Hacker News new | past | comments | ask | show | jobs | submit login

GDPR has had a very detrimental effect on user experience, with never ending popups and warnings about crap nobody understands. And being in the EU there's several US publications we can no longer access.

I can buy arguments that extra compliance efforts make some businesses not cost-effective in Europe, but this particular argument is nonsense.

It's like a factory that dumped toxic waste into a river complaining that, because of a ban on dumping toxic waste into rivers, they now "have to" dump them to nearby meadows instead, and that makes local customers unhappy.

"Detrimental effect on user experience" is an intended effect that clearly signals the company doesn't want to stop abusing its users.

No, it's more like prop 47: "Hey, you have to warn people if there are carcinogens inside. No penalty for false warnings."

Every business: "Stuff in here causes cancer."

Every customer: "Okay."


Every business: "Hey, we use cookies to provide a better experience. That okay?"

Every customer: "OK."

> Every business: "Hey, we use cookies to provide a better experience. That okay?"

They're not required to unless they're using cookies for something other than providing better experience. Also, that's cookie laws, not GDPR.

It's more like:

GDPR: "We see you doing X, Y and Z which are pretty abusive. We want you to not do X, Y and Z, but if you absolutely must, you can only do that to volunteers and you can't deny service to people who do not volunteer. Oh, and it really must be opt-in."

Every business: "Hey, we do X, Y and Z. That okay? [x] no >>> [ ] <<< !! YES PRETTY PLEASE".

Seeing HackerNews complain about GDPR is a strange experience. Every day I utilize GDPR to ensure that I am not tracked by the websites that I visit. The expectations of GDPR are lower for smaller companies.

GDPR is a massive win for the individual.

> Hey, we use cookies to provide a better experience.

Cookies are a separate law and entirely unrelated to GDPR.

Also the annoying "this is what we are doing, you have to agree to this to proceed" is explicitly forbidden for the GDPR. So your criticism does not apply.

It's not just the costs, it's attaching a 20M EUR risk to activity that may not even be worth 20M of revenue.

No, the risk is created by abusing customer data. If the cost was less than revenue then it’d be a toothless law.

GDPR is the size of a novel and attorneys can't even agree yet on what counts as PII. It's nowhere near a crisp law that only prohibits bad things you'd know not to do.

Yes, that's right, it's messy when you are tackling legislation to play catch up with technology. We've seen how wrong it can go with stuff like the last generation of cookie laws that were too tightly coupled to implementation details. GDPR is actually a nice step forward into resolving these huge gray areas that the web and smart phones have enabled as they become mainstream.

The status quo where corporations make vast profits peddling ever finer-grained user data unbeknownst to the consumer with no oversight is not good. A cultural shift is necessary. I'm glad to see the EU has the stones to tackle the issue because there is zero political will stateside for any political action other than driving corporate profits masked by populist appeals to xenophobia and whatever other irrelevant distractions they can cook up.

You can thank large media conglomerates for the latter, all it takes is one executive decision for dozens of networks and websites to start geo-blocking Euorpe.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact