GDPR and stupidity

**LMcD** · 24-05-18, 15:42

Our local pets and garden supplies shop has stopped its loyalty scheme because of GDPR. Apparently this is a fairly widespread occurrence.

**Anastasius** · 24-05-18, 15:56

Originally posted by french frank View Post

And just to complicate matters

Most GDPR emails unnecessary and some illegal, say experts

https://www.theguardian.com/technology/2018/may/21/gdpr-emails-mostly-unnecessary-and-in-some-cases-illegal-say-experts

Many firms have the required consent already; others don’t have consent to send a request

That is an excellent article and highlights just how utterly stupid this piece of pointless legislation is. Almost as bad as their daft cookie law. And because there is no consistency between companies, we all waste time reading through the damn email to see if we need to click anything to stay on touch. Or not because all that they have told us is that they have updated their privacy policy. Big deal. I never read it before and damned if I'll read it now.

The EU sucks.

**french frank** · 24-05-18, 16:08

The ironic - and rather sad - point is that so many of the EU regulations which are found annoying are put in place to protect ordinary people from those who seek to take advantage of them, and profit from them.

**Anastasius** · 24-05-18, 16:39

Please explain how that daft cookie law is protecting ordinary people

**french frank** · 24-05-18, 16:50

Originally posted by Anastasius View Post

Please explain how that daft cookie law is protecting ordinary people

"It started as an EU Directive that was adopted by all EU countries in May 2011. The Directive gave individuals rights to refuse the use of cookies that reduce their online privacy. Each country then updated its own laws to comply. In the UK this meant an update to the Privacy and Electronic Communications Regulations."

**Anastasius** · 24-05-18, 17:42

Originally posted by french frank View Post

"It started as an EU Directive that was adopted by all EU countries in May 2011. The Directive gave individuals rights to refuse the use of cookies that reduce their online privacy. Each country then updated its own laws to comply. In the UK this meant an update to the Privacy and Electronic Communications Regulations."

And the reality ? Everyone clicks OK. Pointless legislation.

**Anastasius** · 24-05-18, 17:51

Bliss. I just remembered that Apple Mail has rules. "If message content contains 'GDPR' or 'privacy' then delete". Simples. Sorted.

**french frank** · 24-05-18, 18:55

Originally posted by Anastasius View Post

And the reality ? Everyone clicks OK.

That wasn't the point made. If people wish to click OK, that's up to them. But if 5% don't want to, they have the right to refuse. Just because you automatically click OK doesn't make the legislation pointless for everyone. In the same way, I've been quite selective about which emails I've responded to positively over GDPR. I've been surprised by some of them and wondered when I'd ever had anything to do with them (and haven't responded).

But the point I made was that ironically - and sadly - these annoying emails are intended to protect the privacy of ordinary people. There will always be people who don't give two hoots. I find it more annoying when I've looked up hotels in Skegness and then find I'm getting adverts - even emails - asking whether I'm still looking for a hotel in Skegness.

I just remembered that Apple Mail has rules. "If message content contains 'GDPR' or 'privacy' then delete". Simples. Sorted.

I'm glad that works for you. I would find it very annoying if I no longer received news from some of the organisations.

**Anastasius** · 24-05-18, 20:41

Originally posted by french frank View Post

....If people wish to click OK, that's up to them. But if 5% don't want to, they have the right to refuse......

And then they find that the website drops their connection! Far easier for people to use extensions such as Ghostery that achieve the same thing as the CookieLaw but don't require you to click "Yes, I'll accept cookies" every damn time.

There's far more privacy issues with the likes of Faecebook and Google.

**Nick Armstrong** · 24-05-18, 21:47

Originally posted by Anastasius View Post

Bliss. I just remembered that Apple Mail has rules. "If message content contains 'GDPR' or 'privacy' then delete". Simples. Sorted.

But it isn't quite sorted, is it? Among all the spam that's filled my inbox in relation to this new law that's supposed to prevent spam, there's a divide (I'd estimate 50/50) between (a) the emails that require action to remain on a mailing list, and (b) the rest that simply notify you that things have changed. I'm glad when the latter sort are from entities I continue to want to hear from, but annoyed when I'd like to unsubscribe but simple inactivity/deletion (automatic or otherwise) isn't enough.

