How The GDPR Nearly Ruined Christmas
from the this-is-getting-silly dept
While the thinking behind the GDPR may seem sensible, time and time again we hear stories about how, in practice, it's a complete disaster. Some of that may be because of people misinterpreting the law. Some of it may be because the law is being abused. And some of it may be because the law is too vague. But some of it is just because the law tries to do way too much. So, today, we have a little story of how the GDPR nearly ruined Christmas for a small town in Germany.
The town of Roth has a long-standing tradition where children would write down their Christmas wishes, which would then be placed on a tree in the market. The city council would read the wishes and try to get the children what they wanted. Nice, wholesome, holiday good deeds and all. But... it became tricky under various privacy regulations, starting with Germany's own data privacy law and, later, the GDPR, because in order to get your wishes fulfilled, children had to provide their names and identifying information... and that's a big no-no under the law:
That legislation states that parents of minors have to provide consent to the use of their kids' data. Organizations that fail to comply face big financial penalties.
Providing proof of this was deemed too onerous by the council and the city decided against festive wish lists for 2018.
"The yearly trips to the fire brigade unit and the mayor were especially popular with children" Melanie Hanker, who works on events and public relations in the town's administration, told Die Welt last week. "Without the wishing lists, both these events will not take place this year," she added. Hanker refused CNN's request for an interview.
After initially cancelling this traditional wish-making and wish-granting, thankfully, a local radio station worked out a solution:
It created a wish list, which included a parental consent disclaimer, which can be printed from their website and put in the wishing box at the Christmas market, which opens on Thursday.
"This way, the wishes can be submitted and collected from Father Christmas also this year," the city said in a statement on Tuesday.
So... at least Christmas wasn't totally ruined, but now the simple process of making a wish involves a silly unnecessary extra tradition: having parents sign legal consent disclaimers to allow their children to make wishes that they hope the city council will fulfill. It's a Christmas miracle bureaucracy!
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: bureaucracy, christmas, data protection, eu, gdpr, germany, parental consent, privacy, regulations, roth, wishes
Reader Comments
Subscribe: RSS
View by: Time | Thread
more like a bureaucracy fuck up! typical of the EU, especially the EU Commission, trying to do whatever possible to protect the rich, the famous and the powerful (starting with the 'Right to be Forgotten disaster!) instigated by an 'encouraged' ordinary person but had to include, when needed, every other 'ordinary person'!!
[ link to this | view in chronology ]
Re:
At least the EU occasionally tries to protect the plebes along with the rich and powerful, unlike some other countries I could name :)
[ link to this | view in chronology ]
"time and time again we hear stories" -- ANECDOTAL AND ANAMOLY.
A classic Techdirt two-fer.
Sheesh. Just because ONE city has not been protecting children, you condemn the very idea of privacy for the whole EU!
Masnick: try to read your text way like someone even a tiny bit critical will. Actually, you require suspension of disbelief here. You start off with silly "seasonal" allusion, meander through pejoratives of where want to end up, and make entirely no sense overall.
[ link to this | view in chronology ]
At what point do stories such as these stop representing “anomalies” and start representing patterns?
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Dear Mike,
In some sort of idyllic Whoville there would be no need for GDPR - but this is the real world 2018 edition, and what that city was doing was (and still is) a privacy disaster waiting to happen. The very least those willingly sticking their necks through the noose can do is acknowledge doing it on their own accord.
Also: Merry Christmas...!
[ link to this | view in chronology ]
Re: Dear Mike,
In some sort of idyllic Whoville there would be no need for GDPR - but this is the real world 2018 edition, and what that city was doing was (and still is) a privacy disaster waiting to happen.
What...?
[ link to this | view in chronology ]
Re: Re: Dear Mike,
[ link to this | view in chronology ]
Re: Dear Mike,
Yep, covering the many failures and unintended consequences of a massive regulatory scheme that legally binds the entire European Union is exactly the same as Thunderfoot's creepy hate-boner for a single media critic. Mmm-hmm.
[ link to this | view in chronology ]
Re: Dear Mike,
If you think there is a problem, then state the problem, rather than just casting aspersions without any kind of evidence.
