Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

> It is about time top executives will receive jail time for these kind of breaches.

I'm afraid jail time is not yet provided for in the GDPR.



The lack of serious consequences of doing harmful business is indeed one of the big issues we have got in western society imho. Breaching human rights like privacy is just a risk trade-off where the company makes a cold calculation of weighted costs. Companies are well protected against individuals by means of juridical and financial power imbalance.

Fines are usually something to laugh at and well worth the cost. Even if not, the burden is on the company and not the executive.

We need to have a system where the current executives get jail time for these kind of crimes. This ensures that executives will only accept such a role when they are certain that the company is "clean", i.e. they wont risk jail time because of previous CEO's fuckups.


not to disagree, but imo it is the main purpose of a corporation to shield individuals from consequences hence increasing the level of acceptable risk and with it the velocity of business developement. (all for the greater good)


The liability shield may have made better sense when corporations were actually given charters because they were expected to serve a public good. it doesn't seem to be the case where that is true any more. If it ever was? Now it seems that corporations only exist to make money. Public good be damned.


Gross negligence of Data Protection can be prosecuted under Computer Criminality acts by the respective Data Protection Office. There is precedent for this in the UK. However this is not laid out in the European directives but usually in the local implementations of the directives.


Even if it was, it's not like it's enforced anywhere near enough anyway. This kind of crap is a clear violation of the GDPR, has a broad impact (all Android users are impacted) so it should be a slam-dunk case and yet is allowed to continue despite the regulation being in place for over 4 years now.


I understand the sentiment. But probably is allowed (as you state) because until now nobody looked at it and then nobody took the time to inform the respective authorities.

I need to take a closer look at the report and see if I am with a reasonably chance affected. So that I can send a complaint to my data protection agency in Schleswig-Holstein (German state I am residing in).

At least that is what yi can do. And I can only urge any EU citizen (rightly) enraged by that to create an official complaint with their respective data protection agency.


> But probably is allowed (as you state) because until now nobody looked at it and then nobody took the time to inform the respective authorities.

Something illegal doesn't become illegal only after law enforcement is informed.

> So that I can send a complaint to my data protection agency in Schleswig-Holstein (German state I am residing in).

I wish you the best of luck and hope that your local DPA is much more competent than the UK one.


> Something illegal doesn't become illegal only after law enforcement is informed.

I didn't say that. Only that law enforcement (or data privacy regulators) probably were not aware of it happening.




Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: