79 comments

[ 2.9 ms ] story [ 67.8 ms ] thread
(comment deleted)
It's not a "UK Image site", it's a US company.
> Mr Capel said: “We have been clear that exiting the UK does not allow an organisation to avoid responsibility for any prior infringement of data protection law, and our investigation remains ongoing.

Block UK access now just in case.

Imgur only has yearly revenues of around $30m. The money they make in the UK specifically likely doesn't justify wasting resources on compliance.
I suppose this is a serious question - does this mean that in theory HN should ban UK users? Or is HN likely compliant with this law? It is hard to pierce through the Orwellian language in the article (does "safeguarding children’s personal information" mean retaining or deleting the data?).
How is one country able to fine businesses in other countries? What legal authority or ability do they have to do anything?
I invite you to search HN for 'libor' and see how many of the American users of this website were affronted by the vast fines dished out by the US government to UK-headquartered banks for manipulating the LONDON Interbank Offered Rate from their offices in London, UK. If you can find a single one I'll eat my hat.
In agreement. What's with the fines. They're not in your jurisdiction, block them or leave them.
> The ICO also confirmed that companies could not avoid accountability by withdrawing their services in the UK.

This is quite a slippery slope. If I host a website in one country, I do not necessarily care where people access my website from. It is not like I actively provide a service to them - they just use internet (decentralised network) to access it. What if I publish a newspaper here, someone takes it where the contents are illegal, am I accountable?

This part bothers me. Enforcement seems to be at their discretion. In this case the framing or reality around the fine is very bad, they sort of say it's intentional themselves.

They're leaving and they're getting the fine. Implying if they didn't leave and implemented changes, that there is a chance they may not have been fined.

(comment deleted)
I agree, but if you sell products or subscriptions to people in a foreign country the situation becomes different. And if you run ads then the situation is more complicated but closer to that than to your personal website.

IMO the question is not if such services should be held accountable by local laws but how they should be held accountable. I think it would make more sense to go after the UK entities profiting from the endeavor: advertizers and financial institutions involved.

How do you "pull out" of the UK if you are not a UK company, you are a US company, hosted in the US, and proxied by Fastly. There's nothing to do? You do not need to abide by UK laws, even if your website is accessible from there.
As a Brit.

Good - cause the maximum amount of pain, start pulling services across the board - the more it happens the more painful it becomes for the government to defend it.

There was a fair bit of pain in 2014 when ISPs proxied non-https Imgur to do IWF filtering (and broke it). Yet here we are!
Following this logic, I suppose that, in the future, cars that cannot automatically detect the presence of a child in a wheelchair and prevent the engine from starting will be banned.
Hopefully many more companies do this and British internet users migrate to use of VPNs. This will apply maximum pressure on the government to reverse these parochial laws.
Question: How does a company block access from an entire country? Is that done through DNS or IP range or something else?
What's the backstory here?
This is a shame, Imgur was a good source of fun. I understand what's the reason behind this decision, the current "implementation" of the Online Safety Act is the worst way to handle this problem. Unfortunately I can't see any way that can be reasonably implemented to check the age of the user.
It's actually unclear what the cause of this is.

There is an ongoing ICO investigation about privacy and handling of children's data under data protection laws, rather than this being related to the Online Safety Act:

https://ico.org.uk/about-the-ico/media-centre/news-and-blogs...

The ICO has indicated it is planning to give a fine to the owner of Imgur due to breaches of data protection laws.

Outrage! Now where am I going to get my cat pictures from ?! ¯\_(ツ)_/¯
The UK has started a version of censorship the equivalent can be found in countries many would say are considered dictatorships. It is absolutely shocking as someone who lives here and needs to be fought.
Good for the UK IMHO. Just seeing with how many 3rd party sites Imgur shares data with is disgusting.
The global internet sure was fun for a bit.
The UK has been doing this sort of stuff for at least a decade. For example they have the PIPCU which under the guise of copyright threatens 10 years in prison for sites not even in their jurisdiction.

https://torrentfreak.com/uk-police-launch-campaign-to-shut-d...

And with that, they have at the least gotten registrars not located in their jurisdicrion to transfer domains

https://easydns.com/blog/2013/10/08/whatever-happened-to-due...

So has alot of Europe to be fair, I think it's a cultural thing honestly.
The US has always claimed jurisdiction on foreign-hosted but US-accessible content.

Do people forget the owner of Megaupload being extradited? In many ways this is just catching up to the current US state.

