US Websites Block Netizens in Europe Due to GDPR

Megalith · May 26, 2018

Despite having more than two years to prepare, numerous organizations have opted to block Europeans from accessing their websites instead of updating them to be compliant with the GDPR, which went into effect yesterday. These include the Chicago Tribune and Los Angeles Times, both of which throw up error messages. Outfits that actually put in effort include the NPR, whose solution was a text-only site, and USA Today, which removed all tracking scripts and ads: amusingly, this reduced the size of the site from 5.2MB to 500KB.

...some firms have decided to call it a day: social media reputation score site Klout went kaput today, with its owner deciding that shuttering it was the best route to compliance. Meanwhile, we've seen evidence of internet-connected fridges and lightbulbs, and even mouse drivers, and more, pop up messages on screens asking for punters to accept updated GDPR-friendly privacy policies.

naib · May 26, 2018

good! stupidest export of an EU will on the world.

DF-1 · May 26, 2018

text only? no ads? why just block your website then?

GotNoRice · May 26, 2018

I don't see why they should go out of their way to comply with regulations meant for people who they have no intention of targeting as customers.

Pieter3dnow · May 26, 2018

It rather shows how your data is being shared , that alone should be alarming enough.

Babbster · May 26, 2018

naib said:
A bit of tu qouque here... What the EU has forced onto the world has nothing to do with who is in the whitehouse... What is important here is a customs union has enforced its views onto the world... IF you know anything about the EU you will know it does not stop with such things, it gets something impose that the majority see's reasonable and then it ladders it and it then asserts a new more draconian restriction was agreed upon by some previous, or more likely via some un-navigable treaty

This is the height of absolute slippery slope nonsense. "First, they do something good, then they use that as a springboard to do something awful! We have got to stop indulging the good!"

Frankly, the more influence the EU exerts over the Internet, the better. I certainly don't want the fucking FCC in charge given that they've proven their only interest is indulging the whims of megacorporations.

~CS~ · May 26, 2018

GDPR is a good thing, but I'm not sure if just having it in EU is enough, we need an equivalent here.

heatlesssun · May 26, 2018

naib said:
good! stupidest export of an EU will on the world.

GDPR might be the best European export of all time.

Babbster · May 26, 2018

~CS~ said:
GDPR is a good thing, but I'm not sure if just having it in EU is enough, we need an equivalent here.

At the very least, sites which appreciate EU customers will have to comply, benefiting everyone. The best case scenario is that the EU shames other, shittier countries (e.g., the United States - sorry, but government-wise it's simply the truth) into enacting similar legislation.

Gorankar · May 26, 2018

As a rule, we typically look to the EU to see what not to do. This situation is a bit of an outlier to that rule.
I only ask that people look at GDPR on it's own merits and not conflate it with the usual EU stupidity.

Nenu · May 26, 2018

Megalith said:
Meanwhile, we've seen evidence of internet-connected fridges and lightbulbs, and even mouse drivers, and more, pop up messages on screens asking for punters to accept updated GDPR-friendly privacy policies.[/I]

lol, talk about indiscriminate.
About time they were told to pee orf.

Iratus · May 26, 2018

I'm loving it. Everyone's making it so easy to unsubscribe and remove myself from their records.

Plus the cookie policy tuning (where you set what they can use them for) a lot of sites are putting in is great.

Wolfkin · May 26, 2018

For those of you wondering what GDPR (General Data Protection Regulation) is, this quote pretty much summarize the essence.
Quote taken from: http://www.itpro.co.uk/it-legislation/27814/what-is-gdpr-everything-you-need-to-know

The General Data Protection Regulation (GDPR) has been in the works for a long time. Drawn up by the EU, it strengthens the data rights of EU residents and harmonises data protection law across all member states, making it identical.

It increases the potential fines organisations face for misusing data, and makes it easier for people to discover what information organisations have on them. In essence, it seeks to bring more transparency to people about what data organisations collect about them, and what those organisations use it for, as well as enabling people to prevent unnecessary data collection.

Nenu · May 26, 2018

Sky email is horrendous.
I helped someone configure the newly exposed permissions of who Sky/Yahoo allow access to your emails.
The primary list wasnt so bad, maybe 30 places lol.
But the secondary list took maybe 15 minutes to untick every single one. There were hundreds!! (and not many fit on a page)
There was no way to select all.
I was swearing at the task and how fuffing bad they are !!

Dick Johnson · May 26, 2018

numerous organizations have opted to block Europeans from accessing their websites

NPR, whose solution was a text-only site

USA Today, which removed all tracking scripts and ads: amusingly, this reduced the size of the site from 5.2MB to 500KB.

