I’m sorry, I have a great deal of difficulty believing this.
there are essentially no situations in which GDPR compliance should be particularly onerous. The principles are pretty simple, and while it will take some time until there is clarity on edge cases, most actions required should be straigtforward.
I’d be fascinated to know what product you build that is so inextricably tied to user data that it will cost “millions” to comply.
It it possible that you’ve been fleeced by your consultants? You’ve notably avoided talking what you’re doing that would require onerous compliance, details of which would go at least part way towards substantiating our rather unbelievable ideas about the cost of compliance.
Yeah, anybody I’ve met with experience is pretty confident in that.
The people I’ve met who aren’t fall into three categories:
1. People who don’t know much about the rules and have concocted a distorted version of them
2. People who are running a business that relies on misuse of personal data and who will be directly affected
3. People who have some ideological or politicical viewpoint which generally opposes regulation.
I have encountered no situation where someone has been able to demonstrate to me a convincing case where GDPR compliance is onerous, or indeed more work than any best practices they should have already been following.
I’m beating a dead horse talking to you, but you really should look outside of your own opinion and do some research on the issue one of those days. There is a reason that so many people have issues with this law.
Ironically, your employer (from your HN profile) loaded a Facebook tracking pixel, Google Analytics, and a multitude of third-party javascript libraries (from which it calls functions such as "clickTrackerInit") when I went to their home page - all without asking for permission. If you helped with their GDPR implementation, perhaps you aren't as familiar with GDPR requirements as you seem to think you are, because those are glaring violations.
there are essentially no situations in which GDPR compliance should be particularly onerous. The principles are pretty simple, and while it will take some time until there is clarity on edge cases, most actions required should be straigtforward.
I’d be fascinated to know what product you build that is so inextricably tied to user data that it will cost “millions” to comply.
reply