GDPR: Neither Use Nor Ornament, or Just Quietly Being Stretched?

29 April 2026

Paul Francis

Want your article or story on our site? Contact us here

A Law That Promised Control

It is difficult to forget the moment GDPR arrived. In 2018, inboxes filled overnight with privacy updates, consent requests and new terms. For a brief period, it felt as though something meaningful had shifted. Companies were being forced to explain themselves, and users were, at least in theory, being given control over how their data was used.

The promise was simple enough. Clear consent, transparent data use and the ability to say no.

Person typing on a laptop with a glowing padlock and circuit pattern overlay. Purple and orange hues create a secure, futuristic vibe.

Fast forward to today, and that promise feels less certain. Not because GDPR has disappeared, but because everyday experience increasingly suggests that something is not quite working as intended. Settings are pre-enabled, choices are buried, and consent often feels like something you give by default rather than something you actively decide.

That is where the question begins. Not whether GDPR still exists, but whether it still feels like it protects people in the way it was meant to.

The Reality People Are Experiencing

Spend a few minutes going through the settings of most modern apps or devices, and a pattern quickly emerges. Features that rely on data collection are often already switched on. Options to limit or disable them exist, but they are rarely presented in a way that invites easy understanding.

Consent, in many cases, has become something passive. It is tied to long terms and conditions, accepted in a single tap, and rarely revisited. The idea of being fully informed at the point of agreement feels increasingly distant from how these systems actually work.

This creates a gap between expectation and reality. On paper, users have control. In practice, that control requires effort, awareness and persistence to exercise.

Not Broken, But Being Navigated

It would be easy to conclude from this that GDPR has failed, but that would not be entirely accurate. The law itself still sets out clear requirements around transparency, consent and data protection. It has led to real changes in how companies handle personal data, and it continues to provide a framework for enforcement and accountability.

The issue is not that the law is useless. It is that companies have learned how to operate within it in ways that minimise disruption to their business models.

One of the most significant tools in this regard is the concept of “legitimate interest”. This allows organisations to process certain types of data without explicit consent, provided they can justify a valid reason for doing so. In theory, this is a practical necessity. In practice, it can be stretched to cover a wide range of activities that users might reasonably expect to opt into rather than opt out of.

This is where GDPR begins to feel less like a shield and more like a framework that can be carefully worked around.

The Rise of Design Over Consent

Another factor shaping this experience is the way interfaces are designed.

Consent is no longer just a legal concept. It has become part of user experience design, and not always in a way that favours the user. Options to accept are often prominent and easy, while options to decline or customise are less visible or require additional steps.

These patterns are sometimes referred to as “dark patterns”, though they are not always labelled as such. They do not remove choice entirely, but they guide it in a particular direction.

The result is that many users end up agreeing to things not because they fully understand or support them, but because the process of declining is inconvenient. Over time, this shapes behaviour, turning consent into something that feels automatic.

Legal Compliance Versus Real Understanding

At the heart of the issue is a distinction that is easy to overlook. There is a difference between being legally compliant and being genuinely transparent.

A company can meet the technical requirements of GDPR while still presenting information in a way that is difficult to interpret. Long privacy policies, complex language and layered settings may satisfy regulatory standards, but they do not necessarily lead to informed users.

This creates a situation where protection exists in principle, but feels distant in practice. Users are covered by rules they rarely engage with, and decisions about their data are often made in environments that prioritise speed and convenience over clarity.

Why It Feels Like It Is No Longer Working

The frustration many people feel does not come from a single failure, but from accumulation. Each small instance, a pre-ticked box, a hidden setting, a feature enabled by default, adds to the sense that control is slipping away.

When that experience is repeated across multiple platforms and devices, it begins to shape perception. GDPR is still there, but it becomes harder to see its impact in everyday use.

That is how a regulation designed to empower users can start to feel as though it is neither use nor ornament. Not because it has no value, but because its presence is no longer obvious in the moments that matter.

The Gap Between Law and Experience

What this ultimately highlights is a gap between intention and implementation.

GDPR was designed to give individuals meaningful control over their data. That intention remains valid. The challenge is that technology has evolved quickly, and companies have adapted just as quickly to ensure that their models continue to function within the boundaries of the law.

