Sounds like you completely misunderstand what a police state is.
A police state does not require the police to be concerned with upholding the law. In fact there is usually a departure from the rule of law in police states.
As the other commenter mentioned, the police in a police state are usually concerned with maintaining order and protecting the power of the state or ruling faction, and policing people's behaviour to this end.
I mentioned the anecdote because it's the one case I personally experienced where the police actually got active on an issue, and nothing came of it. I know plenty of people whose behavior looks like it'd be policed (censorship circumvention is endemic, discussing events that reflect negatively on the government is common, some openly advocate e.g. for gay rights) but there's no indication the police are even aware of them.
I don't deny that e.g. forming an organization directly challenging the CCP's leadership would get you into deep trouble, but most activity below that threshold appears to go unpoliced. Even the currently ongoing student protest at Beijing Normal University's Zhuhai branch doesn't seem to have met any police resistance so far.
I'm not saying you're wrong. It just seems like something is missing from the picture in your explanation.
When I opened my bank account, I deposited say £5000 cash. What does the bank do with this money?
I was under the impression that the bank doesn't actually keep this £5000 in cash, only £500 maybe, and uses the rest to lend money, but you seem to be saying that they can't actually use my deposit.
Deposits are a relatively cheap way of attracting reserves. When you added £5000 from say an account at Santander, Santander lost a liability (the deposit) and simultaneously transferred some reserves to your current bank.
Banks can also attract reserves by borrowing in money markets (cheap but short term) or issuing long term debt (stable but expensive), or by persuading customers to open accounts and keep them in positive balance. In practice it will use a mix of all three, attempting to match the maturity profile of its liabilities.
The central bank will also create reserves and lend them to your bank if your bank can't raise them elsewhere for some reason. But borrowing from the central bank can spook investors, and it's also expensive.
A bank that doesn't have reserves can't settle its debts to other banks (like the debt you incurred by moving your £5000) and so can't function in the banking system. It has to get reserves from somewhere, and persuading consumers to park deposits in an account is one useful way to do so.
"When I opened my bank account, I deposited say £5000 cash. What does the bank do with this money?"
It burns it. Probably quite literally.
The cash represents a transfer from the central bank into the commercial bank's deposit account at the central bank - for which it receives an interest rate.
Cash is just a receipt for deposits held at the central bank.
Because those features can involve uploading your browsing history to 3rd parties... does Microsoft check locally against malicious site lists, or does it upload every address you visit in order to tell you it's safe?
I'm unaware of any anti-malware/phishing tool that uploads every address, because it'd be far too slow (you want to know if it's malicious before you show the user anything, to avoid them having the chance to interact with it). They all have some local partial list that is used for a first match, and only if that matches do they interact with any online service.
MS don't have a publicly documented API, which makes it harder to know what's being sent (short of reverse-engineering it), but Google's never uploads actual addresses (it almost always only uploads the uppermost 32-bits of the SHA256 hash of the address, and it never uploads the full hash).
He's missing the point entirely. User interface programming is hard. And time-consuming. The discussion about client Vs server side is simply talking about where to shift this burden.
You're not a business systematically or regularly storing and processing personal data. Pretty sure GDPR doesn't stop you from e-mailing random people for personal reasons.
The manufacturer should not be giving such unrealistic instructions in the first place. Everyone damn well knows that people will treat this like full autopilot. And everyone damn well knows that if you give people the chance to be a bit lazy and stop paying attention to the road, they will! Tesla knows what human behaviour is like.
We've been saying this from the beginning. This half-baked "autopilot" will only end in blood.
A police state does not require the police to be concerned with upholding the law. In fact there is usually a departure from the rule of law in police states.
As the other commenter mentioned, the police in a police state are usually concerned with maintaining order and protecting the power of the state or ruling faction, and policing people's behaviour to this end.