Here we are! Day after day, I realize that even smaller tech companies suffer from or could not resist the temptation of Enshittification[1] once they start gaining some momentum. I feel this path had became inevitable since everybody is doing this, at scale. I barely could recall some names that stuck to their original motto over time.

____________________

1. https://en.wikipedia.org/wiki/Enshittification

I’ve had a similar experience when signing up for Office365 and started getting promotional emails to CoPilot. These (2) emails were without an unsubscribe option.

I contacted MS support and after some back n forth they claimed it was a transactional email that doesn’t require consent or opt out.

Clearly promotional and not necessary but they won’t listen.

I’m in the process of filing GDPR + ePrivacy complaints, but it’s a tedious process, unlikely to do anything.

I'm so fed up with Proton. I will be taking my business elsewhere. Instead of making a great product for X, they've decided to make a series of extremely mediocre products for P, Q, X, Y, Z and W, all of which are left missing the most basic features for years. Features which even the free alternatives already have. Things like supporting unicode in email headers without having to use punycode, creating mailboxes from sieve filters and a bunch of other sieve expansions, and decent, portable, non-bugridden integration with email clients. Protondrive has such dogshit speeds it's basically completely useless. The nat-pmp support on their vpn servers is very strange, and it took me a couple weeks to craft a script that could handle all of its idiosyncrasies, none of which are documented. I haven't even bothered trying their calendar, password manager, or the Yet Another AI Service they keep sending me upselling emails for. I don't need any of those things, but I'm sure they have similarly lacklustre feature parity.

Doesn't help that when i notify them about these things, their support people just gaslight me. "I've notified our development team about this". Then nothing happens. I told them about the speed issue with protondrive when it was new, that was years ago now. Still not fixed, no updates, nada.

I will be moving to something like fastmail, plus some other vpn service, since those are the only two products of theirs I'm actually using. It seems like I'll get a far better product in both cases for almost half the overall cost.

This make me think of the GitHub spamming issue.

See, my GitHub email is not my main address, and when I got some it's either from a user of one of my repository or from a marketing team that extracted thousand of address from starred repositories to fake genuine email with my name and all.

The things is, it's always a less than stellar product. It started with NFTs, calm down for a bit and now came back with a vengeance with AI startups.

I guess it's a number game for them but I can't comprehend their lack of value, same for those peoples that subscribes to everyone just to gain a sub back (and judging by the number, a lot of people sub back without thinking about it, so it works).

Damn I despise that marketing-bussiness hellscape that the internet slowly morphed into along the years. We can't have nice things because there will always be a prominent proportion of us that would exploit it for personal gain and we would do collectively nothing against it, for the name of liberal economic or something. And forward the enshitification goes.

I also get pretty pissed of just ignoring gdpr, i just started to downright threaten them on support channels reminding that ignoring gdpr may cost them 2% of annual company turnover or 2 mil. eur, whichever is higher.

You would be surprised how many ridiculous "oh sorry some error in system" excuses you're gonna get. Right, that email accidentally slipped INSERT INTO spam slop database on its own.

And since i started to not explicitly opting in anywhere i know that when i receive a marketing email its abuse of my personal information. Under gdpr you need to explicitly consent to marketing communication. When you register to a service and receive spam you need to opt out from - that's an abuse. Some company try to argue they do so under "legitimate interest" clausule but that's bs and would not hold in court. For example, purchasing a product is not a valid legitimate interest for sending out eshop spam, they would lose.

When the incident repeats or i just get really pissed i go full karen and report them to authorities. I know two busisses had legal troubles because of me because i received deeper follow up emails while solving the case and i am happy for it.

One company that abused my personal data that i ended up not reporting was Telekom: when i contacted their support about spam incident and asked them for log of personal data and all of my consent logs and physical signatures to prove my consent, after which they said "it was a db error" (lol), and when the incident repeated i told them i am about to report them and they offered me 1 year of free internet - i said ok and never received a single spam from them ever again.

Fight back, you have the screenshots, you have the logs, ask for proof, report.

Implementing this sort of “functionality” is always the department of a junior team, so that the obvious sorts of questions about defaults can be answered with “a junior dev was responsible for the implementation and messed up”, even though the mess up was by design.

Is this even worth writing an article? In almost a decade of paying for Proton I have ran across two annoying bugs that eventually got fixed. Report bugs and be patient.

It's not an AI consent problem, it's an AI rape problem.

There's one recruiting company I had contact with in 2017 (pre-GDPR, with no checked consent after) and they keep sending me marketing-disguised-as-GDPR emails. "Reply to tell us you want to keep hearing about our career insights newsletter that you never signed up for, or we'll delete your data in 30 days".

In the end I got sick of them repeating this and never deleting the data, so I sent them a SAR. I don't care what data they have but if they want to play the GDPR game so do I.