Fun fact, Estonia’s commercial register is still available and, as far as I can tell, never had anything to do with complying with EU regulation, but was completely internally legislated.
Similar to the US federal law vs. states, one not enforcing it anymore doesn’t necessarily mean that the rest won’t keep doing it.
I tried searching up some examples of subsidiaries of larger companies and the 'Beneficial Owners' section doesn't actually contain who ultimately owns the company.
Toyota Baltic has a shareholder and beneficial owner listed, which seems to be compliant.
SIA Toyota Material Handling is the registration of a foreign company (Latvia), and says beneficial owner information isn’t required, presumably because it’s up to their home country to get that data.
Eesti Toyota lists their board members as beneficial owners. If you note their areas of activity it’s “Associations and social clubs related to recreational activities, entertainment, cultural activities or hobbies”, so I’d say not actually related to Toyota like you thought.
Huh the last linked company does appear to be purely recreational. Though of course it's still not ultimately owned by just those three, unless Estonian 'Associations and social clubs' are very different from what I understand.
I'm surprised Toyota HQ would let them use their name on official documents if it's completely unrelated.
For Toyota Baltic, obviously the sole listed board member is not the 'Ultimate Beneficial Owner' or even any 'Beneficial Owner' since Toyota Baltic is a legally controlled subsidiary of a much much larger company.
Which the board member does not own, nor are they likely to be the sole beneficial owner of any intermediate holding company.
The 'Beneficial Owner' is very very likely just a legal representative.
Quedtion: What exactly is public in EU/Estonia? E.g. in Switzerland, one can see share holders of limited companies (GmbH) but not for Aktiengesellschaft (public companies).
Making finding of the companies owned by Russian oligarch basically impossible.
Regular pedestrians can no longer find the info, while gov agencies / bureaucrats have no interest.
As usual, (un)intended consequences.
It is a difficult question, because on one side, sure it is very useful for citizen to have access to these info. But on the other side, I was always stunned that just because owning or operating a company, all your private info had to be public. These kind of registers are very bad for privacy rights.
In all case, the worst thing with this decision about the UBO is that a lot of money laundering regulation and co force company to check UBO of customer and provider companies and it is complicated to request that all the time from companies themselves and ensure that the statement are truthfull.
I don't think people have a natural right to create a legal entity that shields them from consequences, so I think it's fine for society to add conditions.
I think a reasonable compromise with privacy would be to remove the residential address and ID number, but keep name, DOB, and nationality.
Why should a person be forced to give their name? Plenty of HN users run internet businesses. Doesn't it suck that to deliver a service for anyone online commercially you have to dox yourself? Some of the best things in the world have been made by people who aren't willing to part with that information.
Sort of, in that the court's role is to be the authoritative interpreter of EU law, and EU law crosses national borders by definition.
But all domestic law in EU member states must comply with EU law, so the court can rule on domestic law insofar as it is to determine compatibility with EU law.
One of the stupid rulings in favor of EU oligarchs. Yes, EU oligarchs not Russian ones. They hide behind corporate entities, shell companies, shady legal operations and they claim GDPR for everything.
Nowadays it’s very difficult to find out who is behind every company, but there’s an easy way to do it without violating sensitive info. Just publish the name(s) of the real owner without any other personal data (address, phone, DOB and so on).
It means the rich and corrupt people (they're lawyers) use the EU's strong data protection regulations to hide from the public knowing the extent of their wealth, businesses and influence.
The EU is going dramatically overboard with privacy rights (aka GDPR). It's causing a lot of dont-talk-to-your-neighbor-because-you-might-break-privacy-laws issues, and causing prices to rise across the board.
Maybe partly, but I'm pretty sure it's grassroots. The tech community loves privacy and is willing to accept large amounts of cost and inconvenience for it, to the point of many appearing to view tech as a net negative due to the spying.
The great majority of people in general, myself included, seem to not care about privacy all that much, although they say they do, and at least I personally care about right to encrypt and truthful advertising.
