A critical reflection on GDPR
-
@dcoder said in A critical reflection on GDPR:
Ghostery sends a GDPR email and CCs 500 of their customers on it:
Is the email system still alive? "Take me off this list!"
-
@dcon It's Bedlam all over again.
-
@pjh said in A critical reflection on GDPR:
So, this is now a thing:
To save thousands on GDPR compliance, some companies are blocking all EU users | TechRepublic
To ensure compliance with the EU's upcoming General Data Protection Regulation (GDPR), companies such as GDPR Shield are offering tools for blocking EU users altogether.
First instance for me, from an email, from New Scientist of all places:
That link opens a window then closes it without giving me a download. I go searching for it, and on another site get...
That will bring business opportunities to European companies. Replicate blocked services, just like the Chinese do. Each country will have it's own intranet.
-
It's not (like in China) the EU that blocks these web sites, they do it themselves.
And if these scam websites figure that they can't exist without using your personal data in ways that you didn't consent to, I think we don't miss much by not having them available here.
-
@pjh The worst the EU can do against you is seize your European assets.
If you don't have any, why can't you just ignore GDPR instead of doing that?
-
@anonymous234 said in A critical reflection on GDPR:
If you don't have any, why can't you just ignore GDPR instead of doing that?
The problem here (I'm assuming you're talking about the pension one) is the websites acting because of the GDPR, not because of anything (or not) I'm doing with it.
-
@gąska said in A critical reflection on GDPR:
I wonder if anyone else will do that. If enough large sites went this way, eventually everyone would demand this fast, tracking-less experience.
It bothers me that people have been so tolerant of ridiculously bloated websites. It shouldn't take a law to fix that.
Tracking is not even the main cause. One or two asyncronous requests are negligible compared to that 2MB background video and the 15 JavaScript frameworks that all need to do god knows what just to create the page layout.
-
@anonymous234 said in A critical reflection on GDPR:
The worst the EU can do against you is seize your European assets.
If you don't have any, why can't you just ignore GDPR instead of doing that?
If they levy a penalty against you, it would also stop you from ever visiting the EU.
-
@anonymous234 said in A critical reflection on GDPR:
@pjh The worst the EU can do against you is seize your European assets.
If you don't have any, why can't you just ignore GDPR instead of doing that?
Apart from preventing you from travelling to the EU (which might not be that big of an issue for many small businesses), if you get involved in some legal proceedings your business might end up on some list of "criminals" (because you were sued but didn't appear/comply). Given how these lists may be used anywhere in the world and how big businesses are quick to cover their asses, it wouldn't be long before that translates to e.g. your bank refusing to do business with you or other headache-inducing stuff. You could then fight it off and convince them that it doesn't matter (e.g. if you only operate in the US), but do you have the time and money for that?
I don't think these things will actually happen, at least not for small businesses that really stay out of the US (e.g. a small website that happens to have a couple of EU visitors). But again, CYA to the max, I'm guessing that most businesses are just thinking that sending a couple of emails or adding a couple of popups to their sites (or actively blocking EU users) is a minimal hassle compared to the eventual potential risk for possible complications.
-
I wish GDPR has been introduced 15 years ago. We wouldn't have everyone sharing everything with everyone, while avoiding all this pop-up opt-out regional-block shitstorm.
-
@gąska That's wishing a regulation would have been put in place before the activities that might be affected by it really existed. Given how bad governments are at creating good regulation when they know the actual problem it's supposed to solve, I think regulation created before they even knew would have been much worse (or useless, with a lot of luck).
-
@gąska said in A critical reflection on GDPR:
I wish GDPR has been introduced 15 years ago. We wouldn't have everyone sharing everything with everyone, while avoiding all this pop-up opt-out regional-block shitstorm.
"The best time to plant a tree was 20 years ago. The second best time is now."
GDPR might seem a bit heavy-handed for today, but I like to think it was made with the next century in mind, when we have literally thousands of cameras and sensors scattered in every room sending stuff to each other (and to their corporate overlords).
Although software security would be a much bigger issue in that scenario, but governments are still allergic to touching that.
-
@anonymous234 said in A critical reflection on GDPR:
GDPR might seem a bit heavy-handed for today, but I like to think it was made with the next century in mind, when we have literally thousands of cameras and sensors scattered in every room sending stuff to each other (and to their corporate overlords).
Haha you think that London's roughly 56 quintillion security cameras are going to ask permission?
