[Kbelicius]

> You are a real estate management company, and you have a form to collect names and phone numbers, just to call prospects back. Is your main business "collecting PII"? No. Were you affected by GDPR? Yes.

I give information on what that data will be used for and don't use it for anything else. I don't have to think about GDPR for a second more. What is the problem here?

> Same thing if you are a restaurant owner with a website that had an OpenTable integration to accept reservations.

Is the information provided necessary for service fulfillment and only used for that purpose? What is the problem here?

> What I am saying is that they benefit from the uncertainty and complexity from a piece of legislation that could potentially affect smaller business who were not equipped to respond properly.

Does the complexity of GDPR not cause more trouble to big corps since they themselves are more complex than a small business? With what complexity and uncertainty are my real estate management company and my restaurant hit?

> I spent the 6 months before GDPR dealing with the changes that had to be done in an e-commerce startup I was working at the time, and I saw all the questions from vendors and all the people being worried because they simply had no clue what needed to be done to be compliant. But feel free to keep thinking I am just "raging against regulation".

Then why are you having problems answering a simple question regarding GDPR? You say you have experience with GDPR so use it. What advice did you or your company give to those worried vendors and other people? On what grounds was your answer based? If you can't answer that then you really are just raging against something you don't understand.

> The hilarious thing about the "you don't know what you are talking about" accusation is that it usually comes from people who blindly bought into the idea that GDPR has any tooth into the fight against surveillance. If what I am saying is not enough to convince you of how backwards GDPR is, could I then ask you for any example where GDPR was effective in reducing the amount of unnecessary data collection?

Literally the only thing you said is that big corps have lawyers so regulation isn't fair and we should remove it. You know what also isn't fair? Capitalism. Big corps have more money so we should abolish capitalism. That is your logic and level or argumentation. From now on, if you poses an ounce of intellectual honesty, you should be an anti-capitalist. Or at least explain why capitalism is ok but regulation is not.

> Is Google/Facebook/Amazon/Twitter/Microsoft/Apple tracking you less after GDPR? No, they continue to do the same shit. They are still punching you in the face, the only difference is that now you are being "asked for consent".

Yes they are because I didn't give them my consent.

[rglullis]

> Yes they are because I didn't give them my consent.

Ridiculously naive. Do you have whatsapp installed on your phone? That's all Facebook needs to keep tabs on you and build your profile.

And if you don't? Then you can join my club. I'm pretty sure that Facebook really is missing all 16 of us...

> Or at least explain why capitalism is ok but regulation is not.

First, I am not saying that all regulation is bad. What I am saying is that GDPR is completely and utterly ineffective in what is "meant to do".

Second, it's not about being "anti-capitalist" but "anti-corporativist":

- https://news.ycombinator.com/item?id=31764137

- https://news.ycombinator.com/item?id=31766144

- https://news.ycombinator.com/item?id=31317641

[Kbelicius]

>What I am saying is that GDPR is completely and utterly ineffective in what is "meant to do".

How,why? I mean, I did ask you multiple times. Seems you don't know anything about GDPR. You even said you had experience with it?

> First, I am not saying that all regulation is bad. What I am saying is that GDPR is completely and utterly ineffective in what is "meant to do".

> Second, it's not about being "anti-capitalist" but "anti-corporativist":

Your only argument so far is that big corps have more money(more lawyers) than other players on the market. How can one be a capitalist and against money(inequality) at the same time?

[rglullis]

> How, why? (The GDPR is not effective)

GDPR stated purpose is to "increase data privacy for EU citizens". It added a bunch of directives that amount to "protocol theater", but did not stop Big Tech from collecting user data at large.

Facebook can only be profitable if they collect and exploit user data. If they are still operating in Europe, it is because they are either (a) operating at a loss or (b) still collecting enough user data.

Google is surely still collecting user data. Want to use Google Assistant? You consented for them to listen to you. Use Gmail? You consented for them to read your messages. In practice, GDPR did not stop the data collection.

Don't use Android and prefer iOS instead? Same thing. Amazon echo at home? SAME THING.

Saying that you have more privacy because now you "give consent" on some websites is a ridiculously naive notion. The only way to have actual privacy would be if the companies were not allowed at all to collect the data in the first place.

> How can one be a capitalist and against money(inequality) at the same time?

I've posted not one, but three links to different comments, all of them explaining the argument. I'll repeat again here: I am not (morally) against the concentration of money, I am against the concentration of power, and there are easier ways to eliminate the concentration of power without removing people's civil rights. In contrast, any attempt to control the concentration of money led to authoritarianism and people losing basic liberties.

[Kbelicius]

I see that you've moved from "GDPR is bad because some have more money than others" argument to "GDPR is bad because some will decide to break the law".

Can you think of any regulation that you are for, against which you can not use those two arguments?

> GDPR stated purpose is to "increase data privacy for EU citizens". It added a bunch of directives that amount to "protocol theater", but did not stop Big Tech from collecting user data at large.

This is what I'm trying to get from you. What specifically makes GDPR just "protocol theater", what changes should be made to make it more than that?

> Saying that you have more privacy because now you "give consent" on some websites is a ridiculously naive notion.

