GDPR has exemptions for security. Your free to track information for the purposes of blocking vulnerability bots, but only the minimum data required for that purpose... and your visitor's data cannot be used for other applications without their consent.
> Shouldn't it be Walmart's right to do what they want on their property, and my right to decide not to visit Walmart if I don't agree with that. Isn't the converse an infringement of Walmart's rights?
No. Property "rights" are secondary to human rights. Like, Walmart can't knowingly sell poison as food just because it's their property...
In your example, Walmart is free to record you on security cameras for security / theft purposes. However, they can't record what you're looking at and reuse that information for targeted advertising without consent - profling is simply not required to do business, so your right not to be profiled wins.
> Shouldn't it be Walmart's right to do what they want on their property, and my right to decide not to visit Walmart if I don't agree with that. Isn't the converse an infringement of Walmart's rights?
No. Property "rights" are secondary to human rights. Like, Walmart can't knowingly sell poison as food just because it's their property...
In your example, Walmart is free to record you on security cameras for security / theft purposes. However, they can't record what you're looking at and reuse that information for targeted advertising without consent - profling is simply not required to do business, so your right not to be profiled wins.