And there's a lot of confusion here between basic consumer data protection laws and (IMHO massively overreaching) "Online Safety" laws. This isn't Imgur making a stand for free speech, this is Imgur wanting to track and sell user data - to which minors cannot consent. Putting on my tinfoil hat you could argue that many of these companies are trying to encourage this misunderstanding intentionally.

Im sorry, if you run a site some where not in the UK. It doesn't give the country jurisdiction over the entire internet.

If a country wants to enforce some kind of rules, they will have to apply them to the countries residents, because its the resident that go out on the net and conduct the behavior, not the other way around.

This has been common sense for a long time now. Everybody is going crazy/mad. Must be some seriously narcissistic people running the UK.

If you are serving the UK market, you follow UK laws. It's that simple. In this case they are misusing UK children's information, that's a no-no in a country that has actual consumer protection laws. I'll wait for the EU to catch up on this too.

While the UK and EU (and US) like to pass stupid laws, in this case it's just an American company misusing citizen's data and not giving a crap. Good riddance.

WhatsApp, Telegram and everyone else should pull out of EU in protest of Chat Control. Then EU will be forced to make its own chat app, UX will be terrible, and citizens will finally feel enough pain to contact their representatives ;)
I did contacted them. All of them who didn't yet have a referenced public position on fight chat control for France. By phone. Only two responded with a clear alignment. Good that I did it by phone, because apparently for some of them getting several thousand emails per day can only mean they are victim of a spam attack.

Not only they don't represent anything but there own little interests, but they won't even have the decency to express clearly what they are standing for. Even lip service is not assured anymore.

> Sending message...

> Sending to your local police dept... OK

> Sending to intended recipient... Failed

Chat apps were already so oversupplied as to be free even before AI could vibe code them. Or, indeed, before the US relented on export bans for remotely adequate HTTPS implementations.

In other words: What pain?

signal is open source, so they'll just download the source, build it, add a backdoor and push it to the app store

same as that weird official USgov version hosted by israel

This 100%. There would be a lot more pushback in the EU against this nonsense if, overnight, EU users found the majority of their apps no longer work.
> feel enough pain to contact their representatives

It doesn't work like that because the European "Parliament" is a joke. For starters, they can't initiate anything, they can only approve or reject (of course that it's almost always approve) stuff that is being passed to them from higher up, most of the times from the European Commission, if I'm not mistaken. Ah, they can pass/generate "resolutions", which are basically empty words put on a piece of paper.

Second, the people there don't "represent" anyone, at most they represent the political parties that have put them on the lists that got them into the European Parliament, but that's it.

We (in most EU countries) don't have representatives. Parties have representatives. To be listed on a ballot you need to be with good standings with your party and get chosen by them. Then various method ensure that you can't be elected if you are not a member of a party (anyone from a party below 5% is not getting in for example).

This means officials only care about what their party leaders tell them to do, not what voters think because voters matter very little to them. That's why American "contact your representatives" does very little here - they are not your representatives, they are representatives of party leaders.

> Then EU will be forced to make its own chat app, UX will be terrible,

Why? EU can just tell an LLM to build an alternative app, they can just tell it to make it user friendly and make no mistakes. That's the primary use case of Trillions of dollars of investment in GPUs and electricity to power them.

JK(or am I?), a protest will be a boon for EU, which is growing Anti-American each and every day. The EU alternatives don't exist not because Europeans can't code but because EU market is open to US companies and there's no reason for duplicate effort as winner takes it all thanks to network effects. EU capital just invests in USA based companies that operate in EU. It's much easier, lower taxes lower worker protection standards etc. Also, US has much more capital to burn to corner the markets, they also just go ahead and buy anything European i.e. Skype. and not risk competition.

This article is about an existing UK law and Imgur, an image hosting site (although, it does have some social features).
Why are we talking about the EU in this thread? I don't see how draconian UK laws relate to a proposed chat control law in the EU that hasn't even been drafted and would likely not survive a judicial challenge if it were to be approved.
I might be the only one that’s in support of chat control. I would like the internet to be so walled off that it becomes boring and maybe it will stop all the brainrot.
> Then EU will be forced to make its own chat app

We'll make our own Chat App! With blackjack! And...

This is nothing to do with Chat Control or the EU.
Why would the UX be terrible necessarily?

If the EU or companies within did make a chat app and it got widespread appeal, it would just be exactly the same as WhatsApp. WhatsApp isn't special in any way whatsoever, besides having a critical mass of users.