I agree that these are real negative effects of GDPR. However, the concrete design of these pop-ups is mostly not GDPR-compliant: for example, users not agreeing to being tracked must not be disadvantaged, and having to click through a cumbersome array of options is certainly a disadvantage. At least for European web sites, the authorities will hopefully take action after a while, and then these bad practices will stop.
In addition, this is a bit like fire safety regulations. Sure, they are very annoying. All of us probably have experienced the empty battery beep of a smoke sensor in the middle of the night, and many have experienced a false alarm. That's the price you pay for lowering a significant risk.
Wait a few years, and you will see significantly lower risks of your data being collected and distributed without your consent.
I'd like to add that the GDPR is truly disruptive, and it will probably take a few 'product iterations' to get it perfectly right. That alone would be a reason to wait a bit and learn from experiences before rolling such regulations out everywhere. (I'm saying this as an EU citizen)
I don’t get the disadvantage comment: everyone gets the popup crap, whether you say no or yes. Maybe I visit different sites, maybe I don’t notice because I reflexively click the closest button? In any case, the disadvantaging language is hardly meant that way: it’s about withdrawing actual content or features from you.
We have waited a few years with cookies law and nothing changed. Unless some browser based fix takes place, this degradation of web is staying with us.
The way it is supposed to work is you are supposed to be able to visit the site and get the same experience whether or not you accept the popup and ridiculous opt-out dark patterns. So declining should not disadvantage you.
Most of these pop ups appear to go against both the spirit and letter of the law, so will hopefully see some regulator response. Now whether regulators have enough budget to respond to all the wilful evasion remains to be seen.
GDPR has learned from the cookies law:
- you cannot 'comply' by forcing the user to accept
- better enforcement options (of course only when the site provider is under EU jurisdiction)
The jury is still out, but it is only a few months since GDPR is in place.
In addition, this is a bit like fire safety regulations. Sure, they are very annoying. All of us probably have experienced the empty battery beep of a smoke sensor in the middle of the night, and many have experienced a false alarm. That's the price you pay for lowering a significant risk.
Wait a few years, and you will see significantly lower risks of your data being collected and distributed without your consent.
I'd like to add that the GDPR is truly disruptive, and it will probably take a few 'product iterations' to get it perfectly right. That alone would be a reason to wait a bit and learn from experiences before rolling such regulations out everywhere. (I'm saying this as an EU citizen)