741
Well, fuck you too.
(lemmy.sdf.org)
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 12 Sep 2023
741 points (96.5% liked)
Mildly Infuriating
35094 readers
839 users here now
Home to all things "Mildly Infuriating" Not infuriating, not enraging. Mildly Infuriating. All posts should reflect that.
I want my day mildly ruined, not completely ruined. Please remember to refrain from reposting old content. If you post a post from reddit it is good practice to include a link and credit the OP. I'm not about stealing content!
It's just good to get something in this website for casual viewing whilst refreshing original content is added overtime.
Rules:
1. Be Respectful
Refrain from using harmful language pertaining to a protected characteristic: e.g. race, gender, sexuality, disability or religion.
Refrain from being argumentative when responding or commenting to posts/replies. Personal attacks are not welcome here.
...
2. No Illegal Content
Content that violates the law. Any post/comment found to be in breach of common law will be removed and given to the authorities if required.
That means: -No promoting violence/threats against any individuals
-No CSA content or Revenge Porn
-No sharing private/personal information (Doxxing)
...
3. No Spam
Posting the same post, no matter the intent is against the rules.
-If you have posted content, please refrain from re-posting said content within this community.
-Do not spam posts with intent to harass, annoy, bully, advertise, scam or harm this community.
-No posting Scams/Advertisements/Phishing Links/IP Grabbers
-No Bots, Bots will be banned from the community.
...
4. No Porn/Explicit
Content
-Do not post explicit content. Lemmy.World is not the instance for NSFW content.
-Do not post Gore or Shock Content.
...
5. No Enciting Harassment,
Brigading, Doxxing or Witch Hunts
-Do not Brigade other Communities
-No calls to action against other communities/users within Lemmy or outside of Lemmy.
-No Witch Hunts against users/communities.
-No content that harasses members within or outside of the community.
...
6. NSFW should be behind NSFW tags.
-Content that is NSFW should be behind NSFW tags.
-Content that might be distressing should be kept behind NSFW tags.
...
7. Content should match the theme of this community.
-Content should be Mildly infuriating.
-At this time we permit content that is infuriating until an infuriating community is made available.
...
8. Reposting of Reddit content is permitted, try to credit the OC.
-Please consider crediting the OC when reposting content. A name of the user or a link to the original post is sufficient.
...
...
Also check out:
Partnered Communities:
Reach out to LillianVS for inclusion on the sidebar.
All communities included on the sidebar are to be made in compliance with the instance rules.
founded 1 year ago
MODERATORS
~~You can, and it's compliant. It's a loss of potential business for companies that haven't made the necessary changes, but they also don't get your data.~~
Edit: Ehh... it's bit of a grey area, you'll probably not see massive companies do this, but smaller ones will, and they'll get away with it as the EU would much rather being screwing with Zuckerberg and Musk, which is always a good thing. So not 100% compliant, but if the regulation isn't enforced as the company has made an effort to stop EU types using the site, it's probably as good as you'll get short of requiring passports to log in, which is a whole new kettle of angry fish of regulations.
It’s not compliant. You might be serving eu citizens living in other countries. I’ve had to implement gdpr regs for a US only company. This isn’t compliant with GDPR.
Sorry, that's not correct, the GDPR applies to EU Citizens and Non-EU Citizens located within the EU, and an EU Citizen's Data if it's moved outside the EU while the person is still located within the EU. An EU Citizen located outside the EU is not covered, as they would be under the laws and regulations of wherever they're located.
I literally had to work with lawyers to cover this. GDPR covers EU citizens across the planet. Doesn't matter where you are. I don't know where you got your information from, but mine came from both the law, and FinTech lawyers whose job it is is to know this stuff.
My info came from my missus who managed the GDPR compliance for 2 of the top 5 largest pharmaceutical companies on the planet for the of the largest blue chip IT infrastructure provider on the planet. GDPR does not supersede local regulations even if you are a citizen of the EU. A website refusing to do business to IP addresses in the EU does not make it non compliant with GDPR, if an EU citizen physically leaves the EU to a country where GDPR doesn't apply, it doesn't magically apply because the keyboard senses an EU finger is on those keys. If someone moves from France to Canada, and uses a local website that doesn't comply with GDPR, do they automagically get a fine for non compliance? Best they can do is refuse delivery if you try to order something to be shipped back home.
If those pharmaceutical companies try to ever do business in the EU they will immediately find out that the laws do apply. I’m sorry but your “missus” is uninformed. You can go check for yourself instead of believing me though. There’s plenty of resources for it to explain it to both of you.
OK, after talking to her more, she's informed me that patient data is treated with country based regulations that supersede GDPR, so GDPR compliance is not a requirement contractually, as country, and sometimes region, regulatory compliance is more important. Germany for instance, is pretty strict in that the data can't just be silo'd off, separate from other countries, it needs to remain within German borders at all times, which goes above and beyond GDPR, so GDPR is ignored.
Furthermore, blanket IP banning EU customers is a grey area, and the EU does not seek legal action against companies that do this, as most are operating in localities where there are now reciprocal agreements in place. Since the EU has not, as far as I'm aware, enforced GDPR versus a company that's attempting to block EU IP addresses from accessing it's website, it's not an enforced regulation, and as such is not actually 100% incorrect. After having experienced the difficulties of GDPR first hand, in trying to use a US website to buy something in the US, and ship it to another address in the US, while being in Europe, but not the EU (Switzerland) it's a pain in the ass as the average American mail order meat company (wife topping up her mother's freezer) doesn't give a crap about the difference between the continent of Europe and the political union of the EU, but for the average consumer, there's nothing you can actually do.
So I concede that financial reporting is probably going to be GDPR compliant regardless of where you are, as there is probably very few banks that can say with 100% certainty they have no EU citizens so it's best to err on the side of caution, it's also still correct that pharmaceutical companies do tend to ignore GDPR as they are already compliant with far more rigorous laws and regulations which have been in place for years regardless. Her job was primarily to get the companies GDPR (and other local/national regs) compliant for the shareholders who did seem to be demanding it for their regulatory compliance.
I'll edit the post at the start of this chain and then head to bed.
True, but it's also a loss of access due to geographical location, which is the opposite of one of the original main tenets of the internet.
One of the main tenets of the internet is you can run your site the way you want, but nobody has to visit it. Kind of like free speech, you can say what you want but nobody has to listen to it.
Not if "the way you want" is by serving malware without giving the user a choice or even informing them that they're agreeing to malware by entering. That's all the EU law mandates: seeking informed consent.
There is a difference between cookies (which are just strings of characters often used to keep you logged in) and actual malware executable code.
There's also a difference between session cookies, which are code to keep track of what you do on the site, and tracking cookies which are code that spies on everything you do online in order to monetize it. A lot of us consider the former benign and the latter malware that we want the option of avoiding.
I think malware is software (executable) by definition though. Cookies are never executable, they are just data.
Malware is anything that negatively affects your computer. Cookies tracking your every move to sell your information to a third party that then inundates you with unwanted ads every time you use the internet would qualify IMO.