None of this sounds bad to me.

gxp500 · May 26, 2018

~CS~ said:
GDPR is a good thing, but I'm not sure if just having it in EU is enough, we need an equivalent here.

Don't worry, i'm sure Ajit Pai will think of something... that is the complete opposite of gdpr. Introducing Corporation Data Mining Fuck Privacy More Profit Regulations.

Wolfkin · May 26, 2018

gxp500 sounds about right.

Retronym · May 26, 2018

Gorankar said:
As a rule, we typically look to the EU to see what not to do. This situation is a bit of an outlier to that rule.
I only ask that people look at GDPR on it's own merits and not conflate it with the usual EU stupidity.

gives hackers a solid (increased) price point to work with when extorting companies with encrypted data release.
corporations pushing liability onto smaller, less regulated and safeguarded third parties.
increased barriers to entry for small players and regulatory capture, cemented advantage of first movers

it's stupid.

NeghVar · May 27, 2018

Why should any of these US-based companies comply with Europe's policies in any way whatsoever? Are they going to demand the extradition of senior execs over to Europe to face criminal prosecution? I'd just give them the finger and tell them to suck it.

theBrownLlama · May 27, 2018

i love what Europe is doing.
sucks to be a data-broker though

theBrownLlama · May 27, 2018

NeghVar said:
Why should any of these US-based companies comply with Europe's policies in any way whatsoever? Are they going to demand the extradition of senior execs over to Europe to face criminal prosecution? I'd just give them the finger and tell them to suck it.

money, lots of money, billions of money......which ties in to their bonuses and stock they own....

first few things a board member would ask is "how much do we stand to lose if we don;t adhere to their policies ? Can our lobby carve out an exception in a short duration ? Ok , how much money is the EU asking to make a deal ? Can more funding to our NGOs cause a change in public sentiment? Or should we just put money into our leftover EU competitors, as we already own lots of them anyways? "

Wild1 · May 27, 2018

No data is safe online. If you want to put your faith in the eu LOL. Five eyes shares everything you do and say online and all the metadata. What is the mighty eu going to do to stop this flow of "your" data? Nothing.. Verizon and Comcast and all the big usa isps give nsa open metadata feed in real time without a warrant. GCHQ and NSA and all of them have every email you've ever written and every phone call you've made in the last 20 years. The whole idea of safety and privacy online is an antiquated misnomer. The snowden revelations about xkeyscore and the tools they had 5 years ago were all encompassing of our digital lives. Imagine how invasive it has become now. None of the politicians, American or European, are there to protect privacy and this EU bullying is just a political way for them to gain favor with the underinformed.

Shaten · May 27, 2018

the ultimate point of this will be that websites in the EU will all become pay to use.

The way the GDPR is structured I can't use your personal data (including IP address) to server you adds. At that point I will charge you to access my web site. Without the IP address I can't server regional content on ads and can run into the other anti-free speech laws in the EU, O did I server a Wolfenstein add in Germany...

So the idea of ad supported website will die off in the EU, and someone has to pay for these servers.

Then I would guess after 5 years of this a lot of blogs etc will not be able to maintain there subscriptions and will move onto face book to stay alive. Since facebook will probably be charging a euro a month and people will pay it. Thus the GDPR eventually will force most content onto one or 2 platforms...

Grabs popcorn

KarsusTG · May 27, 2018

Shaten said:
the ultimate point of this will be that websites in the EU will all become pay to use.

The way the GDPR is structured I can't use your personal data (including IP address) to server you adds. At that point I will charge you to access my web site. Without the IP address I can't server regional content on ads and can run into the other anti-free speech laws in the EU, O did I server a Wolfenstein add in Germany...

So the idea of ad supported website will die off in the EU, and someone has to pay for these servers.

Then I would guess after 5 years of this a lot of blogs etc will not be able to maintain there subscriptions and will move onto face book to stay alive. Since facebook will probably be charging a euro a month and people will pay it. Thus the GDPR eventually will force most content onto one or 2 platforms...

Grabs popcorn

I don't know if this is necessarily true. Anyone even remotely competent already doesn't see adds. I don't have a single site on my exceptions list. I used to have [H], but now that Kyle has switched to Patreon I do that instead. Now the sites I support get more money from me than they ever earned from adds.... Gladly.

[H] Patreon link btw.

SixFootDuo · May 27, 2018

~CS~ said:
GDPR is a good thing, but I'm not sure if just having it in EU is enough, we need an equivalent here.

That would never happen.

