For now it has an "adequacy decision"[1] allowing such transfer, but future changes could threaten that, and activist such as Max Schrems would happily (and rightfully) attack this decision if it happened.
Schrems II might be a blessing in disguise for the European hosting/Saas/Cloud industry, we'll see !
[1]: https://ec.europa.eu/commission/presscorner/detail/pt/ip_21_...
I don't think the UK has that much to offer in terms of cloud and storage. All the big brands are in continental Europe or Ireland. The real impact would more likely be that externalised services that some European businesses contract dedicated companies in the UK for (payroll, data analysis, marketing, insurance, etc.) could suddenly become a subject to strict privacy rules that would make it impossible to continue if the UK were to be dropped of the whitelist.
> Great Britain is becoming Little Britain. The UK is like a giant Cayman Islands in 2016. They used to be the wise and perfidious grownups in the geostrategic room, but now it's all about squalid, petty things like Brexit, Scottish secession, anti-immigration; British political extremes are thriving and the middle is dead as mutton. They've lost their soft-power by the bucketful; people who used to beg for their wise counsel now ignore them. What do they want -- to be Airstrip One for any creep with a trailer-truck full of cash? I've never seen them think so small.
This was even before the Brexit vote, and before BoJo became PM...
[1] https://people.well.com/conf/inkwell.vue/topics/487/Bruce-St...
There is a low flat tax rate (30% iirc) for some years (was 5 when I last checked) if you're working in an "in-demand" sector, and tech is one of those sectors.
This is somewhat controversial from what I understand, not all of the Dutch like it, and I understand why: it's not really very fair to give foreigners a tax break and not your own people. But it's interesting nonetheless.
Spain has the Beckham law - https://en.wikipedia.org/wiki/Beckham_law - though it might not survive much longer.
Sweden has a similar policy but you need to earn over ~120,000 euros: https://www.forskarskattenamnden.se/forutsattningarforskatte...
I was really close to moving to NL to take advantage of that (vs. the insane taxes in Sweden) but unfortunately at the time I got the offer they were still in full lockdown restrictions.
Some people in my country fail to realize that in this case the Dutch state did not invest in the education of these people. I suspect the math works out.
Another way to look at it would be that these expats contribute to our economy and society without having cost us money in preparation (schooling etc.) So I think it's a win-win.
I guess a majority will be opposed if you'd ask plainly. The main effect is that companies save on their payroll.
Having worked as a European expat in the UK for about two years in the software industry this is how it looks for a lot of companies. Majority of revenue is either US or the European market (largely depending on what you're selling), with the UK market at most capturing say, 20%-30% of revenue.
It makes in my mind no sense at all to diverge from the EU on privacy policy. All the difficult compliance matters hat already been harmonized over the years, most of them are sensible anyhow and good enough to build upon, and the world is more and more moving towards data sovereignty type frameworks, in Asia as well.
The British market itself is now so small on the world-stage, some kind of national solo-mission when software is so reliant on global markets
We will be providing more formal documentation about how customers can transact with us through the new entity and take advantage of the new oversight.
The article starts immediately talking about Cronofy (using "we"), without any indication to the reader what Cronofy is and how you are related to it. Just an introductory sentence along the lines of "As the CEO of Cronofy [link to company site] (we do XYZ) I wanted to share thoughts on..." would have kept me reading. Instead, I followed the link to https://adambird.com/ at the top and didn't find anything to help provide the missing context, so I just moved on.
To be clear, if this article was only intended to be addressed to a narrow audience that was already aware of all the context then it was probably fine, but for an outside observer like HN it's very unclear.
The whole thing is about the company. Not washing.
It's a smart move, though you do see thru it all over the years.
> Whatever we say to our customers about how Cronofy approaches data privacy and controls, corresponding enforcement will not follow. (...) We can make our protestations about ISO certifications, data management controls, segmented data hosting. However, prospective customers won’t necessarily get that far because we’ll be discounted based on our location. I don’t blame them. Data protection is fraught and complicated. Why even entertain the risk of going with a provider from outside the EU.
If UK law would require backdoors in a way that conflicts with GDPR, how could they remain compliant?
I think more realistic than a trashed economy will be a hyper-neoliberal free market economy with even huger discrepancies between the rich few and the vast majority of poor, with GM crops, terrible workers rights, masses of migrant workers without access to the welfare state, meaningless digital rights, housing and offices in London owned by the world's rich who extract rent from those who live here, and so on. A sorry situation from the perspective of EU rights, but not necessarily a catastrophe from a hardcore-neoliberal perspective.
I'd bet on the UK becoming a low-punching competitor to EU economies, and one they'd perhaps be keen to have on their side.
The question is how we in the UK are transformed by the whole affair.
