So now the EU is in charge of how I decide to build my app, and is trying to dictate what suppliers I can use?
What if I decide that crash reporting is an essential service (it is), and the EU's lawyers decide that it's not? Who is going to pay my legal fees, and potential fine? I should be on the hook because some schmuck uses a service that I provide for free (which essentially means I'm paying for it with my time), and is upset that I may not be handling his data in the way that the EU says I should be? The sane solution would be to allow me to tell this individual that he cannot use the app if he doesn't consent. But here comes the EU telling me that I must allow him to use the app.
So the rest of the world should get annoyed with the opening dialog, so that the EU doesn't have to get blocked? Sounds like this could be solved by a proper solution, which the GDPR is not.
Did you read any further? If I can't prevent them from using the app, then I have to solve an impossible problem. Namely providing a fallback for core services that the app is built on.
Yes. Besides for the administration costs incurred (which is probably the real killer), the list of death points are:
1. Adding a dialog as the first step in an onboarding funnel that's already difficult to get users through
2. Handling non-consent. WTF! So if the user doesn't give consent to something that 99% of the population doesn't understand, I'm not allowed to prevent them from using the app. And so my engineering team needs to waste critical hours figuring out things like how to deal with crashes, or maybe how in the fuck we're supposed to fallback to not using services that we're built on (e.g. Firebase)!
3. Dealing with the fallout of #1 in the form of bad reviews that are the kiss of death to startups
The same law that fined me $1,800 because a posted notice fell off my door in a blizzard? The same law that allowed the judge to uphold the fine by saying "I don't believe you". Bureaucracy sucks, and the second it gets its tentacles on you, no amount of cheek clenching is gonna delay the inevitable.
I don't see what leaking personal information has to do with collecting crash data, or using Google's infrastructure to store my data. Why should I have to be on the hook for what is most definitely much safer than trying to safeguard the data myself?
Like I said, all it will accomplish is discouraging projects like mine that aim to provide utility to some people. One of my released hobby apps is no great commercial success (I don't show ads or collect revenue), but it's one of the top rated apps in its category on the Play Store, and I have about 20k DAU.
If the GDPR ever came after me for it, I'd just take the app down. Bam, 20k people a day affected because of over regulation.
Also, I wouldn't equate personalized ads with the life and death regulations involved in the auto industry.
My point is, I have no clue what's collecting data in an improper way, and I'm not going to hire a lawyer for a hobby app.
The amount of conflicting information about whether I do or don't need consent based on what services I use is just stupid. And I wouldn't even be showing ads.
Part of the apps function is related to location, do I need consent? Maybe.
It will use Firebase, do I need consent? Maybe.
It will collect crash data so I can debug the stupid thing, do I need consent? Maybe.
I'm still struggling with the fact that the EU can compel me to add what will be a funnel shattering dialog to my onboarding.
I've shelved a bunch of side projects that I was excited to work on because I have no interest in dealing with any of this ambiguous law. Implementing it would most likely cause a large percentage of users to uninstall my app, because who wants to be greeted with a scary sounding dialog as their first experience in an app. I know many folks here are privacy oriented, but unless this tiny slice of the population is willing to fund my app, I have 0 interest in pandering to them vs the majority of users that would get scared away by it.
I know that there's an almost 0% chance of any repercussion for not being compliant in a tiny app that'll probably never get anywhere, but I'm just so sickened by this whole thing that I don't want to deal with any of it.
Slightly off topic, but towards the end, he mentions that:
"Though they experienced homophobia and struggled financially..."
This particular case aside, why is all negativity towards homosexuality grouped into homophobia? Is anyone who opposes homosexuality afraid of it (in a literal translation)?
The dictionary.com definition of the suffix phobia is:
"a combining form meaning “fear,” occurring in loanwords from Greek ( hydrophobia); on this model, used in the names of mental disorders that have the general sense “dread of, aversion toward” that specified by the initial element:"
What about folks approaching from a standpoint that has neither a dread of, nor an aversion towards homosexuals? Why are they called homophobic?
YMMV but it improves my experience because I get to use all these great products and features Google has, without lifting a finger, and in most cases without paying a penny. All I have to do is ignore the ads on my screen (which my brain seems to already do).
Have you considered that there are people out there with values that differ from yours? It's not wildly impossible, regardless of what the screaming minority would have you believe.
Maybe they don't have a problem with working on such projects, because they agree with their end goal?
I discovered the feature by mistake, and I thought it was cool. I usually browse Wikipedia on my phone, so I don't know if I'd still think it was cool if there are constant false positives on it.
What if I decide that crash reporting is an essential service (it is), and the EU's lawyers decide that it's not? Who is going to pay my legal fees, and potential fine? I should be on the hook because some schmuck uses a service that I provide for free (which essentially means I'm paying for it with my time), and is upset that I may not be handling his data in the way that the EU says I should be? The sane solution would be to allow me to tell this individual that he cannot use the app if he doesn't consent. But here comes the EU telling me that I must allow him to use the app.