Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

First of all, you're saying "core business". Is this even a business?

And I copy-pasted direct text from the regulation. Note how it says "large scale". Twice. If he is actually processing personal data on a large scale, then maybe it is not unreasonable to have a DPO.



Is "large scale" defined?


No. It's not defined. That's part of the problem...


I think it's clear that 1 person is not a large scale op. I do agree it should be defined in at least somewhat precise terms though.


The number of employees isn't a factor as far as the scale of data processing is concerned - it's the scale of the actual data processing...


At a certain point, even if you are a single person, if you are processing and tracking enough data then you still shouldn't be allowed to do what you want. Company's could just outsource all liability to single person consultancies then like they outsource a lot of none core jobs to consultancies to get around employment law now




Consider applying for YC's Winter 2026 batch! Applications are open till Nov 10

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: