EU has done really well on passing big laws such as GDPR in the recent years, while the US can't even seem to decide whether to fund their own government. Why do you think Europe is doing better than the US? One would think that since EU is more diverse it would be harder to find common ground. And there were examples of that during the Greece debt crisis. But not anymore, it seems.

  • geissi@feddit.de
    link
    fedilink
    English
    arrow-up
    9
    ·
    1 year ago

    the DPA just sits on these complaints

    That's an interesting claim, can you support it somehow?
    https://www.enforcementtracker.com/ currently lists over 2000 cases of GDPR penalties

    the Austrians have neutered that option. Someone sued a GDPR offender, an Austrian court sided with the victim, but then the victim was still forced to eat his own legal costs! That precedent-setting decision killed the only means for remedy.

    I'm not sure what your reasoning here is. How do Austrian court proceedings affect what is happening in other countries?
    Afaik the only court that would directly affect the legal situation of other countries ist the ECJ.

    • ciferecaNinjo@fedia.io
      link
      fedilink
      arrow-up
      2
      ·
      edit-2
      1 year ago

      I’m aware of enforcementtracker.com which is used to show that some cases are cherry picked for enforcement. 2000 cases is an embarrassment. I would love to see an “unenforcement·com” service where we can all publish our reports that get irrationally dismissed or mothballed. I’ve filed reports on dozens of #GDPR violations over the years and not a single act of enforcement resulted. One report was dismissed instantly by a 1st tier office worker on bogus rationale.

      To worsen matters and exacerbate the problem, some member state’s DPAs operate in a non-transparent fashion so your report is concealed even from yourself and you get zero progress information or interaction. You only get notified in the end if an enforcement action was taken. They’ve never contacted me to provide more info on any of my reports either, which suggests no slight amount progress either.

      How do Austrian court proceedings affect what is happening in other countries?
      Afaik the only court that would directly affect the legal situation of other countries ist the ECJ.

      That’s beyond me. I recall reading about that decision that came out of some high court in Austria and the report said that it set a precedence for the whole EU.

      What I’ve seen in the US is that any lawyer can use any other case as a precedent for the court to consider even if the case happened in a different state, but there are varying degrees of utility. The lower the court, the less weight the result carries. And when a result from a different jurisdiction is used, it still has merit but less so than cases in the same jurisdiction.

      I know in Europe it’s the same as far as highness of a court & proportional weight. The lowest of court decisions are used in aggregate. But I’m a bit fuzzy on crossing jurisdictional boundaries on EU-wide law.

      Note that the GDPR has a specific consistency clause. Outcomes in different member states must be consistent for similar violations. Perhaps the Austrian decision is relevant EU-wide because of this consistency requirement.

      • geissi@feddit.de
        link
        fedilink
        English
        arrow-up
        4
        ·
        1 year ago

        I would love to see an “unenforcement·com” service where we can all publish our reports that get irrationally dismissed or mothballed

        So it doesn't exist and you have no statistics to support your claim beyond personal anecdotes.

        What I’ve seen in the US is that any lawyer can use any other case as a precedent for the court to consider even if the case happened in a different state

        Yes the US have are a common law country and have a national legal framework.
        Most EU countries have civil law so other courts decisions are not legally binding, only the word of the law is. Also beyond EU directives and the ECJ, each country still has its own independent legal system.

        GDPR has a specific consistency clause

        You mean Art. 63?

        In order to contribute to the consistent application of this Regulation throughout the Union, the **supervisory authorities **shall cooperate with each other and, where relevant, with the Commission, through the consistency mechanism as set out in this Section.

        It doesn't seem to mention courts at all.
        I certainly don't see how it would make decisions of regional courts binding in other countries.

        • ciferecaNinjo@fedia.io
          link
          fedilink
          arrow-up
          1
          ·
          edit-2
          1 year ago

          So it doesn’t exist and you have no statistics to support your claim beyond personal anecdotes.

          Trusting the accuracy of my experience is a problem for you, not me. I’ve seen the dysfunctionality many times over 1st hand & I’ve often heard other GDPR complainants say the same. I’ve been to privacy conferences where speakers talk about how their complaint citing many different violations would be acted on on the basis of just one of the violations. Someone from Noyb said a DPA cherry-picked 1 out of 6 or so violations and enforced it. But then the other violations simply got ignored. And their complaint about the ignored complaints was also ignored. I’ve seen the same, where the front desk gave a bogus rationale that (even if correct) could only possibly refute 1 out of my ~8 or so cited violations.

          The problem is widespread enough that Digital Courage plans to ask the EU to write a new law that actually forces DPAs to enforce article 77. Watch for it.

          Most EU countries have civil law so other courts decisions are not legally binding, only the word of the law is.

          The word of law can be very ambiguous. Even in Europe. It still needs interpretation.

          This is what happened when a data subject demanded that a data controller list who they share the data with. The letter of the GDPR law says they only have to mention categories of info that’s shared, not who it is shared with. So the data controller refused the request. That clause was recently (this year) “interpretted” such that data controllers actually do have to state who they share with (which contradicts the word of law). It’s a good outcome for consumers, but a contradiction that proves you cannot rely on the word of law in Europe.

          It doesn’t seem to mention courts at all.

          You can ask the source’s author (Noyb) directly yourself how an Austrian court decision had EU-wide impact.