The GDPR, or the General Data Protection Regulation, is a new system of bans, restrictions, duties, and fines that will come to force on May 25th, 2018 and whose claimed goal is to protect the personal data of the European citizens, especially against the abuse by large and non-European companies. It should replace a data protection regulation from 1995.
In reality, it's another regulation penned by nasty folks whose skulls are full of šit but who believe that they should govern whole continents, anyway. Fines may be up to €20 million or 4% of the global turnover of the company. While it's easy to see that the fines are almost infinite, it's basically impossible to find out what these aßholes want from the companies. I have spent some hours trying to understand the logic and requirements of the regulation. What does it really want the companies to do in any of the mundane situations that deals with the personal data of the Europeans?
A rare point that I have understood is that every company is obliged to name or hire a GDPR officer. The European Union always wants to increase bureaucracy, the number of parasites at every level who are teamed up with the central EU authorities – and all of the people in them are shameful and harmful parasites. OK, so companies will have some extra expenses for parasites. But what will do these parasites do? What will they demand from the companies that employ them?
A huge fraction of the companies have to collect the data about some Europeans – about their employees, business partners, clients, consumers. Clearly, some of this activity is absolutely essential for almost any business activity to be possible. On top of that, many companies use the personal data in a more systematic way that is considered beneficial by almost everybody – i.e. the automatic targeted ads. The Internet users prefer relevant ads, the company providing the ads wants the users to be satisfied, and the payers of the ads also want to be effective.
This is just an example of a clear situation in which the data gathering is almost unquestionably a positive thing. These techniques are responsible for much of the efficiency of the modern world. Nevertheless, it's damn obvious that the EU idiocrats want to demonize these procedures as well.
A key general feature of an overregulated society is the totalitarian principle (also used in particle physics by Murray Gell-Mann): "Everything that is not allowed is forbidden." The point of this slogan is that the "ban on everything" is the default state of affairs. Only exceptional things may be allowed and you need an explicit generous permission from the idiocratic parasites.
And it's no formality. Maybe some permission has already been granted. But it's hidden in tons of bureaucratic jargon written on thousands of pages. Note that according to the Wikipedia page, "thousands" (!) of amendments have been proposed for GDPR. How do you want thousands or millions of companies to master all the stuff that may be relevant? It's really impossible. It would be equivalent to the establishing of a new Psychiatric Department within each company that would study the pathological thinking of the EU idiocrats. Should a restaurant build its Psychiatric Department as well? Should a waitress be terrified by a €20 million fine if she dares to remember the names and drinking habits of the regulars?
Almost all EU regulations are cures in search of a disease – the fight against climate change is a textbook example, after all. They never fight against any well-defined or particular problem. They just constantly brag about their power of suppressing any activity, despite their being unelected idiotic parasites. They boast that despite doing these things, no one has managed to execute them yet.
Despite all the text on the Internet, hours spent with that, and state-of-the-art search techniques, I wasn't able to answer simple questions such as: Does the regulation affect personal bloggers using ads? Google sent me some mail saying that it "transfers some responsibility over the GDPR to the webmasters". What does it mean? I am not collecting the personal data needed for targeted ads, for example, so how can I be responsible for this data or breaches? It makes absolutely no sense. I think that most people are uncertain whether their basic activities are affected. Maybe it's the goal of the GDPR – just to create this fear, uncertainty, and doubt.
There are only two possibilities. Either the same people of Europe will be able to persuade the relevant decision makers that it makes no sense and this regulation will be reversed or ignored; or the regulation will ban things like targeted ads in Europe which will move the technology of social networks back by some 20 years. If Donald Trump were a little bit more sophisticated, he would see that the GDPR is a great example of the terror by the EU bureaucrat directed especially against the U.S. IT companies. In these extensive regulations, the EU idiocrats never say anything comprehensibly let alone concisely. But a spirit is spread in between the lines of their message. They probably want to ban targeted ads or any optimized products for anybody, for that matter.
This is consistent with some more general impressions about the EU idiocrats. Even in other contexts, they want to convert the population of the EU countries to 500 million faceless, mutually identical and equal, pieces of obedient šit that cannot be distinguished by any personality or personal data and that unanimously agrees that the EU idiocrats deserve to live and to continue to do what they do. Sorry but I beg to differ.
The GDPR also comes with some "right to erasure" based on the philosophy that "all the information about the person XY always belongs to XY". Sorry but that's just rubbish. If someone writes a biography of Bill Gates, the copyrights must belong to the writer, not Bill Gates, and for good reasons. There exists a gradual transition from the legitimate facts that people can't filter out to the private data that may be protected. But the idea that all the data is always protected is just insane.
Three days ago, we discussed Facebook and Cambridge Analytica. That's a clear example of events in which something "undesirable" has taken place, I think. But it seems clear that the GDPR has nothing to do with any effort to prevent such things. The GDPR is trying to cause trouble not to Cambridge Analytica but to regular enough businesses that do work that is considered beneficial by basically everybody.
If a regulation were fighting about things like the practices of Cambridge Analytica, it would look totally different. It wouldn't need to introduce any new "GDPR officer" in every company. In fact, companies wouldn't even have to do any mandatory preventive work at all – and they wouldn't have to be terrified by huge fines for doing some prevention incorrectly. Instead, the law would simply say what kind of the usage of the data is outlawed. And companies would find their ways to avoid these unlawful outcomes. For almost everybody, these restrictions would be immaterial because almost no companies use the personal data in a harmful way.
The GDPR is completely different. It says that every company has to do lots of things even when nothing wrong or special has taken place. On top of that, the GDPR doesn't really say what the companies and their GDPR officers should actually do in situations that have at least something to do with the real-world usage of the data. It doesn't say "where", "what", and "how". And of course, the GDPR doesn't say "why" – that would be a nearly heretical question.
Needless to say, "cookies warnings" were just small annoying details relatively to the far-reaching monstrosity known as the GDPR.
Most of the Czech companies are outraged by the GDPR, they are still unready and confused on whether the regulation means anything for them at all, and I have read some apologists who claimed that we're special in this respect – like in other EU-related respects – and the hysteria isn't justified. Well, I think it is justified. We may also read that banks, insurance companies, and telecommunication companies are among those who have started to work on the GDPR and they know what they're doing. It's because their companies that are used to work with bureaucratic nonsense and regulation all the time – and some of them were semi-socialist companies just years ago. OK, many of these organizations may say that the GDPR is doable.
But what about the truly productive sector of the European economy that is simply not defining its work as efforts to comply with some illogical and arbitrary bureaucratic demands from some idiots in Brussels? No one in Brussels thinks about their well-being. It's very clear that the productive companies with some beef are enemies of the Brussels-based apparatchiks. And be sure that it's mutual.
The European Union doesn't describe itself as a Bolshevik bureaucratic hell even though a main goal of those parasites is to transform the Old Continent to a Bolshevik bureaucratic hell. The amount of policies that are considered deeply annoying by most of the law-abiding people is unavoidably increasing in every political system in which the politicians don't have to compete to gain the support of the "demos". It's no coincidence that the GDPR sounds like KDPR, Korea's Democratic People's Republic. The EU is becoming a hell and before it's too late, we should charge people such as the authors of GDPR with terrorism because they unquestionably plan to terrorize millions of innocent Europeans.
And that's the memo.