frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

Is Gemini 2.5 good at bounding boxes?

https://simedw.com/2025/07/10/gemini-bounding-boxes/
174•simedw•4h ago•36 comments

Measuring the Impact of AI on Experienced Open-Source Developer Productivity

https://metr.org/blog/2025-07-10-early-2025-ai-experienced-os-dev-study/
18•dheerajvs•28m ago•3 comments

Flix – A powerful effect-oriented programming language

https://flix.dev/
62•freilanzer•2h ago•29 comments

Analyzing database trends through 1.8M Hacker News headlines

https://camelai.com/blog/hn-database-hype/
37•vercantez•2d ago•11 comments

Seven Engineers Suspended After $2.3M Bridge Includes 90-Degree Turn

https://www.vice.com/en/article/7-engineers-suspended-after-2-3-million-bridge-includes-bizarre-90-degree-turn/
67•_sbl_•47m ago•51 comments

Optimizing a Math Expression Parser in Rust

https://rpallas.xyz/math-parser/
99•serial_dev•7h ago•47 comments

Underwater turbine spinning for 6 years off Scotland's coast is a breakthrough

https://apnews.com/article/tidal-energy-turbine-marine-meygen-scotland-ffff3a7082205b33b612a1417e1ec6d6
64•djoldman•2h ago•59 comments

How to prove false statements: Practical attacks on Fiat-Shamir

https://www.quantamagazine.org/computer-scientists-figure-out-how-to-prove-lies-20250709/
165•nsoonhui•7h ago•128 comments

Automatically Packaging a Haskell Library as a Swift Binary XCFramework

https://alt-romes.github.io/posts/2025-07-05-packaging-a-haskell-library-as-a-swift-binary-xcframework.html
22•Bogdanp•2d ago•0 comments

Show HN: Typeform was too expensive so I built my own forms

https://www.ikiform.com/
121•preetsuthar17•7h ago•70 comments

Mini robots detect and fix water pipe leaks without digging

https://www.foxnews.com/tech/mini-robots-detect-fix-water-pipe-leaks-without-digging
61•Bluestein•2d ago•42 comments

Red Hat Technical Writing Style Guide

https://stylepedia.net/style/
8•jumpocelot•1h ago•0 comments

Diffsitter – A Tree-sitter based AST difftool to get meaningful semantic diffs

https://github.com/afnanenayet/diffsitter
18•mihau•4h ago•3 comments

Perplexity launches Comet, an AI-powered web browser

https://techcrunch.com/2025/07/09/perplexity-launches-comet-an-ai-powered-web-browser/
13•gniting•1d ago•2 comments

Tree Borrows

https://plf.inf.ethz.ch/research/pldi25-tree-borrows.html
543•zdw•1d ago•139 comments

Author of William the Conqueror's 'Medieval Big Data' Project Revealed

https://www.ox.ac.uk/news/2025-07-02-author-william-conqueror-s-medieval-big-data-project-revealed
39•zeristor•3d ago•5 comments

A Typology of Canadianisms

https://dchp.arts.ubc.ca/how-to-use
229•gnabgib•19h ago•261 comments

MCP-B: A Protocol for AI Browser Automation

https://mcp-b.ai/
298•bustodisgusto•18h ago•155 comments

Thunderbird 140 “Eclipse”

https://blog.thunderbird.net/2025/07/welcome-to-thunderbird-140-eclipse/
249•TangerineDream•2d ago•171 comments

FOKS: The Federated Open Key Service

https://foks.pub/
9•ubj•4h ago•1 comments

Grok 4 Launch [video]

https://twitter.com/xai/status/1943158495588815072
345•meetpateltech•12h ago•375 comments

Show HN: MCP server for searching and downloading documents from Anna's Archive

https://github.com/iosifache/annas-mcp
221•iosifache•19h ago•69 comments

Show HN: FlopperZiro – A DIY open-source Flipper Zero clone

https://github.com/lraton/FlopperZiro
330•iraton•23h ago•72 comments

Show HN: CXXStateTree – A modern C++ library for hierarchical state machines

https://github.com/ZigRazor/CXXStateTree
3•zigrazor•3d ago•2 comments

Solar power has begun to transform the world’s energy system

https://www.newyorker.com/news/annals-of-a-warming-planet/46-billion-years-on-the-sun-is-having-a-moment
281•dmazin•1d ago•432 comments

The jank programming language

https://jank-lang.org/
385•akkad33•4d ago•105 comments

The death of partying in the USA

https://www.derekthompson.org/p/the-death-of-partying-in-the-usaand
204•tysone•20h ago•366 comments

The Origin of the Research University

https://asteriskmag.com/issues/10/the-origin-of-the-research-university
119•Petiver•3d ago•32 comments

Radiocarbon dating reveals Rapa Nui not as isolated as previously thought

https://phys.org/news/2025-06-radiocarbon-dating-reveals-rapa-nui.html
41•wglb•2d ago•2 comments

Linda Yaccarino is leaving X

https://www.nytimes.com/2025/07/09/technology/linda-yaccarino-x-steps-down.html
524•donohoe•1d ago•950 comments
Open in hackernews

German court rules Meta tracking technology violates European privacy laws

https://therecord.media/german-court-meta-tracking-tech
340•bundie•11h ago

Comments

gherkinnn•11h ago
Meta and their scummy little ways. And this is just what we know they're up to.
verst•11h ago
These tracking "pixels" are used across the entire ad tech industry. It is very pervasive. Amazon, Twitter / X, Facebook / Meta, Pinterest, Snap, TikTok...
Walf•10h ago
It's not just pixels. They strongly encourage site owners to send (normalised and hashed) personal data from every interaction to them, with the promise of better targeting for the site's ads. You cannot block this or opt out because it's server-side.
herbst•9h ago
Another reason not to deal with any company that has any kind of Facebook focus at all
JimDabell•9h ago
> You cannot block this or opt out because it's server-side.

