[Kbelicius]

I see that you've moved from "GDPR is bad because some have more money than others" argument to "GDPR is bad because some will decide to break the law".

Can you think of any regulation that you are for, against which you can not use those two arguments?

> GDPR stated purpose is to "increase data privacy for EU citizens". It added a bunch of directives that amount to "protocol theater", but did not stop Big Tech from collecting user data at large.

This is what I'm trying to get from you. What specifically makes GDPR just "protocol theater", what changes should be made to make it more than that?

> Saying that you have more privacy because now you "give consent" on some websites is a ridiculously naive notion.

Nobody but you is saying that. I'd say that you have more privacy because you "refuse consent". If websites are not honoring my choice then they are breaking the law. If that makes GDPR bad then, by that logic, all laws and regulations are bad.

> I am not (morally) against the concentration of money, I am against the concentration of power, and there are easier ways to eliminate the concentration of power without removing people's civil rights.

Money is power so saying that you are not against the concentration of money but of power.... makes no sense.

In the third post that you linked you recommend removing civil rights...

[rglullis]

> GDPR is bad because some will decide to break the law.

No, where do I say that?

My point is that GDPR still lets companies collect user data, legally.

"Oh, now they need to ask for consent" doesn't really change things in practical terms. If Facebook still has billions of WhatsApp users, and if every user had to give consent to have the data extracted to use the service, in practice Facebook still has access to the data and can build a profile of billions of people.

> What specifically makes GDPR just "protocol theater"?

I don't know how else to restate this, and I don't see how I can make it any clearer.

Companies are still collecting data at large. The requirements about consent do not stop them from doing collecting and exploiting data, they just add some extra hoops and create inconveniences. These hoops and inconveniences are enough to make data processing costly for smaller players (even for legitimate uses) but they don't do anything to stop the Big Players. We get the worst of both worlds.

> I'd say that you have more privacy because you "refuse consent".

On paper, you can "refuse consent". In practice, the absolute majority of people continued to use the services and devices from GAMMA (Google, Amazon, Microsoft, Meta, Apple), and the only way to use those services and devices is by giving consent.

> what changes should be made to make it more than that?

By forbidding data collection and brokering (tracking cookies, ad auctions) at all. By forbidding personalized advertisements at all. By forbidding ad-subsidized hardware. By forbidding hardware to be sold bundled with internet-connected software/services, i.e, they can either sell the software or the hardware, but not both. By forbidding any service to be commercialized unless it has a self-hosted version. By forbidding "freemium" services, i.e, either you charge from everyone or you don't charge from anyone.

----

> Money is power

This is exactly what I am contesting! Having more money can help with getting more power, but we can think of ways where the concentration of power is limited without having to fight over the discussion of how to limit the concentration of "money".

> you recommend removing civil rights...

No. People still keep property rights, and they are still free to associate with others. The only thing about my proposal is to eliminate corporations.

[Kbelicius]

> No, where do I say that?

That is how I interpreted whole paragraphs that you wrote about how data is still collected despite GDPR. If data that is collected is covered by GDPR than that is breaking the law otherwise I don't see why you would mention that some companies are still collecting data that is not covered by GDPR.

> My point is that GDPR still lets companies collect user data, legally.

> "Oh, now they need to ask for consent" doesn't really change things in practical terms. If Facebook still has billions of WhatsApp users, and if every user had to give consent to have the data extracted to use the service, in practice Facebook still has access to the data and can build a profile of billions of people.

That is not how GDPR works. You don't have to give consent to use a service and if you don't give consent whatsapp can't legally share any data it has on you with facebook.

> Companies are still collecting data at large. The requirements about consent do not stop them from doing collecting and exploiting data, they just add some extra hoops and create inconveniences.

Not all data is covered by GDPR so of course data is still collected. It absolutely does stop collecting and exploiting some forms of data in legal ways.

> On paper, you can "refuse consent". In practice, the absolute majority of people continued to use the services and devices from GAMMA (Google, Amazon, Microsoft, Meta, Apple), and the only way to use those services and devices is by giving consent.

Again, not how GDPR works. Literally, in the text of GDPR, there is a provision that states that giving consent can not be a requirement for using a service. That's why you get, if you are in the EU, those consent forms with accept/reject on GAMMA sites and the only "service" you lose if you reject is personalized ads. Recommendation algorithm might also be different. You really have no idea how GDPR works but you certainly have strong opinions about it.

> By forbidding data collection and brokering (tracking cookies, ad auctions) at all. By forbidding personalized advertisements at all. By forbidding ad-subsidized hardware. By forbidding hardware to be sold bundled with internet-connected software/services, i.e, they can either sell the software or the hardware, but not both. By forbidding any service to be commercialized unless it has a self-hosted version. By forbidding "freemium" services, i.e, either you charge from everyone or you don't charge from anyone.

Those are new regulations not some fix to GDPR to make it more than "protocol theater". Even your reasoning about why GDPR is "protocol theater" is based on your faulty "understanding" of GDPR.

> This is exactly what I am contesting! Having more money can help with getting more power, but we can think of ways where the concentration of power is limited without having to fight over the discussion of how to limit the concentration of "money".

Power comes in many forms. Concentration of money is concentration of power so if you want to limit power you have to have a discussion on how to limit the concentration of money. By ignoring the question of money and concentrating only on other form of power money becomes more powerful.

> No. People still keep property rights, and they are still free to associate with others. The only thing about my proposal is to eliminate corporations.

No, go read your comment again. It isn't only about eliminating corporations it is about business not being bigger than 150 people (how is that not a restriction on free association?), and inability of an individual to participate in more than one business (how is that not a restriction on free association?).

[rglullis]

> You don't have to give consent to use a service and if you don't give consent whatsapp can't legally share any data it has on you with facebook

1) WhatsApp IS Facebook.

2) there is nothing stopping WhatsApp from sharing your data, if they got it from someone else that interacts with you and that has given consent. (Which would be basically any non-EU citizen)

> Not all data is covered by GDPR so of course data is still collected.

How hard is it to understand that stopping collection of data at all is the only effective policy?

You are arguing on the technicalities of GDPR like a first-year law school student. My point is that all these provisions did not and will not stop big tech from collecting data.

You think you are being so smart by saying "oh, I can refuse consent", but you completely ignore that (a) you are a tiny minority of billions of people and (b) you are not stopping Facebook from tracking your location and you gave permission for them to turn on the microphone of your device whenever you open the app.

> Those are new regulations

Yeah, because the GDPR does not solve anything.

Are you paying attention or are you just trying to confirm your worldview?

> how is that not a restriction on free association?

You can still associate with anyone. People can still work on a common project, the only difference is that any interactions would be interfaced by these separate companies.

I want to make an analogy between monolithic vs message-passing kernels, but I worry you are going to go full-aspie and get stuck in some technicality. So let's just drop this.