this post was submitted on 06 Jul 2023
1478 points (98.4% liked)
Memes
45536 readers
675 users here now
Rules:
- Be civil and nice.
- Try not to excessively repost, as a rule of thumb, wait at least 2 months to do it if you have to.
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
What is GDPR approval? You just need to comply to the GDPR right?
Yup pretty much, they wouldn't have made the regulatory requirements, so they chose not to release in the EU yet (i.e. not blocked in the EU). GDPR "approval" might not be the best term, but that's how I've seen it represented in tech articles so far.
The thing holding them back is sharing data cross app from what I've heard. Since Threads runs off Instagram accounts right now, but it's still it's own app, it's sort of in a legal gray area, and given that they want to extend it to non-Instagram users as well it probably makes more sense to go for that first and then move for the EU release after they've made it fully GDPR compliant.
They already don’t comply with it with FB lol, they have just got away with it for so long, believe it was mainly the the Irish regulators fault who is either some form of captured, anti-privacy or being bribed.
But it went to the EU level board, not sure how all that works, who finally hit then with a $1.2 billion fine and the demand they come into compliance. So maybe it’s off the back of that as well has gave them some pause
So I work in Canadian tech as a Data Engineer and have some experience there and the 1.2B fine they got hit with is actually a lot more nuanced than it's been represented and pretty problematic in general.
Probably going to get downvoted for even linking it, but their response is unfortunately the only write-up I've seen that actually goes into detail:
https://about.fb.com/news/2023/05/our-response-to-the-decision-on-facebooks-eu-us-data-transfers/
The TLDR is that the Court of Justice of the EU invalidated the original form of data transfer for data from the EU to US, so everyone switched over to SCCs knowing there was legal uncertainty there, but with promises from the EU and US that they'd "figure it out" and come up with a joint decision on how to transfer data safely. The GDPR jumped the gun for a reason that nobody really knows, and slapped Meta with a fine that's making thousands of companies who are basically forced to do the same thing (since no actual legal option exists) shit their pants.