Facebook’s latest approach is to give people instructions on setting up a relay server in their own infrastructure so that privacy software that blocks third-party tracking still works, even when it looks at IP addresses to detect things like CNAME cloaking.

https://developers.facebook.com/docs/marketing-api/conversio...

Walf•7h ago
The positive of that approach (for users) is that it relies on client-side scripts, so it's possible for privacy tools to target those.
rkagerer•10h ago
Yep, and it doesn't make it right.

I recently told my bank I don't agree to their new privacy terms. I sent them all 26 pages, marked up with various red lines crossing out the objectionable clauses. One was about tracking pixels, web beacons and the like.

There was also much worse stuff contained like behavioral profiling and sharing my data with outside advertising conglomerates.

After-the-fact opt out mechanisms were described for a lot of it, but I explained very clearly that I am not consenting in the first place. The fact they provide an opt out for some of the most shameful portions reinforces that they don't need consent in the first place to provide me with banking services. I don't know who in their right mind would accept such terms. Unfortunately most individuals I know wouldn't have a clue what the jargon means or how it affects them.

A meeting was set up with my bank manager, and to underscore my point I brought in the original, aged-parchment paperwork I signed over two decades ago to open the account. That was only 5 pages long by comparison.

I also brought in a screenshot from Facebook that proved the bank uploaded some information about me to them in a Custom Audience customer list (a tool offered to advertisers that perversely deputizes them in Meta's quest to ingest all of our personal information). They have no business telling Meta or other third parties who I bank with (which is what the hashed uploaded lists are used to match & confirm).

The manager was quite understanding of my concerns and agreed none of what I objected to is legitimately needed to provide me with banking. I politely explained if they expected me to agree to this garbage I would take my personal and business deposits elsewhere.

I was pragmatic, and realize they're not going to reprogram their whole web portal just for me, but told them if they were going to go ahead and embed web beacons and the like in pages served up to me, or engage in more aggressive privacy violations, then they're doing so without my consent (an important distinction if I suffer damages down the line). In the end, my redlined version of their policy was affixed to my file to document that I do not in fact accept their terms, and they got to keep me as a customer. Not as good as a countersigned revised agreement, but enough to indicate my intent should consensus ad idem come into question.

I realize this was a lot of time and effort (and some risk of further nuisance if it failed and my accounts had to be closed), expended for something most people don't seem to care about. But the growing trend of companies outside tech adopting all our worst dark patterns really gets my gears grinding.

The story goes to show that if you choose to push back, sometimes you can win.

Good job Europe, keep blazing a trail which I hope my country eventually decides to follow.

vasco•10h ago
So you're still tracked the same way as everyone else and they didn't sign any of your changes, so how are you protected?
rkagerer•10h ago
It's a fair question.

Mainly, they'd have a much harder time basing a defense on having had my consent, should I have cause to sue them down the line.

> they didn't sign any of your changes

I didn't sign any new agreements of theirs, either.

The manager did of course check that all the relevant knobs and dials in their system able to be turned off were set as such.

And it caused them some minor grief. If enough of us were to push back like this, the grief might grow sufficiently for them to do something about (like maybe recognize nobody wants these godawful policies and there's a great business opportunity for companies that decide to build a brand premised on customer respect).

fsflover•9h ago
But did you actually try to find a better bank not sending your data to Facebook? In EU, these should exist.
vasco•4h ago
I see, its better than nothing indeed. The only grief you can cause them that actually matters is moving your money though, but I'm not sure there's any bank that doesn't do similar tracking.
bluecalm•9h ago
>>Good job Europe, keep blazing a trail which I hope my country eventually decides to follow.

While GDPR had some good intentions the way it implemented in practice just makes things more difficult for consumers and changes little. For example in Poland one of the major banks still forces you to accept them sharing your information with advertising partners.

The main effect of the regulation is that you waste 30 seconds on every call to a business you make for listening about stuff about their privacy policy and the on every form you have to consent to something or be denied service.

rkagerer•9h ago
I hate how it spurred every website under the sun to ask for cookie consent. My gut says that practice (or at least its breadth) stems from a misunderstanding of the legislated requirements.

> you have to consent to something or be denied service

I hate this too.

But I hope consumers start to recognize it isn't always the case. Just because contracts are laid out on screens nowadays instead of paper, doesn't mean they're immutable and must uniformly be accepted as-is. We've been shepherded into a culture of just agreeing to whatever crap is placed in front of us. This is one reason I refuse to use DocuSign and always insist on paper or PDF's. I recognize not everyone has bargaining power, and I was fortunate in my case.

