| ▲ | rckt 4 hours ago |
| I get that too many regulations is a bad thing. But when we talk privacy and personal data there should be no gray zone. It has to be black and white. When I see a stupid cookie banner I search for "Reject all". There's no some data that companies can collect and process without my consent, they just shouldn't be able to collect anything without me actively opting in. Business never respects anything, but profits. Seeing news about relaxing these laws with the "AI" going after this leaves a bitter taste. And with them also trying to push the Chat Control thing, it gets even worse. |
|
| ▲ | energy123 3 hours ago | parent | next [-] |
| I've stopped thinking of regulations as a single dial, where more regulations is bad or less regulations is bad. It entirely depends on what is being regulated and how. Some areas need more regulations, some areas need less. Some areas need altered regulation. Some areas have just the right regulations. Most regulations can be improved, some more than others. |
| |
| ▲ | idrios 3 hours ago | parent | next [-] | | Regulations are like lines of code in a software project. They're good if well written, bad if not, and what matters more is how well they fit into the entire solution | | |
| ▲ | gessha an hour ago | parent | next [-] | | A major difference with regulations is there’s no guaranteed executor of those metaphorical lines of code. If the law gets enforced, then yes, but if nobody enforces it, it loses meaning. | | |
| ▲ | estimator7292 an hour ago | parent [-] | | If the law is code, then law enforcement is a JITter (joke) | | |
| ▲ | dijit 39 minutes ago | parent [-] | | Optimised compiler makes sense though. Unenforceable laws go unenforced, undefined behaviour is undefined and varies based on compiler (law enforcement agency or officer). |
|
| |
| ▲ | lucketone 2 hours ago | parent | prev | next [-] | | And lines of code is like the mass of an airplane. | |
| ▲ | samdoesnothing 2 hours ago | parent | prev [-] | | In general you want as few as possible of both. | | |
| ▲ | econ an hour ago | parent | next [-] | | You could also optimize everything for future updates that optimize things even further for even more updates... Humm.. that was supposed to be a joke but our law making dev team isn't all that productive to put it mildly. Perhaps some of that bloat would be a good thing until we are brave enough to do the full rewrite. | |
| ▲ | banana_sandwich 44 minutes ago | parent | prev | next [-] | | [dead] | |
| ▲ | AceJohnny2 an hour ago | parent | prev [-] | | that's right. This is the reason all my code looks like an entry to PerlGolf. /s The world's complicated. "Every complex problem has a solution which is simple, direct, and wrong" Simplicity is a laudable goal, but it's not always the one thing to optimize for. | | |
| ▲ | lo_zamoyski an hour ago | parent [-] | | Ah, but "simplicity" is not necessarily "fewest lines of code". Code is first and foremost for human consumption. The compiler's job is to worry about appeasing the machine. (Of course, that's the normative ideal. In practice, the limits of compilers sometimes requires us to appease the architectural peculiarities of the machine, but this should be seen as an unfortunate deviation and should be documented for human readers when it occurs.) | | |
| ▲ | AceJohnny2 21 minutes ago | parent [-] | | > Code is first and foremost for human consumption. The compiler's job is to worry about appeasing the machine. Tangentially, it continues to frustrate me that C code organization directly impacts performance. Want to factorize that code? Pay the cost of a new stack frame and potentially non-local jump (bye, ICache!). Want it to not do that? Add more keywords ('inline') and hope the compiler applies them. (I kind of understand the reason for this. Code Bloat is a thing, and if everything was inlined the resulting binary would be 100x bigger) |
|
|
|
| |
| ▲ | l5870uoo9y 3 hours ago | parent | prev | next [-] | | I disagree with this otherwise seemingly reasonable position. Draghi's latest report pointed out that overregulation is a major problem in the EU and costs EU companies the equivalent of a 50% tariff (if I remember correctly). Of course, Draghi's report has led to nothing more than a few headlines. | | |
| ▲ | gessha an hour ago | parent | next [-] | | I’m not saying the following regarding Draghi’s report or particular regulation in mind: If an unethical business gets started due to underregulation and it generates revenue and contributes to GDP, is that a good thing? | |
