| ▲ | I told them forced consent was unlawful. 5 years later it cost Elkjop €1.8M(thatprivacyguy.com) |
| 185 points by speckx 6 hours ago | 70 comments |
| https://web.archive.org/web/20260618212028/https://www.thatp... https://archive.ph/I4zjA |
|
| ▲ | Insimwytim 2 minutes ago | parent | next [-] |
| There's also issue with EU companies forcing you to agree to their anti-privacy policies (confusingly named "privacy policies") before the job interview and as a requirement for a job interview. Those anti-privacy policies usually state, that you waive all you rights to your data and grant the company AND third-parties permissions to use your data (including voice and image) for any purpose. (Of course, it is stated in a slightly obscure fashion, so a layman may not comprehend it.) I wonder if there has been any similar action taken against those. |
|
| ▲ | buzer an hour ago | parent | prev | next [-] |
| Actual decision (Norwegian): https://www.datatilsynet.no/contentassets/c8d0551d2a64403285... Machine translation of overview & 5.1 which is what the blog post is about (covers some other things as well): https://chatgpt.com/share/6a34732c-0fa4-83e8-aae1-95c25dd117... [EDIT] Oh, there was actually official English decision available as well: https://www.datatilsynet.no/contentassets/59addbef9c1b48a28f... |
|
| ▲ | engeljohnb 2 hours ago | parent | prev | next [-] |
| I'm glad it all worked out for this individual. I hope more people live their lives like this as the dystopia progresses. Unfortunately, especially in the US, exercising your rights, or even just reading every paper you're expected to put your name to, not only constantly pisses people off for some reason, but also puts you at a significant disadvantage compared to the people that never push back in the interest of not making waves, or even because "whatever it's fine." |
| |
| ▲ | deepsun 2 hours ago | parent | next [-] | | Once I rented an apartment in US, and the documents said that they can make videos, pictures and audio recordings of me and my family, and use it for their own purposes including commercial. I objected, but their position was that no one is going to involve legal department for me, and I am free to go away. | | |
| ▲ | smcleod 2 hours ago | parent | next [-] | | Pretty sure that's a violation of fundamental human rights as it's your place of living. Surely that can't be legal, even in the US can it? | | |
| ▲ | monkpit 2 hours ago | parent [-] | | It doesn’t mean _inside_ the apartment. It means if they decide to film a commercial and you’re walking your dog in the background, they don’t have to ask you. | | |
| ▲ | bigiain an hour ago | parent | next [-] | | That sounds a lot like a rationalization desperately grasping at "surely it's not as insane as it sounds, what it _must_ mean is ... " I would want to read and perhaps get legal advice before relying on that interpretation - and before finding I signed over rights to my landlord to make candid porn of me and all his other tenants. | |
| ▲ | nkrisc 42 minutes ago | parent | prev | next [-] | | If it didn’t say it, it doesn’t mean it. | |
| ▲ | gerdesj 10 minutes ago | parent | prev | next [-] | | Thank goodness you read the contract they signed and provided competent legal expertise throughout the process. | |
| ▲ | smcleod an hour ago | parent | prev [-] | | Oh right, that's not so bad. Isn't that just being part of modern society? It would be nice to opt to never be recorded but also, it's outside. |
|
| |
| ▲ | plagiarist 7 minutes ago | parent | prev | next [-] | | I found some shit like that in a gym contract, which I then declined. | |
| ▲ | bsder 2 hours ago | parent | prev | next [-] | | > and I am free to go away. This is the crux of the problem when landlords are allowed to form or join an "association" that gets too pervasive. This was at the heart of the RealPage lawsuits. | |
| ▲ | m0llusk 2 hours ago | parent | prev [-] | | This is basic security. Cameras around entrances, exits, and common areas have become critical for safety and preventing mail theft. | | |
| ▲ | collingreen an hour ago | parent [-] | | There is no version of basic security that extends to commercial use of your likeness in their marketing. Be reasonable. |
|
| |
| ▲ | uproarchat an hour ago | parent | prev | next [-] | | I am that person that reads every line of the contracts I sign, including ToS and PP. I appreciate that I can tell who it rubs the wrong way, because it tells me who will shake my hand without intending to honor their word. It changed the way I write these documents as well, the last ToS and PP I wrote can each be read in a single breath. | |
