(no title)

GDPR can be quite strict on consent. See for example the UK's ICO guidelines. A sample of them:

> We don’t use pre-ticked boxes or any other type of default consent.

> We use clear, plain language that is easy to understand.

> We specify why we want the data and what we’re going to do with it.

> We give separate distinct (‘granular’) options to consent separately to different purposes and types of processing.

https://ico.org.uk/for-organisations/guide-to-data-protectio...

These are of course just guidelines, but if you don't explicitly inform your users that you will be sending images of what's on the screen over the Internet, you are likely to get in trouble. (And no, a giant EULA-type wall of text probably wouldn't be sufficient)

It isn't nearly as easy as you're suggesting to escape the scope of GDPR protections. There could be sensitive personal data or data about children involved. Even if it's just some identifiable individual in the screenshot, you still can't just rely on some sneaky "consent" as a blank cheque - that is merely a possible lawful basis for processing, and all the other provisions of the GDPR still apply.

Edit: Also, on your first point, ACR is generally a variation of fingerprinting technology. It wouldn't be sending entire screenshots of whatever is being displayed even if it's not broadcast content, at least not in any variation I've heard of. It was the idea of uploading the entire image that I was questioning before.