Same here. I could understand some downtime if GPDR was suddenly sprung on them but everyone had time to prepare. I could also understand them not caring about me as a single user (not deluded here), but since I pay for the service I'm sadly all fresh out of understanding. Instapaper has been great but Pocket doesn't seem to be lacking much as far as what I need.
Which part of GDPR is confusing to you? They did their research and turned out that in terms of profits the market is unstable if you want to open yourself up to potential GDPR litigations you are riskin more than its worth it.
Don’t wait anymore. They probably not coming ever again unless GDPR is voided.
Oh please stop with this FUD already. Risk assessments on GDPR litigation are blown wildly out of proportion. If we approached the risk of all laws in all jurisdictions this way, we'd just wake up and commit seppuku every morning. The only services that actually need to shut down are ones that are monetizing based on personal data. Small SaaS services that aren't doing that can be fully GDPR compliant with a little bit of copy writing and self-service options for deleting/downloading personal data, and even if you don't do all that, in all likelihood, on the off chance that they actually get significant complaints about small services, regulators will give you a chance to justify your stance and make necessary remediations before throwing the book at you.
If what you are saying is true, why would a business choose to shut down their EU services until some later date?
Do they hate making money? Did they just want to make people panic about GDPR(after it had already been implemented)? Are their lawyers just really bad at their jobs?
Seriously. What is their motivations from your perspective?
1) Don’t think about users’ privacy from the start. 2) Ignore GDPR until the enforcement deadline. 3) Panic and shut down EU until you find something to do.
>> The only services that actually need to shut down are ones that are monetizing based on personal data. Small SaaS services that aren't doing that can be fully GDPR compliant with a little bit of copy writing and self-service options for deleting/downloading personal data
> If what you are saying is true, why would a business choose to shut down their EU services until some later date?
> Do they hate making money? ...
> Seriously. What is their motivations from your perspective?
Don't assume businesses are making rational decisions just because they're businesses. Their motivations may very well be that their leader irrationally freaked out after reading some anti-GDPR FUD, overreacted, and hasn't yet reevaluated the decision.
Of course it's FUD, thats almost the definition of of risk. "Risk assessments on GDPR litigation are blown wildly out of proportion." because there's a lot of fear, uncertainty, and doubt.
I just don't think it's particularly unjustified FUD. It is a big law that made a big splash. Can you really blame anyone who wants to wait and see how it goes down?
There IS a ton of guess work for now. To take either stance with so much certainty is a little dishonest IMHO. And I think you agree! You say yourself "... in all likelihood, on the off chance ..." Is "better safe than sorry" really so unreasonable.
Little in GDPR is completely new, lots of it has been in national law or previous EU legislation before, and the entities responsible for enforcement aren't new, so you can look at past privacy enforcement actions as at least some precedent.
There's also the proportionality clauses to consider. The law explicitly states that the penalty should be proportionate, so that small companies aren't hit with huge fines.
The fines are supposed to be proportional. Everyone has latched on to the $40mm clause, and decided that anyone in breach of GDPR rules is going to be fined millions of dollars.
Wait, what? I didn't say GDPR was confusing to me. Also, they said they'll be compliant in some time in the future so I don't really see what you're getting at here. Hope it's just a misunderstanding ;)
The thing is I don't want to be without such a service for a longer period of time so I'm sadly probably not coming back.
Hey zulrah, we are working on GDPR and plan to have the service available in the EU as soon as possible. Hope to have you back on Instapaper when we become available in the EU again. Really sorry for the inconvenience.
I don't think you can piss on customers for 2 months and then drop a "sorry for the inconvenience".
And for no good reason.
Just assume the improbable cost of some litigation as a company, like tens of thousands of others (including much bigger and much smaller than yours) did, put up a message to European customers and have them click and proceed as usual to the service.
Or, you know, use the headstart of more than a year before the law was put into practice to get the service in order...
I'm not sure why the above is getting downvoted. Sure, it's a bit salty, but if I were paying for instapaper (which I realise is cheap as chips, but the principle still stands) I don't think I'd be very impressed with being locked out for two months.
Genuine question: as an EU citizen, without the use of a VPN or proxy is it still possible to at least log on to the service to cancel your account?
I never understand why people assume that services that charge money will be more responsive to users' concerns than free services. You are worth the revenue that you generate, whether that money comes from you paying or indirect means like advertising doesn't matter to the company at all.
Not an EU citizen, but I'd think it'd be pretty shady if they cut you off and didn't automatically suspend any subscription charges until they can properly serve you again.
