>I feel that you're ignoring the situation of small startups with just a few founders
It's that the equivalent of starting a new car company and arguing that you shouldn't be required to follow the same safety standard as Volkswagen Group, because you're still a small company?
At it's core the GDPR is simply stating that you're accountable for the data you collect and that you're only allowed to use the data for the purpose is originally collect. Building privacy into your product is much easier for someone designing something from scratch, compared to retrofitting it into the business plans of Facebook and Google.
I get the feeling that most of the people arguing against the GDPR are people who are focused solely in collecting user data as a core business. The people I know who are building actual product, where people pay for a service, are doing fine. Even though that they have to build products in a manner I suggested five years ago, where user data is either not collected or delete when processing is completed.
It's that the equivalent of starting a new car company and arguing that you shouldn't be required to follow the same safety standard as Volkswagen Group, because you're still a small company?
At it's core the GDPR is simply stating that you're accountable for the data you collect and that you're only allowed to use the data for the purpose is originally collect. Building privacy into your product is much easier for someone designing something from scratch, compared to retrofitting it into the business plans of Facebook and Google.
I get the feeling that most of the people arguing against the GDPR are people who are focused solely in collecting user data as a core business. The people I know who are building actual product, where people pay for a service, are doing fine. Even though that they have to build products in a manner I suggested five years ago, where user data is either not collected or delete when processing is completed.