Ever head of Net Neutrality? FCC struck it down under the Trump administration? That's all about money and nothing else.

Money money money.

Data makes a lot of people a lot of money. Again, money money money. While we may need an equivalent I doubt that would happen. If it does it will be a faux law with many many loop-holes.

A lot of people don't know that the EU demands 2 years warranty on any consumer good sold. The US gets the cheap goods while the EU gets better engineered goods in many cases.

Lot of you have heard of Pyrex. In the EU, they get the original formula with stronger glass that originates from America. in the US, we now get a much more inferior product made with lesser materials. There are dozens and dozens of these stories all over the internet.

The EU demands many additives / chemicals to food that are known to cause issues with the human body be removed. They've done this for decades. In the US, many of those banned additives and chemicals are still present.

In America, you're a human ATM. In the EU, they seem to work very hard for the people and not just Large Corporations, The Wealthy and Politicians.

BSmith · May 27, 2018

Pieter3dnow said:
It rather shows how your data is being shared , that alone should be alarming enough.

Actually the damn law is pretty ambiguous. There are many who are just going to block out the site due to the loose wording of the law. I have a couple of customers who are not going to hire more attorneys to figure out what they need to say in the privacy text to cover themselves.

The shame is, they only colect a cookie for the purposes of configuring the site to meet the customers configuration options.

Shaten · May 27, 2018

KarsusTG said:
I don't know if this is necessarily true. Anyone even remotely competent already doesn't see adds. I don't have a single site on my exceptions list. I used to have [H], but now that Kyle has switched to Patreon I do that instead. Now the sites I support get more money from me than they ever earned from adds.... Gladly.

[H] Patreon link btw.

Well the current legal cases filled are arguing if a site disallows access because they want personal data then that is illegal, So really the only other choice is to charge for access.

While I agree with a patreon model (minus the pateron overhead) I'm willing to bet 90% of the sites surviving on ads currently can't survive on a patreon model.

I also agree adblockplus is easy to install I still can't get people to install it.

I saw a quote today that google and facebook have absorbed 60% plus of the Digital ad revenue in north America,

Nebell · May 28, 2018

I'm from EU and I have not noticed any interruptions in my internet use. No one has blocked me.
Must be shit companies who block people.
If a website is blocking EU customer because of GDPR, this should be alarming to EVERYONE, it means they are planning to sell your data.

TheOne&OnlyZeke · May 28, 2018

From what I'm seeing its mainly companies who have vague data policies are the ones who have to put work in
I've received plenty of mails of companies who have their privacy polices buttoned and the mail only tells me to "go here if you want to see them"
No opt in or opt out
I feel the ones are are offering the opt in etc are the ones that are kinda iffy about how they are handling the data

and suck it up US bitches. EU is doing something helpful. Now they will only sell your data to google and facebook

Delicieuxz · May 28, 2018

This is a big reason why we need more regulation on personal data generating and harvesting. And just think, the right-side image is also like what is happening in Windows 10 with the actions that a person does in the OS.

Also, I haven't read up too much on the details of GDPR, but is it possible for EU site visits to still be made to behave like the image on the right, if the site owner simply words their disclaimer in a way that lets them know their data is being collected and used?

You can explore the details of the US site's request map here: http://domainmap.webperf.tools/render/180525_JN_47e779799e746bc1e1a325eb464ae006/

Gottfried Leibnizzle · May 28, 2018

heatlesssun said:
GDPR might be the best European export of all time.

Eisbein gets my vote, but...

BSmith · May 28, 2018

Nebell said:
I'm from EU and I have not noticed any interruptions in my internet use. No one has blocked me.
Must be shit companies who block people.
If a website is blocking EU customer because of GDPR, this should be alarming to EVERYONE, it means they are planning to sell your data.

No, it means there are companies out there who are terrified of the loose wording of the law which allows the EU to just go after anyone that does not disclose every bit of data and why it is being stored. Like I said before, there are companies who are not willing to pay the legal fees to put up an EU approved type of privacy notice when all they are doing is storing a cookie on the customers system for the purposes of configuring the site to what the customre wants.

There are also companies who have security concerns about exposing data which could aid hackers (game companies who collect data for the use of banning hackers, for example).

The wording and explanations from the EU are vague. Terms are not being exposed in detail. Companies are putting themselves at risk if they do anything at all with any data at all given the current wording.

It is not just about data being exposed.

Delicieuxz · May 28, 2018

How do people feel about the fact that they're paying for faster internet service only to compensate for the loss of speed and performance that data harvesting on the internet is causing?

