undefined | Better HN

0 pointsgrabeh7y ago0 comments

It would be a shame to take down your old blogs as I'm sure people get value from them.

My approach is one very much based on risk - how likely am I to receive requests from data subjects requesting deletion of their data? How likely am I to be subject to a targeted attack where people try to remove information from my server? How likely am I to be the subject to enforcement action if my server is hacked and data is leaked?

On one argument operating a blog is a purely personal activity and so out of scope of GDPR in any event. If you're outside the EU, GDPR will only apply if you are actually offering goods/services to those in the Union, or are monitoring them. I take the point about analytics in the second place, but in the absence of analytics, I don't see that making available a blog constitutes the offering of goods/services?

0 comments

morgante7y ago

> My approach is one very much based on risk

Mine too. The risk is massive fines, while I currently derive virtually no benefit from my online presence.

> On one argument operating a blog is a purely personal activity and so out of scope of GDPR in any event.

I also own a business and previously several of my clients have come through my blog postings.

grabehOP7y ago

Just to be clear, there is little to no risk of someone running a simple blog getting fined by a data protection regulator.

In the UK for example the ICO who regulate data protection matters concluded 17,300 cases, in which only 16 of them resulted in fines.

I’m just intrigued as to how you have developed this perception of GDPR and data protection law looking to regulate small one man blogs out of existence?

/edit oh and my other point still remains - even if you’ve got some customers through a blog, you don’t appear to be within scope of GDPR on the assumption you’re not directly looking to do business with EU based customers (for example through offering payment options in European currencies).

pilsetnieks7y ago

> I’m just intrigued as to how you have developed this perception of GDPR and data protection law looking to regulate small one man blogs out of existence?

There are huge industries with vested interests against privacy and consumer data protection and they have deep pockets. That person, if not instrumental in spreading misinformation, must then be a victim of it.

pilsetnieks7y ago

Do you habitually post personally identifiable information of other people in your blog without their consent?

j / k navigate · click thread line to collapse

0 pointsgrabeh7y ago0 comments

It would be a shame to take down your old blogs as I'm sure people get value from them.

0 comments

morgante7y ago

> My approach is one very much based on risk

Mine too. The risk is massive fines, while I currently derive virtually no benefit from my online presence.

> On one argument operating a blog is a purely personal activity and so out of scope of GDPR in any event.

I also own a business and previously several of my clients have come through my blog postings.

grabehOP7y ago

Just to be clear, there is little to no risk of someone running a simple blog getting fined by a data protection regulator.

In the UK for example the ICO who regulate data protection matters concluded 17,300 cases, in which only 16 of them resulted in fines.

I’m just intrigued as to how you have developed this perception of GDPR and data protection law looking to regulate small one man blogs out of existence?

pilsetnieks7y ago

> I’m just intrigued as to how you have developed this perception of GDPR and data protection law looking to regulate small one man blogs out of existence?

pilsetnieks7y ago

Do you habitually post personally identifiable information of other people in your blog without their consent?

j / k navigate · click thread line to collapse