Funnily enough, the UK has just had a report commissioned about it (and I’m focussing on the UK here since the Guardian is based there and OP alson said they were accessing the UK site). It notes that “In principle, data protection law does not prohibit business models that involve consent or pay.” Direct pdf link: https://ico.org.uk/media/about-the-ico/impact-assessments/4032418/consent-or-pay-impact-assessment.pdf
Gotta love how the legal system here outright ignores the laws that they’re ruling on, GDPR states that the accept and reject buttons need to be equally accessable.
Of the 2 million most used sites in the EU not even 10% pass the lowest bar of the GDPR. Thing is, that when the problem is this wide spread, the courts don’t want to open the floodgates when they start to percecute all those websites.
Have a staff member verify a complaint is accurate. Send cease and desist to the domain admin, advising which law they’re breaking and remediations necessary. Wait 4 weeks. Send auto-fine to domain admin. Wait 4 weeks. Open formal audit of the companies GDPR compliance.
This won’t happen because we live in corporate dictatorships masquerading as democracy.
Pretty sure this is illegal but I guess whatever fine they get is just the cost of business
i get they need to make money but i don’t think threatening to sell people’s data is going to foster goodwill
Get someone in CA or CO to sue. Laws are very straight forward there
This is Guardian UK I don’t know if Guardian US is doing this or not
Funnily enough, the UK has just had a report commissioned about it (and I’m focussing on the UK here since the Guardian is based there and OP alson said they were accessing the UK site). It notes that “In principle, data protection law does not prohibit business models that involve consent or pay.” Direct pdf link: https://ico.org.uk/media/about-the-ico/impact-assessments/4032418/consent-or-pay-impact-assessment.pdf
Gotta love how the legal system here outright ignores the laws that they’re ruling on, GDPR states that the accept and reject buttons need to be equally accessable.
Of the 2 million most used sites in the EU not even 10% pass the lowest bar of the GDPR. Thing is, that when the problem is this wide spread, the courts don’t want to open the floodgates when they start to percecute all those websites.
Persecute? They’re ignoring privacy laws.
Have a staff member verify a complaint is accurate. Send cease and desist to the domain admin, advising which law they’re breaking and remediations necessary. Wait 4 weeks. Send auto-fine to domain admin. Wait 4 weeks. Open formal audit of the companies GDPR compliance.
This won’t happen because we live in corporate dictatorships masquerading as democracy.