The tech community is different though. And public perception of GDPR is heavily influenced by tech bloggers, hardly anyone else thinks or talks about this stuff.
Could be all about old money, but programmers sure seem to love it.
>It's causing a lot of dont-talk-to-your-neighbor-because-you-might-break-privacy-laws issues
Well that's explicitly out of scope of the GDPR, so it shouldn't cause those issues.
Article 2(2):
>This Regulation does not apply to the processing of personal data [...] by a natural person in the course of a purely personal or household activity
and even if that wasn't the case, unless you're performing automated processing or using a filing system, it's out of scope due to Article 2(1) as well.
Because the EU, and specifically the Court of Justice in this instance, believes in having a strong human rights framework where the right to privacy is vital.
Fun fact, Estonia’s commercial register is still available and, as far as I can tell, never had anything to do with complying with EU regulation, but was completely internally legislated.
Similar to the US federal law vs. states, one not enforcing it anymore doesn’t necessarily mean that the rest won’t keep doing it.
https://ariregister.rik.ee/eng
Doesn't seem like it?
I tried searching up some examples of subsidiaries of larger companies and the 'Beneficial Owners' section doesn't actually contain who ultimately owns the company.
For example Toyota in Estonia:
Toyota Baltic Aktsiaselts (10234087) https://ariregister.rik.ee/eng/company/10234087?active_tab=r...
Has 1 board member listed.
SIA Toyota Material Handling Baltic Eesti filiaal (11629379) https://ariregister.rik.ee/eng/company/11629379/SIA-Toyota-M...
Has no one listed at all, which would be illegal?, if the law mandates it.
Eesti Toyota Ühing (80226178) https://ariregister.rik.ee/eng/company/80226178/Eesti-Toyota...
Has 3 board members listed.
Toyota Baltic has a shareholder and beneficial owner listed, which seems to be compliant.
SIA Toyota Material Handling is the registration of a foreign company (Latvia), and says beneficial owner information isn’t required, presumably because it’s up to their home country to get that data.
Eesti Toyota lists their board members as beneficial owners. If you note their areas of activity it’s “Associations and social clubs related to recreational activities, entertainment, cultural activities or hobbies”, so I’d say not actually related to Toyota like you thought.
Huh the last linked company does appear to be purely recreational. Though of course it's still not ultimately owned by just those three, unless Estonian 'Associations and social clubs' are very different from what I understand.
I'm surprised Toyota HQ would let them use their name on official documents if it's completely unrelated.
For Toyota Baltic, obviously the sole listed board member is not the 'Ultimate Beneficial Owner' or even any 'Beneficial Owner' since Toyota Baltic is a legally controlled subsidiary of a much much larger company.
Which the board member does not own, nor are they likely to be the sole beneficial owner of any intermediate holding company.
The 'Beneficial Owner' is very very likely just a legal representative.
Quedtion: What exactly is public in EU/Estonia? E.g. in Switzerland, one can see share holders of limited companies (GmbH) but not for Aktiengesellschaft (public companies).
In Estonia I believe anyone who holds more than 10% of shares has to be listed for a public company while private has to list everyone.
u discount the power of business lobby. Also a lot of EU regulations have to be internally legislated.
Anyway I find it weird anyone can see how much profit my company had last year
Making finding of the companies owned by Russian oligarch basically impossible. Regular pedestrians can no longer find the info, while gov agencies / bureaucrats have no interest. As usual, (un)intended consequences.
It is a difficult question, because on one side, sure it is very useful for citizen to have access to these info. But on the other side, I was always stunned that just because owning or operating a company, all your private info had to be public. These kind of registers are very bad for privacy rights.
In all case, the worst thing with this decision about the UBO is that a lot of money laundering regulation and co force company to check UBO of customer and provider companies and it is complicated to request that all the time from companies themselves and ensure that the statement are truthfull.
I don't think people have a natural right to create a legal entity that shields them from consequences, so I think it's fine for society to add conditions.
