I don't think, in general the DPAs need to use lawsuits.
If they discover (by their own, or by means of a customer claim) that a company
(never mind is from the EU or outside) is not following the GDPR, they will
just fine it and the corresponding government authorities are the responsible
to cash the fine, even with "bank account embargos". If the company is outside
the EU, but there are agreements with that country, they can proceed to that
via the third country authorities.
Same as when you don't pay a traffic fine in the EU and you are from non-EU
countries (some allow the embargo, others not).
This has been happening, in most of the EU countries for a while. In recent
months, the Spanish DPA has ordered fines of 600.000 euros (with the previous
law, LOPD), to companies such as Facebook, Google, Whatsapp, and many others ...
Regards,
Jordi
-----Mensaje original-----
De: NANOG <nanog-boun...@nanog.org> en nombre de Nick Hilliard <n...@foobar.org>
Fecha: sábado, 26 de mayo de 2018, 11:29
Para: Seth Mattinen <se...@rollernet.us>
CC: <nanog@nanog.org>
Asunto: Re: Whois vs GDPR, latest news
Seth Mattinen wrote on 26/05/2018 08:41:
> Good luck getting multiple millions worth of fines out of small
> businesses that never even touch a million a year in revenue, let alone
> the added expenses of trying to do all the crap GDPR thinks everyone can
> suddenly afford out of nowhere.
You can put the straw man away - Europe isn't the US. No Data
Protection Authority in Europe is going to sue a mom & pop business in
the US for millions because they haven't clarified their cookies policy.
The upper limits of the fines are aimed at the robber barons of the world.
The DPAs in Europe are for the most part lawsuit-averse and engage with
companies to build alignment rather than taking the punitive approach
and liberally dishing out lawsuits and fines. The emphasis on GDPR
compliance is aiming at reasonable steps rather than pretending that
every organisation is going to end up redesigning their entire existence
around GDPR on may 25.
Nick
**********************************************
IPv4 is over
Are you ready for the new Internet ?
http://www.consulintel.es
The IPv6 Company
This electronic message contains information which may be privileged or
confidential. The information is intended to be for the exclusive use of the
individual(s) named above and further non-explicilty authorized disclosure,
copying, distribution or use of the contents of this information, even if
partially, including attached files, is strictly prohibited and will be
considered a criminal offense. If you are not the intended recipient be aware
that any disclosure, copying, distribution or use of the contents of this
information, even if partially, including attached files, is strictly
prohibited, will be considered a criminal offense, so you must reply to the
original sender to inform about this communication and delete it.
