Of course fines of that size have an impact, no matter how rich the company is, because the fines aren't necessarily one-off events. If they don't fix whatever the fine was given for but just carry on as nothing changed, there will be progressively bigger fines down the line.
The more interesting question is what the impact will be. Based on the article, it might be just changes to a privacy policy that no normal human will read anyway:
> It is understood that WhatsApp believes the fine is not about its data sharing practices but the level of detail provided in its 2018 privacy policy.
While this fine doesn't go unnoticed, let's be honest, they wipe their asses with €225m bills every morning. In this case crime pays because they earn SO MUCH more. And it's not clear they will pay that amount, in most cases they drag things in court and do an extrajudicial settlement with a fraction of that years later.
It's a nuisance because now some schmuck has to come up with a way to bypass these issues while maintained the same operation.
This is a very defeatist view of things. The purpose of fines is not to destroy a company, it's to correct its bad behavior - if they keep doing it you can fine them again for even more money.
It's about the size of the whole Facebook, which Whatsapp is only a small part of, daily revenue - revenue, not profit. The fine is humongous and they surely don't wipe their asses with such amounts every morning.
The article doesn't seem to explain at all what the specific violations are. The article also seems like it was written for the "simple English" Wikipedia. I get all anxious with this new thing of putting every sentence in its own paragraph.
This is actually considered best practice now for content for public consumption. If you can lower the average reading age for understanding the content you increase the amount of people that can read it.
Moreover, not everybody is fluent in English. Considering the article is about an EU-related fine, where less than 1% of the population uses English as mother-tongue, I'd say trying to be as accessible as possible is good.
Noyb[0] does an outstanding amount of work to help EU citizens enforcing their data sovereignty, not only against US companies but against any company that doesn't respect privacy-related laws (e.g., [1]).
As EU citizen, I am more than happy to support them through membership, and I urge any fellow citizen who is interested in privacy issues, to inform themselves over nyob, and support them!
> hope they don't pivot to charging money from companies for not fighting them.
I hope so too. It's something that's been on my mind in general terms - it feels like all organizations (both for- and nonprofit) decay over time, eventually becoming corrupt. I'm not sure there's a cure for this. So we can either never support any organization, or support them while they're still pristine, stop when they go bad, and hope someone else will appear to carry the torch. Not supporting is the easy choice, but you can't build a civilization that way.
So I guess vigilance is the name of the game. I'm gonna support noyb until they go bad.
Well, when each country does that it becomes economically unfeasible. Such fines work and work very well, once FB realizes that they lose more money from unethical behavior than they make, they'll stop it. I don't believe that any corporation is evil. I do believe that there are temptations to do bad things in order to make money, even if short term. This corrects such behavior. Hopefully.
Please provide any proof they work at all. Facebook has been fined larger amounts previously and continues to receive more fines for violations of user privacy. I would say there is currently very strong proof in the real world against what you’re assuming is true. Until a fine is ~10% of their stock value they won’t even consider it. This might as well be free for Facebook.
Did you study the work of Ralph Nader and the auto industry? Or the history of tobacco industry? There are multiple examples when it worked in the past. I am quite confident that when abuse goes too far, the pushback is even bigger. I just don't want to oversimplify the issue and say that any big corporation or any IT giant is bad by nature. It's growing pains in my book.
Yeah I know all about Nader. What you’re talking about took decades of fines after those companies lobbied endlessly to avoid blame. I think you just supported my argument. Big tobacco companies literally couldn’t be fined enough to make a difference for 60+ years. I’d guess sunshine is more correlated than fines to preventing large corporations from doing awful things. I’m not sure why you’re shilling the opposite.
Even if we assume Facebook's leadership makes perfectly rational decisions, the reasons behind their unyielding behavior could very well be non-financial - saving face, internal office politics, standing ground hoping the push from the regulators will fizzle out, waiting for legal loopholes to be discovered, or simply feeling of "we know better"
Eh. I would imagine Ireland has a problem with a bigger fine. Facebook does it's banking through Facebook Ireland. They are doing a "double Irish" to avoid paying taxes in the US. If the fine is huge they might consider doing their banking in Switzerland (low corp tax) for example.
May be so, but that is not net cash assets. They expected 3 times less.
A better measure would be how long does Facebook need to set aside 225m net in the emea market.
