Mastodawn

We really, really need to enshrine in law the idea that fines be proportional to the size of the entity being fined. Stop fining near-trillion-dollar companies in the millions and start fining them in percentages of their market cap. Fifty million dollars is shake out the couch money to these guys. Two percent of market cap and you're goddamn right they'll pay attention.

Show thread

⁉️

@mhoye
EU-GDPR allows for the following, however as most big-tech is based in Ireland, which is plagued by biased/susceptible officials, no serious fines have yet come to fruitition > https://www.heise.de/en/news/Ireland-Former-meta-lobbyist-becomes-data-protection-officer-10661910.html

Tier 1:

Up to €10 million OR 2% of total worldwide annual turnover from the preceding financial year, whichever is higher

Tier 2:

Up to €20 million OR 4% of total worldwide annual turnover from the preceding financial year, whichever is higher

Ireland: Former meta-lobbyist becomes data protection officer

The appointment of former lobbyist Niamh Sweeney as data protection commissioner has caused irritation, particularly outside Ireland.

heise online

Show thread

⁉️16h ago

@mhoye

Tier 1 (Less Serious Violations):

Applies to violations such as: record-keeping failures, inadequate security measures, insufficient data protection impact assessments, and certain processor obligations

Tier 2 (More Serious Violations):

Applies to violations such as: violations of core data processing principles (lawfulness, fairness, transparency), unlawful data transfers, infringement of data subject rights, and non-compliance with orders from supervisory authorities