I have spent the last nine months in a few different co-working spaces here in Denmark, and all startups there have informed and essential conversations about handling users data. Just a few years ago that would never have been a topic. For me that's a very positive change.
Physical junk mail has noticeably gone down. So much so the Royal Mail issued a profit warning because GDPR had decreased total volume 10% or some such. Well that was unexpected, but grounds for flags and parties by itself.
> Just a few years ago that would never have been a topic
Really? I remember discussions at UK startups and larger places I worked about whether such and such was a part of the Data Protection 1998, whether some data should exist, or whether we were covered by the regs at all.
Far as I can see the big positives of GDPR are the tidying up and extending what constitutes personal data and plugging some of the loopholes. That and the max penalty has been increased enough to hope multinationals start caring too.
Until you find out that for some reason your country/region has far fewer strong internet companies than other regions of the world. Then you realize that you effectively shot your own economy in the foot.
Something has kept EU companies down. I assume that it's the combination of the various regulations we have in the EU that make it less welcoming of an environment to run an online business. GDPR is just one additional brick in that wall.
Article 13, on the other hand, can go fuck itself.
Why do you think you can trust people not to do illegal things just because they're illegal?
> GDPR is feel-good legislation first and foremost
I guess that's true, I do feel pretty good about it.
It depends on how sensitive the data is and how much I trust the company. I trust my bank to handle my money because if they do something shady I can rely on the justice system. But I would not trust random websites with data I wouldn't want them to have, GDPR or no GDPR.
There's nothing stopping a Chinese website from ignoring GDPR and taking your data and selling it. You don't even have legal recourse there.