Strong agree it’s a gap.
Ties in with Unfscking Surveillance Capitalism too, probably.
I just haven’t had the bandwidth to get across it enough to write a proper policy for it.
now on my reading list: two links from the OP article.
https://www.gnu.org/philosophy/surveillance-vs-democracy.html
RMS links to a more tightly written opinion piece too. Choice quote summing up my feelings on the GDPR:
The GDPR makes much of requiring users (in some cases) to give consent for the collection of their data, but that doesn’t do much good. System designers have become expert at manufacturing consent (to repurpose Noam Chomsky’s phrase). Most users consent to a site’s terms without reading them; a company that required users to trade their first-born child got consent from plenty of users. Then again, when a system is crucial for modern life, like buses and trains, users ignore the terms because refusal of consent is too painful to consider.
To restore privacy, we must stop surveillance before it even asks for consent.