| ▲ | wizzwizz4 3 hours ago | parent | prev [-] | | That 50% figure seems extremely dubious. I'd expect either methodological failures, or a definition of "costs" that I disagree with (e.g. fair-competition regulations preventing price-hikes, "costing" EU companies the profit they could obtain from a cartel). However, skimming the report (https://commission.europa.eu/topics/competitiveness/draghi-r...), I can't find the 50% figure. | | |
| ▲ | l5870uoo9y 3 hours ago | parent [-] | | > Mario Draghi has argued that the EU's internal barriers, which are equivalent to a high tariff rate, cost more than external tariffs. He has cited IMF estimates that show these internal barriers are equivalent to a \(45\%\) tariff on manufactured goods and a \(110\%\) tariff on services. These internal market restrictions, which include regulatory hurdles and bureaucracy, hinder cross-border competition and have a significant negative impact on the EU's economy. Source: https://iep.unibocconi.eu/europes-internal-tariffs-why-imfs-... | | |
| ▲ | palata 2 hours ago | parent | next [-] | | Sure, someone argues something. Who knows if it's right or wrong? It's not a hard science. How do you estimate the cost of regulations on businesses? You ask businesses. Businesses have absolutely zero incentive to say that regulations are not bad. "Just in case", they will say it hurts them. That is, until there is a de facto monopoly and they can't compete anymore, and at that point they start lobbying like crazy for... more regulations. Look at the drone industry: a chinese company, DJI, is light-years ahead of everybody else. What have US drone companies been doing in the last 5+ years? Begging for regulations. All that to say, it is pretty clear that no regulations is bad, and infinitely many regulations is bad. Now what's extremely difficult is to know what amount of regulation is good. And even that is simplistic: it's not about an amount of regulation, it depends on each one. The cookie hell is not a problem of regulations, it's a problem of businesses being arseholes. They know it sucks, they know they don't do anything with those cookies, but they still decide that their website will start with a goddamn cookie popup because... well because the sum of all those good humans working in those businesses results in businesses that are, themselves, big arseholes. | |
| ▲ | wizzwizz4 2 hours ago | parent | prev [-] | | That article does contain the correct answer, so thank you very much for finding it, although the passage you've quoted is ChatGPT gibberish not in the source given. Per https://iep.unibocconi.eu/europes-internal-tariffs-why-imfs-..., the model treats shopping local as evidence of the existence of a trade barrier, as opposed to a rational preference based on cultural and environmental considerations. This is why the numbers are ridiculously high. (Is there a 120% implicit tariff for textiles? Or do people just prefer warm clothes in the north and breezy clothes in the Mediterranean?) |
|
|
| |
| ▲ | pa7ch 3 hours ago | parent | prev | next [-] | | The regulation good/bad dichotomy has been very effective reducing the thinking of the constituents of modern neolibs in the US. On one end we have regulations as part of regulatory capture. Opposite effect of regulations that would help say a small business compete fairly. | |
| ▲ | pembrook 3 hours ago | parent | prev [-] | | Unfortunately politics has become the religion of modernity. Nuance and sober analysis like you've suggested do not mix well with religious dogma. It's much easier for people to react emotionally to symbols. For many here, 'GDPR' is a variable that equals 'privacy' in their brain computer. So any criticism of it or its implementation realities, no matter how well argued, will not be met with reasoned response, but instead religious zeal. | | |
| ▲ | vanviegen 7 minutes ago | parent | next [-] | | I've never seen anyone here, or elsewhere, displaying a positive opinion on GDPR without readily acknowledging it, or the way it has turned out and is (not) being policed, has many shortcomings. I have seen people that are fanatical on privacy. Cheers to them! | |
| ▲ | wizzwizz4 an hour ago | parent | prev [-] | | Most criticism of GDPR on HN is a criticism of bad-faith attempts to pretend to comply, many of which are expressly forbidden by the GDPR. It's a well-written, plain English regulation, and I encourage everyone to read it before criticising it. (At the very least, point to the bits of the regulation you disagree with: it should only take around 5 minutes to look up.) | | |
| ▲ | dijit 33 minutes ago | parent [-] | | Hear hear. My company had consultants come in to help with GDPR, I left after months of them being hired: more confused than I went in. So I went to the source, and I found it surprisingly easy to read and quite clear. I think theres a lot of bad faith discussion about the GDPR being complex by people who have a financial interest in people disliking it (or, parroting what someone else said). Heres the full text: https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELE... 87 pages and nearly every edge case is carved out. Takes 20 minutes to read. | | |