I hate to break it to you but most of those literally thousands of cameras already belong to the government.
-
@remi said in A critical reflection on GDPR:
@gąska That's wishing a regulation would have been put in place before the activities that might be affected by it really existed.
It's not like we've never had laws like that. Besides, cookies have been a thing even back in the 90s - it's just no one used them for mass data collecting, and no one in the position of power imagined that something that makes it trivial to do bad things can be used to do bad things.
-
@gąska said in A critical reflection on GDPR:
and no one in the position of power imagined that something that makes it trivial to do bad things can be used to do bad things.
What "bad things" do cookies do?
-
@gąska said in A critical reflection on GDPR:
@remi said in A critical reflection on GDPR:
@gąska That's wishing a regulation would have been put in place before the activities that might be affected by it really existed.
It's not like we've never had laws like that.
But were they any good? I can't think of such an example of a good law put in place beforehand, but tbh I can't think of any similar example of law put in place beforehand, good or not, so I don't have much to work on...
Besides, cookies have been a thing even back in the 90s - it's just no one used them for mass data collecting, and no one in the position of power imagined that something that makes it trivial to do bad things can be used to do bad things.
OTOH, if it took until the 2000's or 2010's for people to actually start doing bad thing with them, it would be a bit harsh on those in power to expect that they could have foreseen, 10-20 years before, something that even the technical guys working with didn't think of.
-
@remi said in A critical reflection on GDPR:
but tbh I can't think of any similar example of law put in place beforehand, good or not, so I don't have much to work on...
A lot of cities outlawed Segway scooters before they were even offered for sale. That was a gross over-reaction.
@remi said in A critical reflection on GDPR:
OTOH, if it took until the 2000's or 2010's for people to actually start doing bad thing with them, it would be a bit harsh on those in power to expect that they could have foreseen, 10-20 years before, something that even the technical guys working with didn't think of.
Nobody's ever done "bad things" with cookies. I hope you people recognize that there's a legit difference of opinion here.
-
@blakeyrat said in A critical reflection on GDPR:
@gąska said in A critical reflection on GDPR:
and no one in the position of power imagined that something that makes it trivial to do bad things can be used to do bad things.
What "bad things" do cookies do?
Making in-depth behavioral profiles of users of your business partners. A database of millions of such profiles is a powerful thing.
-
@gąska said in A critical reflection on GDPR:
Making in-depth behavioral profiles of users of your business partners. A database of millions of such profiles is a powerful thing.
Right; but why is that "bad"? How is it "powerful"?
I mean you have to legit recognize that there's a difference of opinion here. I've never seen anybody harmed by their cookie data being collected, so it's kind of hard for me to get upset about cookies compared to, say, freeway accidents which happen all the time and actually do harm actual people.
-
@blakeyrat surely you've heard of people harmed by government surveillance - especially in totalitarian regimes like China. Online profiling at mass scale has many of the same results as traditional surveillance - you know what everyone is doing most of the time, and can pin individual actions to individual people, and depending on what info your database has, maybe even infer their home and/or work addresses. This is enough to identify and persecute all people who have committed wrongthink. You can even automate most of the process. Don't know about you, but this scares the hell out of me.
If 3rd party cookies were banned, it would make personal identification much harder.
-
@gąska Does China use third-party cookies to do it? You changed topics.
-
-
numerous organizations have opted to block Europeans from accessing their websites
-
NPR, whose solution was a text-only site
-
USA Today, which removed all tracking scripts and ads, which reduced the size of the site from 5.2MB to 500KB.
So far, I'm not seeing any problem with GDPR.
-
-
@blakeyrat said in A critical reflection on GDPR:
@gąska Does China use third-party cookies to do it? You changed topics.
Ad company can use cookies to do what China does without cookies. The surveillance part, at least.
-
@gąska said in A critical reflection on GDPR:
Ad company can use cookies to do what China does without cookies. The surveillance part, at least.
Right; now put it all together: where's the "harm" part?
-
@gąska said in A critical reflection on GDPR:
@blakeyrat said in A critical reflection on GDPR:
@gąska Does China use third-party cookies to do it? You changed topics.
Ad company can use cookies to do what China does without cookies. The surveillance part, at least.
No, they can't. China can do what it does because it owns all the hardware along the way. Cookies do nothing of the type.
And the whole "well, GDPR would have stopped X without harm if we put it in place years ago" fails at a few steps:
- That presumes that GDPR actually works. Which is still up in the air.