As a result, the letter of the regulation is often maintained, while the spirit becomes harder to recognise. Consent exists, but it is shaped by design. Transparency exists, but it is buried in complexity.

This does not mean the law has failed. It means it is being tested in ways that were perhaps inevitable.

Where This Leaves the User

For the average user, the situation is both simple and frustrating. The protections are there, but accessing them requires time, knowledge and attention that most people do not have to spare.

This creates a form of imbalance. Companies understand the systems they operate within. Users, more often than not, are reacting to them.

Closing that gap would require more than just regulation. It would require a shift in how consent is presented, how choices are offered and how transparency is delivered.

A Regulation Still Worth Having

It is important not to lose sight of the fact that GDPR still matters. It has introduced standards that did not exist before and continues to provide a basis for holding organisations accountable.

The problem is not that it is useless. It is that its effectiveness depends on how it is applied, and at the moment, that application often favours compliance over clarity.

That leaves users in an uncomfortable position. Protected, but not always informed. Covered, but not always in control.

And that is why, for many, it can feel as though something that was meant to make a clear difference has become harder to see in everyday life.

Current Most Read

You Bought It, So Why Is It Changing Without You Knowing?

Stop Killing Games: The Fight Over Who Really Owns What You Buy in the Digital Age

The Town That Trained Seagulls to Queue

Paul Francis
Jul 7, 2025
2 min read

In the sleepy seaside town of Cleaves-on-Sea, population just under 9,000, an unexpected local initiative has caught national attention. This isn't about green energy, improved public transport or a cultural renaissance. It's about seagulls. Specifically, it's about teaching them to queue.

Yes, queue.

For the past five years, residents of Cleaves-on-Sea have been engaged in an unusual project: encouraging the local seagull population to adopt British queuing etiquette. It began as a joke, then became a community experiment, and now, locals swear by its success.

A Bird-Brained Idea?

The initiative started with Jim Roscoe, a retired postman and lifelong resident. Known affectionately as “Postie Jim,” he spent most of his days feeding birds from the same bench near the promenade.

“I was sick of them diving at tourists,” Jim says. “They’d nick chips, ice cream, even once a baby’s dummy. It wasn’t right.”

Seagull with white and gray plumage against a clear blue sky, looking calmly to the side.

So Jim began a simple experiment. He fed only those gulls who remained at a respectful distance. He even placed markers—sticks at first, then painted lines—to show where the birds should stand.

“It was daft at first,” he admits. “But over time, I noticed they started getting the message. The ones who waited got fed. The greedy ones missed out.”

Word spread. Locals began helping. Yellow lines appeared across the promenade. Signs read, “Queue Here for Chips – Gulls Welcome.” Children took turns policing the queue with toy whistles. One local café even began offering “queue treats” to well-behaved birds.

Seagull Psychology?

While some might dismiss it as folklore, Dr. Sarah Densmore, an animal behaviourist from the University of Exeter, says there may be some truth to it.

“Gulls are highly intelligent and opportunistic. They’re capable of pattern recognition and basic learning,” she explains. “If a community consistently rewards certain behaviours, even wild animals may adapt. Especially ones as socially driven as gulls.”

Dr. Densmore visited Cleaves-on-Sea last summer and confirmed that gulls were, unusually, standing in a loose but visible line near key food spots.

“There was order. I won’t call it a queue in the British sense, but something resembling it. In gull terms, that's remarkable.”

Tourists and Tradition

Local businesses have embraced the fame. The Gull & Chips café now sells commemorative mugs with a queue of cartoon birds, and a new mural was unveiled in April showing seagulls politely queuing for ice cream. Tourists flock to see the spectacle, hoping to witness this bizarre display of coastal civility.

“It’s bonkers, but it works,” says Sharon Whitby, who runs the town’s small tourism board. “We’re famous for it now. Better this than a pier ghost story.”

There are, of course, doubters. Some say the gulls are just waiting due to food scarcity, or that the perceived queuing is more coincidence than learning. But for Cleaves-on-Sea, the truth doesn’t matter so much as the charm of the story.

“If you’ve lived here long enough, you see them change,” says Jim, tossing a chip to a waiting bird. “They’re like us. They just needed a bit of encouragement to mind their manners.”

And in a country known for orderly queues, perhaps it’s only fitting that even the wildlife learns to fall in line.