| ▲ | vanviegen 5 minutes ago | parent [-] | | > 87 pages and nearly every edge case is carved out. Takes 20 minutes to read. That's some serious speed reading! :-) |
|
|
|
|
|
| ▲ | nine_k 2 hours ago | parent | prev | next [-] |
| More regulation, or stronger regulation, as in less wiggle room for businesses, may be a good thing. Case in point: a regulation requiring to disclose the ingredients of food. Too many regulations is almost always a bad thing: numerous pieces of regulation rarely fit together seamlessly. It becomes easier to miss some obscure piece, or to encounter a contradiction, or to find a loophole. The cost of compliance also grows, and that disproportionately favors big established players. |
| |
| ▲ | samdoesnothing 2 hours ago | parent [-] | | I think this is an excellent point. More is almost always worse, but if there is a genuine need for regulation it should be absolute. |
|
|
| ▲ | eitau_1 3 hours ago | parent | prev | next [-] |
| Most baffling thing is that sometimes you can't opt-out from "always active" stuff that still involve hundreds of "partners"; see: https://news.ycombinator.com/item?id=45844691 |
| |
| ▲ | user34283 2 hours ago | parent [-] | | Users can opt-out by not using the service or buying an ad-free version if available. One would think that developers should not be forced to offer for free a version monetized with 60% less effective ads. And I understand currently this is indeed not the case for small developers, they can offer paid ad-free or free but with personalized ads. Large platforms apparently cannot. | | |
|
|
| ▲ | betaby 3 hours ago | parent | prev | next [-] |
| That cookie thing should a browser's default. |
| |
| ▲ | Someone 2 hours ago | parent | next [-] | | FTA: “Under the new proposal, some “non-risk” cookies won’t trigger pop-ups at all, and users would be able to control others from central browser controls that apply to websites broadly.” | | |
| ▲ | dijit 31 minutes ago | parent [-] | | GDPR allows for essential cookies with no popup. Implied consent is valid for most functionality, just not selling peoples tracking data or giving it to a third party who could. Its entirely possible to have no pop-up. Someone once told me they wanted one anyway because it made the site seem more legitimate than if I removed it (the only thing I would have needed to change was the embedded video from youtube and I could have dropped the popup. Oh well). |
| |
| ▲ | Fargren 3 hours ago | parent | prev | next [-] | | That would be fine, if there was a law that forced every browser to have this setting and every company to respect the setting. | | |
| ▲ | bryanrasmussen 2 hours ago | parent [-] | | arguably if there was a browser setting for this the current GDPR would require you to respect that setting. But that's arguably, it would still need to adjudicated. | | |
| ▲ | 1718627440 2 hours ago | parent [-] | | The browser setting already exists (DNT), so I don't know what you want to conlude. |
|
| |
| ▲ | mmooss 2 hours ago | parent | prev [-] | | Like Do Not Track? |
|
|
| ▲ | mvdtnz 10 minutes ago | parent | prev | next [-] |
| There are lots of uses for cookies that have absolutely nothing to do with collecting data about you. |
|
| ▲ | tsoukase 3 hours ago | parent | prev | next [-] |
| Using an Ad blocker I feel regret for stealing the site's revenue. So I allow them to collect my personal data. Anyways, I think most of them will not respect my rejection. |
| |
| ▲ | zelphirkalt 3 hours ago | parent | next [-] | | A site that cannot exist without collecting not needed personal data and without selling out its visitors, has no justification of continuing to exist. Don't let them guilt-trip you. | | |
| ▲ | user34283 2 hours ago | parent | next [-] | | Do you think anyone cares in the slightest about your 'personal data'? It's garbage and no one would waste energy for it, if it weren't for the ability to serve more effective advertisements. If I'm going to offer an application monetized with Ads, I'm going to use a big ad network like Google which requires cookies to personalize the ads and prevent fraud. I could not care less about collecting your personal data. And that's probably the same for 99% of websites. | | |
| ▲ | rapnie 25 minutes ago | parent | next [-] | | A blog writer who injects ads cares in an analogy similar to how a low-level street dealer cares about pushing to clients. It provides the income. Further up the chain it goes much further than just ads, up to state actors who try to influence elections all across the globe, based on such data. And with AI a new Wild West wide open to explore. | |
