this post was submitted on 11 Nov 2025
737 points (99.6% liked)
Technology
76899 readers
4379 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related news or articles.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Yyeeaa as if these small companies are the ones that yelled in favor of this. The lady at my local grocery shop always told me how it would be easier for her to do her job if this change in GDPR made it through...
It actually is a problem for small businesses, especially start ups. Not agreeing with the approach but the GDPR law is extremely complicated to find your way around - talking from experience. Support the idea, implementation could be better.
well yeah in my personal environment, the people i talk to IRL, lots of people complain about the supposedly overly-strict GDPR rules and about the fact that it makes management quite a bit more challenging, because they have to be careful about what information to put/share where. Like, even if you make a public google sheets document as a calendar for a small company/school where a group of people can enter their email addresses, that's already a GDPR violation, because personal data becomes accessible by other people. As a result, you theoretically would need very elaborate custom-forms, where only you can enter information but nobody else can see it. It's a hell of a lot of work, IMHO. So yeah, people have semi-meaningfully complained about it.
Yeah, that's not it.
There's this thing known as consent and purpose. For a GDPR violation, you need to lack either.
When your job has a noticeboard of names, emails and birthdays, they probably got your consent to post it up there. They didn't get consent to post it onto Facebook.
Yeah, sharing a photo can be a GDPR violation. Because you need to prevent unneccessary processing of data. Like what Facebook does. That's why most places require you to sign a waiver to allow photos and similar stuff being posted online.
It can be a lot of work. But so is writing a contract. You can't just do some stuff willy-nilly, and for a good reason.
That being said, the GDPR is mostly unenforced. What it means in practice is "don't ask, don't tell". Meaning, if you keep the info you do have under wraps, you should be fine. Just don't go whoring your customers'/employees' info out to your 18 356 "data partners". Bonus points for having an "Accept All" and "More Options" button, but no "Reject All".
1st prize for those whose "Reject All" doesn't encompass "legitimate interest".
You really hit the main points of our gdpr training. You're right.
What. Google forms exist. It's really not that difficult. And also, you can just have them agree to share their emails with each other??