Being able to read something in one sitting doesn't make it simple or obvious. The law establishes a board that gets to set new requirements.

▲

stavros 2 hours ago | parent [-]

As someone who has to implement it, it's really not bad at all: Ask the user for consent to use their data, and don't be misleading about it. That's it.

The rest of the "It'S So LaRgE AnD UndErSpEciFieD" is just FUD. The regulators don't just slap fines, they work with you to get you to comply, and they just want to see that you're putting in the effort instead of messing them about.

I have literally never been surprised by the GDPR. Whenever I thought "surely this is allowed" it was, whenever I thought "this can't be allowed", it wasn't. For everything in the middle, nobody will punish you for an honest mistake.

▲

ch4s3 20 minutes ago | parent | next [-]

> for everything in the middle, nobody will punish you for an honest mistake.

How do you know that? Again the law establishes a rules making body that can at any time change or add rules, and as far as I can tell there's no public review process.

	▲	stavros 3 minutes ago \| parent [-]
		Which body is this? The EDPB?

▲

redwall_hp 2 hours ago | parent | prev [-]

Anti GDPR people: "it's so complicated not being able to walk into someone's house and take their things! Which things can I not take? How about this? And now I need a lawyer if I take someone's things? Ridiculous!"

Just don't spy on people.

	▲	stavros 2 hours ago \| parent [-]
		Yeah that's pretty much what it feels like, or sometimes it's "what if someone's stuff is lying on the street? Can I take it then?" and the regulator is kind of like "look around and ask if it belongs to anyone, and if not, sure".