| ▲ | zelphirkalt an hour ago | parent | prev | next [-] | | Well, without any personal data, FB/Meta and Google would have nothing. Their whole business model is selling the idea, that they are able to advertise better, due to them knowing things about people and their preferences or interests. Obviously you need to consider what happens in the large. | |
| ▲ | s1mplicissimus an hour ago | parent | prev [-] | | > It's garbage and no one would waste energy for it, if it weren't for the ability to serve more effective advertisements. Advertisements, among other things, for political views, influencing voter behavior. Which lots of interest groups care about |
| |
| ▲ | tonyhart7 2 hours ago | parent | prev [-] | | that just shallow and one sided argument that never respect another side of coin |
| |
| ▲ | Telaneo 3 hours ago | parent | prev [-] | | They should feel ashamed for collecting your personal data in the first place. |
|
|
| ▲ | zelphirkalt 3 hours ago | parent | prev | next [-] |
| Yep, it is exactly what the EU shouldn't do. This will actually further disadvantage EU companies, when US companies are left to run rampant. It also will take away any "made in EU" advantage that EU-local companies had over US competition. GDPR was exactly the right step. In fact it was not enforced strictly enough and should have been enforced much stricter, punishing all the shady businesses which employed dark pattern to extract personal data from citizen. |
|
| ▲ | renegade-otter 2 hours ago | parent | prev | next [-] |
| Europe has much more fatal startup-killing regulation problems than cookies, however. Who cares about cookies? I am on your site, you are going to plant/collect cookies. These goddamned banners are a solution in search of a problem, and it's yet another hurdle a company of, say, 3 has to go through, for very little reason. |
| |
| ▲ | thfuran an hour ago | parent [-] | | The banner isn't required. They could just not do the things the banner would ask consent for. |
|
|
| ▲ | golol 2 hours ago | parent | prev | next [-] |
| I think I should be able to collect whatever publicly available data I can find. |
| |
| ▲ | rckt 43 minutes ago | parent [-] | | But we are not dealing here with the public data. Stalking people, recording their every step and action so then you can sell their behavioural habits is not collecting public data, it’s stalking and invading people's private life. |
|
|
| ▲ | wat10000 44 minutes ago | parent | prev | next [-] |
| They should have gone farther. Don't require the user's permission for non-essential tracking cookies. Just ban them outright. No opt in, no opt out, it's just straight-up illegal to track people unless they're actively using a signed in account. |
|
| ▲ | lo_zamoyski an hour ago | parent | prev | next [-] |
| The trouble is that everyone else is pursuing tech unhindered by such regulations at breakneck speed, and Europeans realize that Europe - once the center of science and technology - is increasingly sliding into a backwater in this space and an open air museum. Now, some will agree with you and say that privacy should never be violated, but nonetheless accept a certain measure of tolerance toward that kind of violation, because they see rigid intolerance as causing more harm than the violation of privacy itself is causing [0]. This harm is chiefly the economic harm caused by the burden of regulation and the roadblocks it introduces. Perhaps this isn't true, but if it is, then moral offense is likely to have little effect. A more effective means might be the make following regulations cheaper. Of course, as we know, when you make something cheaper, you increase demand. This means that EU institutions would likely see this as an opportunity to increase regulation, nullifying the gains of introducing less costly ways to adhere to regulation. [0] This reminds me of Aquinas's view of prostitution. Naturally, Aquinas saw prostitution as a grave, intrinsic evil. No one is ever justified in soliciting the services of a prostitute, much less of being a prostitute. That's the moral stance; it concerns our personal moral obligations. However, from the position of the state and how the state should police such activity through law, Aquinas saw the criminalization of prostitution, however good in principle it might be, as a policy that would be practically worse - even disastrously so - than law and policy that is permissive toward prostitution. Whether you agree or disagree with him, the principle holds, namely, that the state not only does not need to police every bit of immorality, but by doing so, may actually contribute to the destabilization of society and to an even worse condition than the one it is saddled with. |
