[CryptoPunk]

That's not all it does. Among the other things it does:

It requires the entity to give you the ability to delete your personal data, which means a contract where you grant a service a permanent and irrevocable right to data about you in exchange for a service is illegal.

It also requires the entity to provide an equivalent service to any site visitor that chooses to not grant their data to the entity, thus making the business model of trading even revocable access to one's data for a service unviable in the long run.

It makes it illegal to offer a service in exchange for data that is stored without end-user retrievability. Therefore, it makes a contract where you grant a service irretrievable data about you in exchange for a service is illegal.

All of these reduce the range of possible voluntary interactions. It's anti consent.

[s73v3r_]

No, they do not. Not a single one of those reduces the range of voluntary interactions. If anything, they increase the range, because now it actually is voluntary.

And it is bonkers to imply that something that requires you to actually get affirmative consent from the user is "anti consent". You know what's really anti consent? 10 page TOS listings written in 10pt font that hide what's actually being done with data deep inside.

[CryptoPunk]

I just gave you examples of voluntary interactions that are now illegal under the GDPR programme, and you respond that none of the examples reduce the range of voluntary interactions. It's bizarre.

>>You know what's really anti consent? 10 page TOS listings written in 10pt font that hide what's actually being done with data deep inside.

I agree that it is anti-consent. I don't have a problem with laws requiring more legible consent forms.

My problem is the many limitations on the range of voluntary interactions that two parties can enter into that are found in the GDPR, a few of which I listed, and which you totally ignored.

[s73v3r_]

"I just gave you examples of voluntary interactions that are now illegal under the GDPR programme, and you respond that none of the examples reduce the range of voluntary interactions. It's bizarre."

No, you didn't. You gave a list of one-sided transactions where the user has no freedom or really consent at all in the matter.

"My problem is the many limitations on the range of voluntary interactions that two parties can enter into that are found in the GDPR, a few of which I listed, and which you totally ignored."

No, you didn't. All you did was post a list of "transactions" where the company has all the say, and the user really has no input whatsoever. No one is going to miss those transactions.

If you truly, honestly are concerned with "consent", then you should be applauding this law, as it does require actual, informed, affirmative consent. Not the "Here's a great wall of text, agree to give us every little bit of data with no recourse whatsoever for you or don't get any access to the service at all" form of "consent".

I'm sorry, but I cannot take seriously the idea that "if you can't sell yourself into slavery, you aren't free".

[CryptoPunk]

>>No, you didn't. You gave a list of one-sided transactions where the user has no freedom or really consent at all in the matter.

I have difficulty responding to such an immature mischaracterization of what I listed.

I listed a set of contractual arrangements that are now illegal. All of them could be entered into completely consensually, and cannot be reduced to being categorically one sided, given we don't know what the value of the service the user gets in exchange for their personal data will be in every instance that said contract is used.

You're infantilizing people when you claim they're not capable of consenting to the sale of their personal data. In fact, no court of law would ever agree with you that these contracts are non-consensual ipso facto what the user offers, which is why the only way these kinds of contracts could be categorically disqualified is to circumvent the courts' purview of establishing consent, by resorting to statutory interventions like GDPR.

And you're vastly over-simplifying the world, and overestimating your understanding of it, when you claim that such contracts could never be in the interest of the user.

What you're doing is absolutely reckless.

>>I'm sorry, but I cannot take seriously the idea that "if you can't sell yourself into slavery, you aren't free".

Selling your personal data to someone is not slavery. Slavery is a permanent condition, affecting your future self.

Personal data sold at one point in time only covers the data generated to that point in time, and does not forfeit data that is generated by your future self.

[s73v3r_]

>I listed a set of contractual arrangements that are now illegal. All of them could be entered into completely consensually, and cannot be reduced to being categorically one sided, given we don't know what the value of the service the user gets in exchange for their personal data will be in every instance that said contract is used.

And in that set, you predicated that the user could not revoke consent. That means that it is not a free contract.

>And you're vastly over-simplifying the world, and overestimating your understanding of it, when you claim that such contracts could never be in the interest of the user.

A contract in which one can not revoke consent is a contract in which one can never truly give consent. If I am unable to revoke my consent, then it can never be in the interest of the user, because my interest may change in the future.

>What you're doing is absolutely reckless.

No, what was absolutely reckless was the attitude of this industry that they should be entitled to suck up every last piece of data they could.

>Selling your personal data to someone is not slavery. Slavery is a permanent condition, affecting your future self.

Which is what you're pushing for. You don't want me to be able to withdraw consent later, thus my selling of data WILL affect my future self.

>Personal data sold at one point in time only covers the data generated to that point in time, and does not forfeit data that is generated by your future self.

It still affects your future self.

Once again, you have twisted this idea of "freedom" so badly, that you are claiming that it is anti-freedom for the user to have the freedom to withdraw consent! You should be ecstatic that you will now be able to exercise greater freedom than you could before. You will have that most basic of freedom to evaluate whether or not something is still in your interest, and if it's not, withdraw, without the other party still benefiting off of your information.

[CryptoPunk]

>>And in that set, you predicated that the user could not revoke consent.

No I didn't. I said that these contracts enable the user to sell their personal data. If a personal data sales contract includes a clause allowing you to 'revoke consent' AFTER 'selling' your data, then you are renting your data, not selling it.

By making contracts without such clauses illegal, you are reducing the space of contractual interaction, in making it impossible to sell one's personal data.

>>That means that it is not a free contract.

Again, I have difficulty responding to such immature mischaracterizations of reality.

Selling your personal data is a 100% "free contract".

>>No, what was absolutely reckless was the attitude of this industry that they should be entitled to suck up every last piece of data they could.

You obviously don't care to debate this issue based on rational arguments and facts. You're debating in bad faith. You've already made up your mind and are more than willing to mischaracterize the situation, and people's position, to push your views.

>>It still affects your future self.

Everything you do affects your future self, but this particular type of sale does not cover data genereted by your future self. It only covers what you have already generated.

It's absurd and totally dishonest to compare it to selling oneself into slavery. It's nothing more than hysterical fearmongering about the free market, in support of government limiting people's contractual rights.

>>Once again, you have twisted this idea of "freedom" so badly, that you are claiming that it is anti-freedom for the user to have the freedom to withdraw consent!

You're once again mischaracterizing the ability to re-voke a sale, after the fact, as "withdraw consent".

When you sell something to someone, you no longer have a claim to that something, and thus the other party no longer needs your consent to maintain ownership of it.

That I really need to explain the semantics of ownership to you, and explain how allowing retroactive and unilateral reversals of sales makes it impossible to sell something, shows just how completely delusional and dishonest you're being.

[Dayshine]

Only if you don't have a contract with the entity...

All the changes are to "consent", which is the naive consent of clicking "I accept".

You can still do anything with a proper, considered, contract.

[CryptoPunk]

Terms that you accept by clicking an "I accept" button can be a proper, considered contract. From what I understand GDPR requires more legible terms of service, in place of the undecipherable legalese one finds now, which could potentially help with the issue of users not understanding what they're accepting.

I don't see why the new rules couldn't have been limited to those of this sort, which ensure that users are providing considered agreement.