[ link to this | view in chronology ]
Re: Dear Mike,
If you think there is a problem, then state the problem, rather than just casting aspersions without any kind of evidence.
[ link to this | view in chronology ]
Re: Dear Mike,
there's that crying wolf too many times without the world actually ending thing
Hmm.... how did that story go again? Lemme try to remember.
The Boy Who Cried Wolf By "Max"
[ link to this | view in chronology ]
Re: Re: Dear Mike,
I keep tellin' folks, never feed them after midnight, but do they listen? Nooooo.....
What, you mean mogwai are the same way?
[ link to this | view in chronology ]
[ link to this | view in chronology ]
otherwording (or in-other-wordsing) — noun — The practice of summarizing an argument in a way that intentionally distorts it into saying something it does not and slanders the person who made it; this is often done to make winning an argument easier.
Example: You can typically find the phrases “in other words” or “so you’re saying” at the beginning of an instance of otherwording.
See also: strawman; your post
[ link to this | view in chronology ]
Re:
But, yeah, the above "so what you're saying" comment is so beyond misleading that it does not deserve an actual response. But the person who posted it knows that and doesn't care. He spends a lot of time around here arguing against the strawman mike in his head -- and whenever we point out that the real me is different, he takes it as proof that I'm lying, because the strawman mike could never be wrong. It's delusional.
[ link to this | view in chronology ]
Re: Re:
So what you’re saying is…
[ link to this | view in chronology ]
The GDPR...
[ link to this | view in chronology ]
Re: The GDPR...
[ link to this | view in chronology ]
Santa and the Elves...
[ link to this | view in chronology ]
Festivus for the rest of us
[ link to this | view in chronology ]
Reading this comment inside any country or region governed by the GDPR will be punished by a fine of $250,000.00 USD and ten years confinement in a sewage processing facility.
[ link to this | view in chronology ]
This does not break the CFAA in any way, because it is not a CFAA violation to log in own home computer network. You will appear to be coming from home computer, and nobody will ever be the wiser.
Using your home network has one advantage over using a commercial VPN provider. Websites can use a service like BlockScript to detect access from known commercial VPN sites. Your home computer's VPN will not be in any of these lists, so websites will never know what happened.
This is how, when I travel to Mexico or Canada, I can bypass geoblocking to get Netflix, iHeart, or any US only website. Using the VPN on my home computer makes my use of a VPN to bypass geoblocking undetectable to these sites, so it appears I am on my home computer, and they will never the wiser.
To do this, while you are away, Comcast Business is the best for this. For $100 a month, you can get service, with static IP, with enough outbound bandwidth that will let you watch Netlix or YouTube through your home connection.
And this is also where you can avoid problems with the CFAA and DMCA. To log on to your OWN network does NOT violate the CFAA, even if it is for bypassing geoblocking. For it to be unauthroized access, you have to be using an illegally obtained passed, and the password on your home network cannnot be considered illegally obtained.
And it is not violating the DMCA to bypass geoblocking to access something you are already paying for, so it cannot be considered any kind of financial gain, since you are already paying for the service. Since I am alerady paying for Netflix and SiriusXM, it is not any kind of service theft.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Someone keeps getting it wrong
so some guy from a radio station does the job (in 5 minutes probably) of a bunch of incompetent administrators, but we blame GDPR just because?
[ link to this | view in chronology ]
Re: Someone keeps getting it wrong
You see, the radio host was working when he created the form. That makes it a "work for hire" that the media conglomerate owns the copyright to. Then, an entire town or pirates went out and copied the work and used it without purchasing a proper license. If the town does not crack down on this clear infringement and start forcing it's citizens to pay the licensing fees that were "stolen", we will be seeing a lawsuit very soon.
[ link to this | view in chronology ]
"Intent" of the law. If people can't clearly determine the purpose of the law as to form an intent, the law should be revised so its purpose is clear.
It's true most of us would think the town took it too far, but you can bet there was an overzealous "prosecutor" or lawyer (not sure how German law enforcement works) would jump at the chance to sue.
Oh, wait. Do Germans sue foolishly like American idiots?
[ link to this | view in chronology ]