> Everything spelled out in the GDPR is a great thing for users and should have been there from the very beginning - being able to erase all their data, see all their data, export their data, and get notified when data is accessed.
I hate this "empowering users" philosophy of the EU. It's reminiscent of "right to be forgotten" type regulation where EU believes users should be in control of "their" data, when it reality it isn't "theirs" to begin with. Once data is "public" you can't ever "erase" it because it's not "yours". I'm sorry, if you shoplift in my store (online or no), I'm keeping track of you no matter how much you demand that I erase "your" information.
Because it is their data, consider if there was a database of your fingerprints and DNA available online to everyone, would that really be okay to you?
I hate this "empowering users" philosophy of the EU. It's reminiscent of "right to be forgotten" type regulation where EU believes users should be in control of "their" data, when it reality it isn't "theirs" to begin with. Once data is "public" you can't ever "erase" it because it's not "yours". I'm sorry, if you shoplift in my store (online or no), I'm keeping track of you no matter how much you demand that I erase "your" information.