That data sharing thing goes pretty far. Am I reading that correctly? Anything that is hosted in the EU, or sells to EU citizens, has to share _all (generated by activity, personal and non-personal, including meta-) data_ that the service itself can use (i.e. backup tapes are excluded), upon request, free of charge, without any obfuscation, and without much of a delay. For B2B and B2C.
Almost sounds too good to be true. As far as I can tell:
* There is no clause for restricting this if it's hard to do. If it's _a lot_ of data, you still have to provide it.
* There is no clause indicating you can charge a fee for the sharing of the data (this seems fair to me; the prep and transfer costs, assuming you automate the process, are incredibly low unless it's, I dunno, some 'permanently live stream my entire life in 4k' service). Easier to just eliminate any attempt at malicious compliance by interpreting 'reasonable' unreasonably.
Note that this is essentially already the case under the GDPR for anything that's tied to a natural person.
> * There is no clause indicating you can charge a fee for the sharing of the data
Quite the opposite; There's a clause mandating it be free of charge. Chapter II, Article 4:
> Where data cannot be directly accessed by the user from the connected product or related service, data holders shall make readily available data, as well as the relevant metadata necessary to interpret and use those data, accessible to the user without undue delay, of the same quality as is available to the data holder, easily, securely, free of charge, in a comprehensive, structured, commonly used and machine-readable format and, where relevant and technically feasible, continuously and in real-time. This shall be done on the basis of a simple request through electronic means where technically feasible.
There are rules pertaining to B2B relations, where there's some restrictions on how fees may be charged. (Article 9, where fees may cover costs but must not discriminate and must be "reasonable")
> Easier to just eliminate any attempt at malicious compliance by interpreting 'reasonable' unreasonably.
The "reasonable" clauses exist to pre-empt this. EU courts generally aren't very amused by companies pulling stunts like setting fees to 'Math.infinity'.
A good case study for this has been Apple's legal fights around the DMA & App Store monopoly. Which mostly consists of Apple trying to be "clever" and the European Commission telling them that no, their clearly unreasonable fees are unreasonable.
> Easier to just eliminate any attempt at malicious compliance by interpreting 'reasonable' unreasonably.
Smart. Telcos in The Netherlands in the past did something where, for unlimited cellular data service, they used a "Fair Use Policy". Which they took at 10x the 'average' (mean not median) data use.
Only problem was, this was early 2010's and there were still a lot of old people who weren't using data. They had 0MB subscriptions on their mobile subscription, which meant they technically had a data subscription although with gigantic costs per MB.
You can already see where this is going. All these subscriptions were added along in the calculation, which meant their mean fantasyland data usage came out at 1500MB and '''unlimited''' data usage was capped at 15GB, after which speeds would plummet to 64Kbps.
These days unlimited does mean unlimited, although you get a 20GB daily allotment, after which you have to send a refill text for every 2GB of data. Which of course can be scripted :). Although I don't see why you'd need north of 600GB of mobile data per month.
It does not? 1&1 has "unlimited" but after 50 GB you need to add 2 GB again in the web interface every time. I think Telekom has real "unlimited" but it costs like 100€ per month.
(1) buy a true unlimited data plan (2) download and upload as much as you can for a whole month? Make sure it's something useful though - iperf is cheating.
Since it's true unlimited, they don't track usage. You can set your phone to a 1GB warning so the counter will always be displayed in your notifications.
This is classic regulation by technocrats as opposed to technologists.
Flawed reasoning among technocrats is that software can simply be made interoperable.
What they fail to understand is that interoperability is a two-sided process, requiring cooperation and collaboration between two (or more) parties.
And yes - it’s a process, with a cost.
Software cannot simply be made “interoperable” with all possible future permutations of other (often competing) software.
To imagine that you can demand all software is “interoperable” is literally to impose unbounded cost on all participants, because they cannot know how many other parties they will be forced to cooperate and collaborate with.
This is the kind of financial calculus that only exists in the world of bureaucrats (with their endless supply of public funding, and their never-ending remit).
To businesses, on the other hand, cost is existential.
> Flawed reasoning among technocrats is that software can simply be made interoperable.
What they fail to understand is that interoperability is a two-sided process
1. Data that software operates on can easily be made interoperable. Even trivially. There's no end to standards around that
2. Yes, it's a "two-sided process" in the sense that companies go out of their way to make any and all data as inaccessible as possible
What if I claim need your data in a particular form in order to “interoperate” with you?
Will the EU legally compel you to give me the data in the form I want?
Or perhaps you’ll explain that raw data is raw data. In which case, is the EU legally compelling you to give away all your raw data to anyone that might want to cooperate / compete / sabotage / spy on you? If not anyone, what’s the minimum bar that a counterparty has to satisfy to get access to all your data? Who judges when they meet this bar? The European Commission? Judges in the ECJ? For every interop in the cross-product of all software on the market?
