Doc Searls Weblog

Just trying to make stuff happen

Without enforcement, the GDPR is a fail

And the same goes for California’s AB-375 privacy bill.

The GDPR has been in force since May 25th, and it has done almost nothing to stop websites that make money from tracking-based-advertising stop participating in the tracking of readers. Instead almost all we’ve seen so far are requests for from websites to keep doing what they’re doing.

Only worse. Because now when you click “Accept” under an interruptive banner saying the site’s “cookies and other technologies collect data to enhance your experience and personalize the content and advertising you see,” you’ve just consented to being spied on. And they’re covered. They can carry on with surveillance-as-usual.

Score: Adtech 1, privacy 0.

Or so it seems. So far.

Are there any examples of publications that aren’t participating in #adtech’s spy game? Besides Linux Journal?

 

, ,

Posted by:

Doc Searls

11 responses to “Without enforcement, the GDPR is a fail”

  1. Evert Avatar
    Evert

    GDRP is an unenforceable monstrosity that could only have been though up in the echo chambers of the EU government.
    Aside from having to now click a “yes” button on the majority of website the only other effect is that a number of US based website have decided that compliance is not worth the trouble and have made their sites inaccessible from a European IP address.

    Reply
    1. Doc Searls Avatar
      Doc Searls

      Evert, see what I wrote in An FUQ for the GDPR. That will hopefully address both your points.

      Reply
      1. Ed Steenhoek Avatar
        Ed Steenhoek

        Doc, Have been doing that for many years…

        Reply
  2. Ed Steenhoek Avatar
    Ed Steenhoek

    First, any law without enforcement would then be a fail and there are many of these with GDPR being far from the first or the last. But there is enforcement once complaints are filed. Since you protest against it, I assume you filed a complaint about it at the applicable privacy office. If not, then please do as you seem to care about your privacy and only you can make that chance. Enforcement as it is defined is reactive. Not pro-active.

    Second, the behaviour you describe may exist but that doesn’t make it right. I’ve seen many examples that do a way better job than you describe. Examples where functionality, analytics and advertising are separated out and can be chosen individually. It just tells something about the particular site/magazine.

    Third, in its pure essence, there is nothing illegal if you give consent to being spied on as you call it. The intend of GDPR is not to prevent tracking cookies. When you do, some rules (e.g. about transparency) apply of course. But it is the user’s own free choice to trade some of his privacy against access to information. You don’t have to if you don’t want to but you then might not be able to access that ‘free’ information. It may shatter some dreams but in a world-economy dominated by money, there is no such thing as ‘free’ and privacy has become a currency.

    Last, in stead of only complaining, why not fix GDPR compliance at your own end first? Your reply form requires me to give my name and email address. Why do you need my email address? Under GDPR (and yes, as I am a European citizen, that does apply to Harvard too) you should have a reason for storing my privacy data. As long as I don’t tick the box to receive follow-up emails or new post notifications, there is no need and you should no want to store it.

    Reply
    1. Doc Searls Avatar
      Doc Searls

      Ed, your comment has so many claims and accusations that I don’t know where to begin. So I won’t.

      I’ll suggest that for context you take a look at what I’ve been writing and doing for at least the last ten years. If you’re interested, start here.

      Reply
  3. Nelson Avatar
    Nelson

    Nice victory for consumers, In fact, I must say I’m rather proud of Californians for standing to together for something and making an impact, against big money & influence. Consumers rightly should have control over there data and how it is used. The credit bureau has collected financial info on millions, and as far as I know you nor I have ever given consent or permission to collect & monitor our financial data. It is, however a useful service but just imagine how did they come to get the rights or permissions to provide this service to millions.

    Reply
  4. John Doe Avatar
    John Doe

    Haha… GDPR is an elephant…

    Reply
  5. Matt Avatar
    Matt

    Ed, you’re an idiot. There is no other word to define you. Well, actually there is, dozens of them, but that would be a waste of time.

    Reply
  6. Dave Avatar
    Dave

    Hi Doc; I have a screenshot of the kind of thing that sometimes pops up, in perhaps what was an intended result of GDPR. Not sure how to show you. But it show options for things like (unchangeable) functionality, tracking, social, etc. If honored, the settings choices would be favorable to user.
    Best, dave

    Reply
    1. Doc Searls Avatar
      Doc Searls

      Thanks, Dave. Send it along.

      Reply
  7. About that right to be forgotten | Hennings blog

    […] I generally support the GDPR – and acknowledge that without enforcement, GDPR is worse than nothing – I do not support the right to be […]

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *