I don't care what they do
Anything would be an improvement over the wild west we have over here now!
The rash of high-profile IT security breaches, data thefts, and other hacks that have erupted over the last year or so may push US legislators to consider laws similar to Europe's privacy-protecting GDPR. This is according to Representative Will Hurd (R-TX), who told attendees at the Aspen Cyber Summit in San Francisco today …
Anything would be an improvement, but that statement show how much unfit for the role they are - all the issues were on the table and easy to see - but they didn't dare to touch big campaign donors until citizen were actually hurt in a big way. Time will tell if they really changed opinion, or will just put lipstick on the pig to calm down outrage until the next big breach....
All I have seen the GDPR do is litter my mailbox with companies wanting me to confirm that I agree to them continuing to send me junk, and that they can collect all sorts of data from me not relevant to their business together with web pages wanting the same with little or no option to opt out of the tracking and info snooping they bury in their page. It has not stopped anything as far as I can see only legitimatised it.
My life is not simpler with the GDPR nor do I consider I am safer from unnecessary tracking and snooping, just that it's all done 'legally'.
"This site does not use store or indeed keep any personal information about its visitors for any purpose whatsoever, and cookies are - unless you use the donation page - entirely superfluous to its operation"
If you are not happy with this policy, you are probably trying to make money out of suckers, and you are that which rhymes with them, so suck off."
I see still see many UK sites with opt-in or excessive clicking to 'confirm' you haven't opted-in. I'm hoping that fines will eventually start to roll in and this will change, but I'm not holding my breath.
Incidentally, if you're interested, the ICO has a survey to collect views on privacy for children. It's open until 5th December. However, when I clicked the link on the ICO homepage it said I'd already completed the survey. I had to go to the survey homepage and click on the surevy from there.
It's a long survey, I think about 30 minutes if you take your time, but well worth doing.
Todd- Big "companies really are scared of massive fines?" Hope so; but the record in the USA is NOT.
Since 2007-8 economic meltdown, U.S. DOJ & SEC have not got a criminal conviction against a single one of the big insurers, mortgage co.s, finance co.s, &other corp.s or their execs that helped make it happen & ruined hundreds of millions of people globally. In every case, they have "settled."In plainspeak that's a big fine, w/no criminal charge or record. This was never the case before -e.g. in the bubbles-&-busts of the S&Ls (80s), the M&As (90s), the tech bubble (00)s. All issued in prosecutions, criminal charges & jail for at least the most visible & egregious criminals. THAT scared them. The BO Admin was the 1st to score 0 criminal charges & convictions, , in this, the worst bust s ince the big one 1920s-30s - & one that is set to repeat, according to many uneasy investors. The Trump Admin seems to be following suit. These executive gangsters have set aside billions in invested funds as a "cost of doing business," to cover now-regular giant govt. fines. They continue to defraud customers & violate laws REGULARLY, in what financial papers are obliged to euphemize w/terms like "mismanagement." I expect big data firms to do the same going forward. Too plush to fail, these golden geese? -unlike the p opulations they've ravaged. // Eschew spyware media & INFOTAINMENT. Read the Financial Times, WSJ, biz sections of papers: follow the money- there's the genuine news.
Will I be safer?
As I see it rather than limit the data and tracking collected about us the GDPR has just allowed organisations to 'legitimately' hold that data. When a data breech occurs yes there may be large fines BUT our data has been swiped - a large fine does not help the individual. It may focus the minds of companies but they will balance the potential fine against cost of Lawyers to avoid the fine.
What we needed was the GDPR to STOP irrelevant data collection and tracking. I should have the ability to say NO you don't need my DOB to sell me a camera NO I don't want your tracking cookies on my computer, I don't ant my browsing experience 'enhanced' as I don't want to receive targeted advertising and the like.
"What we needed was the GDPR to STOP irrelevant data collection and tracking."
Laws won't stop that. Companies are big enough and shrewd enough to lawyer their way around them. Nol the only solution is to Fix Stupid and make it so that a sizeable number of people (enough to seriously affect their bottom line) make it a non-starter: threaten to turn everything into a cash-and-carry transaction unless websites start allowing the same: no exceptions. Until then, you're decidedly in the minority, and your money just doesn't speak loud enough.
To some extent you are missing the point. GDPR hasn't legitimised something which previously wasn't legitimate.
In the first instance GDPR requires companies to be transparent as to their operations. Now you can make a valued choice as to whether to use a particular supplier or not based on the information they now have to provide. Before you had no idea how your data was being used. If they don't provide the information you expect, don't use that supplier.
Next, GDPR does fundamentally require companies to minimise the data they collect, how long it is kept for and to protect the confidentiality, integrity and availability of that data.