- It also presumes that only seen costs matter. What about all the technologies, products, and other good things that would not have been produced due to compliance with labyrinthine regulations (or the chilling effect of such regulations, which is the real threat)?
-
@blakeyrat said in A critical reflection on GDPR:
@gąska said in A critical reflection on GDPR:
Ad company can use cookies to do what China does without cookies. The surveillance part, at least.
Right; now put it all together: where's the "harm" part?
I talked about it already in my previous post.
-
@gąska said in A critical reflection on GDPR:
I talked about it already in my previous post.
So with third-party cookies, you can "maybe infer someone's home or work address"? That's... that's it? That's as bad as it gets?
Seriously, I'm showing my age a bit here, but when I was a kid we had this thing called a "phonebook" which literally just published everybody's address and sent it to anybody who owned a phone on a quarterly basis.
I know there's probably some reader of this who thinks I'm putting on an "act" here because it's so established in tech circles that third-party cookies are evil satan horror, but I honestly don't understand why people think that. They allow advertising companies to target more precisely. That's... that's it. That's all she wrote.
-
@benjamin-hall said in A critical reflection on GDPR:
@gąska said in A critical reflection on GDPR:
@blakeyrat said in A critical reflection on GDPR:
@gąska Does China use third-party cookies to do it? You changed topics.
Ad company can use cookies to do what China does without cookies. The surveillance part, at least.
No, they can't. China can do what it does because it owns all the hardware along the way. Cookies do nothing of the type.
If you have ads on one site and leave identifying cookie, you can track users' activity on those sites and assign all actions to specific users. At the very least, you know the URLs they visit, which can be used to roughly determine what they're doing (if they visit a product page in online shop and then they visit shopping cart, you can be fairly sure they bought it, or are seriously thinking of buying it). I don't know what kinds of data exactly ad companies collect, but I imagine they get quite some. Now, if you have ads on two sites, you can track users of two sites - and you can tell if a user of one site is a user of the other, and which user exactly it is. You can then join both datasets on user ID and have a database of user activity on both sites. If you have ads on hundred pages, you can do the same with hundred pages. If you have ads on 70% of your country's webpages, you can track virtually every user in that country almost all the time. And all those sites map to IPs. Now, I don't know how segmented the online ads market is and how wide are the largest networks, but they seem pretty large, considering how often I get the same ads on different sites.
If you disallow 3rd party cookies, they can still track you, but they can't do it as easily - they don't have unique user identifiers anymore.
And the whole "well, GDPR would have stopped X without harm if we put it in place years ago" fails at a few steps:
- That presumes that GDPR actually works. Which is still up in the air.
Starting with ad-free internet and moving forward to Web 2.0 with GDPR in mind would definitely cause GDPR to have higher success rate than starting in Web 2.0 and trying to get everyone move back.
- It also presumes that only seen costs matter. What about all the technologies, products, and other good things that would not have been produced due to compliance with labyrinthine regulations (or the chilling effect of such regulations, which is the real threat)?
The only product that would be impossible to make would be targeted ads. And I'm not a fan of targeted ads.
-
@blakeyrat said in A critical reflection on GDPR:
@gąska said in A critical reflection on GDPR:
I talked about it already in my previous post.
So with third-party cookies, you can "maybe infer someone's home or work address"? That's... that's it? That's as bad as it gets?
Continue reading.
-
@gąska said in A critical reflection on GDPR:
Continue reading.
You mean this?
This is enough to identify and persecute all people who have committed wrongthink.
Ok; do you have an example of that ever happening? Do you even have a reasonable explanation of how it could happen, given the data stored by (say) Google?
Look, there appears to be a big disconnect here.
I keep asking:
How can you be harmed by this data?
And you keep answering:
How much data do these companies have?
Yes, I already understand that they have a lot of data, thank you, but answering that doesn't answer the question I've actually asked. They're different questions.
-
@anonymous234 said in A critical reflection on GDPR:
@pjh The worst the EU can do against you is seize your European assets.
If you don't have any, why can't you just ignore GDPR instead of doing that?
That's all well and good until you decide to go to Europe on vacation.
-
@blakeyrat said in A critical reflection on GDPR:
I've never seen anybody harmed by their cookie data being collected, so it's kind of hard for me to get upset about cookies compared to, say, freeway accidents which happen all the time and actually do harm actual people.
This other thing is worse so I don't care about original thing.
