#11: Please manually email your consent

by Owen Williams on

Hello, fellow human. Do you want to keep job hunting? Please manually email your consent to us is a new level of gathering consent. I wonder how they'll police this! I think this is my favorite to date.


Thanks for forwarding this, Hans!

#8: Double-Decker.

by Owen Williams on

Hi, internet person! Would you like cookies? Also, can you agree to our privacy policy? Also, sign up for our newsletter!


Thanks, Zach.

#7: Sorry, your light-bulbs and GDPR don't work

by Owen Williams on

From The Internet of Shit, Yeelight is supposedly blocking the majority of its features as it's "unable" to comply with GDPR but fails to explain why. The app apparently asks for consent to process data, then updates to warn the user that they are no longer able to use it.

On the bright side, you can control individual lights still, but groups no longer work either. In other words, a normal lightbulb would work better than these, with this update.

The bitter irony, of course, is a search for "Yeelight privacy" returns lots of worried forum posts from 2017, and this:

"It is extremely unlikely that yeelight would get your data from a light bulb, they only use wifi to turn on and of and nothing else. They are extremely safe to use over wifi but if you are worried about it I recommend you get the Bluetooth version named yeelight blue"


Thanks, @warmerdam_jesse, @wiyarmir and @rileyrichter.

#6: Razer breaks mice for users that don't accept a privacy policy

by Owen Williams on


Wait wait wait wait wait wait wait wait........what?

"Effective 25 May 2018, all versions of our software and services that do not meet the GDPR regulations will be retired and no longer be usable or valid. This means that you may not be able to log in to legacy versions of software and services such as Razer Synapse 2.0"

OK - so, what was Razer Synapse 2.0 doing that can't work under the new model? This is strange, and a little concerning? Your mouse software will stop functioning, without this update... as will the Razer phone.

It's feasible this was related to Razer not naming the data sharing partners, but why not just fess up and say who they were?

#5: Techcrunch, Engadget and Oath cookies galore

by Owen Williams on

Oath, the parent company of Techcrunch, Engadget and many other technology sites has started rolling out its consent process for cookies. Warning: it's a doozie.

First, you'll get this lovely thing that makes it very easy to say yes:


If you hit manage options you'll get some choices and more information about what's actually going on, and who they're sharing data with.


Cool. But... who are they? Clicking the small manage link shows you to a separate our partners page which looks interesting. There are two options: see and customize which partners use data, and see how they use it.

Hidden behind door number one? A few hundred data sharing partners, and a default opt-in! Whoops - this is most likely not compliant with GDPR and makes this a pointless excercise.


But wait, there's another option with even more buttons here under "Other partners" which is apparently something separate with, holy shit, more than 100 checkboxes.


Door number two, now that I've disabled... all of these random companies, just describes what the data is processed for. OK then! You now have my consent to not share my data.


At the end of the process I was shown a full page ad, so just closed the tab. Cool.

#4: Do you want cheap flights? Click agree!

by Owen Williams on

I've seen a number of these going around, and have covered a few of them here already. A number of companies are resorting to tricking users into opening their already unneccessary GDPR emails, pissing them off even further.

This one from Pete Lacey is impressive, just in how brazen it is. Want cheap flights? Surprise! It's GDPR again! It's funny that the regulation didn't anticipate this.

#3: Order confirmation: GDPR edition

by Owen Williams on

This is my favorite one that's been submitted so far: a company "accidentally" sent out an email to its entire user base about GDPR with the subject line order confirmation which would definitely freak me out:

"Last night some customers received a GDPR email from Green Man Gaming titled ‘Order Confirmation’. We’d like to unreservedly apologise for sending this email to some customers that received it. We messed up and we promise we will not do this again. Valuable customer feedback has been passed to our teams internally so that this is taken into account for future campaigns."

Thanks for the tip, Pavel.


This project was a crazy idea by @ow after getting so many crappy GDPR emails and shutdown notices. I write a handy daily briefing to keep up with, and understand these kinds of things.

Submit a GDPR horror story of your own on Twitter, or emailing [email protected]

Sponsored spontaneously by Raygun, which provides error, crash and performance monitoring for software teams. Start tracking errors now!