Interestingly, where there is unequal bargaining power, that fact itself can on occasion bite back against the company. Eg. In my jurisdiction, it obliges the judge to interpret any ambiguity of terms in favour of the party with less agency.

I generally think companies are overestimating how well some of the more unscrupulous terms we're seeing these days will hold up under the test of litigation.

noirscape•7h ago
> My gut says that practice (or at least its breadth) stems from a misunderstanding of the legislated requirements.

Sorta yes. The "cookie law" is the EU ePrivacy Directive (not the same as the GDPR, it predates the GDPR by around a decade) and doesn't directly talk about cookies. Rather, it talks about any means in which a remote server can store data on your PC (which includes cookies, but also things like LocalStorage - the law is resilient to innovation).

Basically if you want to store data for things that aren't obviously necessary to provide service, you need to ask for consent to store this information (getting consent for using and sharing information obtained by using these cookies is a separate matter, that's what the GDPR is for). So a shopping cart or a session cookie don't need consent banners, since those get filled out in accordance with things users expect (if you login, it's expected that the site knows who you are in future requests, if you add an item to a shopping cart, it's expected to be kept somewhere and to be cross referenced. Rejecting a cookie consent banner can also place a cookie for this same reason; users expect to not be shown that popup again if they said no.)

Cookie banners are effectively an attempt to maliciously comply with this directive combined with legal paranoia. The second one is easier to explain; if you need consent to store some cookies, then legal is just gonna tell you that you need consent to store any cookies, no matter how trivial. This is standard legal paranoia, which leads to sites that don't place tracking cookies getting consent banners.

The first is more malicious; browsers can send indicators to servers that they don't want to be tracked at all. That's the DNT header or the GPC header. They are basically the same thing, except the GPC header allegedly has more legal backing - to my knowledge there's no evidence that DNT doesn't work for this purpose and in fact, GPC is worse at protecting against tracking. GPC only opts out against selling data, DNT opts out against tracking for any purpose whatsoever.

Advertisers habitually ignore/use these headers for fingerprinting, but a German court has decided that the DNT header has full legal backing as a "I don't want to be tracked" indicator in a case against LinkedIn and that spamming users with consent popups if these headers are present is essentially pestering them to relinquish consent that isn't going to be given. The GPC Header has no such protections, but might be more amenable to the (worse) Californian privacy laws. Advertisers and other companies like to pretend that the DNT header has no legal backing, but it does. Cookie banners could entirely be handled on the browser side, but browsers and advertisers refuse to take this idea seriously because it'd lead to mass rejection of tracking. (Due to perverse incentives at this point; both Mozilla and Google own/are ad companies respectively. This is why Mozilla quietly killed the DNT header at the start of the year, in favor of the GPC header.)

VikingTechGuy•2h ago
This is the EDPB Guidelines for all tracking technologies: https://www.edpb.europa.eu/system/files/2024-10/edpb_guideli...

The main point is access to the terminal equipment of the consumer has to be explicit, there is no relation to DNT etc.

rkgkglflms•9h ago
On the contrary, GDPR actually says that it’s illegal to condition content or services on the acceptance of tracking, if anything is provided after accepting optional tracking, it must also be available if declining tracking. This is very easy for a layman to understand when reading GDPR.

What your bank is doing is clearly illegal.

bluecalm•8h ago
With GDPR it matters how countries incorporate it in their law and that doesn't work in practice.

>>GDPR actually says that it’s illegal to condition content or services on the acceptance of tracking

Good intentions, doesn't work. You call a bank, they read a contract to you for 5 minutes you spot some sharing with partners (who knows who they are) there, you try to protest saying "ok but let's make sure it's not for advertisement" and the answer is "I can't do anything that's the contract you either accept or we can't open an account for you".

>>This is very easy for a layman to understand when reading GDPR.

What matters are laws of specific countries that implement it and what results are in practice. That's why I wrote about good intentions and real effects.

>>What your bank is doing is clearly illegal.

And there is nothing I can do about it.

mafuy•8h ago
Is there a consumer protection institution in your country? They could sue on your behalf.
Kbelicius•7h ago
>> What your bank is doing is clearly illegal.

> And there is nothing I can do about it.

So your argument for why GDPR is bad is that it is not being followed by all that it applies to... I mean, what do you expect as a response to that besides "That is stupid"?

PicassoCTs•11h ago
The denial to market by vetoing is working, but its not a long term strategy. To push that back, the eu would have to push its own social network alternative, that undermines Metas growth in those fields. I can not see that yet-
tossandthrow•10h ago
> the eu would have to push its own social network alternative

Why?

A thing it seems like a lot of people are missing is that European companies are taken to the same (if not a higher) standard for compliance with EU law.

The EU regulates to ensure that market participants work fairly - these rules are generally not about trading barriers (if they were, they'd do it poorly)

nitwit005•10h ago
If there were some huge multi-national social media company headquartered in France, I don't see any reason to believe things would be better. It might be theoretically easier to hold them accountable, but I suspect EU governments would be more prone to listen to their lobbying instead.
ranguna•8h ago
Why France?

France is not exempt from its anti privacy law attempts around mass surveillance.

veunes•9h ago
Regulatory pressure can slow Meta down...
herbst•9h ago
The next social network will not be another social network.

