People to whom the law doesn't apply are not necessarily very familiar with the details of this, and thus are going to be cautious if presented with what appears to be a legal threat. For a pro, this is easy to reply to, for random hobbyists it's not.
“The law says you have a month to reply.”? A little aggressive, but OK.
“According to such-and-such code, section 45, part b, subsection 3, you have 87 hours from the time I sent this — that is, from 12:43:56 PM Eastern time on this date — to give your on-the-record response.”? They’ve got a lawyer, and this is going to be a pain in the ass.
These particular emails were somewhere between the second and third options.
Asserting your rights (which you even say is "a little aggressive, but OK") as per specific regulation is far from being a legal threat where I live. That's just asserting your rights. A legal threat would be far worse.
> They’ve got a lawyer
...but this would suggest to me that this is cultural, since this thought would never occur to me.
How is this not a threat in the EU or anywhere? Yes it's made worse by the litigious nature of the US, but that's beside the point IMO. The sender is clearly implicating that there will be consequences for not responding. Even if this is the law and the sender is within their rights, it's still a threat.
The entire thing is even worse because most of these websites were not under any obligation to reply but didn't know as much as they weren't experts in the law
In your view, what purpose does informing someone of a law related to their compliance serve?
Saying on the basis of which regulation you're asking for something just isn't considered a threat where I live, period. People who want to make threats actually make threats.
> In your view, what purpose does informing someone of a law related to their compliance serve?
Well, obviously, in this case, it was about the time period expected. If you have reasonable assumption that your request is not common (for example businesses may plausibly receive far fewer GDPR requests then they receive product warranty requests), then communicating the expectation seems like a prudent thing to do since the other party is less likely to be familiar with it.
I'll have to take you at your word as I don't have experience where you live. Here, friendly requests tend to be much less formal. As a further example, suppose my dog was in my back yard barking, and this annoys my neighbor. They approach me about it:
> "Hey, neighbor, your dog is bothering us. Could you take it inside?"
Typical response: "Oh, sorry! Sure. Come here, pooch!"
> "Hello neighbor. According to county code section 23, 'Nuisances', paragraph 3, 'Pets', your dog can't bark for more than one minute without violating the ordinance and being subject to a fine of not more than $85."
Typical response: "Get off my property, and if your kid ever throws a baseball at my house again, I'm going to launch it through your front window."
Normal-person requests are usually formulated like "hi, can you do this thing for me?" even if the person being asked is obligated to do it. Citing law is considered an aggressive escalation.
A communication between two entities who are not friends is not "friendly". This is clearly a formal request of a type that is even regulated by a law. You're almost certainly not asking your neighbor about something like this. You're almost certainly asking someone you've never met in your life. Not sure what about it needs to be "friendly" any more that asking a government bureau using some formalized process (like filling out a form) needs to be "friendly".
I've gotten requests from people asking me to delete their account, sent from the email address they used to register it, along the lines of:
"Hi, I've forgotten my password, but I don't really use my account anyway. Could you delete it for me?"
And of course I comply, because I want to be helpful. They asked nicely; I replied nicely. It's a pleasant and productive interaction from all involved. This is the social norm here.
But the example you outlined is not regulated by any law as a formal procedure. That's an ad-hoc request. Of course it could also be phrased as an GDPR erasure request, but I bet you'd definitely expect that to be more formal and more specific. After all, that would be a (formally) legal request, and not just something you may decide to do or not to do depending on how you slept last night.
