undefined | Better HN

0 pointscrankylinuxuser8y ago0 comments

There is a bigger problem with GDPR compliance.

Say I use a DDoS prevention service (like cloudflare). They get my user data, and also have to be under scope of GDPR as well. And since IP isn't indicative of EU citizenship status, a company had better apply GDPR to everything rather than just a subset.

In the end, this law makes a "We respect the privacy of your data" subset of providers, and provides a great way for us users to identify bad actors (Google, FB, Amazon, etc).

0 comments

jgrahamc8y ago

a company had better apply GDPR to everything rather than just a subset

And that's what Cloudflare chose to do. We are treating all customers the same regardless of location.

"Of the companies I spoke with for this story, both Cloudflare and Mozilla will be GDPR compliant no matter where their customers are located." https://www.fastcodesign.com/90171699/what-is-gdpr-and-why-s...

crankylinuxuserOP8y ago

I'm absolutely glad to heard that (about CloudFlare).

The GDPR is becoming a "I'm doing the right thing" checkbox. At least with the European rule, we data-drained Americans can rely that these services might cost more, but we retain our rights.

Lack of will have to be scrutinized. Smaller places may make the determination based upon reasonable answers, or be malicious. Facebook/Google/Etc wouldn't exist in their current forms if there was strong privacy rules in place.

j / k navigate · click thread line to collapse