In recent news, Google has put forth a proposal known as the "Web Environment Integrity Explainer", authored by four of its engineers. On the surface, it
Don’t have too much faith in the EU. Corporations are still heavily influencing politics. They will probably come with half assed laws that have loopholes or workarounds.
The #GDPR is absolutely a perfect example of ½-assed laws & loopholes. I have filed reports on dozens of GDPR violations; not a single one of them lead to enforcement. The GDPR is just a prop to make people feel comfortable as the EU destroys the offline infrastructure.
I did as well for the Catholic Church. I don’t want to have my name associated with a gang of child molesters so I invoked the right to be forgotten. The church told me that baptism is sacred and cannot be undone. The Dutch institution for GDPR claims never did anything about it because they’re overloaded with requests.
Oh well, I’m not willing to give it more energy either. It’s mildly annoying but doesn’t affect my day to day life.
Maybe you misunderstand the enforcement part of the GDPR. It’s not made for you to get personal enforcement out of it. It works on the basis of multiple infractions being recorded and then escalating the agencies response level.
I work with many companies as IT consultant and I can assure you, that they all FEAR the GDPR and treat natural person data very well because of that. Enforcement of GDPR does happen and you can review every enforcement on a public website called enforcement tracker. There are almost 1980 enforcement actions in their database.
I have also personally requested information about me and my family through the rights bestowed by the GDPR regulations and have EVERY TIME gotten the information within 30 days.
Maybe you misunderstand the enforcement part of the GDPR. It’s not made for you to get personal enforcement out of it.
You obviously have not read article 77. This article entitles individuals to report GDPR violations to a DPA for enforcement. Article 77 does not distinguish violations against an individual (which I suppose is what you mean by “personal enforcement”) and violations against many. Some of the violations I have reported can only be construed as violations against the general public. E.g. an org fails to designate a DPO.
It works on the basis of multiple infractions being recorded and then escalating the agencies response level.
It’s not even doing that much, in some cases. The report has to get past the secretary and be submitted into the litigation chamber before it’s even considered as something that would indicate a trend. If it doesn’t get past the secretary it does nothing whatsoever.
I work with many companies as IT consultant and I can assure you, that they all FEAR the GDPR
You’re only seeing the commercial response. Gov agencies & NGOs are also subject to the GDPR, which is where you see the most recklessness due to the lack of penalty. Banks also don’t give much of a shit about the GDPR because when they violate it, there’s a shit ton of banking regs they point to and the DPAs are afraid to act.
Enforcement of GDPR does happen and you can review every enforcement on a public website called enforcement tracker.
Indeed I’ve browsed through the enforcement tracker. It’s a good prop for making the public believe that the GDPR is being well enforced. They are cherry-picking cases to enforce to convince the public that something is being done, but people who actually submit reports know better. We see the reports that are clearly going unenforced.
I have also personally requested information about me and my family through the rights bestowed by the GDPR
I have had access requests denied, which I then reported to the DPA, who opened a case and just sat on it. For years, so far.
Don’t have too much faith in the EU. Corporations are still heavily influencing politics. They will probably come with half assed laws that have loopholes or workarounds.
Like GDPR?
/s
I don’t get the “/s”.
The #GDPR is absolutely a perfect example of ½-assed laws & loopholes. I have filed reports on dozens of GDPR violations; not a single one of them lead to enforcement. The GDPR is just a prop to make people feel comfortable as the EU destroys the offline infrastructure.
I did as well for the Catholic Church. I don’t want to have my name associated with a gang of child molesters so I invoked the right to be forgotten. The church told me that baptism is sacred and cannot be undone. The Dutch institution for GDPR claims never did anything about it because they’re overloaded with requests.
Oh well, I’m not willing to give it more energy either. It’s mildly annoying but doesn’t affect my day to day life.
Maybe you misunderstand the enforcement part of the GDPR. It’s not made for you to get personal enforcement out of it. It works on the basis of multiple infractions being recorded and then escalating the agencies response level.
I work with many companies as IT consultant and I can assure you, that they all FEAR the GDPR and treat natural person data very well because of that. Enforcement of GDPR does happen and you can review every enforcement on a public website called enforcement tracker. There are almost 1980 enforcement actions in their database.
I have also personally requested information about me and my family through the rights bestowed by the GDPR regulations and have EVERY TIME gotten the information within 30 days.
You obviously have not read article 77. This article entitles individuals to report GDPR violations to a DPA for enforcement. Article 77 does not distinguish violations against an individual (which I suppose is what you mean by “personal enforcement”) and violations against many. Some of the violations I have reported can only be construed as violations against the general public. E.g. an org fails to designate a DPO.
It’s not even doing that much, in some cases. The report has to get past the secretary and be submitted into the litigation chamber before it’s even considered as something that would indicate a trend. If it doesn’t get past the secretary it does nothing whatsoever.
You’re only seeing the commercial response. Gov agencies & NGOs are also subject to the GDPR, which is where you see the most recklessness due to the lack of penalty. Banks also don’t give much of a shit about the GDPR because when they violate it, there’s a shit ton of banking regs they point to and the DPAs are afraid to act.
Indeed I’ve browsed through the enforcement tracker. It’s a good prop for making the public believe that the GDPR is being well enforced. They are cherry-picking cases to enforce to convince the public that something is being done, but people who actually submit reports know better. We see the reports that are clearly going unenforced.
I have had access requests denied, which I then reported to the DPA, who opened a case and just sat on it. For years, so far.