Ask HN: Retaliation for privately disclosing user IDs in DSA transparency data?

2•hn773746483•2mo ago

(note: I'm non-EU, company is American with EU branch)

I informed a country's DPA that a company was leaking millions of user IDs within DSA transparency reports. EU developer documentation + DSA text states PII must not be within this data multiple times, proving severe incompetency.

On the day of their final update, the company suddenly banned my account, losing access to a significant chunk of my online life as well as nearly a decade of daily conversations with friends and family.

From that day onward, daily DSA transparency reports were empty for weeks (down from thousands daily).

Eventually they resumed, and past files containing PII were replaced with user IDs removed.

Tried contacting NGOs like EFF and the DPA again, they won't help either due to my non-EU status or because of their own caseload.

The company's DPO & legal teams have been locking and ignoring all communication attempts for months, they don't have any contact point outside of zendesk.

I can't afford lawyers either.

What should my next steps be?

Comments

almosthere•2mo ago

Drop company names, punish them further. Make sure you are legally covered. I don't know if you have any whistleblower protections, ask chatgpt

hn773746483•2mo ago

I considered it but I'd rather not wake up to threatening certified mail seeing as they're no stranger to these underhanded tactics. They have a fairly negative reputation among places like HN anyway.

stop50•2mo ago

Did you try to contact noyb? They are little compared to the eff, but have caused some changes since their founding.

hn773746483•2mo ago

Yup, NOYB couldn't help as I'm non-EU.

stop50•2mo ago

Also the DPA is not an NGO. It is an role in the gouvernment.

hn773746483•2mo ago

I know, I reached out to them regarding the retaliation and they started outright that I'm outside of the scope of the DSA and began ignoring my emails across the board, even to the dedicated crossborder address which initially responded to my disclosure.

Very frustrating, they accepted my initial info but when it became "company has retaliated against me after providing you that info" they wipe their hands clean of it.

Postgres Message Queue (PGMQ)

Show HN: Django-rclone: Database and media backups for Django, powered by rclone

NY lawmakers proposed statewide data center moratorium

OpenClaw AI chatbots are running amok – these scientists are listening in

Show HN: AI agent forgets user preferences every session. This fixes it

Introduce the Vouch/Denouncement Contribution Model

Show HN: SSHcode – Always-On Claude Code/OpenCode over Tailscale and Hetzner

Microsoft appointed a quality czar. He has no direct reports and no budget

Multi-agent coordination on Claude Code: 8 production pain points and patterns

Washington Post CEO Will Lewis Steps Down After Stormy Tenure

DevXT – Building the Future with AI That Acts

A Minimal OpenClaw Built with the OpenCode SDK

The silent death of Good Code

The Internal Negotiation You Have When Your Heart Rate Gets Uncomfortable

Show HN: Glance – Fast CSV inspection for the terminal (SIMD-accelerated)

Busy for the Next Fifty to Sixty Bud

Imperative

Show HN: I decomposed 87 tasks to find where AI agents structurally collapse

I went back to Linux and it was a mistake

Octrafic – open-source AI-assisted API testing from the CLI

US Accuses China of Secret Nuclear Testing

Peacock. A New Programming Language

A postcard arrived: 'If you're reading this I'm dead, and I really liked you'

What to know about the software selloff

Show HN: Syntux – generative UI for websites, not agents

Microsoft appointed a quality czar. He has no direct reports and no budget

AI overlay that reads anything on your screen (invisible to screen capture)

Show HN: Seafloor, be up and running with OpenClaw in 20 seconds

Tesla turbine-inspired structure generates electricity using compressed air

State Department deleting 17 years of tweets (2009-2025); preservation needed

Postgres Message Queue (PGMQ)

Show HN: Django-rclone: Database and media backups for Django, powered by rclone

NY lawmakers proposed statewide data center moratorium

OpenClaw AI chatbots are running amok – these scientists are listening in

Show HN: AI agent forgets user preferences every session. This fixes it

Introduce the Vouch/Denouncement Contribution Model

Show HN: SSHcode – Always-On Claude Code/OpenCode over Tailscale and Hetzner

Microsoft appointed a quality czar. He has no direct reports and no budget

Multi-agent coordination on Claude Code: 8 production pain points and patterns

Washington Post CEO Will Lewis Steps Down After Stormy Tenure

DevXT – Building the Future with AI That Acts

A Minimal OpenClaw Built with the OpenCode SDK

The silent death of Good Code

The Internal Negotiation You Have When Your Heart Rate Gets Uncomfortable

Show HN: Glance – Fast CSV inspection for the terminal (SIMD-accelerated)

Busy for the Next Fifty to Sixty Bud

Imperative

Show HN: I decomposed 87 tasks to find where AI agents structurally collapse

I went back to Linux and it was a mistake

Octrafic – open-source AI-assisted API testing from the CLI

US Accuses China of Secret Nuclear Testing

Peacock. A New Programming Language

A postcard arrived: 'If you're reading this I'm dead, and I really liked you'

What to know about the software selloff

Show HN: Syntux – generative UI for websites, not agents

Microsoft appointed a quality czar. He has no direct reports and no budget

AI overlay that reads anything on your screen (invisible to screen capture)

Show HN: Seafloor, be up and running with OpenClaw in 20 seconds

Tesla turbine-inspired structure generates electricity using compressed air

State Department deleting 17 years of tweets (2009-2025); preservation needed

Ask HN: Retaliation for privately disclosing user IDs in DSA transparency data?

Comments