Yeah, that's a retarded viewpoint.
-
@blakeyrat said in A critical reflection on GDPR:
@gąska said in A critical reflection on GDPR:
Continue reading.
You mean this?
This is enough to identify and persecute all people who have committed wrongthink.
Ok; do you have an example of that ever happening?
It'll be too late by then.
Do you even have a reasonable explanation of how it could happen, given the data stored by (say) Google?
Google is a more interesting case because aside of the ads, they also have many different products, including email accounts, and emails are very likely to contain full name and address. It's very likely they could make a very long list of Jews living in New York along with their home addresses that would be 99% accurate and contain majority of New Yorker Jews. There were a few people in recent history who'd love to have such a list.
With non-Google ad providers, it's hard to say how precisely they can geolocate people with the data they have available - because I don't know what data they have available.
Maybe I am a little paranoid. But I think I'm right to be paranoid about it. Living in a corrupted shithole country with recent history of Stalinism does it to you.
-
@gąska said in A critical reflection on GDPR:
It'll be too late by then.
I'll take that as a no.
@gąska said in A critical reflection on GDPR:
Maybe I am a little paranoid.
That's what I think. But before you try to convince other people to be all nervous and afraid, don't you think it would be helpful to have a single solid scenario you can give to convince them?
I mean, maybe I'm not paranoid enough. Sure, fair enough. But convince me, you know?
-
@gąska said in A critical reflection on GDPR:
If you have ads on one site and leave identifying cookie, you can track users' activity on those sites and assign all actions to specific users. At the very least, you know the URLs they visit, which can be used to roughly determine what they're doing (if they visit a product page in online shop and then they visit shopping cart, you can be fairly sure they bought it, or are seriously thinking of buying it). I don't know what kinds of data exactly ad companies collect, but I imagine they get quite some. Now, if you have ads on two sites, you can track users of two sites - and you can tell if a user of one site is a user of the other, and which user exactly it is. You can then join both datasets on user ID and have a database of user activity on both sites. If you have ads on hundred pages, you can do the same with hundred pages. If you have ads on 70% of your country's webpages, you can track virtually every user in that country almost all the time. And all those sites map to IPs. Now, I don't know how segmented the online ads market is and how wide are the largest networks, but they seem pretty large, considering how often I get the same ads on different sites.
I've never understood the problem here. You're explaining the what but not the harm that @blakeyrat was asking about.
-
@blakeyrat said in A critical reflection on GDPR:
@gąska said in A critical reflection on GDPR:
Maybe I am a little paranoid.
That's what I think. But before you try to convince other people to be all nervous and afraid, don't you think it would be helpful to have a single solid scenario you can give to convince them?
Dude, are you even reading what I say? I gave you one very plausible, very dangerous scenario of so you do read it after all what might happen if Google ever stops "not being evil". Is it not valid scenario? Not evil enough? Or do you think totalitarism is literally impossible in 21st century?
-
@gąska said in A critical reflection on GDPR:
Dude, are you even reading what I say?
It relies on Nazis taking over New York, so you'll forgive me if I thought it was a little too implausible.
-
@gąska said in A critical reflection on GDPR:
Dude, are you even reading what I say? I gave you one very plausible, very dangerous scenario of so you do read it after all what might happen if Google ever stops "not being evil". Is it not valid scenario? Not evil enough? Or do you think totalitarism is literally impossible in 21st century?
Your argument seems to make a nonsequitous jump from commercial tracking to governmental surveillance. If a totalitarian state wants to monitor me then they will do so and the presence or absence of cookies or consent forms will make absolutely no difference whatsoever.
I do want to partition information somewhat and deny corporations access - but my motives would be limited to restricting the scope of intrusive advertising, and perhaps constraining what insurance companies, future employers etc know about me. I'm resigned to the fact that if the state is seriously interested in my affairs then it will find out virtually everything and might be significantly assisted by all the technology around me - but realistically there's damn all I can do about about and privacy legislation certainly won't help there.
The Nazis managed just fine without google.
-
@japonicus said in A critical reflection on GDPR:
@gąska said in A critical reflection on GDPR:
Dude, are you even reading what I say? I gave you one very plausible, very dangerous scenario of so you do read it after all what might happen if Google ever stops "not being evil". Is it not valid scenario? Not evil enough? Or do you think totalitarism is literally impossible in 21st century?
