[quotemstr]

That can't be the whole story though. In general, a regulation stipulating that a business provide a feature can't allow businesses to make it arbitrary difficult for a user to use that feature, since that would defeat the public policy behind the regulation.

I suspect that the line here will be decided in some court.

[Alex3917]

> I suspect that the line here will be decided in some court.

Sure. At the end of the day though people shouldn't be using GDPR as an excuse to avoid making stuff or launching their projects. As long as you make a reasonable effort to do what people are asking for via email then you're probably not going to be the test case.

[lamlam]

Yes, making things _arbitrarily_ difficult would probably go against the spirit of the law, even if it technically complied with it. But as Alex3917 pointed out, as long as a company responded to GDPR requests by email in a timeline in accordance with the law, they would be safe.