Are the flaws in this regulation not blindingly obvious to everyone in this community? Am I going mad here?
> What if I claim need your data in a particular form in order to “interoperate” with you?
Oh. Malicious compliance is an art form. Just look at GDPR.
Doesn't mean that interoperability is somehow hard.
> Are the flaws in this regulation not blindingly obvious to everyone in this community? Am I going mad here?
You'd go much less mad if you read the regulation in question which I doubt you have. As a rule, the madder a person is about some EU regulation, the less likely they are to have read it.
Instead you rely on media headlines and misinterpretations.
(Note: I haven't read the act yet, but I've yet to see an act people are in arms about that doesn't actually answer most questions in the text of the act itself or in the accompanying documents)
> What if I claim need your data in a particular form in order to “interoperate” with you?
I read this as:
rzwitserloot is the operator of a SaaS service that has a bunch of data. Let's say, photos.
cbeach uses this law to request this data from rzwitserloot, and asks if it can be in .g3 format. It's _a_ format. Let's posit for a moment that it's burdened by patents, is unwieldy (produces really large files), converters are hard to find, and so on.
And your point is: HAHA! Because of dumb technocrats, GOTCHA!
And you'd be wrong. That's not what the law says.
I would tell you: Here are the files in jpg2k format, bzipped. These are common formats, they are how we store and use them, and it is a reasonable interpretation of the rule that I must provide this data in no undue delay in 'industry standard' standard formats. If you don't like it, sue me. And if you sue me, you would lose.
> s the EU legally compelling you to give away all your raw data to anyone that might want to cooperate / compete / sabotage / spy on you?
The exact data you need to provide is limited to that data which you host that is (also) owned by the requestor. I can't just ask, I dunno, facebook for the firehose of _everything by everybody_, I can only ask it for data that _I_ contributed to the platform. Other rules put limits on facebook contractually claiming ownership. Using this law to 'compete / sabotage / spy' is therefore difficult, and if it _is_ possible to meaningfully compete/sabotage/spy by using this law, then I posit that the service is rentseeking and needs to die. It is taking the 'value' of hoarding its network effect over others which is parasitising value out of the community and thus does not serve the broader interests. I can see a world where you want to financially incentivize companies to create network effect benefits, because you need to bankroll the creation if the system somehow, but doing so by giving its operators forever-rights on rentseeking the value created is perhaps a bit much. We have been doing that the past 20 or so and the results are catastrophic, which proves the point.
I _want_ a different attempt at it, and if that risks the pendulum swinging too far the other way, so be it. The EU and other law bodies have been practically screaming from the rooftops that they aren't happy with what IT companies are doing specifically in regards to e.g. hoarding their control of data to squash competition and reasonable use by the populace for years now, and they aren't moving.
This is how the world is supposed to work. You might want to check how e.g. the movie rating system came to pass. There wasn't one, the citizenry wanted one (we can debate whether the citizenry was correct in wanting that, not the point - they did), government threatened to write a law, and the business got the message and set up their own system. Government dutifully responded by not making a law.
When businesses start ignoring the strong hinting by government that laws will occur if they don't get in line, i.e. if they think they get to lord it over the populace and fall back to libertarian maxims to avoid all repercussion, the system fails. And here you are, advocating for just that.
This american defeatism about using laws and therefore just going with 'let the free market' decide is toxic and you need to cut it out. You can always find a case where a well meaning law has resulted in a disaster _and_ the blame can be laid squarely at the feet of the authors of the law, just as easily as finding a case where lack of laws has led to unbridled massive export of significant externalities to society and it is ridiculous that no law exists.
> Am I going mad here?
Well, take your pick. Mad, difficulty with understanding basic reading, or trolling. You're guilty of one of those 3.
For all its warts and flaws, I have to say I'm pretty happy with where the EU is currently headed in a very broad sense. Sure, there's a lot of bureaucracy and fancy slogans without getting much done, but between all of that, there's also policies and regulations that do clearly improve the lives of people, not corporations, for a better tomorrow. With the world being pretty chaotic in its current ways, this is a nice thing to see.
iOS in particular is undoubtedly much better after the EU's required changes.
I wanted the UK to stay in, or at least drop back to EEA membership, but seems we get some of the benefits without membership anyway, just because we're too small to bother doing anything special for.
This is a common trope, but it's based on a false premise. You don't have to show a cookie banner so long as it's cookies that you need for the site to function. You need consent only if you want to track your users and gather their data. The problem here is the sites you visit want to track you, not anything else.
I like having the choice between cookies required for basic site function and extraneous track-you-everywhere cookies. You like having no choice in the matter by the sound of it.