Most parts of Europe long moved away from any social media dependency all that's left is IM/chatting.

Where only WhatsApp is a somewhat popular American software, the rest isn't.

Edit:// to clarify I am not saying people aren't using Instagram or even Facebook. My point is they don't use it to socialize anymore

saubeidl•9h ago
Yeah it does feel like social media is... kinda over?

Everyone I know is tired of the concept and tired of the tracking and profiling it entails.

vanviegen•9h ago
> Most parts of Europe long moved away from any social media dependency all that's left is IM/chatting.

Glancing at people's phone screens while riding public transport, I beg to differ. Doom scrolling everywhere. Though much of it is arguably not really 'social network'-like, as most posts appear to be from strangers half a globe away.

herbst•8h ago
IMO There is nothing classicly social about that, none of these apps have any central aspect that makes you engage with people you actually know.

they are just doomscrolling ad platforms not social media in my opinion. It didn't replace anything it just invented a new thing, social is stell well and alive in IMs, slack, discord, ...

ranguna•8h ago
I'd love to agree, but 99% of the people I know use Instagram more than once per day.
herbst•8h ago
That's totally not my experience at all to be honest. But we all have our unique and different bubbles we end up in.

I know a lot of people with children quasi depend on WhatsApp for their children activities, when in other circles Telegram or Signal would be way more common and the obvious choice.

Edit:// also do they use it as social media or to consume media/ads? If they don't use it as mainly social my point might still be true

tossandthrow•8h ago
The question is if you see Instagram as a social media or as a feed.

On my own Instagram people who I know make up maybe 1 piece of content every second day.

Otherwise it is Ai generated content that is, unfortunately, very engaging but of a very low quality.

So I understand why there are a lot of people on Instagram.

(personally, I prefer to ruin my health with i IPAs over doom scrolling)

edelbitter•9h ago
I can subscribe to the people I want to keep up with just fine. I do not need alternative ad-money-fueled intermediaries that get to decide what to insert into and remove from my feed. If there are no indefinitely growing profits to be made there, that is perfectly okay.
jxjnskkzxxhx•10h ago
You guys remember how 5+ years ago, an headline like this on HN would invariably prompt cries from the Americans that this was just the Europeans finding excuses to take advantage and steal from poor innocent American companies. How the mood has changed on this huh. I'm glad to see the European approach vindicated, even if at times not strong enough.
thaumasiotes•10h ago
> How the mood has changed on this huh.

I don't think you're right on the timing, but a related essay:

https://www.imightbewrong.org/p/why-doesnt-hitler-mcfuckface...

saubeidl•10h ago
I don't think the mood of Americans has really changed. It's just that right now only the Europeans are awake.
detaro•10h ago
[flagged]
samplatt•10h ago
Er... No, sorry, I don't remember anyone saying that at all.
snickerdoodle12•10h ago
I very clearly do. So that's weird.
bigyabai•9h ago
It entirely saturates discussions about companies that rhyme with "Snapple" in my experience.
oblio•9h ago
Oh, for Snapple, don't forget the Snapp Store discussions:

"My grandparents have a clean iPhone for 40 years because of the Snapp Store!! Nobody should be able to install things from 3rd party Snapp Stores, they might be harmful!!"

surgical_fire•9h ago
Amazing. On like every thread of EU fining some US company for things such as privacy violations there's a stream of mor... er... users claiming that EU is only using that as a revenue stream to extract money from US companies because they have no homegrown businesses or similar bullshit (despite European companies being fines the same way).

Hell, you can find some of the same moronic arguments on this very thread still.

Symbiote•6h ago
Trump also made the claim, back when he was justifying tariffs against the EU.
surgical_fire•5h ago
I hope EU cranks up the pressure against US because of that, using the EU Anti- Coercion Instrument as designed.
jxjnskkzxxhx•8h ago
LOL there's people saying it in this thread.
andsoitis•10h ago
> cries from the Americans that this was just the Europeans finding excuses to take advantage and steal from poor innocent American companies

Spotify found in violation of EU data protection laws by Stockholm Court - https://www.investing.com/news/stock-market-news/spotify-fou...

Or what about Enel (Italian): https://www.reuters.com/business/energy/italy-regulator-fine...

Or Criteo (French): https://techcrunch.com/2023/06/22/adtech-giant-criteo-his-wi...

H&M (Swedish) fined for breaking GDPR over employee surveillance: https://www.bbc.com/news/technology-54418936

etc.

riffraff•10h ago
5 years? I think it was last week.
lompad•10h ago
And not only are those cries wrong, reality is quite the opposite. The vast majority of fines are towards european businesses. Big Tech aren't the only ones who violate data privacy standards all the time. [0] You just don't read about those here, so people like to just assume those fines don't exist.

Additionally, it helps to actually learn how the current law developed - it primarily was modeled after the german Bundesdatenschutzgesetz, which was put into law in a modern form in the 90s, long before FAANG.