| |
| ▲ | rapnie 39 minutes ago | parent [-] | | > sliding into a backwater in this space and an open air museum Or a place that follows a different approach than "break it to make it" mad dash, that fosters a different - perhaps richer - culture with tech more aligned to people's needs, and overall healthier to live in. If there is a good set of regulations in place. And that is where EU is not consistent, and this backtracking not helpful. |
|
|
| ▲ | shoddydoordesk 3 hours ago | parent | prev | next [-] |
| Who is the audience your comment is trying to reach? Who are these mysterious "companies"? It's important to realize companies are made of people. Someone had to explicitly code the dark pattern in the GDPR cookie dialog. Ever notice the button for "Accept All" is big and shiny, while refusing all is more often than not a cumbersome, multi-click process? That's not an accident. That was coded by people. People around us, people who post here. I'm sure "made GDPR dialog deceptively confusing" went on someone's accomplishment report that they then used to justify a raise or promotion. |
| |
| ▲ | palata 2 hours ago | parent | next [-] | | My theory is that companies are not the sum of their employees. Employees are generally good; toxic humans are a small minority (unfortunately they tend to be over-represented at the head of companies). But put employees together into a profit-maximisation machine, and the machine will try to maximise profit, with dark patterns and downright evil things. Similar with our species as a whole: nobody is actively working to break the climate so much that their kids will die long before they reach the age of retirement. But that's what we as a species are doing together, somehow. Individually, we don't want that, but that's not enough. | |
| ▲ | s1mplicissimus an hour ago | parent | prev | next [-] | | Having coded multiple such buttons in the past, I'd like to ask to consider that the person doing the coding is barely the person making the decision. It's hard to reject such a request when your lifelihood depends on the job | |
| ▲ | arccy an hour ago | parent | prev [-] | | someone coded it once, everyone else just adds another dependency that fulfills the spec, they don't even have to search for "dark patterns", just "most effective" |
|
|
| ▲ | yapyap 2 hours ago | parent | prev | next [-] |
| > I get that too many regulations is a bad thing Well yeah, cause your sentence relies on itself. _Too many_ regulations is a bad thing. But to have a lot of regulations, especially in fields where there is not much to be gained but oh so much being lost in the interest of capital gains like in generative AI, is a blessing rathr than a curse. |
|
| ▲ | imiric 2 hours ago | parent | prev | next [-] |
| Do you really think that clicking on any button on cookie consent popups actually does anything? It's just an illusion of choice. The reality is that these sites will still track you, whether that's via cookies or, more commonly today, fingerprinting. When they list thousands of "partners" with "legitimate interest", it's a hint that there's a multi-billion-dollar industry of companies operating behind the scenes that will do whatever it takes to profile and track you, regardless of what you click on a silly form. Regulations like the GDPR don't come close to curtailing this insanity. |
|
| ▲ | impulser_ 3 hours ago | parent | prev | next [-] |
| Yeah, but a lot of the rules around privacy and personal data make it hard to accept business from Europeans. If you are a small business or startup you might not even accept business from Europeans because navigating these rules are almost impossible. |
| |
| ▲ | Etheryte 3 hours ago | parent [-] | | I'm not sure how this makes sense. Functionally the rules are the same across the entire bloc and it's pretty straightforward: unless you have a legitimate reason to store the data, you need to ask for consent and the consent must be free. I want to make more money is not a legitimate reason. I have a legal requirement to fight financial fraud is a legitimate reason. Obviously the reality is more nuanced, but understanding this basic idea gets you there 95% of the way. |
|
|
| ▲ | kronicum2025 3 hours ago | parent | prev [-] |
| > But when we talk privacy and personal data there should be no gray zone. It has to be black and white. you are wrong. If one followed your ways, we would never do a lot of things. There are things called regulatory sandboxes for a reason. But those don't really work in fields where the "scale of the data" is the core reason of why things work. Chat control is stupid. |
