cross-posted from: https://slrpnk.net/post/11153742
In a Dutch bar I ordered a few samples (which have no cost and were somewhat generous in size) and drank part way through them all. Then I ordered a full sized beer. I continued working on the samples.
Bartender asked if I wanted to pay now or start a tab. I asked if they accept cash. It feels silly to ask and I almost didn’t ask because the answer is always “yes”, of course. So I was shocked when the bartender said no.
WTF? Surely there would be enough customers who are wise enough to foresee possible consequences of having electronic records of alcohol consumption. It can only work against you, e.g. when the bank, data brokers, and insurance companies see an opportunity to collude and optimise your your insurance premiums using that info.
The GDPR would theoretically protect Europeans from that but bars are open to tourists – non-Europeans with non-European bank accounts. I mentioned that to the bartender, who said “what’s the GDPR?” Wow. I was shocked again.
I made it clear that electronic payment doesn’t work for me (most especially when alcohol, tobacco, or marijuana are involved). I said: can someone pay with their own account and take my cash? Bartender asked if I have exact change. No, I didn’t but I got close enough that the bartender was able to use the tip jar to give me change.
I later noticed that the menu book (1st page after the cover) says “cash not accepted”. But I initially missed that because I ordered off the posted board. And there’s no guarantee anyway that a customer would see the first page. I often flip straight to the last page to look for drinks. When I left the bar I had a look at the entrance and door. There was no cash-hostile signage like some other shops have.
Questions for Dutch folks:
If the bar had been less reasonable, less flexible, how else might this have played out? I did not sip from the full beer before the conversation, so I suppose the bar could have just treated it like an erroneous beer pour and pour it down the drain.
Suppose I had not thought to ask if cash was accepted. What if I drank the beer and then my cash were refused with both sides standing their ground? There is a practical problem here not just a legal one. The hundreds worth of banknotes in my pocket would be worthless. So would it be no different than the situation of a deadbeat debtor who simply does not pay? Would I be cited and fined? Would I have the option to leave the bar with an invoice to pay by bank transfer, perhaps using the post office? Would I have to leave collateral such as an ID card while running the errand? And what if it’s Sunday or after hours of the post office?
What about the case where someone enters with bank card(s) that are in a broken state, unknown to the card holder? I’ve been in grocery store lines where a customer tries all their cards. Often the last card they try works but I’ve seen a case where someone had to leave all their groceries. I’ve been in situations where a card in good standing is refused for being foreign (despite the rules of the card network). Are these situations legally any different than someone who simply has no cards to pay with?
There is a very wise “EU Recommendation” that cash be accepted on payments towards debts specifically (not necessarily points of sale). I believe if you have a bar/restaurant tab that would be a /debt/, not a /point of sale/. But what are EU recommendations good for? Is it just to guide lawmakers, or is there some courtroom value when national policy deviates from the recommendation?
FWIW, this thread is where I learned that cash acceptance is optional in Netherlands. The original post was censored but that cross-post mirrors it.
GDPR applies to people based in the EU, or located inside the EU, so tourists would be protected as well. I am also absolutely not surprised that a bartender would not know about GDPR, since it doesn’t really apply to their job. (They might also know it by its Dutch acronym, AVG.)
Theoretically that’s true but I’ve already seen it fail. Using a non-EU card to buy airfare from an EU airline website still results in all flight details (flight number, time, origin, destination, name of traveler) being needlessly¹ shared with the credit card network and with the bank. So non-EU people can only fantasize about getting GDPR protections on EU transactions.
And now that I’m thinking about this, the GDPR protection is limited. That is, the bank must know that a bar is on one side of the transaction (legal basis would be a “contract” if not “legitimate interest”). The GDPR limits the bank from sharing that info and also limits the bank from using it internally for purposes unrelated to the performance of the contract (e.g. the bank cannot send you beer ads as a result).
So consider the non-EU customer angle. The non-EU bank would also know that a cardholder spent X amount in bar Y. Do you believe that non-EU bank would recognize that bar Y is in Europe and thus not sell that info to data miners for whatever the data is worth? If yes, what would the enforcement recourse be? Could the non-EU person report their non-EU bank to a data protection authority under Art.77 in the member state where the bar was located? I’m a bit fuzzy on this cross-border aspect of the GDPR. IIRC there are DPAs in some non-EU countries that the EU considers acceptable (which ironically includes the US), but I’m quite skeptical of their powers or willingness to use their power to handle an Art.77 complaint. I suppose there must be some mechanism in place but I’d be quite far from trusting it.
¹ Sharing airfare data happens because some credit cards include travel insurance and the bank needs those details to trigger the insurance coverage. But not all cards have that insurance yet it seems the sharing is automatic regardless.
Good point. It was an English conversation but indeed I should have said AVG. In any case, you just lowered my degree of surprise that they didn’t know the GDPR.
Well, the good news is that that’s true for EU people too.
Wait, did I say good news?
And yes, GDPR is limited to companies that do business inside the EU. That is also the leverage through which enforcement can happen - losing access to the EU market.