> and didn't automatically suspend any subscription charges
Instapaper is not a subscription-based service. The product is completely free on all platforms today.
I think the app was a one-time purchase at launch but it has been free for many years. All of the Premium features were also made free when Premium was discontinued in 2016 shortly after the Pinterest acquisition.
I could understand the outrage if this was a service you were paying for.
But this is a Free service being provided to you. Why do you believe you have the right to dictate how someone else uses their time when you're not paying for it?
I believe that I have the right to demand that someone else doesn't use their time to burglarize my house, and if they and other companies have made a side business of burglarizing peoples houses, I think it's entirely resonable to demand that they and any similar company spend time proving that they aren't planning to continue.
(And yes, I realize the houses in this metaphor rarely have doors in their doorways, much less locks, so it's techinally not burglary, but frankly I don't care.)
The proper analogy would be:
You invite a volunteer carpenter in to fix your cabinets. He asks if he can write down what cereal your family eats instead of taking payment. You say sure! (ie agree to the terms of service).
New law passes. He refuses to come back and fix your cabinets for free next time because he doesn’t want to get sued for writing down the cereal names improperly.
You then scream at him and call him names, and try to ruin his reputation on the internet and accuse him of being a thief.
Maybe if the sanctity of what cereal your family eats is so important to you, you should just directly pay money to a normal carpenter next time?
>He refuses to come back and fix your cabinets for free next time
First, Instapaper is a continuous service. If you store something, you want access to it again. It's not a series of one-off, independent services.
So, no, they didn't just "refused to come back and fix your cabinets for free next time". They gave you a space to write your notes and store your links, and then they denied access to that for 2 months (and counting).
Second, you forgot the part where Instapaper had paid services for years, and that many people who are denied service today, had paid good money and stick with it. They weren't asked if they wanted it to br made free and unreliable either.
>I could understand the outrage if this was a service you were paying for.
So, if Gmail was closed to the free tier European users for 2 months+, they should be OK, because "they didn't pay for it"?
>But this is a Free service being provided to you. Why do you believe you have the right to dictate how someone else uses their time when you're not paying for it?
That's an argument for the 1950s economy, this is 2018. We have other models, such as ads, user profiling, even pure eyeballs as a M&A/IPO monetisation strategies. Just because the user doesn't paid doesn't mean money aren't made from the user using the service. Except if one believe they run it from the goodness of their hearts at a loss, but then they probably also believe in the Tooth Fairy.
Not to mention that Instapaper used to actually charge too. If someone paid for the app or premium later for years, is it ok if they "make it free" and then deny access to their account for 2 months?
> piss on customers for 2 months and then drop a "sorry for the inconvenience".
I thought Instapaper was a free service that Pinterest bought mainly for it's article parsing technology? As an analogy FB's customers are advertisers and media agencies who pay to keep the lights on as is Pinterest's, users are not the customers.
In any case, people (including people who had paid before it was made free) had their data in it -- and lost service for 2 months. Even at free, would you be OK with e.g. Gmail (also free) or FB closing down for 2 months and then coming back with an "oopsie"?
Well, considering there are apparently only two people working on Instapaper, it's not hard to come up with reasons why it might take more than two months or why they might not be conducting a detailed PR campaign about it
Well, considering that GDPR has been voted two years ago and is based on 20-years-old EU privacy laws, even if it took 6 months or 2 years it still wouldn’t be a valid excuse.
Also, giving a bit of detail or a minimal schedule is easier than a PR campaign. It’s called transparency, and it works even if you’re alone on a project.
> Except "20-years-old EU privacy laws" didn't risk 4% of global revenue. It also didn't risk activist lawsuits.
That’s the point. When there’s no risk, nobody cares about their users’ privacy. That’s not an excuse for shutting down now that it’s legally risky to disrespect your users.
I don’t expect that, I’m wondering out loud in the hopes someone may be able to shine a light on something I’ve not considered
From my point of view they store a list of URLs and provide a way to nicely view the content of those URLs. What in that could be causing 2 months of downtime to fix?
To be honest, nothing about GDPR compliance was a surprise. The law was passed in 2016. That's plenty of time get your house in order, and yet here you are over a month past due, with an oops, sorry. What gives?
If your product can't follow the GDPR legislation then I'm glad you don't allow EU residents to use it. Since you are most likely abusing the privacy of your customers.
