A subject access request if you just have a mailing list sign-up would require you to provide the information in that mailing-list sign-up and information of how you have processed it. Nothing more, unless you in fact also store other information on a user behind their back.

So, no, it was not an unsolved issue: Just respond. The court case resolved the situation where a company didn't respond, but the request was potentially abusive. Nothing that and legitimate requests are both solved by simply responding.

> which this site has

It’s not clear to me which site “this” refers too.

> I think you're missing a few steps there.

I mean, yeah, I thought the format of the reply made it clear it was a joke. The larger point is that compliance isn’t that complicated and only becomes hard if you are invasive. When you’re not invasive it’s actually fairly simple.

> It would be nice if we lived in a world where legal compliance automatically conferred legal immunity.

It probably wouldn’t, because that would mean anyone violating the spirit of a law would be exempt from consequences by adhering to its letter.

I don’t recall any GDPR violation case which has gone to court. If you do, mind linking to it?

I’d gladly make this same argument in court, though. But I’ll never have to, at least not as a defendant, because I respect users’ data (by not even collecting it), so there’s nothing to take me to court over.

It looks to be a distinctly US American idea that everyone is always suing everyone for everything and always going to court. That’s not how the rest of the world operates for the most part.