Unfortunately politics has become the religion of modernity.
Nuance and sober analysis like you've suggested do not mix well with religious dogma. It's much easier for people to react emotionally to symbols.
For many here, 'GDPR' is a variable that equals 'privacy' in their brain computer. So any criticism of it or its implementation realities, no matter how well argued, will not be met with reasoned response, but instead religious zeal.
Most criticism of GDPR on HN is a criticism of bad-faith attempts to pretend to comply, many of which are expressly forbidden by the GDPR. It's a well-written, plain English regulation, and I encourage everyone to read it before criticising it. (At the very least, point to the bits of the regulation you disagree with: it should only take around 5 minutes to look up.)
And even if it was, being easy to read is not necessarily good when it comes to regulation, because this means there is a WIDE berth for interpretation by court cases and judges. This becomes a shifting target that makes compliance impossible.
For example, you could write a one sentence net-zero law that says "All economic activity in the EU must be net zero by tomorrow."
However, what constitutes economic activty? Is heating my home in the winter economic activity? What if I work from home? What about feeding my children food? What about suppliers and parts from outside the EU? Finished goods vs. raw materials? How will we audit the supply chains on each globally? Who will enforce those audits and how detailed do they need to be? Etc. etc.
To these questions, the religious green fanatics on EcoHackerNews will simply reply: it's actually super easy to comply, you can read it yourself, it's one sentence!
Right, but there's also the competing religious zealots who are ideologically opposed to regulation... like as a concept.
What you need to realize is that of course companies hate regulations. Every company, anywhere on Earth, will tell you regulation X is bad. All of them. They will do everything they can possibly do to not have the regulation.
When slavery was outlawed in the US, you can bet your ass that every single bad-faith recreation of slavery was tried. Many of them highly successful, and some taking over 100 years (yes, really!) to be fixed.
What that means is that, just because a company puts up a cookie banner, or says "this law sucks", doesn't mean you should take that to heart. Of course, to them, it sucks, and it's too complicated, and it's all legalese, and la dee da. They would prefer to hire children, okay? And we know that, for a fact, because they did. So just, grain of salt.
Doesn't mean the law is good either, but just know these are the adversarial forces here.
Big enterprises like regulation because it enables them to capture the market and slow startups down: that's why they invest so much in standardization, for instance.
It allows them to force startups to match their (slow) pace of development.
> Every company, anywhere on Earth, will tell you regulation X is bad. All of them. They will do everything they can possibly do to not have the regulation.
Have you missed all the large AI companies in US loudly demanding and otherwise lobbying for more regulation?
Regulations can be good for companies when you can make sure that they are written in a way that entrenches them against any new competitors.
> The full text of GDPR is 261 pages long with 99 articles and 173 recitals. Here's a condensed version and guide to reading the actual passages that matter, still 88 pages long
My feeling is that in 9 years you could read it.
However, I read most of the relevant bits in an afternoon. Most people on HN making preposterous claims about GDPR have never in their life read anything but industry's take on it.
> it's actually super easy to comply, you can read it yourself, it's one sentence!
It's trivial to comply with for the absolute vast majority of companies, you can very easily read it yourself, the bits that are relevant to most businesses shouldn't even take an hour to read.
> Every HN thread about GDPR devolves into this circular argument.
The only reason it devolves into a "circular argument" is that the vast majority of anti-GDPR comments on HN come from people who have never ever read even a single line from the regulation and just parrot the same old "GDPR requires these stupid banners".
> You’ll find zero intelligent engagement here if you bring this up however, because nobody here actually knows what they’re talking about when it comes to Europe’s legal patchwork and its kneecapping effect on the private sector that Europe desperately needs to fund its inverted social welfare liability death spiral.
Yup. And this is the other reason: bad faith word soup that doesn't even pretend to be coherent, mixes up everything together, and goes from non-sequitur to non-sequitur.
So. Yes, complying with GDPR is trivial for most companies. No, your yet-another-shitty-startup does not need to sell my precise geolocation data to data brokers to store for 12 years to survive: https://x.com/dmitriid/status/1817122117093056541 And no, it's not a burden not to do that.
> So. Yes, complying with GDPR is trivial for most companies. No, your yet-another-shitty-startup does not need to sell my precise geolocation data to data brokers to store for 12 years to survive: https://x.com/dmitriid/status/1817122117093056541 And no, it's not a burden not to do that.
this is exactly the attitude of these people
for most legitimate businesses the "pain" of the GDPR consisted of maybe removing Google Analytics from their website
the entire point is to stop the shitty companies (facebook) data harvesting everything they can get their dirty mits on
My company had consultants come in to help with GDPR, I left after months of them being hired: more confused than I went in.
So I went to the source, and I found it surprisingly easy to read and quite clear.
I think theres a lot of bad faith discussion about the GDPR being complex by people who have a financial interest in people disliking it (or, parroting what someone else said).
It is an outright lie that there are “10 sentences per page”. You can open the PDF and see that this is not even a little bit correct. 10 sentences per page would maybe be appropriate for an Early Reader book. It’s certainly not we have here.
You also didn’t read 56k words in 20 minutes. This is nonsense, at 46 words per second.
I could suspend my disbelief for a moment and imagine that you are capable of reading 46 words per second. Sure. You happen to read about 10x faster than the average person at 250-300 words per minute. Congrats.
What I cannot believe is that you would in any way imagine that this is normal. Speed readers know that they read faster than other people and do not casually assume others could read The Hobbit in 34 minutes.
So no, I don’t actually believe you read this in 20 minutes, at >4 pages per minute, >46 words per second, and 10x faster than an average reader. Generously I would say you perhaps skimmed the doc in that time.
On the off chance that this is true, again congrats. You should know for the future that your experience reading does not map to the typical person who literally reads about 10x slower than you.
The amount of effort I’ve spent replying to you is more than was necessary to understand the entire fucking text.
Every statement is very clear what they’re saying, don’t record what you don’t need, how do you define what you need, make sure personal information can be deleted, what constitutes personal information.
It’s really really really fucking easy, like dude; you’re halfway through a sentence you know exactly what they’re getting at. You finish it anyway in case there’s an exception or something, and it’s never the case that there is.
Whatever… you believe whatever the fuck you wanna believe don’t call me a fucking liar though you cunt.
At no point did I say the law was very difficult to read. I said that your claim that it should take 20 minutes to read is absurd.
That the other replies to you said basically the same should clue you in that this is not realistic for others even if it were realistic for you.
> don’t call me a fucking liar though you cunt.
You could have easily just walked your claim back and said “Okay, 20 minutes is an exaggeration but it’s not a hard law to read”. Instead you repeatedly doubled down and backed yourself into a corner where the only possible options are that you are an ultra speed reader at 10x normal pace or you are a liar.
GDPR is not dense legalese. Start on page 33, read the first 3 chapters and then until bored, start again from page 1 until you reach 33 again, and then read from where you left off: it'll make perfect sense.
I've never seen anyone here, or elsewhere, displaying a positive opinion on GDPR without readily acknowledging it, or the way it has turned out and is (not) being policed, has many shortcomings.
I have seen people that are fanatical on privacy. Cheers to them!
Ok. I hereby do. The only complaint I have is that it isn't enforced automatically and that we often don't have a way to force the worst offenders, because they have the military we rely on on their side.
Nuance and sober analysis like you've suggested do not mix well with religious dogma. It's much easier for people to react emotionally to symbols.
For many here, 'GDPR' is a variable that equals 'privacy' in their brain computer. So any criticism of it or its implementation realities, no matter how well argued, will not be met with reasoned response, but instead religious zeal.