Comment by Yizahi
2 years ago
I'm guessing that the core idea behind GDPR laws wasn't a to flood internet with banner popups, but to limit excessive and unneeded for honest usage, storage of PII. IIRC GDPR allows for some limited PII storage without any banners, but it is restricted in time and scope, to prevent selling this data. Instead nobody is limiting usage of the data (not even Eurocommission site with GDPR rules) because that is not enforced in reality. So in essence GDPR law was a spectacular expensive failure, because nobody restricted their PII processing and analytics.
GDPR forces companies to make a choice: stop invasively selling data, or get explicit permission to do so. if a company chooses the shady second option, they have to hamstring their UX and have a big nasty banner that says "we don't give a fuck about your privacy"
it's actually very clever. the more profit hungry and and invasive a company is, the more desperate they are to sell your data, the shittier they have to make their website - or break the law and get a nasty fine a year or two down the line
this idea that gdpr isn't enforced or is somehow expensive (?) doesn't have any grounding in reality: just 2 months ago, Meta was fined 1.2 billion euros for GDPR breaches. they've also already been fined hundreds of millions multiple times. in 2021, Amazon was fined ~800m euros. smaller businesses are being fined all over the place[1]. GDPR is the opposite of expensive. it's profitable
GDPR is a huge deal at companies that handle any data at all. they don't think it's not being enforced
if you were criticising the lack of enforcement of a github policy, do you think you'd actually go and make sure they weren't enforcing it? so why not the EU?
[1] - https://www.enforcementtracker.com/