I seem to have touched a nerve lol. Here's my reform proposal for the GDPR:
1. Toss it out. All of it. In the present form, it is worthless.
2. Make privacy regulation simpler, not ten million pages and bureaucrats who are RIGHT NOW, abusing the power that all Europeans have entrusted them with.
3. Enable independent oversight. Consultations with technical committees of technology companies, Judicial reform to ensure there is no legislating from the bench, independent whistleblower handling to investigate abuses of power such as the CNIL case.
4. Separate the legislative, executive and punitive functions with very tight rules. We have assholes in Brussels so married to the idea that all tech is bad that they rebelled against the moves by the European Parliament to codify data transfer laws between the EU and US during Bidens visit. I mean, there is a limit to short sighted thinking.
5. Stop the political uncertainty with the multiple changes and the sheer amount of idiotic bureaucracy with multiple conflicting regulations where EVERY SINGLE FUCKING THING is a crime and instead, pick the most pressing issues: Cybersecurity, Data Handling, Data Sharing etc. It's ridiculous that we have 10,000 people obsessing over cookie banners while malicious hackers pilfer 100s of millions of peoples data because of a lack of political will to focus on cybersecurity.
On privacy legislation, my biggest gripe with the GDPR is it HAS DONE FUCK ALL for privacy. Apple has done more with the changes to iOS than the entire fucking EU with GDPR.
I am advocating for MORE effective legislation, not more INEFFECTIVE, burdensome, regressive regulation that enshrines the concentration of powers and makes innovation impossible.
1. Enlarge the definition of privacy legislation to cover EVERYTHING! Do you realize that EUROPEAN Intel agencies are not covered by the GDPR right now? While American Intel agencies are and Chinese Intel agencies are not even mentioned or challenged? How is that good for privacy when Huawei is essentially taking much of European market share while being run by a Govt enslaving a million Muslims in Xinjiang?
2. Make it less reliant on pure punitive measures and more an incentive+punitive set of objective measures to give companies the opportunity to innovate towards solutions. Right now, the stance by Europe has made only investing in lawyers the most appropriate choice. That or leave. No middle ground, no consultations, simply make villains of tech companies and that is the legacy of many regulators there.
3. Term limits on regulators. Limits and regulation on the people enforcing privacy legislation to ensure a balanced mind. Right now, go on Twitter and see the deranged rants of many of the people in these agencies who delight at the market share loss of Facebook or openly express glee whenever there is a bad press cycle outside of privacy for any of the companies they're supposed to be entrusted with passing judgements on. This is not a democracy. It's shameful.
4. Incentives that MINIMIZE liability for companies that meet objective standards that are reasonable. Right now, the approach is to hit them with the biggest stick you can find and hope and pray that it works out.
Many more, but along the same lines.
>I suspect that something about the GDPR must have bitten you quite badly
I've seen people simply struggle to achieve success that other parts of the world take for granted. This is TODAY . . in EUROPE of all places. You need to realize that bad political decisions are bad for everyone. I don't have skin in the game other than the feeling of watching someone drive off a cliff. So many people i speak to/interview/engage with from Europe who are young as SO very bright and talented and it's amazing to see how the very people they elected piss away time, resources and money on depleting the economy that these kids are going to grow up into for personal vendetta.
No one in their right mind will argue that the GDPR does a great job. It is very flawed legislation that will set the privacy movement back decades.
1. Toss it out. All of it. In the present form, it is worthless. 2. Make privacy regulation simpler, not ten million pages and bureaucrats who are RIGHT NOW, abusing the power that all Europeans have entrusted them with. 3. Enable independent oversight. Consultations with technical committees of technology companies, Judicial reform to ensure there is no legislating from the bench, independent whistleblower handling to investigate abuses of power such as the CNIL case. 4. Separate the legislative, executive and punitive functions with very tight rules. We have assholes in Brussels so married to the idea that all tech is bad that they rebelled against the moves by the European Parliament to codify data transfer laws between the EU and US during Bidens visit. I mean, there is a limit to short sighted thinking. 5. Stop the political uncertainty with the multiple changes and the sheer amount of idiotic bureaucracy with multiple conflicting regulations where EVERY SINGLE FUCKING THING is a crime and instead, pick the most pressing issues: Cybersecurity, Data Handling, Data Sharing etc. It's ridiculous that we have 10,000 people obsessing over cookie banners while malicious hackers pilfer 100s of millions of peoples data because of a lack of political will to focus on cybersecurity.
On privacy legislation, my biggest gripe with the GDPR is it HAS DONE FUCK ALL for privacy. Apple has done more with the changes to iOS than the entire fucking EU with GDPR.
I am advocating for MORE effective legislation, not more INEFFECTIVE, burdensome, regressive regulation that enshrines the concentration of powers and makes innovation impossible.
1. Enlarge the definition of privacy legislation to cover EVERYTHING! Do you realize that EUROPEAN Intel agencies are not covered by the GDPR right now? While American Intel agencies are and Chinese Intel agencies are not even mentioned or challenged? How is that good for privacy when Huawei is essentially taking much of European market share while being run by a Govt enslaving a million Muslims in Xinjiang? 2. Make it less reliant on pure punitive measures and more an incentive+punitive set of objective measures to give companies the opportunity to innovate towards solutions. Right now, the stance by Europe has made only investing in lawyers the most appropriate choice. That or leave. No middle ground, no consultations, simply make villains of tech companies and that is the legacy of many regulators there. 3. Term limits on regulators. Limits and regulation on the people enforcing privacy legislation to ensure a balanced mind. Right now, go on Twitter and see the deranged rants of many of the people in these agencies who delight at the market share loss of Facebook or openly express glee whenever there is a bad press cycle outside of privacy for any of the companies they're supposed to be entrusted with passing judgements on. This is not a democracy. It's shameful. 4. Incentives that MINIMIZE liability for companies that meet objective standards that are reasonable. Right now, the approach is to hit them with the biggest stick you can find and hope and pray that it works out.
Many more, but along the same lines.
>I suspect that something about the GDPR must have bitten you quite badly
I've seen people simply struggle to achieve success that other parts of the world take for granted. This is TODAY . . in EUROPE of all places. You need to realize that bad political decisions are bad for everyone. I don't have skin in the game other than the feeling of watching someone drive off a cliff. So many people i speak to/interview/engage with from Europe who are young as SO very bright and talented and it's amazing to see how the very people they elected piss away time, resources and money on depleting the economy that these kids are going to grow up into for personal vendetta.
No one in their right mind will argue that the GDPR does a great job. It is very flawed legislation that will set the privacy movement back decades.