Reposts are allowed in the other cases. That is, if a story hasn't had significant attention yet, we don't treat a repost as a dupe. Similarly, if it has had a significant discussion but not recently, it's ok to resubmit it. That's because once enough time has gone by, the topic can gratify curiosity again. The cutoff is a year or so. This is in the FAQ: https://news.ycombinator.com/newsfaq.html.
They're facing a dilemma of regulatory uncertainty, and this move resolves this dilemma for them (at least, they seem to believe that).
Anyone who has ever dealt with powerful regulatory agencies will probably agree that this resolution is the right move for the company, a move important enough that eating some bad PR is probably totally worth it.
(The point about powerful regulatory agencies is not that it's hard to stay compliant; it's that the costs, overhead, bureaucracy etc. of demonstrating this compliance is immense, even if you are doing everything 100% right.)
Would you mind sharing a resource to learn more about how the UK spies on US citizens?
How much does hosting per account in Ireland compare to USA hosting?
Even if a few pennies/cents, at google's scale - that makes business sense and if they can, they will.
- Your service provider and data controller is now Google LLC: Because the UK is leaving the EU, we’ve updated our Terms so that a United States-based company, Google LLC, is now your service provider instead of Google Ireland Limited. Google LLC will also become the data controller responsible for your information and complying with applicable privacy laws. We’re making similar changes to the Terms of Service for YouTube, YouTube Paid Services and Google Play. These changes to our Terms and privacy policy don’t affect your privacy settings or the way that we treat your information (see the privacy policy [link redacted] for details). As a reminder, you can always visit your Google Account < https://myaccount.google.com > to review your privacy settings and manage how your data is used.
This is such a blatant lie what the hell. The only reason for this move is specifically to treat your information in ways that are not legal now.
One still enjoys the tax advantages of the value being added on the Irish side, but also the relatively lax data requirements on the British side.
I am not pro or con anything, just pointing out the arb.
Equally - I'd say costs may well play out more and what is the cost to host in Ireland compared to hosting in the USA?
Even when we are talking pennies/cents in difference - at the scale of Google - that soon adds up and if they can, they will.
Given European data protection is much stronger than either British or American DP it would make sense to group N.Irish people this way rather than trying to deal with the exceptions.
This by itself doesn't mean anything for GDPR—GDPR applies to EU residents (whether or not they are EU citizens), not EU citizens. Declaring yourself Irish doesn't make you fall under GDPR protection if you live outside the EU.
>Declaring yourself Irish doesn't make you fall under GDPR protection if you live outside the EU.
I'm a DPO and this is absolutely incorrect.
This is a long and complicated story, but essentially Brexit created the following problem: the UK now desires to have full control over its borders, and this means a hard border between the UK and the EU. But then there is also the Good Friday Agreement (GFA), which achieved peace between the unionists (Protestants who want NI to be part of the UK) and the nationalists (Catholics who want NI to be part of Ireland). Simplistically, the GFA guarantees a sort of double affiliation of NI, both to the UK and to Ireland. This means, among other things, no physical borders.
I think that also breaking the law might be easier. EU might not bother anymore penalizing them for a member that's already leaving, and UK alone will have very little force imposing penalties on an US corporation.
The UK is following EU rules and regulations at least until the end of the year. After that point, it can pick and choose, based on negotiations for trade agreements or whatever other reason pleases it.
Google must really benefit somehow from the change, otherwise they could leave it until much later in the year, and see what (if any) changes Parliament makes to privacy and data protection law in the UK.
Probably not though. Flags of convenience is the Google way.
The UK may still be following some of the EU's rules, but they have officially left the union.
Hence the question of actual costs to Google in hosting in say Ireland (staffing, taxes, rates, utility costs, cooling....) compared with another location outside the EU that may very well have cheaper running costs due to many factors.
I hope that clears up why location is a factor now as it related to running costs and if they can save some money, well, they will.
More so if they suddenly free up capacity in a datacenter which has higher costs than some other locations outside the EU. All these details do very much, however small, stack up at the scale of users Google operates with and for the UK, several million is a large chunk of potential savings.
1. https://discovery.nationalarchives.gov.uk/details/r/C1153691...
But that's a modern example. There are some pretty interesting ones. Here's a fun list of some celebrities that were the targets of a Five Eyes country and were spied on by multiple agencies as a result:
https://en.wikipedia.org/wiki/List_of_people_under_Five_Eyes...
And that assumes that the transition period is not extended. (Which it doesn't seem likely to be, frankly).
[0]: https://www.hipaajournal.com/does-gdpr-apply-to-eu-citizens-...
In fact, it's not even legal residency that matters. You must simply be present in the territory that the regulations apply to (EU+EEA). If you're not, then the protections don't apply to you, regardless of your citizenship.
Yes, unless the company is itself in the EU, in which case the GDPR always applies, even if you're not a citizen, resident or even visitor to the EU.
Edited to add: https://edpb.europa.eu/sites/edpb/files/files/file1/edpb_gui... (it's not even residency that is key - just being present in the EU+EEA)
https://ec.europa.eu/info/law/law-topic/data-protection/refo...
They are very clear - the GDPR protections apply to those that are "in the Union", and the guidelines clarify that citizenship (and, in fact, legal residency) are irrelevant. One must simply be present in the territory that the regulation applies to (which is EU+EEA). Being a citizen of a EU country and being outside the union, the GDPR protections would not apply to you. Being a citizen of a third country and being inside the union, they would.
> Provided your company doesn't specifically target its services at individuals in the EU, it is not subject to the rules of the GDPR.
(note in the EU - no mention of citizenship)
If your company is in EU, then according to Article 3.1 the GDPR applies to all your procesing of personal data, period - with no exceptions depending on citizenship. So if you're a DPO in a EU company, then that's what's true for you, you definitely have to apply GDPR protections to EU citizens (and also noncitizens) wherever they are.
If your company is not in EU, then according to Article 3.2. the GDPR applies only to people located in the EU - "This Regulation applies to the processing of personal data of data subjects who are in the Union by a controller or processor not established in the Union"; no qualification on citizenship, but a qualification based on location.
Do American speed limits apply to American drivers in Europe? Or do the European speed limits apply?
Essentially you are absolutely incorrect. The EU has no legal jurisdiction outside of EU borders.
In any case, parent is in fact incorrect since the GDPR claims no such jurisdiction. It only applies to people in the EU, or to people whose personal data is processed by EU companies.
(EDIT: That would indeed be Apple and Netflix, as hinted by another comment).
And they probably do that for everyone only because it doesn't eat into the main profit generators in their business models. Not many marketers paying Netflix to advertise their new natural soap line to targeted prospects I'd imagine.
LinkedIn is Microsoft, which should also be included given it's scale. It should be FAMANG.
Also, the FAANG expression didn't start around scale, if that was the case netflix wouldn't have been included as early as the expression was coined. The expression was about developer compensation. That seems to have changed recently(-ish) though and now the expression is more like "unicorn" instead of just the specific companies that make up the acronym.