Hacker News new | past | comments | ask | show | jobs | submit login

That's how the GDPR is designed. I'm not a lawyer or a GDPR expert, but I believe this means that unless your service actually requires a particular type of data collection to function, you're not allowed to make access to that service contingent on that data collection.


> Consent is presumed not to be freely given if it does not allow separate consent to be given to different personal data processing operations despite it being appropriate in the individual case, or if the performance of a contract, including the provision of a service, is dependent on the consent despite such consent not being necessary for such performance.

In other words, people aren't allowed to sell their data in exchange for services. I suppose the argument is that people are really bad at valuing their own data. They don't know how it can be combined with other datasets and how it might be resold and repackaged and never go away. There are other things people can't legally sell, such as organs, votes and sex, so it's not an entirely brand new idea.

Applications are open for YC Summer 2019

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact