> "Nor can they deny access to their services to users who refuse to opt-in to tracking.[1]"
> "[1] Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) [2016] OJ L119/1. See Recital 42’s reference to “without detriment”, Recital 43’s discussion of “freely given” consent, and Article 7(2) prohibition of conditionality. See also the UK Information Commissioner’s Office’s draft guidance on consent, 31 March 2017, p. 21, which clearly prohibits so-called “tracking walls”."
What, in this regulation, prevents the company from denying users (who opt out) access to a service they provide free of charge or a downgraded experience? And how would a court measure the level of service?
The idea is that a user should not suffer detriment as a result of their decision to withhold consent. If you withhold the service as a result of a failure to provide consent then the user is likely to suffer a detriment.
However the above analysis really ignores free services where you are essentially paying with your data.
It is an ongoing question as to how to deal with these services in relation to GDPR.
To my mind privacy advocates ignore the fact that without giving companies the ability to use data, the services may not be available for free, a potential detriment in itself.
Im guessing they would force the company to make tracking not on by default but rather opt-in (lol)? But what's confusing is - if you clearly state how the data will be used upfront, do you need to offer an opt-out? What if your service simply doesn't work unless the data is used in a particular way?
Under the GDPR one way to use data for purposes unrelated to the underlying service provision is to look to obtain consent. That is not opt-out consent but clear informed consent through opt-in.
If your service won't work functionally without certain data then consent is not right ground of processing to rely on. There is a specific ground relating to processing necessary to provide a service.
If your service isn't financially viable because you can't use data to obtain revenue to support the underlying service provision then consent may not be a viable ground because of the above reasons.
The debate continues however on how to support free service provision outside of the confines of consent.
Interesting but complex. I could imagine there are a lot of issues on how to express your intent with the data.
Some uses of data might be ancillary to the direct goal of the user but still unexpectedly useful.
Interesting from the article: "purpose that is vague or general, such as for instance ‘Improving users’ experience’, ‘marketing purposes’, or ‘future research’ will – without further detail – usually not meet the criteria of being ‘specific’”.[3]"
> "Nor can they deny access to their services to users who refuse to opt-in to tracking.[1]"
> "[1] Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) [2016] OJ L119/1. See Recital 42’s reference to “without detriment”, Recital 43’s discussion of “freely given” consent, and Article 7(2) prohibition of conditionality. See also the UK Information Commissioner’s Office’s draft guidance on consent, 31 March 2017, p. 21, which clearly prohibits so-called “tracking walls”."
What, in this regulation, prevents the company from denying users (who opt out) access to a service they provide free of charge or a downgraded experience? And how would a court measure the level of service?