|
|
|
|
|
|
by frereubu
2717 days ago
|
|
|
I didn't mean to imply that it wasn't complicated - any legislation is going to need careful consideration because the wording is paramount. I was objecting more to the rather overheated phrase "insanely complicated," particularly when a counter-example of legislation that isn't "insanely" complicated wasn't given. Insanely complicated compared to what? |
|
|
I'd suggest that one obvious comparison is with not having the GDPR.
I know my own businesses spent considerable time and money understanding the implications and updating our documentation to comply with the new requirements. However, that was basically all we changed in the end, because we weren't doing anything particularly unusual or dodgy in the first place. In other words, for us, the whole thing was basically an expensive box-ticking exercise with no real benefit to anyone.
I imagine there are many other small businesses that could tell a similar story. The most likely alternative for those that can't is probably that they're not compliant, either deliberately or through ignorance of their new legal obligations, so that still doesn't benefit data subjects in any useful way.
It seems realistic to estimate that several billion pounds has been spent on this sort of paper-pushing exercise in the UK alone, which does suggest some level of rhetorical insanity here if it hasn't really benefited anyone in any measurable way. Perhaps time will tell and regulators will be more effective in curbing the excesses of the big data crunchers that these rules were presumably aimed at, but until we start seeing evidence of real benefits for the average person in the street, I for one will remain sceptical about whether all the extra red tape and complexity was justified.