While I'm a bit annoyed at the amount of paperwork and side systems that need to be constructed to ensure proper handling of personal data that I have had to implement, I can only see GDPR as something positive for the people.
I removed all my apps from the EU, and I will no longer publish any future apps there unless they become wildly successful in another country first.
My apps are tiny, free, and just not worth the hassle of figuring out what GDPR compliance is (even though they are likely GDPR compliant already since I don't store any info).
I think we're going to see a lot of small indie developers just not publish to the EU until it makes financial sense (which might be never). And that's exactly what happened here: Instapaper is a two-person team and they didn't have the time or resources to ensure compliance, so they just kept letting it slide.
I suspect we'll see much more of this to come for the EU.
I would certainly recommend reading up on the GDPR legislation. There are plenty of summaries that are good and covers the important aspects. Because once you understand GDPR, complience can follow naturally while you develop your application. Even if you dont serve customers in EU, GDPR complience will benefit non EU residents as well, since you have then implemented tooling for proper management of private information.
And if your application doesn't store data, then it's a one time cost essentially. Which is the time spent reading up on the legislation.
In addition, just noticed that Bonobos withdrew from the EEC due to GDPR
"Due to the new General Data Protection Regulation (GDPR), we're currently unable to offer products and services to customers in the European Economic Community. We apologize for the inconvenience."
Why should EU residents not be allowed to decide what they want to use and not use? I'm not sure I understand why the EU makes laws that effectively decide what websites "free" people are allowed to visit.
For similar reasons that “free” people aren’t allowed to visit restaurants with health code violations.
People have to be able to make informed decisions. It’s hard to tell from the outside if a restaurant is safe, so we have inspections. It’s impossible to tell if a website is trustworthy with your personal data, so we have laws to try and ensure they will be.
Sorry, but that’s a preposterous analogy. Seeing targeted ads won’t harm me in any way. I don’t give a damn about this sort of tracking. You may feel differently, but I don’t, and am perfectly capable of evaluating the risks and benefits for myself.
What I do give a damn about is not being able to read some quality publications that rationally decided GDPR is not worth the risk.
Not a week passes without such a reminder that I’m now living behind the Great EU Firewall. I now live in a place where I need to use a VPN to access all of the Internet, for crying out loud.
And that’s not to mention the click through acceptances of terms an every fucking site, that’s “only” annoying as hell (which nobody reads anymore and thus GDPR changed exactly nothing in it’s supposed goal).
EU’s bureaucratic zeal made, via GDPR, my life worse, with no benefit, even theoretical, for me. So please spare us the lecture on how GDPR is good for us. It’s terrible even for consumers.
If you don't respect your users' privacy you don't deserve to do business in the EU. And make no mistake: whether you like it or not, that legislation - or something very like it - is going to jump the Atlantic sooner or later, so why not position yourself ahead of the curve instead of stropping off and taking your ball home?
There are side-effects I don't like about GDPR, like the endless bombardment of overwrought cookie consents on every site I visit (definitely something that degrades the experience of the web), but I do like the fact that my privacy has to be respected by corporations.
The cookie foolishness started as an a EU Directive that was adopted in May 2011.
It doesn't have anything to do with GDPR, but it's a fantastic example of (likely) well-intended European privacy regulation both is utterly useless and also stands zero chance of jumping the Atlantic.
There is a difference between respecting your customers’ privacy, and obeying the letter of the law regarding a set of artificial rituals surrounding your customers’ privacy. You can be completely compliant with the spirit of GDPR (e.g. by not storing any data in the first place), while also not wanting to spend the energy ensuring you are compliant with the letter of GDPR.
Tell that to all the companies implementing them. Now, if you click on the option to configure your cookie options you're presented with an often bewildering list of different cookie types that companies use for a variety of purposes. By either clicking "yes to all" (or similar) or selecting individual items from the list (or deselecting all) you're supposedly providing the informed consent that GDPR requires. Frankly I think often this is so confusing as to make a mockery of the whole process.
But they do: they are textbook example of unintended consequences of well-meant legislation.
GDPR is becoming that on steroids: the only thing that changed was for the worse: some sites outright banned EU visitors, the rest started using obnoxious terms screens that are even worse than cookie bars. Nothing really changed.
Anybody with half a brain could have seen this coming. But no, let’s double down on the same thing with GDPR. This time it will surely go down differently...
The issue is not whether you agree with having your privacy protected. The issue is deciding what constitutes "respecting privacy" for every single person in the EU, and threatening people with violence if they disagree.