So some brain cells have to be devoted to each one to find out which approach is taken.

I was wondering whether the approach of category (b) is sufficient - here's the most economical one I've received:

- but that type have come from some pretty sophisticated outfits so one must assume they've got proper advice on an adequate GDPR strategy.

(The mind boggles at the gazillions which must have been billed by advisors lately to all entities with an online presence...)

.

While on the subject of spam, imagine my surprise to receive this evening what appears (judging by my inbox) to be a personal email from current omnipresent musical pinup Sheku Kanneh-Mason:

On delving (i.e. scrolling through reams of puff for SK-M) into the light grey small print right at the bottom, one finds it is of course from his record company - masquerading as their artiste.

I think it's cheeky, and instantly unsubscribed from the list of the artiste and the company. I wouldn't have thought he needed this sort of intrusive pushing which seems to me desperate and tarnishes what I would have thought after Saturday was a very burnished reputation..

**Nick Armstrong** · 24-05-18, 22:25

Further to my previous post, there happened to be a marginally helpful item on Newsnight about all this - a Data Protection adviser was asked about the different approaches (see (a) and (b) in my post just now) and said that they depend on your relationship with the entity concerned - if you are simply on a database for marketing, you have actively to opt in, whereas if you are a customer or have already actively transacted with the entity, just notifying you of the updated policies is sufficient.

So - Anastasius - I revise my 'not quite sorted' comment: if you automatically delete anything saying 'GDPR' and 'Privacy', you probably will successfully terminate all mere 'database' emails/spam, but you won't terminate your relationship with entities with whom you have transacted in the past. Assuming you're not interested in learning about the revisions to the latters' policies, you should be - as you say - 'sorted' !

**jean** · 24-05-18, 22:43

Originally posted by Caliban View Post

...if you are simply on a database for marketing, you have actively to opt in, whereas if you are a customer or have already actively transacted with the entity, just notifying you of the updated policies is sufficient.

That should be the case.

But the problem is that many of the entities you freely signed up to and want to hear from don't realise it themselves, and have set up their GDPR communications in such a way as to delete you if you don't actively opt in.

**oddoneout** · 24-05-18, 23:20

Originally posted by Anastasius View Post

That is an excellent article and highlights just how utterly stupid this piece of pointless legislation is. Almost as bad as their daft cookie law. And because there is no consistency between companies, we all waste time reading through the damn email to see if we need to click anything to stay on touch. Or not because all that they have told us is that they have updated their privacy policy. Big deal. I never read it before and damned if I'll read it now. The EU sucks.

As I understand it the bulk of the GDPR requirements have been operational for many years.They were not necessarily observed though, and I think that the combination of a deadline and the risk of serious financial pain has focused business minds usefully on their responsibilities. What has been less helpful is the apparent lack of information to enable small organisations - such as the allotment and music related societies mentioned in this thread - to make sure they are compliant. That isn't the fault of the EU; the UK has had 2 years, same as other countries, to get to grips with this. I for one don't have a problem with companies and others being forced to ask my permission to pass on my data; as far as possible I want to be the one to decide who that information is 'shared' with. I shan't be sorry to see the end of the 'sign up now, unsubscribe later' tactic used as part of doing business with some outfits or the misleadingly arranged 'opt-in/out' tick boxes.

**LMcD** · 25-05-18, 05:18

This might be helpful:

GDPR: 'Don't panic!' data watchdog tells firms

https://www.bbc.co.uk/news/business-44208456

Tough new data protection laws come into effect on Friday, but many firms say they are not ready.

**french frank** · 25-05-18, 06:47

Originally posted by LMcD View Post

This might be helpful:
www.bbc.co.uk/news/business-44208456

Are the rules good news for consumers?

Definitely, says the Which? consumer rights group.

Big fines could be imposed on companies that "persistently, deliberately or negligently flout the regulations." I think it would be difficult to prove that against an allotment society that uses email addresses solely to, erm, communicate officially with allotment society members …

GDPR and stupidity

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment