[Thiez]

> A business is free to choose their compensation model.

But they are not. Your compensation model generally cannot include such things as slavery, child labour, prostitution... Many places place limits on the amount of interest that may be charged on a loan.

A business is free to choose their compensation model within the confines of what the law allows. In case of the GDPR it disallows paying through PII. Thus a business is not free to choose this model.

[manigandham]

But the law does allow for ads as payment. GDPR only regulates consent and privacy, not business models, and absolutely allows for PII as payment as long as consent is obtained and data is secure.

However it can't force a company that requires data to be processed for a service to still provide that service when the data is not consented to. That is impossible without breaking the very law that prevents it.

This whole thread is just people refusing that data can be necessary for the service, which is fine if that's your interpretation, but not what major law firms actually agree on and it's certainly not going to hold up in court.

[pbhjpbhj]

>people refusing that data can be necessary for the service //

I'm failing to understand how Techcrunch's provision of articles is impossible without my provision of PII, they seem to manage to display those articles to other people even when I don't give them _my_ PII.

It sounds like someone is confused as to what essential means; it doesn't mean "carry on using the same privacy infringing business model regardless".

[manigandham]

It displays the articles to other people using their PII to pay for it. Essential because of compensation is allowed, and you have the choice to not view anything. There is nothing you’re losing, but you’re not entitled to demand content either.

HN users should contact a law firm instead of being self appointed lawyers downvoting everything they misunderstand.

[pbhjpbhj]

You've shown that Techcrunch requires paying, you've not shown it requires PII. The service has to actually need PII, and not be able to reasonably offer it without.

Do I need your insurance renewal dates before I can serve you a pint of beer? No. But if I had them I might be able to give you slightly cheaper beer (and feed back to the insurance company that you drink beer; a fact they might use to increase your insurance). So, under GDPR can I refuse to serve beer to people who won't give up PII, no, I have to come up with another way to ensure payment, like asking for money, or advertising to you without PII, or ...