Of the purchase price that the end-user pays, the retailer has to pay tax. That knocks off a variable percentage. It would be 20% in the UK.
There's also the cost of selling through Steam / Google Play / Whatever - typically 30%.
I assume the developer has some professional expenses - an accountant at a minimum, probably a lawyer, certainly insurance. Maybe they also have a PR team, advertising, and the like. I don't know whether they pay for testers, translators, and things like that.
Then we get on to things like buying a new development machine, going to tech conferences, taking an educational course, backups, and all the other things that a business needs to spend on in order to be effective.
Maybe a profit margin of 10% is unrealistically low - but developing software has legitimate costs. The margin is never going to be 100%.
I wrote a few times to my local MPs ("député", as we call them in France). I usually got a response, though I suspect it was written by their secretary with no other consequence. In one case (related to privacy against surveillance), they raised a question in the congress, which had just a symbolic impact.
It may be different in other countries. In France, Parliament is de-facto a marginal power against a strong executive power. Even the legal terms are symptomatic of this situation: the government submits a "project of law" while MPs submit a "proposal of law" (which, for members of the governing party, is almost always written by the government then endorsed by some loyal MP).
OK, it was a mixture of things. I told my friends about it and they were sufficiently nerdy to try it out.
I responded to early feedback - specifically about creating a leaderboard. Originally it was all anonymous but people wanted to see how well they'd done.
My wife and I gave an interview to a local BBC radio station which gave it a little bump. Similarly, when it is mentioned on reddit and other sites we pop up and talk about it.
It was also picked up by a couple of academic papers, which gave it a bit of credibility. As did our recent integration with OpenStreetMap.
There's a far amount of schema.org metadata which probably helps with SEO.
But, other than that, who knows? I've had plenty of projects which didn't do as well. Sometimes the Web rewards nice things.
Thanks for building and maintaining this lovely project.
I'm an OSM mapper & enjoy linking mapped benches to their profiles on OpenBenches. It gets hairy, though, when a single bench features multiple memorial plaques. Wonder if you'd consider revising your data model to permit multiple inscriptions per bench?
We use Auth0 for authentication - people editing have to use a social network to log in. That significantly reduces (but doesn't eliminate) the need for moderation.
As for maintenance - once in a while dependabot will say a PHP library is out of date and I'll run the update.
Yeah, as an American, I'm jealous of many aspects of GDPR. I really appreciate you blogging / tooting about experiences protecting your rights under GDPR. I wish we had 1/10th of the consumer privacy protections you have.
How does security research like this work out in practice, in the EU?
I read a lot of vulnerability writeups like this and don't recall seeing any where the author is European and gets a better outcome. Are security researchers actually compensated for this type of work in the EU?
The GDPR (in art 32) only requires that "the controller and the processor shall implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk". I expect it's quite common for a company to get hacked even if they meet that level. I think the parent comment was imagining that any leak is automatically fined, regardless of whether the company had met some security requirement.
No it actually doesn't. It just needs someone in the company executive to not have their head up their ass, and read the law, which is fairly straightforward.
Also, it needs your company's business model to not be selling user data. That's why American companies find it hard to comply with.
There's also the cost of selling through Steam / Google Play / Whatever - typically 30%.
I assume the developer has some professional expenses - an accountant at a minimum, probably a lawyer, certainly insurance. Maybe they also have a PR team, advertising, and the like. I don't know whether they pay for testers, translators, and things like that.
Then we get on to things like buying a new development machine, going to tech conferences, taking an educational course, backups, and all the other things that a business needs to spend on in order to be effective.
Maybe a profit margin of 10% is unrealistically low - but developing software has legitimate costs. The margin is never going to be 100%.
reply