My company did not retain customer data or retained very little. So compliance for us was very simple. If your business venture relies on that PII data you're going to have a hard time. And I'm not exactly sympathetic since I'm regularly getting notified from HaveIbeenPwned about another PII leak.

▲

bpodgursky 7 hours ago | parent [-]

I'm not sure what you're looking for here. If your position is "it should be difficult to make a company that has PII" you won't get any significant AI or consumer tech companies in your jurisdiction. That's just reality, they use PII, they personalize on PII, they receive PII, that's how they work.

If that is your goal, OK, that's a choice, but then you can't say "oh GDPR fears were overblown". They caused exactly the problems people were predicting, and that's what EU leadership is now trying to change.

	▲	hdgvhicv 5 hours ago \| parent [-]
		If I sign up your company I can opt into that personalisation at signup time. You have no business stealing my personal data until we enter an equal agreement.