| ▲ | solid_fuel 2 hours ago | parent | prev [-] | | > Unfortunately, especially in the US, exercising your rights, or even just reading every paper you're expected to put your name to, not only constantly pisses people off for some reason Yup. It's particularly sad seeing other people in this very thread talking about how they would "ban this customer for life" just for knowing their rights. I think it's pathetic that this has become the culture amongst large swathes of Americans - especially ones who consider themselves patriotic. This country was founded in rebellion and the assertion of our rights, and somehow the exact opposite is now the ideal of many citizens now. | | |
| ▲ | treis 8 minutes ago | parent | next [-] | | I don't know that signing up for a rewards club and then complaining that you're being marketed to is quite the platonic ideal of rebellion you make it out to be. | |
| ▲ | trhway an hour ago | parent | prev [-] | | >I think it's pathetic that this has become the culture amongst large swathes of Americans - especially ones who consider themselves patriotic. This country was founded in rebellion and the assertion of our rights, and somehow the exact opposite is now the ideal of many citizens now. DHS is putting on the domestic terrorists watch list those people who took parts in the protests. Or at minimum threatens to put. And if you google a bit more you'd see that it isn't limited to ICE. Any dissent is perceived by the current government in a similar "terrorism" way. For majority of population that would completely chill any desire to assert rights. https://www.markey.senate.gov/imo/media/doc/letter_to_dhs_on... "U.S. Immigrations and Customs Enforcement (ICE) officers and senior Trump
administration officials have repeatedly suggested that the Department of Homeland Security (DHS) is building a “domestic terrorists” database comprising information on U.S. citizens protesting ICE’s actions in recent weeks. ... In recent weeks, DHS personnel and senior officials have repeatedly stated that the agency is engaged in efforts to monitor, catalog, and intimidate individuals engaged in peaceful protests" |
|
|
|
| ▲ | 0xfffafaCrash 2 hours ago | parent | prev | next [-] |
| > The reply I received a few days later did me the favour of putting the violation on the record. Their position, in their own words, was that "in order to receive marketing / offers, it is a condition to be a member of the customer club." That one sentence is the whole case. They had taken a right I am entitled to exercise for free and turned it into the price of admission. I don’t understand… it would be one thing if it said “receiving marketing/offers is a condition of being a member of the customer club” but that’s not what is being stated above… rather that being a member of the club is required to receive marketing — perhaps something has been misworded or lost in translation? |
| |
| ▲ | ajb an hour ago | parent | next [-] | | Yeah sounds like it's backwards , and should be "in order to be a member of the customer club, it is a condition to receive marketing / offers ." | | | |
| ▲ | mixdup 2 hours ago | parent | prev | next [-] | | I think the "marketing/offers" means discounts? To be eligible for the discounts or special offers, you have to be a member of the club, and if you are a member of the club you have to be willing to receive the email messages, and somehow under EU law you're entitled to all discounts I guess? | |
| ▲ | drdaeman 2 hours ago | parent | prev | next [-] | | Yea, I don't get it either. Receiving being a condition on membership means (in my understanding) only that non-members can't (shouldn't) receive anything, not that members will or must receive something. Which sounds perfectly normal and sane to me. | |
| ▲ | LearnYouALisp 2 hours ago | parent | prev [-] | | sounded exactly like translation error from a German-related lang. e.g. "to receive offers...is a condition to be in..." |
|
|
| ▲ | pavel_lishin 3 hours ago | parent | prev | next [-] |
| The image isn't loading for me, all I see is the prompt used to generate it - which is genuinely preferable. |
| |
| ▲ | QuantumNomad_ 2 hours ago | parent [-] | | For me it was showing the image and the prompt, but the whole page was unstyled. But when I reloaded the page now, the css loaded also and the prompt is not shown. I guess the web server was temporarily overwhelmed by traffic resulting in images (like for you) and css files (like for me) not being consistently served to all visitors. |
|
|
| ▲ | tomtom1337 3 hours ago | parent | prev | next [-] |
| This is extremely cool reading! I'm impressed that they actually fined Elkjøp (as they should!) but very surprised that they didn't keep you informed! Thank you for sharing! |
|
| ▲ | Telaneo 2 hours ago | parent | prev | next [-] |
| Datatilsynet, the Norwegian DPA, from my experience, consistently has the user in mind. It (sadly) takes a long time for things to pass through the system, but they consistently come to good decisions. |
|
| ▲ | peaseagee 3 hours ago | parent | prev | next [-] |
| And how much did it make them over those 5 years? |
| |
