I think it's pretty easy to argue that such an intent could be described as "stifling innovation", if it's preventing people from trying new things because of the overhead associated with an impact analysis and continued maintenance of e.g. responding to data requests indefinitely.
I agree, we should also get rid of copyright and property laws in the name of not "stifling innovation". It is absolutely ridiculous that I can't just walk into a peoples homes and install my 'adtreckr' eye tracking cameras on their TVs, even though that has the potential to revolutionise the amount of engagement and make sure that they only receive the most engaging, most relevant ads for their tastes./s
Less satirically, you are free to innovate by coming up with new tech, then selling to people who care enough to deal with regulations. The 'stifling innovation' copout is so utterly overused by people who want to ignore negative externalities like pollution or the surveillance state we are building up. I am starting to think of it as a type of rent seeking: "I am currently in the privileged situation of having the technology and network effect necessary to exploit this unguarded treasure of X without dealing with the fallout. Please don't pass any regulation requiring me to actually pay my dues"
I think there's a very specific motivator behind people who build tech with the intent to sell, and that motivator doesn't cover every reason behind other people who build tech. If I want to start a project and think, "cool, if this works out, i'll sell it 6 months from now so it can actually do cool stuff", I'm just not going to work on that project at all.
Honestly though, I would _love_ to live in a world where you could walk into my home and install your 'adtreckr' eye tracking cameras on my TV. What you're describing is "trust", and I think the amount of it that each person has (for people in general, but also for companies) is a big influence in how they view GDPR (and other regulations that some might argue are unnecessary). Obviously, we're very far away from that world, so this isn't consent for you to come waltzing into my home in the near future. :)
In my eyes, the satirical representation of what's happening here (from a consumer's point of view) is me placing an order for your awesome new eye tracking cameras, looking forward to the delivery and installation, and then seeing delays and delays as you repeatedly come back with, "well, are you sure you want this? are you sure I can enter your home? are you sure I can touch your TV? are you sure I can modify your TV?" I signed up, I paid for it, I told you I want it, just do whatever you need to do to give me it.
From a business POV, I already treat user data with utmost regard, and my users know that. Similarly, I trust that the companies I willingly give my data to do the same. There are probably some bad actors in the mix, but I doubt they're going to bother with compliance anyway. Having to go out of my way to prove that data trust is there to a third party completely uninvolved with the contract I have with my users, and to spend hours and hours implementing new workflows and pipelines for out of scope functionality that needs to be maintained indefinitely -- this is not good for a business. It's bad for small businesses because it sucks up time, money, and other resources, and it's bad for big businesses because it opens up such a huge area for litigating non-issues. It might have some value to users, as I said elsewhere, but it's a heavy-handed regulation that is too overreaching in its implementation, in my personal opinion.
> Honestly though, I would _love_ to live in a world where you could walk into my home and install your 'adtreckr' eye tracking cameras on my TV. What you're describing is "trust", and I think the amount of it that each person has (for people in general, but also for companies) is a big influence in how they view GDPR (and other regulations that some might argue are unnecessary). Obviously, we're very far away from that world, so this isn't consent for you to come waltzing into my home in the near future. :)
Anarchy is always ruined by all those people! (I'm a big fan of trust, and not a big fan of Hayek,but Hayek had an insight when he talked about the micro and the macro cosma. People are to diverse that we can rely on "trust" to solve things, we need agreed on official rules)
> In my eyes, the satirical representation of what's happening here (from a consumer's point of view) is me placing an order for your awesome new eye tracking cameras, looking forward to the delivery and installation, and then seeing delays and delays as you repeatedly come back with, "well, are you sure you want this? are you sure I can enter your home? are you sure I can touch your TV? are you sure I can modify your TV?" I signed up, I paid for it, I told you I want it, just do whatever you need to do to give me it.
