Union the preference has been (at least pre-GDPR era) to first give a written warning to service provider about not being inline with the regulations. This has also included a period during which the provider can fix it's behavior. If regulations are not met after given period only then (usually progressively and aligned with the extent of the business and real damages caused) monetary penalties will arrive. This is EU not US.

When looking here from Finland GDPR is not that big change as we have had quite strict national regulations in place since 1999. The biggest change here is that user should really be able to get all it's data removed permanently from whatever service she/he has previously used (usually referred with terms right-to-be-forgotten). Another big change is that it is not anymore up to only the actual end-user to raise a lawsuit about personal data losses but to give also for an authoritative entity possibility to raise that lawsuit without prior actions of the original end-user.

I am asking for something more general than GDPR. And I guess the worst case isn't what I am looking for either (since that would just be "fullest extent of the law").

I am trying to see what people would actually litigate over and from what I've read it seems like GDPR only applies to larger companies or pretty egregious behaviors.

I want to get a sense of the EXPECTED financial damage versus the cost of full compliance. This is just random side projects and it will take longer to understand the legalese than to code it!

For example I am sure people often misuse open-sourced licenses, forget to pay for rights to use images or fonts, forget to register at copyright office for DMCA safe harbor, etc. But the cost for all of these is not the same. Open source license misuse only matters once you get pretty big and get on their radar. But misusing a Getty Image has a 100% chance of being fined since they scan the web for unlicensed use.

One additional question?;

are you referring on to a case where you have not met the regulations (from the perspective of the information and options you give to your end-users) and authoritative entity comes to you with warning which you are not going to notice

-OR-

are you referring on to a case where personal user data is stored and used without end-user explicit consent and/or knowledge and/or that data "leakage" has caused/will probably cause in the future real damage to this user

The first case but I am not worried about anything where they "warn" you first. So despite the timing my question isn't GDPR specific.

I am mostly worried about cases where you just get sent a settlement letter or a fine. There's a sue-happy litigation-for-profit culture in America.

OK, I got it now. How improbable that this is not mainly GDPR related question with this timing :) Still my mistake, sorry.

So the main scope is with IPR and 3rd party licensing matters and GDPR is just another additional side track.

Not commenting about first two. Let me know if still some concerns in GDPR scope as I've been working too heavily with it within last months.

Blockchain Help, since its inception, has been providing cutting-edge technology solutions and in-depth domain expertise in bitcoins, blockchain development, ICO launches and cryptocurrency development. Ably supported by an exceptionally talented and experienced team of technocrats, Blockchain Help is quickly gaining recognition as the one-stop solution to everything related to blockchain and cryptocurrencies. TO KNOW MORE,PLEASE CHECK OUR WEBSITE:- http://www.blockchainhelp.pro
If “fold[ing] up shop” includes filing bankruptcy and losing all of your non-retirement assets, and you’re cool with that, then you’re basically good.

An LLC won’t protect you from claims that you personally screwed up; or that you treated the LLC like an alter ego (rather than as a separate entity) and thus piercing the veil is appropriate.

If you want to consider a very very unlikely but not impossible scenario, look at the Hulk Hogan/Peter Thiel vs. Gawker litigation and its aftermath.

If you need protection from litigation threats, you need insurance; structures like LLC’s don’t win/settle lawsuits, they make it tougher for plaintiffs to collect after they win a judgement.