I once registered to an event where the condition of attendance was to agree to have your personal data processed (that was many years before GDPR came and made such bullshit illegal). This was declared through a HTML form, with a bit of client-side JS that disabled the "Submit" button until you checked the "I agree to data processing" checkbox.
So of course I edited the page to let the submission through anyway, and the POST request had the appropriate consent boolean parameter to false instead of true. Since the registration completed successfully, they either ignored that parameter, or - what I was hoping would happen - their database had my row with a distinct FALSE on the consent column.
I sometimes wonder what would have happened if I decided to follow up on their data processing against my consent. Would I have a successful case? Or would they can me for working around their bit of client-side JS?
So of course I edited the page to let the submission through anyway, and the POST request had the appropriate consent boolean parameter to false instead of true. Since the registration completed successfully, they either ignored that parameter, or - what I was hoping would happen - their database had my row with a distinct FALSE on the consent column.
I sometimes wonder what would have happened if I decided to follow up on their data processing against my consent. Would I have a successful case? Or would they can me for working around their bit of client-side JS?