No. If you opt into buying my camera, since it is explicitly necessary to do all of that stuff, the consent is given as part of the buying contract. I just need to clearly state and explain that. If you had to gain access Facebook or instapaper via a huge opt in order form (let's say a pop-up detailing exactly what happens to your data), then it is equivalent...and that is exactly what GDPR requires
> From a business POV, I already treat user data with utmost regard, and my users know that. Similarly, I trust that the companies I willingly give my data to do the same. There are probably some bad actors in the mix, but I doubt they're going to bother with compliance anyway. Having to go out of my way to prove that data trust is there to a third party completely uninvolved with the contract I have with my users, and to spend hours and hours implementing new workflows and pipelines for out of scope functionality that needs to be maintained indefinitely -- this is not good for a business. It's bad for small businesses because it sucks up time, money, and other resources, and it's bad for big businesses because it opens up such a huge area for litigating non-issues. It might have some value to users, as I said elsewhere, but it's a heavy-handed regulation that is too overreaching in its implementation, in my personal opinion.
If you already do everything that is commonsense data protection, which is the bulk of what is required by GDPR, then all you have to do is documen that. If you cannot guarantee that the data is not shared, then the third party isn't uninvolved in the contract you do with your users.
Honestly, think of my data as something I own, like my house or my car, and GDPR becomes easy. Think of it as something you "create" by tracking me on your site, and your point of view becomes easier. I like my world better
I have a hard time seeing any justification for your view. Why would you own data about yourself? Do you own your name? Do you own the fact that you went to taco bell for dinner last night? Can you sue someone else for knowing you went to taco bell last night? Should it be a crime for someone who knows your name to tell someone else your name? What if they do it for money?
"Owning" data about yourself is a very strange concept to me.
GDPR could have safeguarded data by demanding more transparency, still allowing apps to accept data as a form of payment through personalized ads. It's not obvious why they are requiring apps to provide the same service for free 'without detriment'. That destroys a number of business models. Why not just allow they give an option to not give their data if they are willing to pay?
> GDPR could have safeguarded data by demanding more transparency
That would be a toothless regulation. It would just cause businesses to add more crap to their privacy policies, which nobody reads anyway, and doesn't impact user behavior.
> It's not obvious why they are requiring apps to provide the same service for free 'without detriment'
So that users can opt-out of having unnecessary data collected. You should only be collecting the data needed to run the service. If your business collapses when users opt-out, your business model was nothing but data harvesting to begin with, and probably doesn't deserve to exist.
> That destroys a number of business models
A number of exploitative business models that harm society and democracy. Works for me!
> Why not just allow they give an option to not give their data if they are willing to pay?
You can do that now. Stop collecting data that isn't necessary to run your service, and charge people money.
If they were smart about how transparent a business needed to be, I don't think it would be toothless at all. It would have given users more information about what is happening behind the scenes and allowed them to make their own decisions.
> So that users can opt-out of having unnecessary data collected. You should only be collecting the data needed to run the service. If your business collapses when users opt-out, your business model was nothing but data harvesting to begin with, and probably doesn't deserve to exist.
This is a really rosy view of things. The reality is that there are tons of apps / games / sites that people use and enjoy but would not pay for. And there are people who could not otherwise afford to pay for them but are able to enjoy them because personalized ads can be used as a form of payment. I would argue most of these things make the world a better place not a worse place. And that people should be able to choose how they want to pay for those services.
I don't agree, but at least I understand where you're coming from. Here is the stasis of our dispute:
> I would argue most of these things make the world a better place not a worse place. And that people should be able to choose how they want to pay for those services.
I'm not convinced any of the apps we pay for in data really improve our lives. The price we pay in control over our identity and our information usually outweighs the benefits. And in some cases, like in many distracting social apps or pay-to-win games, there is no benefit. The app is just designed to addict us, keep us occupied, and make our lives worse.
Furthermore, I don't think "allowing users to decide for themselves" is going to make a difference. That's like allowing poison in food, because everyone can scan the ingredients on the label for known poisons. It's unreasonable to expect the average person to do due diligence on every service they use online.
I'm not convinced any of the apps we pay for in data really improve our lives. The price we pay in control over our identity and our information usually outweighs the benefits.
Hundreds of millions of Google and Facebook users disagree. If you ask people what Google does with the data they collect, a large percentage both incorrectly believe that they directly sell it to advertisers (rather than just using it for ad targeting) and don't have a problem with that.
I'm not saying that you're wrong, but I am saying that you aren't so clearly right that your preferences should be forcibly imposed on everyone.
That's fine, the problem is there was no choice before. OK, Google Analytics is somewhat easier to block, but e.g. Facebook with their shadow profiles? How do you block that? Is it feasible to expect teenagers to not use FB/Snapchat/Instagram when all their friends are just to protect their privacy?