Comment by bluecalm
2 days ago
With GDPR it matters how countries incorporate it in their law and that doesn't work in practice.
>>GDPR actually says that it’s illegal to condition content or services on the acceptance of tracking
Good intentions, doesn't work. You call a bank, they read a contract to you for 5 minutes you spot some sharing with partners (who knows who they are) there, you try to protest saying "ok but let's make sure it's not for advertisement" and the answer is "I can't do anything that's the contract you either accept or we can't open an account for you".
>>This is very easy for a layman to understand when reading GDPR.
What matters are laws of specific countries that implement it and what results are in practice. That's why I wrote about good intentions and real effects.
>>What your bank is doing is clearly illegal.
And there is nothing I can do about it.
Is there a consumer protection institution in your country? They could sue on your behalf.
>> What your bank is doing is clearly illegal.
> And there is nothing I can do about it.
So your argument for why GDPR is bad is that it is not being followed by all that it applies to... I mean, what do you expect as a response to that besides "That is stupid"?
My point is that it's written in a way that makes malicious compliance possible.
One way to improve it would be to make it clear you can't require any consent before providing your service. It's either necessary or don't ask for it. As it is in Poland you are now served a long form at every opportunity and you have to agree to some part of it or be denied service. Online or when calling you get to listen to a long formula about privacy policy and who administer your data every time you call a bank or most other institutions. It made everyday life worse.
There is no way for me to verify that a given entity is following the contract anyway. GDPR could easily be transparent for consumers/clients. Instead it resulted in additional burden.