It's a clear demonstration to FAANG and others that nine-digit fines are on the table even in Ireland - the country that tech corporations love the most because of tax advantages, the country long criticized for pandering to said corporations instead of fulfilling their data protection obligations.
That's what they want you to believe. The other point is:
> Additional Information On How We Handle Your Data. Our updated Terms and Privacy Policy provide more information on how we process your data, and our commitment to privacy.
How nice! However, this is specifically targeted at GDPR-covered users. GDPR won't allow them to do anything that is not explained (and hence "consented" to by the user).
To me, the logical conclusion is that their lawyers went "we can't do XXX, YYY, ZZZ unless we explain them explicitly". Then their marketing team spun it up as "look at how nice we are".
The reality is that they wouldn't explain shit unless they absolutely need to. Since they didn't explain before, I'm pretty sure there are things they can't (legally) do with my information under the previous agreement that they would be able to (legally) do with the new one.
But I discovered my SO is doing as well, not because she really cares, but because she is used to dismissing any popup she sees - I am curious how many people haven't accepted yet just because they have a muscle memory to close pop-ups that get in their way
Yeah, and Signal bothers the people I converted with their pincode settings. People leave it open and dismiss it. I try do disable it for them entirely, it messes with the experience. Now it's like "both apps have pop ups to dismiss"
This technique is explicitly disallowed by GDPR though, so if you care this little you could dismiss the pop-up altogether and just collect the data anyway (and then wait for your fine eventually if you get caught).
Nearly every day, my phone battery drains enough to ask me if I want to put it into low power mode. Almost every time, I press close instead of low power mode. My muscle memory is so strong that, even though I usually indeed do want to the phone into low power mode, I hit close instead.
It's amazing what we can habituate with little or no annoyance.
I assumed as much but after changing phones I was surprised I still get the banner even after newly accepting the initial conditions when installing the app. Fair play to them that it's actually a per-account thing that's not automatically accepted when you install the app.
On Android, if you're rooted, you can always reinstall whatsapp from a backup through "Titanium Backup". That's what I did while switching phones a few months ago.
This is not the same as class-action suits, in fact it wasn't even a court case. So why lawyers were likely involved, the ones on the DPC side were likely employed and therefore don't receive a payout. Considering if this gets collected, I certainly assume so, do you have any indication it doesn't?
Notable here is that the Irish Data Protection Commission does not want to enforce GDPR or fine Facebook. They are kinda forced by law. They are famously slacking, likely bcause Ireland wants to be a hub for large US IT companies. This large fine mostly came because they were forced by the European Data Protection Board.
> However, WhatsApp Ireland, which had previously set aside €77.5m for a possible fine
Right there. The cost of violations is priced in. Companies actually misbehave and simply accept a potential fine as a business expense.
> The company is also understood to feel that the fine is out of step with previous GDPR related fines.
It just sucks for our shareholders if the fine is higher than we expected.
> Sources close to the company, which is owned by Facebook, said rather than making its policy shorter and less complicated, the decision would mean it would have to add even more information to its already long and complicated privacy policy.
The lies, incredible. Just don’t collect data, then your privacy statement is very very simple. Only complicated agreements require complicated 5,000 word privacy declarations.
Money is the only thing the law is about, not privacy. Even if you disagree with my opinion that it was designed to be this way, there’s not really an argument to be made against the suggestion that all it’s accomplished is periodically fining foreign service providers (plenty of fines to EU businesses too, but there has never been and will never a large one).
If it was designed to protect privacy, it is very clearly failing to achieve that objective.
So if it isn't perfect, it isn't worth doing it at all? Is it better not to have GDPR and just let them not even get fined? I agree that fines are basically the only effect it had - but that does not mean it isn't a step into the right direction.
I agree that it could be more effective and I would welcome more effective policy in regard to data collection/processing and its transparency.
I've seen plenty businesses make policy changes based on it, and you don't get to declare that somehow that isn't an argument that's allowed to be made. (And these businesses avoid getting fined and making headlines, silence in that sense isn't a sign of failure of regulation)
You are very wrong. The EU is the only big power defending data privacy and fighting to protect the little rights user still have.
It helps, of course, that they don't have domestic internet mammoths putting money in their pockets to get away with whatever they want (USA) or a state sponsored big brother / AI yoke programme that depends on data being collected from all around the world (China _and_ USA).
If anything, the EU is trying to prevent external (and increasingly hostile) powers to use EU citizens data for gain or plain aggression (Cambridge Analytica & Brexit, for example).
