Long seen as untouchable in Brussels, the GDPR is next on the list of the EU’s crusade against overregulation.

Europe’s most famous technology law, the GDPR, is next on the hit list as the European Union pushes ahead with its regulatory killing spree to slash laws it reckons are weighing down its businesses.

The European Commission plans to present a proposal to cut back the General Data Protection Regulation, or GDPR for short, in the next couple of weeks. Slashing regulation is a key focus for Commission President Ursula von der Leyen, as part of an attempt to make businesses in Europe more competitive with rivals in the United States, China and elsewhere.

  • biofaust@lemmy.worldEnglish
    1·
    19 days ago

    There is one thing that would make the GDPR easier: one single Data Protection Authority at Union level, with direct sanctioning powers.

    No more asking Ireland first only to get Norway and Germany telling you the opposite.

    • sir_pronoun@lemmy.worldEnglish
      01·
      19 days ago

      Privacy matters, but it is really not good in its current shape. For example, it seriously hinders scientific research into contagious diseases because a lot of data of patients is incredibly hard to get or work on. There’s a lot more that could be done against epidemics if it wasn’t for the GDPR in its current shape.

        • sir_pronoun@lemmy.worldEnglish
          01·
          19 days ago

          This is not about consent but about databases that already exist and that could be anonymized easily, treasure troves of data for medical research, but even anonymously that data can’t be used because of stupid red tape

          • Thorned_Rose@sh.itjust.worksEnglish
            01·
            19 days ago

            You do realise that most medical research these days is for-profit? The only thing opening these databases to medical research will do is increase the profit lining the pockets of the already mega wealthy (and corrupt) industrial medical complex.

  • mocoma@lemm.eeEnglish
    0·
    20 days ago

    Yes this is the exact moment that we decide we want to be as similar to the US as possible. These neoliberals need to go.

  • DreasNil@feddit.nuEnglish
    01·
    19 days ago

    Finally!!! GDPR strongly needs a revision. I work in healthcare in Sweden, where many hospitals recently have gotten a new digital journal system. In theory it would be a really good one, but because of GDPR we still have to rely on printing papers, and sending them to other clinics via post or fax. How in the world does that protect our privacy better than just using the digital services that are built to do this?!

    All my patients expect me to have ready up on their medical history, and know what medications they take, so that I am up to date about what they need. But in order to do that, I first have to ask for their permission, and THEN open their journal. It has to be the other way around - that you can actively block healthcare personnel from reading your journal if you for some reason don’t want them to.

    Revising the GDPR to make it less intrusive in healthcare, would increase our ability to see more patients and spend less time on administrative tasks, which I think everyone is positive to.

    • splendoruranium@infosec.pubEnglish
      1·
      19 days ago

      but because of GDPR we still have to rely on printing papers, and sending them to other clinics via post or fax

      I don’t know who told you this but that is certainly not mandated by GDPR. Could you elaborate on the situation?

      All my patients expect me to have ready up on their medical history, and know what medications they take, so that I am up to date about what they need. But in order to do that, I first have to ask for their permission, and THEN open their journal. It has to be the other way around - that you can actively block healthcare personnel from reading your journal if you for some reason don’t want them to.

      That is also not mandated by GDPR. I don’t know who you DPO is, but at some point of the communication chain there must be a misunderstanding.

      • AnyOldName3@lemmy.worldEnglish
        1·
        19 days ago

        Lots of ad companies and other data harvesters who wanted to keep being evil put out a lot of misinformation about things the GDPR would outlaw, and some of it stuck, so plenty of people think the GDPR says things it doesn’t. In general, you’re safe as long as you don’t do anything obviously dodgy or send data to a company likely to do evil things with it, but in a world where nearly everyone uses Google analytics to monitor if their site goes down, everyone had to change something and there was plenty of opportunity to scare people by telling them they needed to change more than they really did.

  • Denixen@feddit.nuEnglish
    01·
    19 days ago

    They intend to simplify compliance, not axe the law. And this is needed if Europe wants to make itself independent of USA and China on the tech front.

    You who are against this, have you ever had to deal with GDPR? It is a nightmare and I am certain American big tech is secretly celebrating it, because it kills any European startup alternatives, because they cannot afford to employ enough people to be compliant with the law and if they try to do it with existing personnel they don’t have enough time left over to actually run their business.

    If you have ever complained that there aren’t enough European alternatives, GDPR and other legislation is the reason why. USA shoots itself in the foot with tariffs and we Europeans shoot ourselves in the foot with regulations. I am just really glad the EU commission has realized this and are fixing it.

    • splendoruranium@infosec.pubEnglish
      1·
      19 days ago

      have you ever had to deal with GDPR? It is a nightmare and I am certain American big tech is secretly celebrating it, because it kills any European startup alternatives, because they cannot afford to employ enough people to be compliant with the law and if they try to do it with existing personnel they don’t have enough time left over to actually run their business

      Am DPO. What do you mean? GDPR is trivial to deal with and you do not need to employ additional personnel beyond a DPO. They don’t even have to do it full time.

      There are certain few business models that explicitly rely on exploiting personal data, but them being slowed down is very much the intention.

      • Denixen@feddit.nuEnglish
        01·
        19 days ago

        It is not trivial, the existence of you job makes that self-evident. If it was trivial companies wouldn’t need a DPO, would they? I would love to see you walk up to your employer and tell them that your job is trivial and anyone can do it…

        You might not see this yourself, but the fact that even a small company needs a DPO in order to interpret data protection regulation IS the problem! But I am sure you are not complaining… It needs to be simplified so a small company can be GDPR compliant without requiring a DPO.

        This problem is recognized in the report from the EU commission linked in the article, which is why they are acting.

        The fact that small startups cannot even take off because they cannot afford to hiring the bureaucrats required to interpret and be compliant with regulation is a massive problem and one of the reasons Europe’s economy is stagnating. It is not about exploiting personal data, it is about the cost of bureaucracy killing European startups in their infancy.