So? Projects like that aren't forbidden now that the GDPR is in force. Just put up a paragraph explaining why you need that email address, an unchecked checkbox if you want them to agree to send irrelevant emails, and you're done.
When corporations like Equifax or Cambridge Analytica have engaged in identity theft to the tune of basically half the continent of North America, you want to repeal one of the few laws fighting against it with an argument about kids in dorm rooms? It's basically the tech equivalent of "won't somebody think of the children?"
> Just put up a paragraph explaining why you need that email address, an unchecked checkbox if you want them to agree to send irrelevant emails, and you're done.
Oops, seems you’ve forgotten about the “right to be forgotten”, and several other requirements. Better prepare yourself for those >$20 million fines — how dare you negligently handle personal data, college software engineering student!
I’m all for strengthening privacy protections and punishing bad actors in this domain, but designing strong regulations that don’t have seriously bad unintended consequences, is a really really difficult task. I’m not necessarily saying it shouldn’t be done; just that I don’t envy the jobs of those trying their best to do good for the world via regulations without accidentally destroying some really good things.
It may turn out that GDPR has few unintended negative consequences, or it may turn out the harmful side effects are far more severe than anyone predicted. Only time will tell, I suppose.
Personally, I wish there were a technical solution to privacy concerns — something akin to DRM, but applied to each individual’s personal data to prevent it from being used in unauthorized ways. That’s about the only kind of DRM I think I could really get excited about :)
I agree. My point wasn’t that the right to be forgotten is bad or wrong, but that the parent post ironically said “just add a checkbox and you’re good!” about GDPR compliance, and was not just wrong — but $20 million wrong!
Those kind of fines are simply not compatible with low quality advise like “Just add an opt-in checkbox, and you’re good to go for GDPR! What’s the big deal?”.
Overall, I like GDPR a lot (though as a disclaimer, I should say I haven’t read all ~80 pages yet).
Still, I am not as confident as many here that GDPR will have no serious unintended side effects.
Imagine for example if Google, Microsoft, Facebook, etc. all get hit with huge fines despite genuine best attempts by them to be compliant, after which they decide to cut their losses and exit the EU market entirely. Stock markets could crash globally, a new recession would occur, etc.
I very much doubt anything like that would happen, of course. But until things settle post-GDPR, I don’t think anyone can say for certain how this will economically affect the EU, and the world.
When corporations like Equifax or Cambridge Analytica have engaged in identity theft to the tune of basically half the continent of North America, you want to repeal one of the few laws fighting against it with an argument about kids in dorm rooms? It's basically the tech equivalent of "won't somebody think of the children?"