Is GDPR driving you up the wall?

Is GDPR driving you up the wall?


norman lebrecht

May 22, 2018

Try some of this:

A special GDPR message from the Young Artists of the National Opera Studio from National Opera Studio on Vimeo.


Feel better?

Me neither.

Has there ever been a more hopeless waste of public time?


  • V.Lind says:

    It all seems very silly, as the option to unsubscribe to any email series, whether you joined voluntarily or somehow got subscribed by linking to one of a site’s postings, is available at any time and usually works.

  • Alastair Scott says:

    This afternoon I received an email from Spotify stating that, as of the middle of next month, I would be able to download the data it holds on me (and, presumably, ask it to delete it, or even my whole account, if I don’t like it). That could be very interesting; I have been a subscriber for 6 years and, until now, the information Spotify has deigned to make available via its Accounts page has been next to non-existent.

    Similarly, it will finally be possible to delete Apple accounts – something the company has stoutly resisted for about 10 years until it was forced to capitulate. So my two old accounts will finally be gone in a few days’ time.

    The GDPR may be a pain (although I am a bit surprised at the events regarding the mailing list here as other mailing lists I subscribe to have not said a word) but it is having a real go at fixing some major problems with subscriber data and accounts which, until now, have effectively been permanent playthings of their parent companies.

  • Don Fatale says:

    I sense that many worthy charities, especially local and voluntary ones will be forced by the EU to decimate their mailing lists, which will have a devastating effect on their fundraising, engagement and events promotion.

    Meanwhile, organisations that I pay monthly or annual fees to are obliged to ask whether I want to receive their correspondence before they remove me from their lists. Of course I want them to communicate with me!

    Another well-intentioned but ill-conceived piece of EU legislation.

    • Kris Symonds says:

      They won’t – legitimate interest would apply. So many people asking for reconsent when they just need to do a legitimate interests test first as most charities and organisations will fall under legitimate interests

      • Anthony says:

        Except that legitimate interest does not apply to emails, according to the ICO. I really hope you are not the data protection officer for any organisation.

      • Step Parikian says:

        That is true. But “legitimate interests” is vague – and I have heard a variety of interpretations.

  • Peter Smith says:

    I think the problem is that the change in the law has not been properly explained, so many organisations are taking the “better safe than sorry” approach, hence the barrage of emails. This article explains:

  • Jackyt says:

    Well, I thought that was great, especially after all the pages of tedium from other companies about GDPR.

  • Cosmic Serpent says:

    As with all bureuacratic monstrosity laws, the effect is likely to be quite different from what the name suggests. If you think you have deleted your Apple account or will receive a complete history of your data use by Twatter or Farcebook, think again. Where is the proof? Will you hire an attorney to get it? Will it stop Microshaft from spying on every keystroke you make on your PC?

    The true effect is to provide large corporations who can afford whole departments devoted to “data protection compliance” and the most expensive attorneys for legal battles with a huge competitive advantage compared to small businesses and individual entrepreneurs who will now have to spend proportionally even more time on fulfilling regulations than they do even now. If a small business gets sued by a big competitor for some minute technical ommission in the GDPR on their website, it could mean ruin, they could get pushed to the wall.

    • Alastair Scott says:

      Clearly, it is impossible to prove. Even on a smaller scale it is difficult, bordering on impossible, to entirely prevent a computer writing logs, even if the corresponding data are explicitly deleted – recording what it does in an abbreviated form is intrinsic to almost every operating system.

      But the GDPR is a lot better than what was there before.

      (The Spotify data showed up and, among others, listed my last 3 months of tracks listened to … in plain text, which has great potential for analysis. Given the size of that file, I imagine that the rest of the history was deleted because keeping everything would be too onerous).

    • Saxon Broken says:

      Er…sorry but I disagree. The large organisations you describe would likely get caught if they did that, and the EU punishment would be horrendous for them. And data protection isn’t something trivial, it is fundamental to our freedoms. I am sorry that Norman finds it a pain, but I am glad that the EU is protecting me.