| ▲ | Retric 3 hours ago | parent [-] | | The fine is only part of the story. They likely spent more money than the fine fighting it over 5 years as fines increase next time if you don’t stop. | | |
| ▲ | coldtea 2 hours ago | parent [-] | | And how much did it make them over those 5 years? | | |
| ▲ | aucisson_masque 2 hours ago | parent [-] | | You don't know how much it did cost them. Why would you care about how much they gained ? You can't compare something when you have neither value. | | |
| ▲ | anakaine 2 hours ago | parent [-] | | Because if, as the regulator, you fail to benchmark what they gained then your laws can be ignored and your fines paid as simply a cost of doing business. Its why you find the Australian regulator for consumer affairs handing out $200m+ fines to telecommunications companies, for example. | | |
| ▲ | Retric 2 hours ago | parent [-] | | By that logic regulators should lower fines if the action wasn’t profitable. Which creates an expensive legal fight around the net profits of some action were after guilt is determined. Instead, it’s much better to scale fines based on the scale of the entity involved, which also results in huge fines, but it’s easier to measure revenue. Thus the fines are more broadly effective, and you can still escalate if they don’t stop. | | |
| ▲ | tux1968 2 hours ago | parent [-] | | Like in Finland where speeding ticket fines are based on your income. For instance, in one well known case a businessman was fined €121,000 for going 82 km/h in a 50 km/h zone. | | |
| ▲ | dataflow 2 hours ago | parent | next [-] | | And before anyone calls this crazy, note that jail time costs you your time, whatever that's worth. This is the same idea without the physical incarceration. | |
| ▲ | aidenn0 2 hours ago | parent | prev [-] | | That's considerably more than someone near me who was doing 245km/h in a 90 zone (Well 55mph which is 89km/h). I still don't know why that person didn't lose their license (other than the obvious fact that they were rich enough to afford the Lamborghini that they were driving in); it wasn't just any 55 zone, it was one with a reputation for being dangerous. |
|
|
|
|
|
|
|
|
| ▲ | pixelpoet 3 hours ago | parent | prev | next [-] |
| Love to see this, and love our privacy and data handling laws! |
|
| ▲ | alexhans an hour ago | parent | prev | next [-] |
| It's always satisfying when customer rights stories have a known positive outcome. The timeline is unfortunately quite slow and bureocractic but I'm glad OP managed to find out about it. |
|
| ▲ | ryandrake 3 hours ago | parent | prev | next [-] |
| Excellent outcome. I wish we had these rights in the USA! Too bad justice took 5 years though. |
| |
|
| ▲ | sscaryterry an hour ago | parent | prev | next [-] |
| This fills my heart with joy. If only ICO in the UK would do the same. |
|
| ▲ | echoangle 2 hours ago | parent | prev | next [-] |
| Good to know that this is illegal. One of my email providers also does this, maybe I’ll also have to try reporting them and see what happens. |
| |
| ▲ | VorpalWay an hour ago | parent [-] | | Go for it! If nobody reports things they don't get fixed. I have found this to be true not just when it comes to companies breaking laws, but also to much more benign things. Such as reporting potholes in town or broken microwaves at work. Those can be in need of fixing for an extended period of time, yet when I report them, they usually get fixed within days. I suspect most people can't be bothered or think that surely someone else will report the issue. But that doesn't work if everyone thinks that way. |
|
|
| ▲ | angry_octet 44 minutes ago | parent | prev | next [-] |
| I don’t know who you are. I don’t know what you want. If you are looking for ransom I can tell you I don’t have money, but what I do have are a very particular set of skills. Skills I have acquired over a very long career. Skills that make me a nightmare for people like you. |
|
| ▲ | QuantumNomad_ 2 hours ago | parent | prev | next [-] |
| > the only way to stop the marketing was to cancel my membership of the club altogether I have experienced this same thing with at least one other big company in Norway. I could opt out of either SMS or e-mail, but not both, or I would not be able to keep the membership. Unfortunately, I never made a note of which one that was exactly so I can’t name them and shame them on the spot. Despite half-hearted attempts at stopping marketing emails now and then by individually logging in and opting out, or clicking unsubscribe links embedded in the email, my email continues to be flooded with marketing both from domestic and foreign companies that I’ve done business with. There is so many companies that even going through a handful of them at a time and unsubscribing there is a seemingly endless amount of companies that remain to unsubscribe from. It is great to see that someone fights back, and that it is resulting in fines. |
| |
|
| ▲ | RobRivera 2 hours ago | parent | prev | next [-] |
