I presume you’re in Europe? If I recall, the Chicago Tribune began blocking the region when the GDPR was implemented, presumably so they can invade users’ privacy at will without having to worry about repercussions.
Welcome to my online guide on how to comply with the GDPR. Here we’ll cover the basics, the steps you should follow that will help everything else fall into place on your journey to compliance.
People signing up for newsletters (which this site has) then immediately submitting a SAR was an unsolved issue until ECJ finally ruled against it last month [0]. I think you're missing a few steps there. It would be nice if we lived in a world where legal compliance automatically conferred legal immunity.
A subject access request if you just have a mailing list sign-up would require you to provide the information in that mailing-list sign-up and information of how you have processed it. Nothing more, unless you in fact also store other information on a user behind their back.
So, no, it was not an unsolved issue: Just respond. The court case resolved the situation where a company didn't respond, but the request was potentially abusive. Nothing that and legitimate requests are both solved by simply responding.
It’s not clear to me which site “this” refers too.
> I think you're missing a few steps there.
I mean, yeah, I thought the format of the reply made it clear it was a joke. The larger point is that compliance isn’t that complicated and only becomes hard if you are invasive. When you’re not invasive it’s actually fairly simple.
> It would be nice if we lived in a world where legal compliance automatically conferred legal immunity.
It probably wouldn’t, because that would mean anyone violating the spirit of a law would be exempt from consequences by adhering to its letter.
I don’t recall any GDPR violation case which has gone to court. If you do, mind linking to it?
I’d gladly make this same argument in court, though. But I’ll never have to, at least not as a defendant, because I respect users’ data (by not even collecting it), so there’s nothing to take me to court over.
It looks to be a distinctly US American idea that everyone is always suing everyone for everything and always going to court. That’s not how the rest of the world operates for the most part.
https://archive.ph/m3Miz
Bluesky thread of the images (i.e. without all the ad, interface, and article garbage): https://bsky.app/profile/rmartincole.bsky.social/post/3kk4zo...
Blocked in my region. Good lord. What's wrong with Chicago Tribune?
I presume you’re in Europe? If I recall, the Chicago Tribune began blocking the region when the GDPR was implemented, presumably so they can invade users’ privacy at will without having to worry about repercussions.
Or... They don't have enough traffic from europe to warrant putting up with their absurd regulations.
Welcome to my online guide on how to comply with the GDPR. Here we’ll cover the basics, the steps you should follow that will help everything else fall into place on your journey to compliance.
Step 1: Don’t invade users’ privacy.
There is no step 2.
People signing up for newsletters (which this site has) then immediately submitting a SAR was an unsolved issue until ECJ finally ruled against it last month [0]. I think you're missing a few steps there. It would be nice if we lived in a world where legal compliance automatically conferred legal immunity.
[0] https://www.heise.de/en/news/GDPR-ECJ-curbs-systematic-abuse...
A subject access request if you just have a mailing list sign-up would require you to provide the information in that mailing-list sign-up and information of how you have processed it. Nothing more, unless you in fact also store other information on a user behind their back.
So, no, it was not an unsolved issue: Just respond. The court case resolved the situation where a company didn't respond, but the request was potentially abusive. Nothing that and legitimate requests are both solved by simply responding.
> which this site has
It’s not clear to me which site “this” refers too.
> I think you're missing a few steps there.
I mean, yeah, I thought the format of the reply made it clear it was a joke. The larger point is that compliance isn’t that complicated and only becomes hard if you are invasive. When you’re not invasive it’s actually fairly simple.
> It would be nice if we lived in a world where legal compliance automatically conferred legal immunity.
It probably wouldn’t, because that would mean anyone violating the spirit of a law would be exempt from consequences by adhering to its letter.
Yeah, tell that in a court...
I don’t recall any GDPR violation case which has gone to court. If you do, mind linking to it?
I’d gladly make this same argument in court, though. But I’ll never have to, at least not as a defendant, because I respect users’ data (by not even collecting it), so there’s nothing to take me to court over.
It looks to be a distinctly US American idea that everyone is always suing everyone for everything and always going to court. That’s not how the rest of the world operates for the most part.
>I don’t recall any GDPR violation case which has gone to court. If you do, mind linking to it?
You mean in Europe?
France https://dig.watch/updates/french-court-upholds-e40-million-g...
Italy https://brevettinews.it/en/privacy-identity/gdpr-fines-of-it...
Norway https://www.forbrukerradet.no/news-in-english/grindr-loses-a...