It solves a lot of problems for Ireland, assuming Northern Ireland hasn't rejoined the Republic first.
Point being - every bit helps!
Step 1: adopt the euro
Step 2: improve education for all ages and groups about misinformation, propaganda, etc. to reduce the chances of a bus driving around london from making you change your minds again in 4 years
Step 3: apply to enter as an equal into the EU, instead of trying to cut some half assed deal for half the rights and half the benefits
The UK should try to push to become a high-skilled, high-wage society like Norway and California.
As other have mentioned the status quo is now something entirely different and “remain” won’t mean much in a decade.
Didn't assume that. All I said was that 'those in charge will have come from a generation that overwhelmingly voted Remain', which will be true regardless. The kind of strategic thinking needed would be how to maintain their sentiments towards the EU.
It's also of note that this generation is overwhelmingly progressive in their politics, is being denied radical action on climate change, denied the ability to buy a house, laden with university debt, and so on. The conditions are ripe for a generation who wants radical social change, and maybe rejoining the EU will be part of that.
So I'd not count that children vote with any certainty, let alone use the "think of the children" logic given how that actually panned out.
But if the UK was to rejoin - I'd expect it will be with a clear majority who will embrace the EU beyond seeing it as easy holidays to Spain and day trips to France for cheap booze and fags - As that is how the majority treated it.
One campaign on this consultation is to abolish the stupid Cookie Consent requirement, that is evidenced again and again to be wholley pointless.
Anouther campaign with this consultation is to enable medical researches to use anonomised NHS data. The National Health Service (NHS) is huge and useing that data could usher in some great medical advancements.
The government cites a project at Moorfields Eye Hospital and the University College London Institute of Ophthalmology where machine learning technology was applied to thousands of historic de-personalised eye scans to identify signs of eye disease and recommend how patients should be referred for care.
There is no plans to weaken GDPR. Even if there was Adam Bird's company is welcome to go above and beyond the requirement.
It's all nonsense, move if you want to. At this stage he doesnt even know what is changeing, to state Brexit and GDPR as the reason is premature.
Is it? It caused some companies such as GitHub to get rid of third party cookies entirely, and they don't need to ask for consent for the cookies that they do use. If only the law were enforced more, and I imagine in a few more years many more companies would be compliant.
It’s a brand issue. Being EU based signals that you have to obey GDPR by law, not only contract. Just like being a Swiss bank was a brand advantage long time ago.
Of course, for their EU customers any company has to comply with GDPR by law.
You and I have read a very different consultation document, then.
The UK government absolutely are planning to weaken the UK GDPR.
If you've successfully anonymized it, it's no longer personal data subject to GDPR?
Not sure you want to alienate the US just to score some political points when by you own admission - the bulk of your business is with the US ( a country that has a larger patriotic base than the UK and more experience of how to exit a union ala 1776). Point being any US company can implement a more stringent data policy beyond the scope of legal remit within the country of operations, so that's a USP that isn't exclusive. More so given you charge in $ already and not £'s or ever have!
But then, that's why the blog is not upon the company domain (of which cronofy.uk is available still) - even they can see it is a bit too politically charged and slanted. So with that, prudent move and appreciate it is good to vent and some venting can cause issues, so a fine balance in that approach and kudos for the hindsight to see that.
As for new location - have a good look as some EU countries offer some nice incentive packages and I'm sure many would love to see those compared.
Theoretically, yes, you are right. But some companies are just going to say, oh, you are based in the US, let's look for a different vendor.
It's not even necessarily about the GDPR. For example, US companies tend to send really shitty invoices. There's barely any info on the invoice, some don't even include the full legal name and address of the invoicer. That really sucks when the tax authorities audit you and want proof for where all your money went.
If I buy services from the EU, I can assume that they comply with the GDPR, and I know that I'll get a proper invoice with VAT, and I won't have trouble with the tax authorities.
VAT and invoices are part of GDPR? Financial regulations yes - sure, of which the UK is pretty darn good upon.
But if a company invoices you with bad invoices then you can just refuse them and ask the correct and resubmit - even in the USA. As you say, you need them done right for tax reasons and believe me, countries and tax laws are tight, so to ask a company to redo it with the missing information is hardly going to be an issue - more so if they want paying.
The whole aspect of assurance of compliance you make though - very valid point. Just shame such things like GDPR need to be driven by countries and not some global standard that could be audited and approved that is not tied or limited by any country.
So if there was say some International standard with an ISO number outlining such standards, companies could adopt that and get certified compliant and it gets driven that way. As with many standards, adoption by insurance/reinsurance companies goes a long way indeed.
What is alienating about speaking the truth? Any US company must of necessity be considered to reside and operate under a privacy-hostile regime by an EU company thinking about doing business with them.