Nobody but you is saying that. I'd say that you have more privacy because you "refuse consent". If websites are not honoring my choice then they are breaking the law. If that makes GDPR bad then, by that logic, all laws and regulations are bad.

> I am not (morally) against the concentration of money, I am against the concentration of power, and there are easier ways to eliminate the concentration of power without removing people's civil rights.

Money is power so saying that you are not against the concentration of money but of power.... makes no sense.

In the third post that you linked you recommend removing civil rights...

[rglullis]

> GDPR is bad because some will decide to break the law.

No, where do I say that?

My point is that GDPR still lets companies collect user data, legally.

"Oh, now they need to ask for consent" doesn't really change things in practical terms. If Facebook still has billions of WhatsApp users, and if every user had to give consent to have the data extracted to use the service, in practice Facebook still has access to the data and can build a profile of billions of people.

> What specifically makes GDPR just "protocol theater"?

I don't know how else to restate this, and I don't see how I can make it any clearer.

Companies are still collecting data at large. The requirements about consent do not stop them from doing collecting and exploiting data, they just add some extra hoops and create inconveniences. These hoops and inconveniences are enough to make data processing costly for smaller players (even for legitimate uses) but they don't do anything to stop the Big Players. We get the worst of both worlds.

> I'd say that you have more privacy because you "refuse consent".

On paper, you can "refuse consent". In practice, the absolute majority of people continued to use the services and devices from GAMMA (Google, Amazon, Microsoft, Meta, Apple), and the only way to use those services and devices is by giving consent.

> what changes should be made to make it more than that?

By forbidding data collection and brokering (tracking cookies, ad auctions) at all. By forbidding personalized advertisements at all. By forbidding ad-subsidized hardware. By forbidding hardware to be sold bundled with internet-connected software/services, i.e, they can either sell the software or the hardware, but not both. By forbidding any service to be commercialized unless it has a self-hosted version. By forbidding "freemium" services, i.e, either you charge from everyone or you don't charge from anyone.

----

> Money is power

This is exactly what I am contesting! Having more money can help with getting more power, but we can think of ways where the concentration of power is limited without having to fight over the discussion of how to limit the concentration of "money".

> you recommend removing civil rights...

No. People still keep property rights, and they are still free to associate with others. The only thing about my proposal is to eliminate corporations.

[Kbelicius]

> No, where do I say that?

That is how I interpreted whole paragraphs that you wrote about how data is still collected despite GDPR. If data that is collected is covered by GDPR than that is breaking the law otherwise I don't see why you would mention that some companies are still collecting data that is not covered by GDPR.

> My point is that GDPR still lets companies collect user data, legally.

> "Oh, now they need to ask for consent" doesn't really change things in practical terms. If Facebook still has billions of WhatsApp users, and if every user had to give consent to have the data extracted to use the service, in practice Facebook still has access to the data and can build a profile of billions of people.

That is not how GDPR works. You don't have to give consent to use a service and if you don't give consent whatsapp can't legally share any data it has on you with facebook.

> Companies are still collecting data at large. The requirements about consent do not stop them from doing collecting and exploiting data, they just add some extra hoops and create inconveniences.

Not all data is covered by GDPR so of course data is still collected. It absolutely does stop collecting and exploiting some forms of data in legal ways.

> On paper, you can "refuse consent". In practice, the absolute majority of people continued to use the services and devices from GAMMA (Google, Amazon, Microsoft, Meta, Apple), and the only way to use those services and devices is by giving consent.

Again, not how GDPR works. Literally, in the text of GDPR, there is a provision that states that giving consent can not be a requirement for using a service. That's why you get, if you are in the EU, those consent forms with accept/reject on GAMMA sites and the only "service" you lose if you reject is personalized ads. Recommendation algorithm might also be different. You really have no idea how GDPR works but you certainly have strong opinions about it.

> By forbidding data collection and brokering (tracking cookies, ad auctions) at all. By forbidding personalized advertisements at all. By forbidding ad-subsidized hardware. By forbidding hardware to be sold bundled with internet-connected software/services, i.e, they can either sell the software or the hardware, but not both. By forbidding any service to be commercialized unless it has a self-hosted version. By forbidding "freemium" services, i.e, either you charge from everyone or you don't charge from anyone.

Those are new regulations not some fix to GDPR to make it more than "protocol theater". Even your reasoning about why GDPR is "protocol theater" is based on your faulty "understanding" of GDPR.

> This is exactly what I am contesting! Having more money can help with getting more power, but we can think of ways where the concentration of power is limited without having to fight over the discussion of how to limit the concentration of "money".

Power comes in many forms. Concentration of money is concentration of power so if you want to limit power you have to have a discussion on how to limit the concentration of money. By ignoring the question of money and concentrating only on other form of power money becomes more powerful.

> No. People still keep property rights, and they are still free to associate with others. The only thing about my proposal is to eliminate corporations.

No, go read your comment again. It isn't only about eliminating corporations it is about business not being bigger than 150 people (how is that not a restriction on free association?), and inability of an individual to participate in more than one business (how is that not a restriction on free association?).