Next, companies that don't perform are (1) going to get wrist slapped then fined; (2) lose business as customers will start switching to suppliers who are more enlightened about the protection of their customer's data.
This problem was never going to be fixed like turning on a light switch, but it is a big step forwards.
"This problem was never going to be fixed like turning on a light switch, but it is a big step forwards."
No, unless it IS light-switch no-wiggle-room, they'll just find ways around it. That's always been the thing with business, especially BIG business: they' like sovereign entities unto themselves who just work their way around any obstacle. After all, they can play sovereignty against countries.
I believe it's called "reaching across the aisle". It also won't hurt his potential influence to be seen as someone willing to be an intermediary in such contentious times especially since his road trip with Beto.
P.S. I'd put money on him being a presidential candidates in the near future, 2024 perhaps.
Brussels will never agree to weaken GDPR, that could be seen as an admission that they might have got something wrong, and hence is completely against their standard dogma.
I very much doubt that Washington will enact something as tough as GDPR since there will be too many "interested" parties who will be busy buying the votes of Congress/Senate critters to let anything through like that.
I think I see the problem between the EU and US. I'm pretty sure it's the common letter that causes the confusion. Let's see if I can explain graphically.
EU-----US > EU---US > EU-US > EUUS > EUS!!!
See, it's really hard to determine where one ends and the other starts.
Granted, both do it with the entire world and in a much less direct way than Russia and China do with actual land grabs but the principle is the same.
"Only when a nation doesnt realise where its border is."
What about companies whose platform is global? In the US, there are "town square" laws that demand that everybody be given their soapbox in places of public congregation(the details vary, but California in particular has some strong protections in its constitution); these haven't yet been applied to the online world, but doing so would be in direct conflict with various European laws demanding Facebook, Twitter, etc take down posts the government deems "extremist". Not privacy-related, but a decent example of how direct conflicts can exist.
@ Carpet Deal 'em
"Not privacy-related, but a decent example of how direct conflicts can exist."
You are right conflicts can exist. The internet was considered free (from interference) at one point and people were proud of that. As time has gone on the legitimately concerned got dangerous things censored and now with the beigists wanting everything banned it is going daft. But it is up to each country what their restrictions are and even if they wish to block stuff.
Access to online content can be and is different in various countries (yes I know VPN gets around it) so a nations borders are at its borders. Aka if it is legal in one but not the other, neither has the right to dictate even if that concept is beyond some politicians.
But now you can have a sovereignty conflict. Suppose a site based in one country with NO laws regarding online behavior has to cater to users from one country where their laws REQUIRE you allow their content AND those from another country that FORBIDS the same content?
Whose policy applies, as each country is sovereign and has skin in the matter (one is hosting, the other two's citizens are involved)?
I suppose that this is what has got our spooks in trouble.
US law seems to be that (some types of) torture is legal. Other countries have laws that say that torture is illegal. This seem to have got UK intelligence in trouble for allowing torture by the USA,
Yes, they are in a real bind but not as big as the poor sods being tortured!
One item that will not be in any law is the Chinese option for the C-suites - execution. I am dubious that a GPDR like law will have all that much effect on the real miscreants as it is only talking fines. Wyden's idea of prison terms might have an effect on the few C-suites that can spell ethics let alone have any. The others will some sterner persuasion - the Chinese option. But I doubt it would pass muster with the Nine Seniles as would prison terms also not pass muster with them. So we are left with fines that again might not pass muster with the Nine Seniles.
Among other things, It forced many companies to have a look on the data they store, and a lot of personal data were wiped to conform to the Law. A big enhancement in security: lots of data waiting to be stolen have now vanished.
GDPR isn't perfect - nothing is - but it's a good law, it gives at last some power to the citizens to protect themselves against the invasive actions of greedy corporations.
The data wasn't just wiped. It was simply sold to an Indian corporation and THEN wiped.
I know this because they phoned me yesterday about the accident that wasn't my fault.
I agreed that the EU was an accident and not my fault, but they didn't hold out much hope for a settlement.
"a Democrat-controlled House begins its next session in January. For the next two months, Republicans still hold "
Sorry to inform you, but thinking that there is a difference in policies between the two corporate puppets is ridicules. The seats change bodies, but the bribes and blackmail come from the same people/companies. The presentation is different, one in a dress screaming, the other in a suit rumbling, but the exact same wars, corruption, and policies happen no matter what color their shirt is.
However, more laws is what they want, and I'm sure they are figuring out how to make a profit off of GDPR type laws. Just watch for that twist and exceptions that make it the opposite of the presented intent - just like the Patriot Act.
Biting the hand that feeds IT © 1998–2019