If privacy were important, then protecting citizens from having the government violate it would be important. Protecting citizens from having governments share the findings of their violations with each other would be important.
But instead you have administration that wants to ban encryption and increase surveillance as much as possible. The idea that the EU cares about privacy has no credibility at all.
Governments are big and composed of competing interests, especially in a multi-party system like the EU. Assigning them a single stance is an oversimplification. (Parts of) the EU can be pro-privacy while being against it too.
Yes. Laws made vague enough so they can arbitrary claim something is a "data breach" or "antitrust", despite not being able to quantify the harm of these violations. Meanwhile, they still have yet to fine European automakers a single cent for Dieselgate, which had estimated to kill over a thousand EU residents.
There's no need to quantify harm for something to be illegal, especially if it's something as difficult to control and evaluate as personal data.
I have a suspicion you're talking from a USA standpoint, where antitrust is enforced based on provable harm. This is not necessarily the set of values that the EU population wants to live by.
The Dieselgate was already deemed illegal, making your remark a case of whataboutism.
If you're talking about the recent fine, that was on the grounds of antitrust and unrelated to lying about emissions. AFAICT, the EU has yet to fine any automaker for the latter.
Not that I disagree with your tenor, but it is general accounting practice to set aside money for expected fines and penalties. Can't really hold that against them.
I think the point is that laws/regulations should always be followed. Not followed _unless it's cost effective to break them_. If they're simply setting aside money and then carrying on, or objecting to the fact that a fine is unusually expensive. Then they're not framing the regulations in the right way.
I agree but generally companies are obligated to form provisions (set-aside money) for liabilities payable in the future. In some legislations (don't know what applies to WhatsApp) a company might even have to save a certain percentage of earnings in a legal reserve.
If WhatsApp gains knowledge of an impending fine (exact amount might yet be unknown) that is to be paid at some point in the future, they have to earmark money to cover that liability.
Yes, but this is not what this accounting line "reveals".
Say you find rot in your roof, so you immediately set aside $X to pay for a roof replacement, since you now know that soon this cost will be incurred. Doing says nothing about your stance on preventative maintenance. This is similar, it's just accounting. They reserved money for the fine when the complaint was lodged since they knew they likely were going to incur some cost.
Isn't it at least part of the problem that data laws/regulations remain fuzzy and complex? I don't think it's surprising to see that companies don't fully comply with a law that was created in 2016.
They set aside the money after they were found in violation but before they found out the amount. It isn't like they set aside the money and then went and intentionally broke the law.
You can argue whether the violation was intentional or not, but setting aside money to pay a fine after you have been found guilty is not a signal that they intentionally broke the law.
I'm afraid that's not how the real world works. It has never worked this way and it never will. If you want laws/regulations to "always be followed", you have to make the enforcement extremely effective and the penalty extremely harsh relative to the benefits gained. Most people in the west do not wish to live under such repressive systems.
As an aside, I think accounting for anticipated fines is required by the regulations. So at least they were following those regulations! Talk about irony, lol.
> Right there. The cost of violations is priced in. Companies actually misbehave and simply accept a potential fine as a business expense.
I don't get the point of this. Should Facebook not set aside an amount for likely litigation? The fact is that these regulations are very vague and regulatory authorities have a lot of discretion. Notice that the article simply says Whats app failed to provide "transparency of information provided to users about the processing of their data between WhatsApp and other Facebook companies." Imagine being in a company and your task is to prevent this sort of thing. What does this mean? I'm sure its in the disclaimer, terms of service and a number of other places. But it's not enough apparently.
And there's a huge financial incentive for these bodies to go after large companies. In the US a lot of the fine goes back to the prosecuting body.
For instance, in 2013 JP Morgan paid a $13 billion settlements, $7bn of which was distributed to various government authorities, including the prosecuting agencies.
The point is that instead of investing money into security they choose to roll the dice and set aside some peanuts for litigation into a "most likely we'll be sued" fund knowning they will never face fines like "10% of the year's REVENUE is no belong to us" rather they will face a"1 million dollars!" fine while they are a trillion dollar company
The offense wasn't security related. It was not providing clear enough information regarding how Whatsapp user data is used in conjunction with other Facebook products.
> instead of investing money into security they choose to roll the dice and set aside some peanuts for litigation
Even if it was security, which it isnt, they would still have to 'invest money' to comply post being sued. So they save the invesment, get sued for 255mil and have to spend the money anyway.
