• CallMeButtLove@lemmy.world
    link
    fedilink
    English
    arrow-up
    6
    ·
    10 months ago

    Is that actually true or is that just their legal team playing it overly safe? Because if it is true that’s incredibly stupid.

    • frezik@midwest.social
      link
      fedilink
      English
      arrow-up
      8
      ·
      edit-2
      10 months ago

      Not just the legal team. Every time there’s new legislation like this, a new set of contractors pop up offering to walk your company through what it needs to do to be compliant. Nobody is quite sure what the limits are–and nobody will for several years until court precedents work out the issues–so those contractors are going to tell you to assume the worst case interpretation.

      PCI Compliance (technically a contractual obligation rather than legal), Sarbanes-Oxley, and GDPR were good things, but all of them spawned a sub-industry of grifters.

      • dani@lemmy.world
        link
        fedilink
        English
        arrow-up
        4
        ·
        10 months ago

        Is it even the legal team though? This just feels like someone playing malicious compliance.

    • linearchaos@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      arrow-down
      1
      ·
      10 months ago

      The California stuff still has yet to play out in courts but the European law covering it was actually pretty significant. And it was enough of a pain in the ass that they recently said they’re going to repeal it.

      • maynarkh@feddit.nl
        link
        fedilink
        English
        arrow-up
        2
        ·
        10 months ago

        And it was enough of a pain in the ass that they recently said they’re going to repeal it.

        Repeal the EU law? I’ve heard that they were going to tweak it, but that usually means they’ll tighten it, like when they clarified you can’t make a cookie banner with thousands of individual opt-out switches.