GDPR is not about the cookie banner, it has massive implications around the whole lifecycle of data. For example you need to be able to gather all data of a particular client for them to access, and they have the right for all their data to be erased.

▲

baggy_trough 5 hours ago | parent [-]

Far less than 1% of people would care about either.

▲

harperlee 3 hours ago | parent | next [-]

That is not surprising. Regulations are a way to ensure things that are not easily reached by market forces. Doesn’t mean that we should not care for that.

▲

jlokier 4 hours ago | parent | prev [-]

But far more than 1% are harmed by it.

Sometimes the harm is severe. Vast oceans of poorly handled personal data collected in exquisite and unnecessary detail by dark patterns, copied around to everyone who might be interested with low regard for security, kept forever, analysed by the best algorithms and sold to whomever will buy it, raise the risks and consequences of identity theft and fraud for everyone.

Those are the sorts of things GDPR is designed to limit.

The GDPR isn't about cookies or websites. It applies to non-web-based businesses too. It's basically just insisting on security best practices in every part of a business that handles personally identifying or sensitive data.

Limiting its collection to what is necessary and consented to, deleting or anonymising it when it's no longer required, respecting wishes of the individuals the data, and giving people some confidence that security best practice is taken seriously.

▲

baggy_trough 4 hours ago | parent [-]

Most people don't care about these things. Who are you to say that the harm is severe to people who don't care?

▲

harperlee 3 hours ago | parent [-]

It is a government who says that…

	▲	baggy_trough 3 hours ago \| parent [-]
		They are quite unwise to do so.