Websites could choose to not track you, to make tacking opt in and having opt out selected as default, could choose to follow do not track as rejecting cookies, they have multiple choices but chose to give you a worse user experience for their profit. I do not think it's fair to complain at Europeans for this, blame the websites
I agree it sucks - and they're not used on every eu website -, but at least it's the small rectangle that says "accept all" "accept essential only" and goes away quite swiftly. Most sites that ask you to click more times to selectr/reject manually are just malicious compliance
No, companies wanting to track everyone who uses their websites / sell user-behaviour data to advertisers made the Internet significantly worse.
The EU just made it visible.
[EDITED to add:] Actually, not even that. The companies doing the creepy tracking/spying/selling chose to make their compliance as objectionable as possible, I think deliberately in order to try to make anti-creeping measures look bad. The internet could be much less obnoxious and still perfectly compatible with EU regulations. Companies wanting to exploit you on the internet chose to comply in as obnoxious a way as possible.
As someone living in Europe, I’ve come to realize these comments typically come from two types of people:
1) Americans who don’t actually live here but fetishize the pop culture idea of Europeanism
2) Europeans who are so insecure they feel the need to loudly proclaim how “amazing” everything is in the hopes they’ll believe it themselves
Something I’ve learned; when someone feels the need to write internet comments telling you how happy they are, it’s a good indication they are not happy. Otherwise they would not be wasting time writing internet comments.
> Something I’ve learned; when someone feels the need to write internet comments telling you how happy they are, it’s a good indication they are not happy. Otherwise they would not be wasting time writing internet comments.
“The Internet is only for miserable people” sounds like projection.
I don't think that's the case, one of my frustrations with HN is the top comment is nearly always some plausible sounding, probably wrong and negative comment. Look at the top comment on this post for instance.
I for one am also happy to live in one of the few places left on earth that focuses more on the betterment of people than the few ultra rich, and tries to prevent the ultra rich from abusing the people.
Good. If you look at the people who are ultra rich they ultimately seem incredibly unhappy, the richest people in the world have more than they could ever use and still aren't satisfied. This incredible amount of wealth and power comes at a massive societal cost and it isn't even helping the lives of the handful of people who are getting it.
Noone needs to be so rich they can casually biy whole governments. Rich enough to never work another day if they don't want to is plenty. Producing multibillionares is not a good thing
> What about producing people who create products so loved that the people give them billions of dollars?
I think we're in full agreement here. Profit from sales should be distributed to the workers who created the products, who can in turn support businesses that are useful to them, who can in turn support business that are useful to them, and so on. It's the basis of a functioning market economy.
What breaks the system is allowing a tiny group of people to hoard majority of the "wealth" (which is just a social construct and requires cooperation from a willing society, or as it is today, cooperation from a propagandized, overworked, and exhausted society). This gives them unchecked power to dictate what the rest of society does in terms of labour, research, politics, etc.
> The "nobody needs..." way of thinking is very Soviet.
Here's the difference between computers in pockets and billionaires.
If we made a rule that prohibited computers in pockets (I assume smartphones count as computers in pockets) it would have a noticeable affect on peoples lives. Those devices do a lot of very useful things, and greatly reduced the amount of stuff we have to carry around. (Although they do have a downside, such as people getting addicted to social media or exploitive games).
If we made a rule that made it harder and harder to accumulate money the more you have over maybe 10 billion it would not have much of an affect. The people who create products that can make billions of dollars are almost always driven by creative urges, not urges to add another $10 billion to the $100 billion or whatever that they already have.
And there are others, but not ultra young ones actually.
But why would it be bad if the goal of a country is to raise a little the wealth of everyone instead of a lot the wealth of very few ? A country is succesful not by the number of billionaires but by quite a lot of other criterias.
And yet from some of the HN comments I've seen on this topic it seems that quite a few of the Americans are stockholm syndromed to the point that if you do not want to benefit the ultra rich at the expense of regular people by removing their healthcare, vacations, employee safety and protection rights, ability to unionize, and basically by doing all you can to milk the average worker for your own gain, then you're stupid, and they demean EU by constantly bringing up the tired trope of us not having some mega billion valuation companies here because ... our people have rights ... and so no law-breaking/lobbying silicon valley god wants to come here.
And they say this seemingly without realizing that yes, that is exactly by design. This is what we want. Keep your mega wealthy and 3rd world life quality, and we'll here be poor, but can at least attend our children being born without getting fired for it, and giving our mothers a year or more of paid maternity leave, among many many other things we value a hell of a lot more than making our billionaires richer.
EU citizens lifespan is also (very roughly) a few years more than us citizens.
Is the purpose of life living a happier, fuller life or being richer? I'd rather take the former than the latter.
On a more serious approach, I guess millionaires in usa will fare better than poor Americans, but at least in Europe you will still have access to some sort of safety net when things get rough. As imperfect as eu might be, I do not get why the hatred is so strong (especially for some libertarian or similar breeds here on hackernews, the thread on eurollm had quite strong opinions on both sides)
>I think we should be careful labelling everything an LLM does as stealing.