I find it unlikely that when they skimped on the t's and c's writing they 'saved' themselves 255milion in lawyer time? Whats that, say 51,000 lawyer hours billing out at 5k an hour? So 100 high priced lawyers billing 100 hours a week for an entire year to write the t's and c's?
I think you can swap rarely for never now that's the UK is gone.
Fines are never directly going back to the prosecuting body in the EU and damages are strictly limited to compensatory. Fines just go back to the general budget. I think that's why the EU is generally a lot less litigious than the USA.
It's funny how you claim the regulations are "very vague" but then say WhatsApp has everything in some terms of service, which are the opposite of specific.
The official ToS themselves actually don't contain any information about their data collection, it's basically just a link to their privacy guidelines. Those privacy guidelines, in summary, just say "we collect information about how you use WhatsApp so we can improve our services". No word about what information they collect exactly, in what ways it is processed and linked with other data, what kind of meta-information they extract from it, nothing.
The GDPR is only vague for organisations that go as close to the edge of legality as possible.
> WhatsApp must receive or collect some information to operate, provide, improve, understand, customize, support, and market our Services, including when you install, access, or use our Services... The types of information we receive and collect depend on how you use our Services...
> Our Services have optional features which, if used by you, require us to collect additional information to provide such features. You will be notified of such collection, as appropriate...
> Information You Provide
> Your Account Information... Your Messages... Media Forwarding... Your connections... Status Information... Transactions and Payments Data
> Automatically Collected Information: Usage And Log Information... Device And Connection Information... Location Information...Cookies.
> However, WhatsApp Ireland, which had previously set aside €77.5m for a possible fine
Yes, but that would have been against this complaint when it arose - So in 2018 when the action started they took a look and figured they would have to pay a fine, accounted for it appropriately. They will now allocate the remainder of the amount, continue to appeal and maybe in another 3 years finally make payment on that fine.
Your comment suggests that they have a slush fund and try and break enough laws each year deliberately so they can spend the $77.5 budget they have for fines.
I am not a lawyer or accountant, but a public company not reporting a contingent liability for litigation in progress in their accounts would probably be a violation of all sorts of things.
Exactly this. It's a reserve for a future event likely to happen, with a material impact on the financials. Required by financial regulations. It might even be a footnote or called out as a business risk in a FB public financial statement.
Similar to a reserve for doubtful accounts receivable. X% of receivables aged 90 days past due are unlikely to ever be collected. That gets booked onto the financials.
Just don't collect data and who funds the development and infrastructure? If your answer is to start charging users, everybody would move to another messenger that is free, and the same problem will eventually arise.
Signal seems to be getting along just fine, despite not collecting advertising data from users about our messaging habits.
And if they want to run a free messaging service supported by advertising, there's plenty of ways to do that which are in compliance with the GDPR. For example, they could start by being really clear about what data is collected in their privacy policy and for what purposes. They could stop collecting data and just have worse advertising targeting. And so on.
But instead of any of that, they're actively choosing to break the law and now crying foul when the government takes them to task over it. Boo hoo. European countries have the right to make laws protecting their own citizens' data. Facebook isn't a country unto itself.
Fines are only punishments for poor people (or companies, in this case).
Of course, in most rulings it's a fine in addition to the company changing their ways; it's not like the fine means they can keep doing that which they were fined for.
Ireland only has about 5M inhabitants. Not all of them use whatsapp. So that's a sweet 15/20 euro per user. On a service that remains ad free and free as in beer, that's a pretty steep user cost. Not a problem if it's an isolated case of a country doing this but it starts adding up if this becomes a recurring cost across the EU and wherever else governments are waking up to getting their taxes this way. It adds up to death by a thousand cuts.
Really sucks for the shareholders that Facebook is giving away their profit for no good reason other than arrogance. I'm sure they'd rather see dividends than this drain on their profits. That's the one job shareholders have: worry about stuff like that.
I believe technically it will be Ireland collecting, since the case was started by the local authority (DPC) against a local company (WhatsApp Ireland). European authorities were only brought in to determine what the scale of the fine should be, since there was no clear consensus (initial suggestions were around E50m, which is why WA put aside a safer E77m). But yes, the fine was determined looking at the entire EU userbase, which makes it still peanuts in the great scheme of things.