[0] see the tracker: https://www.enforcementtracker.com/

Raed667•9h ago
I was surprised to see doctors and even a bakery on the list!
delusional•9h ago
One of the earliest enforcement actions was against a mailing list. If I remember it was because it CCed all the participants instead of BCCing them.
rafaelmn•9h ago
I went to the site and sorted by fine - I needed to go to the bottom of second list to find a non US company ? By the time I get to pages that are mostly non US companies the fines are two orders of magnitude smaller and dropping fast - do you have any aggregate view to compare ? I would not be surprised at all that indeed most of the fines were towards US companies in total amount.
FranzFerdiNaN•9h ago
Its because American companies are much larger than most European companies in terms of revenue. And because the impact of their infringements are much larger due to the nature of their business. If Bumfuck LLC from Sweden with maybe a 1000 customers fucks up they arent impacting millions of users, unlike when Google or Meta does things.
oblio•9h ago
I saw TikTok at #3 and #5, Enel (Italian) at #15, Vodafone at #19 (British) and starting at around #21 the list is basically dominated by European companies.

Speaking from personal experience, American companies, especially the big ones, tend to treat everyone else as "Americans that they don't know they're American yet" or alternatively "slightly dumb Americans".

At least for one of them, yeah, they apply the legal laws, but the general decisions are taken in the US with little regard for local "non-impeding laws", I would call them. "Impeding laws" would be laws that would block the launch of something (for example they wouldn't attach an AR-15 to every product sold). "Non-impeding laws" would for example be, labor laws. They just assume that what works in the US sort of works everywhere else and deal with the consequences along the way.

rafaelmn•9h ago
I count TikTok as big tech non-EU so I automatically put it in to that bucket but you are right it is not a US company. Still fits the theme that EU is using GDPR to shake down big tech it does not own. I missed Enel (did not know about them) and yeah Vodafone was bottom page 2 first EU brand I recognized from the list, but OK middle of page 2 for non-EU.

Again just a rough feeling from the list but I would speculate that over 50 percent of fines in total were towards US or non-EU based companies.

vampirical•8h ago
Please re-read what you’ve written in these two comments with a critical eye. You’re speaking from a lack of knowledge without very much care and reaching incorrect conclusions that agree with your initial bias. When someone else does the work of helping nudge you towards reality you seem to be doing a poor job correcting. Sorry if this comes across as rude, it’s said with the kindest of intentions.
rafaelmn•7h ago
So I did quick excel math - I took just the US companies from top 100, sumed them and then I summed everything else (the entire list, not just top 100) - including tiktok - and the ratio is almost 3 to one against US companies in total.

In fact Meta alone is fined more than everyone else combined.

What exactly am I missing ?

oblio•7h ago
The fact that the EU just doesn't have big companies in the fields that are more likely to be abusive with customer data.

It's a bit like the sweatshop argument. If your company wins out by using sweatshops, yeah, you're going to end up with the billion dollar argument. But if a certain market doesn't want stuff produced by sweatshops, and they decide to dis-incentivize it by tariffing it, that:

a) makes sense from their point of view

b) is moral from a global perspective

Similar approach here.

rafaelmn•6h ago
Thats all a matter of perspective, not something I am willing to argue. EU has a history of making protectionist legislation under the guise of protecting its members, eg. the whole GMO story, and I can see how someone can make an argument here. If it is valid or not is up to you I guess.

But saying that the fines are mostly towards EU members when over 2/3 is fined towards US companies is misrepresenting the data and the opposing viewpoint.

oblio•2h ago
Fixing a typo:

* you're going end up with the billion dollar company

noirscape•8h ago
> big tech it does not own

If a company does business in the EU, it's dealing with EU citizens, giving the EU jurisdiction over how that business is conducted.

The EU absolutely has full legal standing for this; if big tech doesn't want to abide by it, they can always leave the EU.

American companies get fined more often for the simple reason that they break the GDPR more often since the US lacks the same legal privacy framework, which means they don't have the same incentive to comply with it and instead try to rules lawyer around it.

piva00•8h ago
> Still fits the theme that EU is using GDPR to shake down big tech it does not own.

It's not a shake down, it's the fucking law which they don't follow and have to pay fines accordingly. Every single business in the EU has to follow these laws, if the US-based ones are not taking proper measures to not act illegally that's on them, not on the legislation, this shake down narrative is quite tired by now.

> Again just a rough feeling from the list but I would speculate that over 50 percent of fines in total were towards US or non-EU based companies.

Perhaps because the US companies are more eager in breaking laws and figuring it out later? Isn't that the whole take on EU vs US business approach, the US ones are big risk takers (including in acting illegally) vs EU ones being risk-averse?

I feel disheartened that this narrative is still spewed on HN, it's just vitriol, the US companies are breaking the law of EU members, if they do business here they need to follow the law, it's absurdly simple.

rafaelmn•7h ago
This isn't something I really care to argue - OP was pretending like the fines were spread out equally in the EU and somehow the US complaints are baseless - when its obvious that the fines are heavily weighted towards US companies.

Whatever this is based on - OP was misrepresenting the data.

piva00•6h ago
I don't think OP said anything about the spread of the fines amount being equal, they brought up that there are many EU-based companies whom have been levied fines, I believe you interpreted it wrongly and are bashing a non-existing argument.

US companies have been fined larger sums because their transgressions are more common, they do it repeatedly, and their global revenue is higher, there's no conspiracy here, it's exactly how the law is written.

