• ℍ𝕂-𝟞𝟝@sopuli.xyz
    link
    fedilink
    English
    arrow-up
    31
    arrow-down
    2
    ·
    3 days ago

    You should also know that hosting a service in the US without explicitly denying service to Europeans, and not abiding by the GDPR makes you liable to criminal prosecution in the US. US federal law has a version of GDPR that does not protect US citizens, just EU ones.

      • ℍ𝕂-𝟞𝟝@sopuli.xyz
        link
        fedilink
        English
        arrow-up
        17
        ·
        edit-2
        3 days ago

        It’s very dry and boring legalese, but look up the EU-US Data Privacy Framework.

        TL;DR: Biden signed a law last year letting EU courts enforce GDPR fines in US courts. It never happens because companies are not stupid and defend themselves in the EU courts.

        It’s a recent edition of a string of increasingly privacy-favouring legislation attempts by the US to placate the EU about the rights of its citizens being respected abroad. The gist of it is that it is a US federal law signed into force by Biden last year, which makes it so that EU citizens have legal standing in US courts to enforce EU GDPR court decisions. There is not a lot of precedent yet, but that’s part of the point.

        It precludes companies from using the loophole of not having any EU presence to evade fines and rules. Companies can and almost always exempt themselves from this by having an EU entity and subjecting themselves to GDPR directly, since if they get you through this, the EU court will already have tried and found against you, and the US federal court has little room to get you off the hook, because if they do, they risk Big Tech bottom lines by endangering EU-US data transfers.

        • koper@feddit.nl
          link
          fedilink
          arrow-up
          3
          ·
          2 days ago

          I’m sorry, but I think you’re mistaken. May I ask where you got this information?

          As I understand it, the DPF is merely an executive order and not a federal law, so it’s very limited in what it can do. It doesn’t create the ability to enforce fines through US courts because breaking the GDPR is still perfectly legal under US law.

          This loophole is still used unfortunately. For example, Clearview AI was fined by various data protection authorities, but their fines cannot be enforced so the company just never paid up.l

  • FlashMobOfOne@lemmy.world
    link
    fedilink
    arrow-up
    36
    ·
    3 days ago

    Europe is also leading the world in terms of progressive AI laws, something we’re not likely to see in any meaningful way for some time here in the US.

    • Boomkop3@reddthat.com
      link
      fedilink
      arrow-up
      20
      ·
      3 days ago

      yepp, but I’ve seen criticism about these laws holding back AI companies’ development. In that they can’t just steal a tonne of data and get away with it

      • FlashMobOfOne@lemmy.world
        link
        fedilink
        arrow-up
        17
        ·
        3 days ago

        Yeah, that’s always the argument on the part of corpos: “This regulation is killing our profits, waaa waaa waaa.”

      • Carighan Maconar@lemmy.world
        link
        fedilink
        arrow-up
        1
        ·
        3 days ago

        I’ve seen criticism about these laws holding back AI companies’ development

        These laws can’t do anything these grifter-companies full of misguided attempts to mis-use LLMs and LAMs aren’t doing to themselves already, tbh.

        It’s all just a huge bubble of C-suites blowing hot smoke up each other’s arses.

  • ramble81@lemm.ee
    link
    fedilink
    arrow-up
    10
    ·
    edit-2
    3 days ago

    Except Lemmy. I wish luck to anyone trying to get rid of their comments when they could have been federated to any number of known and unknown servers throughout pretty much any country in the world. The legal nightmares to get it enforced basically make it a non-starter.

    • ℍ𝕂-𝟞𝟝@sopuli.xyz
      link
      fedilink
      English
      arrow-up
      8
      arrow-down
      1
      ·
      edit-2
      3 days ago

      The right to be forgotten is a separate thing from GDPR. GDPR lets the EU go after criminals illegally using private data, like Facebook.

      Edit: This is wrong. The right to be forgotten appears in Recitals 65 and 66 and in Article 17 of the GDPR.

  • Mr_Blott@feddit.uk
    link
    fedilink
    arrow-up
    7
    arrow-down
    5
    ·
    3 days ago

    Very first thing on the list - support local businesses

    Aye they need the support because the taxes are fucking crippling for small business 😅

    But at least the taxes aren’t quite so much being funnelled into “turning Palestinian toddlers into skeletons”