Who is collecting isn't relevant to what the per-user cost to Facebook is though? The other EU countries won't fine for the same thing (as the poster suggested they would) is the point, so doesn't make much sense to relate it to the number of inhabitants of Ireland.
One important thing to note is that the DPC (Irish DPA) did not want to fine WhatsApp and only did so after being forced by other DPAs through the arbitration process.
So acting as a tax haven was not enough, they also have to undermine every other EU regulation to keep their cash cows happy? Can't we just kick them out already?
I'd say in that case, the regulation was resilient enough to bring the case to fruition (although this is an argument that facebook will use to defend itself).
Hopefully this will motivate the DPC to be a little more active in the future (nobody likes to be wrong, especially wrong in public).
Some DPA are unwilling to act, the best thing to make them is to file complaint or support organisations that do (see the comment on NOYB). They are bound by laws to act, let's make them !
The UK would have had to breach or at least seriously jeopardize the GFA to do so. An agreement they willingly signed up to. The UK brought that upon themselves.
Brexit doesn't, but the GFA was only possible because of the seamless border between the two countries. That lack-of-a-border can only exist if NI remains in the customs union. The rUK can only have a seamless border with NI if it's either in the customs union, or neither are. The UK decided the rUK didn't want to be in it. So now there's a border in the Irish sea.
> Threatening a return to violence in Ireland over Brexit is what I mean by "making things difficult".
Recognizing that putting in jeopardy an international agreement that brought an end to the troubles might incite violence, is not the same thing as threatening violence. It's common sense.
> The Troubles were not about sausage shipments between Belfast and Dublin.
You're right, they were an ethno-nationalist conflict, during which the British government sanctioned the murder of its own citizens, and now continues to protect those murderers from prosecution.
> You're right, they were an ethno-nationalist conflict, during which the British government sanctioned the murder of its own citizens, and now continues to protect those murderers from prosecution.
You're being intentionally obtuse now. If you can't see why an open border is vital for the continued peace, and why removing it would place tension on a peace that took decades to achieve, then you've already made up your mind.
I suppose I should have expected it when you blamed the EU for the self-inflicted woes of Brexit.
I'm not in any way slow to understand, not in this case anyway.
> If you can't see why an open border is vital for the continued peace, and why removing it would place tension on a peace that took decades to achieve, then you've already made up your mind.
I didn't say that, and I'm not even going to engage your straw man.
And I did not blame the EU for Brexit woes, I made a pretty basic statement of fact that would probably cover any negotiation, one which was intended only to signal compromise -- hence why the UK did not leave entirely -- not woe or blame.
The UK wanted to leave the EU and the common market. That means a border. That much has always been clear. That's basically the whole point of the common market.
The UK also doesn't want a border between Ireland and Northern Ireland but that's stricly an issue between the Republic of Ireland and the UK. Obviously as Ireland is a member and the EU is a constructive and diplomatically open entity, it was more than ready to negociate and multiple solutions have been proposed and tentivaly accepted before being reneged by the UK government.
I mean at some point in a negociation if the weak party can't come to its sense, you have to stop wasting everyone's time and tell them to get lost which is more or less what's happening with the UK.
Can you be more specific? As far as I can tell, the difficulties with Brexit are entirely self-inflicted, as a consequence of poor planning and self-contradictory goals.
Why? The UK sent a letter invoking article 50 and after an extension they're out.
The UK is a third country and no more an EU member.
Leaving is very simple if you're willing to face the consequences.
And this is the true problem of the UKs exit. That they'r neither willing to face the truth nor the fact that's it a third country now with all restrictions that come with that status.
Northern Ireland is still abiding by EU free movement of goods rules and EU Customs Union rules, and goods from the rest of the UK are inspected when they get to Northern Ireland.
From a trade perspective, Northern Ireland is treated as part of the EU at the moment. This allows the Irish border to remain open, as there's no feasible way of enforcing it otherwise. For some context: The European union as a whole has 137 border crossings with third countries to its east. The Irish-Northern Irish border has 275.
Northern Ireland is still saying its goodbyes and looking for its jacket. And even GB is still caught up in hundreds of temporary exemptions and is in many senses operating as part of Europe.
You are suggesting that the consequences of leaving where well defined, upfront and the UK was simply not "willing to face the truth" - this is not true. The consequences of leaving were established, and negotiated after the invocation.