I invite you to re-read their point:

> The vast majority of fines are towards european businesses.

Which is true, the majority of fines are towards EU-based businesses, not the majority of the amount in fines.

Again, if US-based companies with a much higher revenue and market penetration weren't breaking the laws they wouldn't be levied the higher fines.

VikingTechGuy•2h ago
It's not fines, its damages for 1 visitor.
cess11•7h ago
"Still fits the theme that EU is using GDPR to shake down big tech it does not own."

No, the EU is trying to protect the rights of its citizens.

If they wanted to "shake down big tech" they'd just do a Turkey or India and pressure them to do their bidding in terms of censorship and information exchange.

rafaelmn•7h ago
>If they wanted to "shake down big tech" they'd just do a Turkey or India and pressure them to do their bidding in terms of censorship and information exchange.

We are already leaning on US intelligence agencies for data and every audit finds no problem in how the US handles EU data... get real - the EU is just not in the position to pull the same move because it is not the same kind of entity or legal structure, they do tariffs and regulations/collecting fines.

cess11•2h ago
The data protection body that gave a veneer of legality to US corporations touching EU citizen data has been defunct for a while.
octo888•7h ago
Worth noting the tracker does not track which fines are currently being contested (in an obvious manner). i.e. do not assume all the fines you see there have actually been paid

Though probably safe to assume the smaller fines against smaller companies with smaller lobbying^H^H^H^H^H^H legal teams most likely have :-)

gdwatson•9h ago
As an American, my reservations about European privacy laws are related to jurisdiction, and none of them applies here. I welcome this decision.
apples_oranges•9h ago
Americans are still asleep at 7GMT ;)
jokoon•9h ago
Probably people who own stock in those companies
giingyui•9h ago
You can’t really express those opinions here anymore because of the overall political shift of the website, which is enforced (always has been) through the moderation system. It’s not specifically about this particular decision.
123yawaworht456•9h ago
>How the mood has changed on this huh.

has it? if anything, EU continues to fleece US companies with nonsensical, hastily-implemented laws and absurd fines.

https://duckduckgo.com/?q=EU+DSA+twitter

surgical_fire•9h ago
Meta is very welcome to stop operating in EU to not be subject to their laws.

Or, you know, they could just respect the law. Like other companies that operate here. Novel concept I know.

And, to complement your lack of research, EU companies are subject to those laws and are frequently fined as well for those violations.

piva00•7h ago
Those companies choose to operate in the EU, if they don't like the legal environment they can just pack up and leave. Why do you think they don't do that? Why do you feel the need to defend companies breaking the law?
123yawaworht456•5h ago
lease an apartment

spend a lot of time and money moving your things there

live there for a decade

the landlord shows up and informs you that you are forbidden from using the toilet between 6 PM and 8 PM, effective immediately, punishable by a fine equal to your monthly income. why? fuck you, that's why. if you don't like the legal environment you can just pack up and leave

piva00•5h ago
I don't think it's a suitable analogy but you do you to try to justify companies breaking the law :)

As far as I hear from the HN crowd if the company feels it's not profitable anymore they will just pack up and leave (hence why many here defend not taxing corporations), this is exactly that case: there's money to be made, they will stick around, perhaps realising that paying fines is eating into their profits and change behaviour. If they don't like it, just pack up and leave, corporations are only interested in making profits, housing is not an analogous to that as much as you might want to play that card.

fireflash38•3h ago
Yeah, makes sense. Landlords do super shitty things to people and will push them as hard as they can to make money. And if you signed a lease that let them do that that's on you right? And you can leave if you don't like it?
subscribed•3h ago
These companies (notably Google, apple, twitter) have bo problem bending to the law in China but _somehow_ they have problems with Europe? I guess fines aren't high enough)
subscribed•3h ago
Lease an apartment.

Pretend you're a normal person.

Secretly snoop on all the phone calls, conversations, documents in the whole house.

Take creepy pictures and upload them "for later"

Monitor all the internet traffic in the house, for all the other inhabitants.

Throw a hissy fit when you're fined for knowingly, blatantly breaking the law for years (and sometimes lying about that).

https://wire.com/en/blog/metas-stealth-tracking-another-eu-w...

cycomanic•5h ago
It's funny how American always bring up data privacy violation fines as fleecing US companies, but never complain about the fines against car manufacturers in the US (which have been largely against non-US companies)[https://young-lawgroup.com/news/the-largest-auto-fines-in-u-... https://en.wikipedia.org/wiki/Volkswagen_emissions_scandal].

Just to clarify I completely agree with the fines in both the US and EU, remember big corporations are not your "team" (for the vast majority of you).

pjc50•2h ago
I'm also reminded of the record-breaking fines against British Petroleum.

But the entire structure of US car design is an anti-competitive barrier! There's all sorts of special extra requirements and taxes to discourage overseas manufacturers or smaller cheaper cars, and Americans are proud of that! Not to mention the recent fad for tariffs.

phendrenad2•2h ago
No no, you misunderstand. Over here in America we have given up on fighting it and prefer to let mega-corps like Google and Meta own the advertising space. Smaller companies quickly moved to a subscription model, at least until the EU finds a way to make money illegal.
elAhmo•10h ago
And, just like always, nothing meaningful will be done.
alkonaut•10h ago
Can't some shady legal firm now just dig out who is in the exact same situation as this user, and sue on behalf of them, keeping (say) 10%? I'd be happy to let them.