Your argument seems to make a nonsequitous jump from commercial tracking to governmental surveillance. If a totalitarian state wants to monitor me then they will do so and the presence or absence of cookies or consent forms will make absolutely no difference whatsoever.
It doesn't have to be the state. A group like Antifa is non-government organization, and yet if they've got a list of all "nazis" in USA and where they live, I'm pretty sure it would end up pretty badly.
I do want to partition information somewhat and deny corporations access - but my motives would be limited to restricting the scope of intrusive advertising, and perhaps constraining what insurance companies, future employers etc know about me.
Don't forget data leaks! The more companies have data on you, the more likely it'll end up leaked!
I'm resigned to the fact that if the state is seriously interested in my affairs then it will find out virtually everything and might be significantly assisted by all the technology around me - but realistically there's damn all I can do about about and privacy legislation certainly won't help there.
Agreed. But why make it easier? And why give the same power to private entities?
-
@gąska said in A critical reflection on GDPR:
It doesn't have to be the state. A group like Antifa is non-government organization, and yet if they've got a list of all "nazis" in USA and where they live, I'm pretty sure it would end up pretty badly.
But how do they get that from Google's third-party cookie data?
-
@blakeyrat should or shouldn't my explanation include how to do table joins?
-
@gąska said in A critical reflection on GDPR:
@blakeyrat should or shouldn't my explanation include how to do table joins?
How do they even get access to the data in the first place?
The more we go back and forth, the more I think you're theory that you're too paranoid is the correct one.
-
@blakeyrat said in A critical reflection on GDPR:
@gąska said in A critical reflection on GDPR:
@blakeyrat should or shouldn't my explanation include how to do table joins?
How do they even get access to the data in the first place?
In case of Google, they just crawl your email and save the URLs you've visited (that contain Google Ads). In case of non-Google, I guess their data generally doesn't contain real name and address, though I don't know how much data they collect exactly. Some professional sites like LinkedIn encourage providing real name and workplace, and in this particular case, the name is encoded in profile URL - AFAIK the URL is included in HTTP request for ad image/script. It certainly sounds plausible for a large enough entity with large enough database to figure out at least names and cities (by IP and other means).
The more we go back and forth, the more I think you're theory that you're too paranoid is the correct one.
The more I talk with you, the more I think you don't even want to listen to what I have to say and you're here just to call me paranoid. Don't worry, I've heard worse today.
-
@gąska said in A critical reflection on GDPR:
In case of Google, they just
@gąska I understand Google has the data; I want to know how antifa gets the data.
@gąska said in A critical reflection on GDPR:
The more I talk with you, the more I think you don't even want to listen to what I have to say and you're here just to call me paranoid.
From my perspective, you keep answering questions that are related to, but distinct from, the questions I'm actually asking.
-
@gąska said in A critical reflection on GDPR:
@blakeyrat said in A critical reflection on GDPR:
@gąska said in A critical reflection on GDPR:
@blakeyrat should or shouldn't my explanation include how to do table joins?
How do they even get access to the data in the first place?
In case of Google, they just crawl your email and save the URLs you've visited (that contain Google Ads). In case of non-Google, I guess their data generally doesn't contain real name and address, though I don't know how much data they collect exactly. Some professional sites like LinkedIn encourage providing real name and workplace, and in this particular case, the name is encoded in profile URL - AFAIK the URL is included in HTTP request for ad image/script. It certainly sounds plausible for a large enough entity with large enough database to figure out at least names and cities (by IP and other means).
The more we go back and forth, the more I think you're theory that you're too paranoid is the correct one.
The more I talk with you, the more I think you don't even want to listen to what I have to say and you're here just to call me paranoid. Don't worry, I've heard worse today.
As much as I hate to do it, I really have to agree with blakeyrat on this one. You're presenting all sorts of scenarios full of what if . . . what if . . . what if ..... and jumping to all sorts of wildly hypothetical conclusions, but not presenting a single actual example of harm that has actually occurred.
It's not that people aren't listening or understanding you, it's just that I (and many others) don't believe that you can cause actual real-life harm just from cookies. And the current or former political climate of your home country doesn't change that.
-
@anonymous234 That's a dumbfuck saying. The second best time was 19 years 11 months 30 days 23 hours 59 minutes 59 seconds ago, the third best time was 20 years 1 second ago, etc.