> You are suggesting that the consequences of leaving where well defined,
I'm not suggesting that at all. Actually I think that it was enormous stupidity to send that letter before England even defined what it wanted exactly.
It didn't help at all that Ms. May tried to appease the Brexit extremists in the conservative party. People that, as we now know , cannot be appeased, ever, since they just move the goal post to an even more extreme position.
> You should also take note of my comment below - there is no "they" wrt the UK, as the country was divided, and actively fighting over the issue - with some actively trying to prevent a brexit.
I appreciate that. Nevertheless 52% of people that bothered to vote wanted out.
Pissing off their European partners at every turn also certainly doesn't help
Unless Britain gives up it's extremist position I predict a world of hurt once the EU is no more willing to kick the can further down the road.
Long queues at immigration, when vacationing in Spain will be the least of your worries.
Only 8 of around 40 DPAs that were involved in the process disagreed with the Irish DPC's conclusion according to TFA, so I don't think it's fully fair to lay the blame solely on Ireland here.
I think you'd have a hard time demonstrating that Ireland actually is a tax haven. I've heard that accusation from several sources, but never anything convincing.
As for undermining regulations, the EU has procedures for ensuring member states enact compliant legislation, and after that the country has its own legal system, not more corrupt than average. It might be that they're applying the law as they understand it and that the judiciary has some independence from commercial interests.
You're welcome to make the case otherwise, but making accusations as you've done isn't what I'd consider constructive dialogue.
The EU insisted on Apple paying billions to the irish government that the irish government fought not to get. Irish-Dutch sandwich is a term designating the practice of using a tax loophole that lets big corporations avoid paying taxes.
Honestly, I'm not sure that the time to prove Ireland tax heaven will be that tough. Of course, the EU does not designate Ireland as a tax heaven, but you should have to keep in mind that Ireland is a member state of the EU and the tax heaven list is approved with unanimous vote which might be a cause for a conflict of interests.
In all fairness:
The Dutch sandwich has been illigal for years now
The fine related to 'state aid' in the form of advice to Apple, and was appealed as the Exchequer makes far more money from Apple and other big tech then this fine would ever cover.
Have a look at the effective tax rates between Ireland and France if you want an eye opener
According to the OECD [1],France has an effective average corporate tax rate of 29.4% while Ireland has a 12.4% one. France has one of the highest in the OECD and Ireland one of the lowest. Unless you are arguing that Ireland is indeed effectively a tax haven, I don't see the eye opener.
Clarification. The EU asked the Irish Government to collect taxes that it declared were unpaid. It would then decide which countries were owed which chunk or the unpaid tax (all tax was declared through Ireland but sales were not solely in Ireland. So the tax was to be redistributed to the origin of sales). The issue with the judgement, and the reason the Irish Government were fighting it, was the ruling stated Ireland breached the law and provided an unfair advantage to one company. The Government were arguing that every company could avail of the same tax rules so it was not an unfair advantage / subsidy.
As for being a tax haven, this is something that is said by others who are outside of the Irish tax system and only look at the low corporate tax (they fail to see they other hidden taxes businesses have to pay like water tax, bin tax etc). Im not suggesting that the companies are fully "paying their way" but that it is too simplistic to only look at 1 tax requirement.
If you have worked in Ireland you would understand that the Irish tax system is extremely complex.....as employee you could pay tax in 3 separate income tax calculations, then a "bank bailout tax" that has remained even though the banks were bailed out. It is not uncommon for middle / high income workers to pay approx. 50% of their wage in deductions. Similarly if you tried to set up a company you would understand that the rules are not black and white but rather "you apply this tax calculation on a Friday, if the moon is full and the grass is blowing to the west"
You don't seem to understand what a tax haven is. It's not that domestic people don't pay taxes, or that there is no income tax, or payroll tax.
It's that corporate profits can be artificially shifted there and are then not or barely taxed.
Just read the wikipedia article please:
> Ireland ranks in all non-political "tax haven lists" going back to the first lists in 1994,[n][30] and features in all "proxy tests" for tax havens and "quantitative measures" of tax havens. The level of base erosion and profit shifting (BEPS) by U.S. multinationals in Ireland is so large,[4] that in 2017 the Central Bank of Ireland abandoned GDP/GNP as a statistic to replace it with Modified gross national income (GNI*).[104][105] Economists note that Ireland's distorted GDP is now distorting the EU's aggregate GDP,[106] and has artificially inflated the trade-deficit between the EU and the US.
