I agree in principle, but not if it is applied to Microsoft 365 or GCP.
If it’s my small business animal shelter, or my grocery store, or even just my little SaaS… leave me alone, please, from requirements like the Quebec translation law, or similar.
Microsoft 365 is different. Odds are that there are dozens of businesses you interact with, who store their data in 365 without your knowledge. Microsoft 365 is a “in the shadows” method you probably don’t know of that is sending your data to the US.
If I could lay down a principle, it would be that the privacy rule should be determined on the privacy level of the company I the consumer interact with. If I interact with a EU business, I do not expect my data to enter the US by any method. If I interact with a US business, that is implied consent.
Speaking from the US perspective, Europe still imports from Xinjiang region of China, where over 2 million Muslims do forced labor. The US banned imports already. Not only that, according to SCMP, they more than doubled in just August.
Straighten out the obvious before adding another yoke on small businesses.
True - but equating the US prison system to what is happening to them is an absurdity. It’s like if Nazi Germany said their camps weren’t that bad, after all, the US has prisons.
They just moved it to occupied foreign soil to technically not have a concentration camp in US soil. But then Germany had concentration camps in occupied soil as well, like Auschwitz in occupied Poland.
I think what parent is trying to say that at certain point over-regulation is not helpful and actually detrimental not just to the business, but the ecosystem as a whole. For a smaller business, onerous regulation could mean closing the doors. For a big business, the burden is also there, but it can more easily withstand it due to its size ( and it typically has some resources to throw at a given issue ).
I agree that there are some 'minimal functioning society' laws like the ones you listed, but I am not certain Canada law example in previous posts or GDPR falls in the same category.
As usual, the question is that of where the line is. And that should be determined by societies at large.
What parent forgot to mention is that (from what I managed to find out) law 96 doesn't apply to businesses with less than 25 employees. Down from less than 50 in the previous law (though I'm not certain what other changes might have been made).
If it’s my small business animal shelter, or my grocery store, or even just my little SaaS… leave me alone, please, from requirements like the Quebec translation law, or similar.
Microsoft 365 is different. Odds are that there are dozens of businesses you interact with, who store their data in 365 without your knowledge. Microsoft 365 is a “in the shadows” method you probably don’t know of that is sending your data to the US.
If I could lay down a principle, it would be that the privacy rule should be determined on the privacy level of the company I the consumer interact with. If I interact with a EU business, I do not expect my data to enter the US by any method. If I interact with a US business, that is implied consent.