But in the end this kind of thing shouldn't be regulated by lawsuits from individuals. The fines as I remember it can be up to 4% global annual revenue and it's about time someone actually handed a fine of 4% global annual revenue to a company the size of Meta, so companies finally realize that the law isn't just a recommendation.

veunes•9h ago
Yeah, class action-style suits are probably coming, especially now that this ruling sets a precedent
ekunazanu•9h ago
AFAIK Germany (and most European countries) has civil law, so court rulings probably won't have as much of an impact as it would in countries like the US
oblio•9h ago
> AFAIK Germany (and most European countries) has civil law

Most of the world, actually. Pure common law systems are just in CANZUKUS (and a few dozen of other minuscule former British colonies).

adw•48m ago
Not even all of the UK. Scotland is a hybrid system.
alkonaut•8h ago
Once it reaches the highest court, it will set precedent. So there is no real difference in the end it just takes more time because no precedent is set in a lower court.
pedro_caetano•9h ago
My understanding is that there is no 1-to-1 European equivalent to class action lawsuits in the USA.

There is a EU directive that allows for "representative action" but it's much narrower scope compared to what Americans are familiar with in class action.

Garlef•9h ago
Yes. But there's law firms who streamline such individual processes if the business case is actually large enough.

For example there's a law that says the airline needs to pay you 400€(?) if your flight is delayed by more than 2h if it's due to the airlines fault.

There's a company that handles these cases for 130€.

That's 270€ you get and you just need to enter some data.

SSLy•8h ago
or you can enter the same data into form provided by the airline. I did it once to SN and they paid up just fine.
FirmwareBurner•7h ago
Not my experience. Airlines BS you on why your flight delay or cancellation was legit so you need to take the legal route as they wipe their ass with your complaints.
Symbiote•6h ago
I've done it twice and was paid the compensation, but both times were normal airlines, not budget carriers.
cycomanic•6h ago
I used to fly out out GBG which only has few flights to the intercontinental hubs per day. So it happened to me quite frequently that my incoming intercontinental flight was late by 1.5h which resulted in a 5-7h delay because I missed the connection. That entitles you to 600 euros. After my first 2 trips I quickly learned that for flights into Europe it's only European airlines that have to pay those fines (outbound flights it's everyone). I probably collected around between 4k-6k euros because it happened so often.

I never used one of the "collection agencies", because it's an incredibly easy process to do yourself. Yes some airlines try to wiggle out of it, but you just threaten them with going to arbitration (I think that's what it was? I've moved away from Europe several years ago), and show that you know the rules and they quickly let up, because IIRC they get fined (not just your compensation) if they get found to be in the wrong.

lan321•5h ago
Lufthansa surprisingly directly issued 250 euros to my mom for a delayed flight after filling out the passenger name and flight number on a site provided by their chatbot, which also explained how to use a 20 Euro food voucher they provided directly. It was very well made imo.
alkonaut•4h ago
The EU has really put their foot down when it comes to these claims. There is no legit delay or cancellation. Either I'm there on time or not. And if I'm late or the flight is cancelled then the carrier will reimburse. This seems o work pretty well these days is my experience.
FirmwareBurner•4h ago
Austrian Airlines din not honor my delay claim it citing "everting was right". Had to go to consumer protection.
pjc50•6h ago
Pedantry: the EU doesn't have a unified legal system.
lauritz•9h ago
There are (non-shady) firms that do exactly this for other areas (flight compensation, most notably).

There are some issues with contingency fees in German legal professional law. However, it can be argued that suing for these 5,000 EUR is just "collections", so it may be allowed.

The risk lies elsewhere: As I outlined in another comment, there is reason to believe that this may not stand on appeal, or at least that other courts in other parts of Germany may decide differently. As a result, it takes a lot of capital to keep all of these lawsuits going until the Federal Court of Justice or the ECJ have decided and there is legal certainty.

dabedee•10h ago
This Leipzig ruling is notable, but the practical impact may be more limited than the €5,000 figure suggests. While the court explicitly said users don't need to prove individual damages to sue, European class action mechanisms are still quite different from US-style litigation.

Germany doesn't have the same litigation incentive structures as the US - no contingency fees, loser-pays costs, and relatively limited collective redress options. Most German consumers aren't going to file individual €5,000 lawsuits over tracking pixels, especially given the legal costs and time involved.

Personally, I hope this gets picked up by a consumer protection organization or a well-funded litigation group. Germany has been gradually expanding its collective action framework, but it's still primarily driven by qualified entities rather than individual plaintiffs.

hsbauauvhabzb•9h ago
Sounds like something someone could commoditise. 2500 free euro! Sign here!
oytis•8h ago
AFAIK that business model already works with rental contracts.
piva00•8h ago
In Sweden I've seen quite a few businesses sprung up for that, collecting overpaid rent through a legal firm.

Completely agree that if it's a similarly straightforward process there will be businesses offering to litigate on the users' behalf and collect a fee, I'd be jumping on it if I only had to file a report and wait for the work to be done to collect a couple thousand €.

coev•5h ago
> In Sweden I've seen quite a few businesses sprung up for that, collecting overpaid rent through a legal firm.