-
@gąska said in A critical reflection on GDPR:
If you have ads on one site and leave identifying cookie, you can track users' activity on those sites and assign all actions to specific users. At the very least, you know the URLs they visit, which can be used to roughly determine what they're doing (if they visit a product page in online shop and then they visit shopping cart, you can be fairly sure they bought it, or are seriously thinking of buying it). I don't know what kinds of data exactly ad companies collect, but I imagine they get quite some. Now, if you have ads on two sites, you can track users of two sites - and you can tell if a user of one site is a user of the other, and which user exactly it is. You can then join both datasets on user ID and have a database of user activity on both sites. If you have ads on hundred pages, you can do the same with hundred pages. If you have ads on 70% of your country's webpages, you can track virtually every user in that country almost all the time. And all those sites map to IPs. (emphasis mine)
Yes, everything you have said is true. But then later, you make the intergalactic leap of somehow this magically turning into creating a database of all the Jews in New York City.
Maybe it's because I'm not paranoid enough.
Maybe it's because every time I go to a website that tries to pinpoint my location using my IP address it says I'm in another city several miles away from my actual location.
Maybe it's because I can type my name into any search engine and get a long list of people with the same name who are not me, including three people who live within a few blocks of me.
Sorry, I'm just not seeing the problem.
-
@boomzilla said in A critical reflection on GDPR:
I've never understood the problem here. You're explaining the what but not the harm that @blakeyrat was asking about.
You guys are technical people, you really think there's no way this could ever go wrong? Even ways that people haven't even thought about it yet? None of this Equifax and Cambridge Analytica and whatever stuff matters? Geez.
How about this: with all that profiling, Amazon determines exactly how much you can just barely afford to pay for something, and raises the price accordingly. And so will everybody else, because they've all been tracking you. Oh, of course that could never happen. Or could it? And also you'd notice that!
Then maybe they'll be more sneaky and just adjust their search results to show you the items they want you to buy instead, while your neighbor sees the cheaper shit instead for the same results.And that's, like, probably among the bottom of the list of shitty things that could happen. You bought cigarettes so your health insurance will raise their prices. You won't get a loan because you took too many Ubers to an area with casinos.
Who the fuck knows. Use your imagination.We have an internet-of-shit thread where people thought that it'd be a good idea to put your fucking toaster on the web. Lack of utility aside, the security nightmares are the same kind of "what could possibly go wrong?" thinking.
@blakeyrat said in A critical reflection on GDPR:
Seriously, I'm showing my age a bit here,
That's curious, I was of the impression that the younger crowd is generally the most careless with putting all of their fucking life on the internet, while the older ones are comparably more careful.
Maybe I'm wrong though and relatively "older" people being conservative with their data is a European thing, if you USians don't care about it. Or a German thing? We've had the Nazi's Gestapo surveillance and the Commie's more comprehensive Stasi surveillance, so we've grown kind of averse to that.
Yes, I know you've wrote that Google profiling you is not the same as the state profiling you. Guess what, I don't want a private entity to collect that much information on me either. And really, neither should you.
-
@el_heffe said in A critical reflection on GDPR:
@gąska said in A critical reflection on GDPR:
If you have ads on one site and leave identifying cookie, you can track users' activity on those sites and assign all actions to specific users. At the very least, you know the URLs they visit, which can be used to roughly determine what they're doing (if they visit a product page in online shop and then they visit shopping cart, you can be fairly sure they bought it, or are seriously thinking of buying it). I don't know what kinds of data exactly ad companies collect, but I imagine they get quite some. Now, if you have ads on two sites, you can track users of two sites - and you can tell if a user of one site is a user of the other, and which user exactly it is. You can then join both datasets on user ID and have a database of user activity on both sites. If you have ads on hundred pages, you can do the same with hundred pages. If you have ads on 70% of your country's webpages, you can track virtually every user in that country almost all the time. And all those sites map to IPs. (emphasis mine)
Yes, everything you have said is true. But then later, you make the intergalactic leap of somehow this magically turning into creating a database of all the Jews in New York City.
I mean, that's one of many possible uses of giant database on everybody's interests and habits.
Maybe it's because I'm not paranoidvery very very very enough.
Probably.
-
@topspin said in A critical reflection on GDPR:
Yes, I know you've wrote that Google profiling you is not the same as the state profiling you.
Oh yeah, because the state can't get his hands on this data. That would be wrong, so it can't happen.
Not to mention leaks or employees selling data outside - this already happens all the time.
US websites block netizens in Europe: Why are they ghosting EU? It's not you, it's GDPR
