I've never met anyone in real life who wasn't creeped out by a targeted ad. Everyone nowadays has a story about how they were having a conversation with someone about something, and then one of their devices served them an advertisement for the thing they were talking about.

Everyone finds that creepy as hell, but it's hard to attribute it to any particular device/company, and even if you find out that it's your Alexa that's spying on you, it's hard to throw it out. Not only is it a waste of money, it's a loss of a convenience, and there's some social pressure involved. Like do you really want to be seen as that one paranoid weirdo who doesn't trust technology that everyone else is using?

I think it's bizarre that people are not only OK with having their house bugged with a device that listens to their every conversation - but they're happy to pay for the privilege.

Do you know that when you have an argument with your partner, Alexa is listening to the whole thing? Sensitive business meetings... etc... very strange!

If you annoy users into clicking "accept" then you are in breach and may as well just track users without asking at all.

People are out of their mind to think that governments are working to "protect" them - hello? Govern ment means to rule the mind, mind control, that's the word, and the main mind control governments are interested in perpetuating is to make you believe you need them.

If people didn't think they need their government, there would be no more governments - and they couldn't control us.

Logically, if I was the government, I would mainly work on making sure that people think they need me. I would have every incentive to create catastrophes, pandemics, wars, in fact I would have every incentive to create any problem that has, as its solution, more governmental control.

Yes! You should!

This is the same as if your small, non-profit club deals with dangerous chemicals - it needs to make sure that the appropriate risk assessments are done, and safety information is available to users. Or any club dealing with children - it may need to make sure that the people have an appropriate background check.

Likewise, holding personal data is a risk to the people whose data is held. If you want to hold on to that data, your responsibility should include making sure that it is stored and used safely. If you don’t want to pay that cost, then stop holding it.

To use your metaphor of chemicals:

I see the current situation as if the soccer club is handling a 1L container of consumer-grade vinegar weedkiller, and is required to do pretty cumbersome things to document their use and keep it "safe". Many of them have consulted some firm or expert to get boiler-plate documentation, because even if fines are unlikely they are anxious about them.

At the same time, we have enormous commercial actors that handle millions of liters of radioactive wastewater in rusty containers. These companies have, for sure, spent a lot of money on "compliance". Some small improvements have surely been made, but the fundamental business practice among these actors of handling radioactive wastewater have not changed. Some "large" fines have been given, but they barley make a dent in the enormous profitability of handling these toxic things.

At least not yet, 3 years in. Maybe it will change in the future, and the big actors will fundamentally change their behaviour.

If that happens, I can agree that the weedkiller documentation is worth the cost, but so far I'm sceptical.

(Since this is an Apple thread, I think its interesting to compare the _real_ privacy gain of GDPR as a whole, vs Apple's simple tracking-popup)

What if one of the kids' parents is on a protection program? What if two years later you find to have the contacts details of a famous star/politician/CEO? What if one of the people on your lists gets in a controversy and you happen to have certain proof of events? And so on.

I'm trying to argue how apparently innocent data might very well be highly sensitive instead, but that without a proper framework to assess that, you never know.

That's a far cry from "they make these cookie banners necessary". Tracking people without consent on first visit is what makes them necessary. The anger is consistently misdirected at the people who violate the boundaries of others, not the law that requires consent for it.

> So let's say you have a printed list where kids and their parents signup with name and phone numbers, you should probably have a data integrity policy and someone akin to a DPO. In your small non-profit soccer club!

"We'll ask them if it's okay to store it, and once they leave the club we delete their contact information after N months." Now you have a policy. The person who does everything else, the person who is already secretary, receptionist, accountant, project manager, janitor, coach, counselor, CEO, is now also the PDO.

Human rights being trampled on with an ever increasing mesh of surveillance by big agencies and corporations as well as little informants are such gross violations, such a terrible trajectory we put society on, that mere complication and discomfort is not something that can ever trump them in my book. I would even say if you can't put food on the table without ignoring the human rights of others, just don't put food on the table -- because that's the negotiable part, while the preservation of human rights is not. We need human righs, we don't need ad-hoc low-effort soccer clubs. Like, at all. Just get a ball and some friends in that case.