I agree. You can ethically train an LLM.
But there's been such utterly blatant breaches of law that's in court as we speak, and commentary from leaders that I'm inclined to say it's poisoned the well. No differently from cryptocurrency and nfts. It's pretty much the default.
>Just that 2025 is way too early.
never too early to stop nor prevent theft. if you want to grab stuff with reckless abandon, address copyright law first. They also made and reinforced those laws decades ago, after all.
>We may end up with another cookie law, or DSA nightmare.
Okay. Me not clicking an extra pop up (because extensions take care of it for me) because companies want loopholes isn't the deterrent that makes me not want to slow down this theft.
>Why should AI regulation apply to small companies with less than X customers or Y revenue.
Why should copyright law apply to me torrenting Moana 2? When we can align on this we can move on to AI.
>Does it affect what you can play around with at home?
Roommate is an artist, so it affects him, yes. I work in games and want to go indie, so it will affect me one day. I'm not altruistic here; I'm just another future entrepreneur protecting my assets.
The 28th regime will provide interesting insights on whether or not EU members are willing to move on fiscal harmonization.
I live in Martinique, a French outermost region and although we are in the Caribbean, we are also in the EU.
This creates some friction as the standard CE norm is usually not available in neighbouring countries, therefore :
1. goods mostly come from EU (specifically France)
2. because goods have to travel across the ocean, prices are higher
3. because prices are higher, specific tax laws are maintained and new ones are introduced with the aim to make prices lower
4. specific tax law introduces another barrier and limit competition
5. because competition is low, prices are high(er)
Harmonization vs the use of specific tax law/rules is a never ending discussion in Martinique.
In the US mad king context, I'm looking forward to it.
Aside from the obvious flaws in the Data Act (forcing companies to share data), Articles 14 to 17 really ought to concern us:
The proposal also sets rules for public-sector bodies to request data from private entities in specific emergency or public-interest situations, for instance Dealing with public emergencies (e.g., major health crises, natural disasters), or fulfilling official duties when the required data are not otherwise available.
See also Articles 14-22 of Title III, Chapter 4, and Chapter 5.
So basically, whenever governments concoct an excuse to do so, they'll be able to slip their tentacles into our IoT devices. Home CCTV, cars, appliances, energy devices etc.
Reasonable to assume that NO government interventions into our IoT devices will be for our own personal benefit.
> European Commissioner for Startups Ekaterina Zaharieva emphasised the importance of implementing this strategy quickly. She also pledged to propose a European Innovation Act to push member states to meet the 3% target for research and innovation (R&I), combat brain drain, defend research freedom, invest in infrastructure and expand the European Research Council.
Tragicomic hubris among bureaucrats, to think innovation would improve if they added more bureaucrats.
The EU is a political experiment that will always be doomed to repeat its own mistakes, because it completely lacks self-awareness.
Too many ideologues, too few pragmatists.
A bureaucracy as supra-national and politically ambitious as the European Union will attract the kind of staff who are far, far removed from people who want to create startups.
A bit surprised to not see the cybersecurity regulation that's now a part of the radio equipment directive. It'll have a huge effect on everyone who sells hardware, with strict requirements wrt cybersecurity for IoT devices, and is slated to take effect this summer.
If anyone is struggling with keeping up with EU regulations, we built an AI powered platform that helps companies navigate this complex world. You can find it at: https://fx-lex.com
I do think that the amount of regulation is proportional to the complexity of the society. While you can over or under regulate, the general future trend will be more regulations.
It doesn't say "EU regulations to look forward to", this isn't a hype article. Us who actually work in tech in relation to EU markets need to stay up to date on what regulations are introduced so that we can make sure to be in compliance.
Anytime the EU comes up, I'm reminded that this is still a forum on a very ambitious US startup accelerator who sees public safeguards as obstructions to their own million dollar idea.
If your idea can't success without being a parasite to your customers, maybe the business doesn't deserve to exist.
> We are not the kind of people who stand on ideological soapboxes and discuss the state of regulation.
You're soapboxing right now.
My point was about public perception of regulation. And that people do view EU regulation as impacting their tech products in ways similar to product announcements. Not the merits or lack thereof of the EU.
Almost sounds too good to be true. As far as I can tell:
* There is no clause for restricting this if it's hard to do. If it's _a lot_ of data, you still have to provide it.
* There is no clause indicating you can charge a fee for the sharing of the data (this seems fair to me; the prep and transfer costs, assuming you automate the process, are incredibly low unless it's, I dunno, some 'permanently live stream my entire life in 4k' service). Easier to just eliminate any attempt at malicious compliance by interpreting 'reasonable' unreasonably.