• 7 Posts
  • 23 Comments
Joined 1 year ago
cake
Cake day: July 23rd, 2023

help-circle






  • Maybe you misunderstand the enforcement part of the GDPR. It’s not made for you to get personal enforcement out of it.

    You obviously have not read article 77. This article entitles individuals to report GDPR violations to a DPA for enforcement. Article 77 does not distinguish violations against an individual (which I suppose is what you mean by “personal enforcement”) and violations against many. Some of the violations I have reported can only be construed as violations against the general public. E.g. an org fails to designate a DPO.

    The problem is there is nothing to enforce article 77 itself. When a DPA neglects to act on an article 77 report, there is no recourse. There is only a provision that allows lawsuits against the GDPR violators. But then when someone did that, and then claimed legal costs, an Italian court decided for everyone in a precedence-setting case that legal costs are not recoverable. Which essentially neuters the court action remedy. So we have an unenforced article 77 and a costly & impractical direct action option.

    It works on the basis of multiple infractions being recorded and then escalating the agencies response level.

    It’s not even doing that much, in some cases. The report has to get past the front desk secretary and be submitted into the litigation chamber before it’s even considered as something that would indicate a trend. If it doesn’t get past the secretary it does nothing whatsoever. Some of my reports were flippantly rejected by a pre-screening secretary for bogus reasons (e.g. “your complaint is ‘contractual in nature’” when in fact there is no contractual agreement, apart from the fact that the existence of a contract does not nullify the GDPR anyway).

    I work with many companies as IT consultant and I can assure you, that they all FEAR the GDPR

    So you’re only seeing the commercial response. Gov agencies & NGOs are also subject to the GDPR, which is where you see the most recklessness (likely due to the lack of penalty). On the commercial side banks also don’t give much of a shit about the GDPR because when they violate it there’s a shit ton of banking regs they point to and the DPAs are afraid to act against banks because of the messy entanglement of AML/KYC laws that essentially push #banks to violate the GDPR.

    Enforcement of GDPR does happen and you can review every enforcement on a public website called enforcement tracker.

    Indeed I’ve browsed through the enforcement tracker. It’s a good prop for making the public believe that the #GDPR is being well enforced. They are cherry-picking cases to enforce to convince the public that something is being done, but people who actually submit reports know better. We see the reports that are clearly going unenforced.

    I have also personally requested information about me and my family through the rights bestowed by the GDPR

    I have had article 15 access requests denied which I then reported to the DPA, who opened a case but just sat on it. For years, so far.

    (edit) By the way, I suggest you leave Lemmy·world for a different instance. If you care about privacy at all, you don’t use Cloudflare nodes. I cannot even see the msg I wrote (which you replied to) because #lemmyWorld blocks me (which I give some detail here: https://lemmy.dbzer0.com/post/1435972). I had to reply to you based purely on your msg without context.



  • I was thrilled when #wiby.me was first introduced. Then for a while wiby.me was itself a Tor-hostile Cloudflare site. I’m glad you brought it up because it prompted me to check again & it seems at the moment wiby is a user-respecting non-Cloudflare site. Note there was another search engine similar to wiby which I can’t track down right now… but it’s possible I’m confusing that other one with wiby. Err… I think both were unusable for a while.

    (edit) The other site is search·marginalia·nu. That’s the one that became a despicable CF site. I think wiby broke down for tor users for a while but glad to see at the moment that it’s still usable. I just got good results when searching for a recipe.








  • I used a PalmOS device in school to manage my school schedule. So this was my 1st thought:

    “Banning mobile phones entirely from school premises would raise some practical concerns, for example for parents wanting to contact their children while travelling between school and home.”

    Feature phones still exist. It would be great if the massive stockpiles of prematurely discarded dumbphones could be recycled to students. Maybe bring back offline PalmOS types of things for scheduling.

    “…Some pupils will also use phones as payment methods on public transport.”*

    Easily solved: smartphones go into the locker at the start of the day. Also, bring back the ability to pay cash on the public transport vehicle – this will help push back on the #warOnCash. We could also say there’s a systemic inefficiency if students don’t have season passes on public transport.



  • It was coded 8 years ago in Tcl¹ for a one-off project in Belgium. Would you really be interested?

    The APIs would have changed dramatically by now & some of the real estate sites no longer exist. Some of the sites brought in CAPTCHAs. It was coded to use Tor & the public transport site has become Tor-hostile and also changed their API. It’s also very user unfriendly… a collection of scripts & variety of hacks because I was my only user.

    I didn’t publish the code at the time because I worried that it would trigger the target sites to become bot-hostile.

    ① Also note that I use #Tcl for personal use but I resist publishing any Tcl code because I would rather not promote the Tcl language. Why? Because the Tcl folks have jailed a large portion of their docs in Cloudflare’s walled garden. I believe programming language docs should be openly public.



  • I’m not sure how you can blame a corporation for doing the job of a corporation. It’s capitalism doing its thing.

    I will blame the end users. When the masses of anti-bot pro-advertising normies decide to run browsers that play the token game, it will be on them. Just as countless shitty websites get high ranking search results today… it’s because the masses endorse it.

    Boycotts are far too rare. It’s the consumer’s job to #boycott. They don’t do their job and this is the real point of failure (which Google gladly exploits).


  • It would stop beneficial bots like the ones I create¹ as a small-time hobbyist because the little guy does not have the resources for this arms race. You may be right when it comes to large-scale scraping ops that are done by a business (e.g. scraping RyanAir or Southwest airlines so an airfare consolidation site can show more fares).

    ① e.g. I wrote a bot that scraped the real estate market sites, scraped the public transport sites, and found me a house with the shortest public transport commute.


  • It’s bizarre that you think the EU market it small enough to be dispensable. When GDPR came into force, many US sites had to reject EU traffic. But that was only temporary for the most part. They knew it wasn’t smart for business to exclude the EU so they got their compliance issues sorted.

    Hope you guys enjoy not being able to search for things.

    I would love that actually. But it’s not reality. In reality what happens is the search engines deliver a shit-ton of unusable garbage results that I would rather not see. E.g. sites that block Tor users, CAPTCHAs, giant cookie popups, etc.

    If a search engine were to filter out the garbage, it would be a great start to solving the shitty web problem.