Please learn from the experience of dealing with side effects of GDPR in EU first, before trying to push it to the US.
The side effects would include:
1) Reduced number of services available to EU customers.
2) EU users will be trained to click "Agree" without reading, because web sites would ask them for permission very frequently, and users do not have time to read web site policies anyway.
> EU users will be trained to click "Agree" without reading, because web sites would ask them for permission very frequently, and users do not have time to read web site policies anyway.
From what I've read, opt-in is only supposed to be used when there's an actual voluntary choice, and "allow us to share your data with 3rd party trackers or we block you" doesn't count as a real choice.
It should be treated in the same way as opting into marketing emails. Totally optional. Not opting in shouldn't totally break a site.
Not allowing businesses to fire customers who don't want to share anything sounds like a massive problem for companies who's revenue model depends on user info. Think of all the people who don't want to share anything but still aren't willing to type in CC info for facebook, are they entitled to free facebook use on the companies' dime?
Because consent must be "freely given". As soon as you start attaching consequences unrelated to the utility itself, you're making a decision less and less freely.
The greater the power imbalance, the less free the choice. Social networks are a great example of this. You can choose not to use a particular one, but what's the alternative if everyone is already on that platform? You can go without, but what if it's LinkedIn, and there can be a real impact on your career?
You're making a philosophical argument about what is a "real choice", precisely the problem with the "based-on-principle" GDPR. All this will do is create a big mess if/when this gets into real litigation.
> 1) Reduced number of services available to EU customers.
That’s not a bad thing. If services that don’t want to protect their users’ privacy can’t operate, that’s a good thing.
> 2) EU users will be trained to click "Agree" without reading, because web sites would ask them for permission very frequently, and users do not have time to read web site policies anyway.
> 1) Reduced number of services available to EU customers.
because everyone knows that it is better to not make no money at all, than just a slightly less than normal because your ads are not targeted.
> 2) EU users will be trained to click "Agree" without reading, because web sites would ask them for permission very frequently, and users do not have time to read web site policies anyway.
Sure, and it is their absolute right to do so, but other people finally have some control over their data, I especially like the fact that finally user can also remove/change the data about them.
>And this is exactly what GDPR does, you then have an option to opt-in.
I mostly like GDPR. Ability to opt-in and being of charge of your data, i.e. removing it from a service if you want to, and the right to export and move it to another service are great and long due.
What I don't like is that it's a principle based regulation and thus it can be applied arbitrarily and selectively.
The side effects would include:
1) Reduced number of services available to EU customers.
2) EU users will be trained to click "Agree" without reading, because web sites would ask them for permission very frequently, and users do not have time to read web site policies anyway.