> Ireland's base erosion and profit shifting (BEPS) tools give some foreign corporates Effective tax rates of 0% to 2.5% on global profits re-routed to Ireland via their tax treaty network.
Sure. We're undermining every EU regulation. 100%. It's like a national Irish pastime! And the EU is a clique that can shun members at will, and Germany is a moral exemplar to us all.
Everyone benefits from the EU in different ways. But that Ireland is a tax haven is not exactly a shocking accusation. Ireland is actively lobbying against global minimum taxation rules, e.g.:
I'm not "shocked" by that accusation. I don't dispute the tax haven allegation, though we're likely to agree to the tax changes.
Here's a recent story from the meeting between the Irish and French leaders. The differing view on taxation is clearly there (though it's more that we're worried about a mandated EU premium on top of it, not that we're against a global minimum). But on every other key issue the French openly say we're working closely together. https://www.irishtimes.com/news/politics/differences-over-co...
That's a fair distance from 'undermining every EU regulation'.
> The objection raises that not all computationally possible numbers are indeed assigned. Therefore, the lossy hash refers not to at least 16 numbers but to a maximum of 16 numbers. Furthermore, if additional data is stored along with the lossy hash, the number of individuals represented by the associated phone numbers can be reduced as data subjects not matching this additional data can be excluded. If e.g., so the DE SA, the gender is also stored, it is possible to at least divide these 16 in half.
So their hashcodes can be mapped to 16 different users, which can be trivially reduced to a single person if you have any additional information about them.
After they said it was technologically infeasible to combine WhatsApp with their service before the takeover (which was a condition for the takeover if one remembers), I don't trust anything they say anymore.
They stated to the merger review committee that the WhatsApp takeover couldn't feasably lead to data sharing with Facebook. And got fined 110m EUR for that, a pittance. You couldn't take out an insurance policy against a successful merger for that money. From [0]:
"When Facebook notified the acquisition of WhatsApp in 2014, it informed the Commission that it would be unable to establish reliable automated matching between Facebook users' accounts and WhatsApp users' accounts. It stated this both in the notification form and in a reply to a request of information from the Commission."
In order to have any deterrence effect, any fine should probably be at least 20 times higher. Otherwise, it is almost always better for those large companies to violate the law, reap profits, pay the fine and benefit from their disregard of the law.
The maximum fine which could have been imposed was 3.2bn dollars, due to FB's 2020 revenue.
This is a first fine, and note that the original article states that both FB and Instagram are under investigation also, so it could easily be 3x this current fine, which is not insignificant, even for Facebook.
I agree that the fine needs to be higher to work as a scary deterrent but getting 1% of your profits taken away from a single fine is pretty substantial for any company.
That's really too little of a fine for them to care. Fines need to discourage the action in the future and at this point the fine is a profit for Facebook.
The history of the decision making around this is interesting. I didn't realise that data protection agencies in other EU countries could effectively vote on the decisions of the lead agency (in this case Ireland). I feel like that's a nice system. On the one hand straightforward complaints can be handled quickly, but more contentious decisions can be handled collectively without giving companies the ability to shop around for light touch regulation.
Ironic that the website hosting the article likely itself violates the GDPR.
It makes it much easier to accept all cookies than to reject, without any good technical reason to do so, and presents the "accept all" as the default choice.
GDPR has effectively added a pointless pop up to every serious webpage. It has made the web experience of almost every single user, measurably worse. Hours of my life have been devoted to accepting cookies since GDPR. Complete waste of human life.
That's exactly the line of reasoning that these privacy invading companies want you to follow. The law doesn't mandate obnoxiously huge popups that slow to a crawl when you try to actually use them to disable cookies and whatnot, quite the contrary. It's the companies who are choosing to make the experience as miserable as possible.
I no longer trust these companies for full e2e encryption, and yesterday I found a realy nice tool(not affiliated) to encrypt yourself the message or file before sending and decrypt those which you receive. Here's the link https://enigma-reloaded.github.io/enigma-reloaded
Would be cool if one could opt out of the data collection they do by paying them actual money. In the beginning, WhatsApp charged a couple of dollars a year. I would be willing to pay a couple of ten dollars a year for their service to obtain more privacy from Facebook Inc.
> It is the largest fine ever imposed by the DPC and the second largest penalty ever levied on an organisation under EU data laws
reply