This seems like the bizarro world version of American debt collection firms, cool!

rglullis•6h ago
It definitely does for canceled/delayed flight tickets. Some years ago we had a flight that was canceled in the last minute by TAP and we missed one day from our trip. We got 600€ back from each ticket just by signing up to a website and sending the ticket receipts.
VikingTechGuy•2h ago
In Germany consumers are opted in by default, unlike all other European Countries.

This is also why there currently are class action lawsuits against X and Tiktok based in Germany with claims of damages of EUR 500 and EUR 2000.

juliangmp•10h ago
I really hope it turns into a class action because I'd so wish to be part of it
sidcool•10h ago
Call me cynical, but nothing's going to change
herbst•9h ago
Imo a lot of change is already happening. The sentiment wasn't good the last years but now it's turning into going away from American services rather sooner than to late.

More and more European alternatives pop up, governments and companies are switching stack.

It will take a while to migrate, but I am sure effects will be visible soon enough to US companies

emsign•9h ago
If these rulings and laws were meaningless, the Trump administration wouldn't be blackmailing the EU over it.
veunes•9h ago
Interesting that the court emphasized identifiability even without logging in. That cuts right through the usual "anonymous tracking" defense a lot of companies hide behind
emsign•9h ago
Nice!
lauritz•9h ago
It should be noted that this may not stand on appeal. The full decision is not yet available. All we know is from the press statement.

For example, the court ruled that the plaintiff is entitled to these damages without even hearing them personally on what kind of injury they sustained. This is an interesting direction, and we will see how it is argued in the decision itself. I would assume this could be something that Meta challenges on appeal.

Another way to go would be to argue that this lawsuit involves unresolved questions of EU law that need to be addressed by the ECJ.

In either case, this verdict will create some legal uncertainty in the short term, and I assume many people will sue---but we shall see what happens on appeal and perhaps at the ECJ, which will perhaps be a couple of years out.

fauigerzigerk•8h ago
What I don't understand is the responsibility of Facebook vs the operator of the website where the tracking takes place. I thought that under GDPR it was the responsibility of the website to get consent from users before passing on data to ad networks.
cess11•8h ago
What do you mean by website as a "place"? I'm not so sure the GDPR mentions tracking. Here's what the court said was relevant:

"Meta, Betreiberin der sozialen Netzwerke Instagram und Facebook, hat Business Tools entwickelt, die von zahlreichen Betreibern auf ihren Webseiten und Apps eingebunden werden und die Daten der Nutzer von Instagram und Facebook an Meta senden. Jeder Nutzer ist für Meta zu jeder Zeit individuell erkennbar, sobald er sich auf den Dritt-Webseiten bewegt oder eine App benutzt hat, auch wenn er sich nicht über den Account von Instagram und Facebook angemeldet hat. Die Daten sendet Meta Ireland ausnahmslos weltweit in Drittstaaten, insbesondere in die USA. Dort wertet sie die Daten in für den Nutzer unbekanntem Maß aus."

fauigerzigerk•7h ago
I mean that under GDPR, website owners as data controllers must get user consent before embedding third party tracking technologies on their websites to pass on data to Facebook.

It doesn't matter whether GDPR mentions any specific word. What matters is what the technologies referred to by the word "tracking" actually do. And what they do clearly requires consent under GDPR.

The paragraph you posted implies (but does not explicitly state) that Facebook's ability to identify individual users would still be noncompliant even if the website has received consent from the user to embed Facebook's technology. Or does the court blame the website's noncompliance on Facebook?

mpweiher•8h ago
Both are liable. From TFA:

"The court’s decision exposes all websites and apps using tracking technology to significant lawsuits, experts said."

fauigerzigerk•7h ago
Only if the ruling holds up on appeal. What I'm wondering is whether it will hold up.
Biologist123•8h ago
Very interesting. Could become a geopolitical and trade football between Europe and US. Tariffs anyone? Ultimately it’s a question of power: will Europe allow its citizens to be predated upon? My guess is probably.
redleader55•4h ago
I have a few big problems with this ruling:

1. The sum. You are tracked and you get shown some ads. How does that causes you 5k EUR in damages?

2. Responsibility. If a site decides to add tracking or ads from a company, is only the ads company responsible for the tracking and damages?

3. Many of the services on the internet are free or cheaper because of ads. Because of that I find the attitude of the judges making these rulings disingenuous.

4. How much of this is outrage against American companies caused by the rift between US and Europe?

subscribed•3h ago
Can't wait for this to hit the fan: https://wire.com/en/blog/metas-stealth-tracking-another-eu-w...
VikingTechGuy•2h ago
You can read full analysis here:

https://www.linkedin.com/pulse/5000-pixel-tracker-why-latest...

In Germany consumers does not need to file a lawsuit, they are included by default, which is very different than all other European countries.

VikingTechGuy•2h ago
You can scan any website or ecommerce solution and see which 3rd parties they load before consent using this free privacy scanner -> https://privacyscanner.aesirx.io/
charcircuit•1h ago
Just because a profile can be valuable, that doesn't mean that someone creating that profile damages you by that amount. If I document a celebrity's hobbies I'm not damaging the celebrity.