| These examples are no good. It's unnecessary to put into law that if someone explicitly hires you to share particular information with some set of people, you're allowed to. You're not only allowed to, you're required to, because that's the business arrangement you've made. You're making an "it's all so complicated" argument, but not pointing out any actual occasion in which it might be complicated. > There are hundreds of cases where sharing personal data is "right" and expected, and hundreds of cases where it is "wrong". This is as close to a direct citation of the law of averages that I've seen in a long time. > And then you have lobbies trying to explain why they are on the right side and their opponents are on the wrong side, "Everybody is going to complain anyway..." > lawyers who are really good at finding loopholes The problem is lobbyists that are very good at adding loopholes. > in the end, what you get is something like GDPR with all its complexities. You can't really escape it. When you want to pass a law limiting what companies can do with data without the user's consent, but don't really want to limit what companies are doing in any way, you end up with weird, baroque definitions of data and consent. If you're never willing to risk profits, or to make certain businesses completely unsustainable, then every regulation must come accompanied with either a trivial method for large enough companies to ignore it, or must be paired with a completely unrelated regulatory giveaway. |