I think a reasonable compromise with privacy would be to remove the residential address and ID number, but keep name, DOB, and nationality.
Why should a person be forced to give their name? Plenty of HN users run internet businesses. Doesn't it suck that to deliver a service for anyone online commercially you have to dox yourself? Some of the best things in the world have been made by people who aren't willing to part with that information.
What the EU has done is incredible.
But not every business is an LLC. They all go onto the register anyway. In some cases that includes self-employed people.
These registers are only for legal entities (at least in Germany). And it has nothing to do with doing business.
People have a right to privacy in the EU
As the same time tax records and mailing addresses for the regular folks in Sweden (EU member) will continue to be open I suppose?
Until someone files a complaint at the same court.
Given that it's a Swedish law that only applies within Sweden, I wonder if the ECJ would take jurisdiction as there isn't really an EU element to it.
Does the ECJ only have jurisdiction over cases that cross national borders?
Sort of, in that the court's role is to be the authoritative interpreter of EU law, and EU law crosses national borders by definition.
But all domestic law in EU member states must comply with EU law, so the court can rule on domestic law insofar as it is to determine compatibility with EU law.
How does it address the issue that all laws can conceivably affect trade, and other activities, across borders, via sufficient degrees of separation?
One of the stupid rulings in favor of EU oligarchs. Yes, EU oligarchs not Russian ones. They hide behind corporate entities, shell companies, shady legal operations and they claim GDPR for everything. Nowadays it’s very difficult to find out who is behind every company, but there’s an easy way to do it without violating sensitive info. Just publish the name(s) of the real owner without any other personal data (address, phone, DOB and so on).
> they claim GDPR for everything
What does this mean?
It means the rich and corrupt people (they're lawyers) use the EU's strong data protection regulations to hide from the public knowing the extent of their wealth, businesses and influence.
Car mileage criminals and official car dealers too. They hide behind gdpr to not reveal mileage, and accidents particularly on cars from germany.
Another thread (and article) on this topic: https://twitter.com/mattsteinglass/status/159869289264559718...
The EU is going dramatically overboard with privacy rights (aka GDPR). It's causing a lot of dont-talk-to-your-neighbor-because-you-might-break-privacy-laws issues, and causing prices to rise across the board.
And I kind of blame the tech community for it.
The tech angle was just an excuse. The real reason was to protect old European money scared by the newcomers.
Maybe partly, but I'm pretty sure it's grassroots. The tech community loves privacy and is willing to accept large amounts of cost and inconvenience for it, to the point of many appearing to view tech as a net negative due to the spying.
The great majority of people do not care about "privacy" and gladly give it away for something as frivolous as Facebook or TikTok.
So it wasn't a democratic process that gave birth to GDPR. Now tech is pretty underrepresented in EU, but old money is not.
The great majority of people in general, myself included, seem to not care about privacy all that much, although they say they do, and at least I personally care about right to encrypt and truthful advertising.
The tech community is different though. And public perception of GDPR is heavily influenced by tech bloggers, hardly anyone else thinks or talks about this stuff.
Could be all about old money, but programmers sure seem to love it.
> programmers sure seem to love it
Unless they have to implement it. It sure is a pain! :)))
>It's causing a lot of dont-talk-to-your-neighbor-because-you-might-break-privacy-laws issues
Well that's explicitly out of scope of the GDPR, so it shouldn't cause those issues.
Article 2(2):
>This Regulation does not apply to the processing of personal data [...] by a natural person in the course of a purely personal or household activity
and even if that wasn't the case, unless you're performing automated processing or using a filing system, it's out of scope due to Article 2(1) as well.
not literally your neighbor, just general privacy fears, and cultural stigmas that every person deserves the right to unending privacy
Why is the EU doing this?
So that, next time, Gerhardt Schroeder can stay on the Gazprom board of directors in exchange for Russian ownership of German industry.
Because the EU, and specifically the Court of Justice in this instance, believes in having a strong human rights framework where the right to privacy is vital.
What a boon for the US conglomerates this would be.