> I'm pretty sure that if you asked people whether they would prefer to pay for Facebook and Google with cash or by sharing data for ad targeting, most would choose the latter. The GDPR specifically forbids that option.
First, it's important to distinguish between the types of lawful bases with which you are processing data. For example, if you were to provide a service of targeting ads to people, you do not need consent to collect the data you need to target your ads: because you are simply fulfilling the contract. One of the problems with the current Facebooks and Googles of the world is that they assume you don't want targeted ads. I think this is an enormous mistake. Sign me up for targeted ads! I want them! I will freely give you information so that I can get targeted ads! In reality, the Faebooks of and Googles of the world are not offering targeted ads. They are offering indiscriminate ads and also selling your data. This is incredibly important to understand.
Next, even if we decide to offer a service and ask for consent for collection of non-related information, there is nothing stopping us from paying for that collection (as far as I can tell). The law states that consent must be "freely given", however this "freely given" means that you can't threaten consequences for non-consent. There is no provision for thanking your customers.
In other words, I'm pretty sure you can charge $5 a month for a service and then give $5 a month worth of credit as a thank you for being able to use your data. (Note: I tried to find some kind of verification of this, but was unable to find a discussion of it either way. I would be grateful for some evidence even if it contradicts my thesis ;-) )
However, there are massive caveats. First you must inform the customers what you are doing with their data and who your are sending it to. Second you must allow them to withdraw their consent. If they withdraw their consent then you must also do everything in your power to notify the downstream data processors to also stop using that data.
And I think that's the real reason you don't see the Facebooks and Googles of the world trying this. They don't want to work with the data in a trackable way. They want to do whatever the heck they want with your data forever. They don't want to inform you that they've sent your data to an organisation that you might disapprove of. They don't want to allow you to cancel your consent without cancelling your service and also do whatever is necessary to stop the downstream processor from using your data if you object.
There is usually a lot of vitriol here when we discuss GDPR however usually this is a result of distilling the argument down to an either/or situation. Either the company is an abusive monster or the law is trying to remove a legitimate business model. It overlooks the idea that there are serious problems with the way this business model works right now and the law attempts to improve that situation in ways that are both useful and frustrating.
Edit: At the risk of bringing the wrath of the EU down upon my employer, I just realised that we offer a 25 GBP voucher for agreeing to sign up to our newsletter. So, there is at least 1 company who does this and I really don't think there is anything wrong with it.
Dudeo, people are just going to sign up, get their money back for their data, then ask you to delete the data right away. You have to still provide the service, just now for free.
First, it's important to distinguish between the types of lawful bases with which you are processing data. For example, if you were to provide a service of targeting ads to people, you do not need consent to collect the data you need to target your ads: because you are simply fulfilling the contract. One of the problems with the current Facebooks and Googles of the world is that they assume you don't want targeted ads. I think this is an enormous mistake. Sign me up for targeted ads! I want them! I will freely give you information so that I can get targeted ads! In reality, the Faebooks of and Googles of the world are not offering targeted ads. They are offering indiscriminate ads and also selling your data. This is incredibly important to understand.
Next, even if we decide to offer a service and ask for consent for collection of non-related information, there is nothing stopping us from paying for that collection (as far as I can tell). The law states that consent must be "freely given", however this "freely given" means that you can't threaten consequences for non-consent. There is no provision for thanking your customers.
In other words, I'm pretty sure you can charge $5 a month for a service and then give $5 a month worth of credit as a thank you for being able to use your data. (Note: I tried to find some kind of verification of this, but was unable to find a discussion of it either way. I would be grateful for some evidence even if it contradicts my thesis ;-) )
However, there are massive caveats. First you must inform the customers what you are doing with their data and who your are sending it to. Second you must allow them to withdraw their consent. If they withdraw their consent then you must also do everything in your power to notify the downstream data processors to also stop using that data.
And I think that's the real reason you don't see the Facebooks and Googles of the world trying this. They don't want to work with the data in a trackable way. They want to do whatever the heck they want with your data forever. They don't want to inform you that they've sent your data to an organisation that you might disapprove of. They don't want to allow you to cancel your consent without cancelling your service and also do whatever is necessary to stop the downstream processor from using your data if you object.
There is usually a lot of vitriol here when we discuss GDPR however usually this is a result of distilling the argument down to an either/or situation. Either the company is an abusive monster or the law is trying to remove a legitimate business model. It overlooks the idea that there are serious problems with the way this business model works right now and the law attempts to improve that situation in ways that are both useful and frustrating.
Edit: At the risk of bringing the wrath of the EU down upon my employer, I just realised that we offer a 25 GBP voucher for agreeing to sign up to our newsletter. So, there is at least 1 company who does this and I really don't think there is anything wrong with it.