| Lol. Brookfield Place wifi had an OPT IN for their wifi to receive marketing. If you unclicked it, the 'connect to wifi' button greyed out and a notification appears saying that Opt In is required for wifi. |
| |
| ▲ | iliveinberlin an hour ago | parent [-] | | Type the email address of somebody you dislike | | |
| ▲ | josephg 9 minutes ago | parent | next [-] | | Yep this. They never make you verify your email address on a captive portals. (Since you can’t check your email without an internet connection in the first place). | |
| ▲ | Telaneo 16 minutes ago | parent | prev [-] | | There's always a@a.com |
|
|
|
| ▲ | kklisura an hour ago | parent | prev | next [-] |
| GDPR is a godsend. |
|
| ▲ | pixelneon 2 hours ago | parent | prev | next [-] |
| Hahaha, the sticker looks really funny, but I like it. |
|
| ▲ | yieldcrv an hour ago | parent | prev | next [-] |
| I’m imagining an agentic solution in everyone’s inbox that automates GDPR fines and updates |
|
| ▲ | jazz9k an hour ago | parent | prev | next [-] |
| I'm so glad the GDPR never took hold in the US. Little Karens getting companies fined millions of dollars over what amounts to nothing. You can always not use their service. Plenty of alternatives out there. |
| |
|
| ▲ | throw9394494 2 hours ago | parent | prev | next [-] |
| I wonder if anyone who are cheering this fine, actually read and tried to implement GDPR. It is a nightmare to be fully compliant for small companies. It is mostly just a theater (like endless cookie consent dialogs in anonymous browsing), to employ more experts and bureaucrats. EU is now pushing privacy laws that severely undermine privacy. |
| |
| ▲ | Telaneo 18 minutes ago | parent | next [-] | | I have read it. It's really easy to be compliant if don't start from a position of extracting the maximum amount of data from every user out there. If you start from the opposite end of the scale, only getting the data you need for the goals you need to achieve in the interest of the user, you barely have to do anything beyond what you would have done anyway. | |
| ▲ | iliveinberlin an hour ago | parent | prev | next [-] | | I did, it is easy, you just don't spy on people and have a point of contact and you're good. It becomes hard when you want to spy on people and also remain compliant with the no spying law. | |
| ▲ | kentm 29 minutes ago | parent | prev | next [-] | | Yes. It’s very easy actually. People think it’s hard only because they’ve built revenue streams on unethical behavior. | |
| ▲ | tverbeure an hour ago | parent | prev [-] | | > EU is now pushing privacy laws that severely undermine privacy. Even if it’s most just theater, you don’t make the case at all how it undermines privacy. |
|
|
| ▲ | londons_explore 2 hours ago | parent | prev | next [-] |
| If I did business in the EU, I would be banning this chap from my services on the basis that the risk he poses to the business is too great... |
| |
| ▲ | Broken_Hippo 2 hours ago | parent | next [-] | | In other words, you'd ban someone because they might notice that you are doing illegal stuff and you might get caught. Follow the laws and it isn't an issue. I'm pretty sure banning someone for that stuff is probably illegal, too. | |
| ▲ | onli 2 hours ago | parent | prev | next [-] | | You would do no such thing, because if you tried, you wouldn't have a business in the EU anymore. | |
| ▲ | Telaneo 17 minutes ago | parent | prev | next [-] | | We don't want your business in the EU if this is your attitude to things like this. | |
| ▲ | dataflow 2 hours ago | parent | prev | next [-] | | The risk of getting caught doing business illegally? You really don't give a damn about the illegal part, just getting caught? | |
| ▲ | solid_fuel 2 hours ago | parent | prev | next [-] | | Frankly, this attitude is pathetic. Absolute loser behaviour. I don't think you should be doing business anywhere if customers being familiar with the law and knowing their rights scares you. Frankly if you are running a business, you should be familiar with the laws and regulations, doing otherwise - especially when someone points out that your behaviour is illegal - is negligence and punishment with a fine is completely appropriate. Welcome to living in a society. | |
| ▲ | throw9394494 2 hours ago | parent | prev [-] | | Just awoid some jurisdictions. Bulgaria is in EU, has all the same access, and has no time for this BS. | | |
|
|
| ▲ | arjie an hour ago | parent | prev [-] |
| It's an interesting story, but I could not help but have my mind skip over it because of the LLMisms. Acts like one of those taboola reels to me. If even just there was a tutorial to get people to write in such a way that it's not obviously LLM text it would be nice because the story is interesting. I know, it's like complaining about JS etc. but it's like walking into an elevator and smelling very strong perfume. It's hard not to go "whew!" |