It's no different than taking money out of your pocket and paying it directly to advertisers - for the purpose of enabling them to advertise to you. People are literally subsidizing all these companies' data farms (with both their cash and their PCs and their software licenses) without any knowledge of it.

Do you have a $75 / internet plan? $25 or possibly more of that is just to offset the performance slowdown created by all the data harvesting that sites are doing on you.

And how much Windows 10 performance is lost for people due to all the data generating, tracking, and harvesting that Microsoft is doing in Windows 10?

Because of a lack of regulation on data harvesting, people are continually paying huge bucks just to be exploited by companies and corporations, with no benefit to the people that are doing the paying. People are being swindled and having money just taken out of their pockets.

Nebell said:
If a website is blocking EU customer because of GDPR, this should be alarming to EVERYONE, it means they are planning to sell your data.

Well, of course they are planning to sell your data. So are all the sites that are disclosing what they collect about you. That's a primary part of running a site as a business, just as it is the whole point behind Windows 10 which collects data on every little action you do.

Deleted member 222586 · May 28, 2018

BSmith said:
No, it means there are companies out there who are terrified of the loose wording of the law which allows the EU to just go after anyone that does not disclose every bit of data and why it is being stored. Like I said before, there are companies who are not willing to pay the legal fees to put up an EU approved type of privacy notice when all they are doing is storing a cookie on the customers system for the purposes of configuring the site to what the customre wants.

There are also companies who have security concerns about exposing data which could aid hackers (game companies who collect data for the use of banning hackers, for example).

The wording and explanations from the EU are vague. Terms are not being exposed in detail. Companies are putting themselves at risk if they do anything at all with any data at all given the current wording.

It is not just about data being exposed.

Bullshit.

I work for a rather small company (revenue of around $20 mill). We have a website in which customers introduce their data in order to make reservations and all the changes required took very little to time to do.

DPI · May 28, 2018

heatlesssun said:
GDPR might be the best European export of all time.

If it finally forces Microsoft into providing a real telemetry off switch in Windows 10, and not just "we really care about your privacy!" lipservice while they continue siphoning 2500+ datapoints in the Basic mode, then I'd agree.

Or I'd even take a europe-specific "N" Edition with the data harvesting disabled, that works too.

heatlesssun · May 28, 2018

DPI said:
If it finally forces Microsoft into providing a real telemetry off switch in Windows 10, and not just "we really care about your privacy!" lipservice while they continue siphoning 2500+ datapoints in the Basic mode, then I'd agree.

That's not exactly how it works. Unfortunately this subject has been so twisted into utter nonsense at times that it's difficult to point out that in the modern world of computing, some telemetry is vital for basic operation. The idea that something that's as widely deployed as Windows with the number of threats against it that Microsoft or anyone for that matter should have hundreds of millions of machines running its software without ANY real time data is insane. There are provisions in GDPR for this sort of thing.

Not saying that Windows 10 can't improve on the situation but GDPR doesn't mean that a software provider has to run totally blind, malware data, certain hardware information necessary for getting proper updates, time and connection services, certain kinds of performance data, etc., there's GDPR allows for this kind of data sharing that has benefits to customers without explicit consent.

Spaceninja · May 28, 2018

I would bet that 99% of these sites are giving you a pretty screen to look at and it changes nada on the othe end. No way to enforce this. Privacy Theater at best.

Nebell · May 28, 2018

BSmith said:
No, it means there are companies out there who are terrified of the loose wording of the law which allows the EU to just go after anyone that does not disclose every bit of data and why it is being stored. Like I said before, there are companies who are not willing to pay the legal fees to put up an EU approved type of privacy notice when all they are doing is storing a cookie on the customers system for the purposes of configuring the site to what the customre wants.

There are also companies who have security concerns about exposing data which could aid hackers (game companies who collect data for the use of banning hackers, for example).

The wording and explanations from the EU are vague. Terms are not being exposed in detail. Companies are putting themselves at risk if they do anything at all with any data at all given the current wording.

It is not just about data being exposed.

That is not what it means.
O've been asked to confirm cookies on websites for YEARS now. This is not about cookies or things like that. This is about companies trading your data and blocking people who are protected by law.

BSmith · May 29, 2018

prava said:
Bullshit.

I work for a rather small company (revenue of around $20 mill). We have a website in which customers introduce their data in order to make reservations and all the changes required took very little to time to do.

You can call bullshit all you like. I am just the messenger.

Nebell said:
That is not what it means.
O've been asked to confirm cookies on websites for YEARS now. This is not about cookies or things like that. This is about companies trading your data and blocking people who are protected by law.

Unfortunately, it seems the wording is vague enough that storing data, of any kind, anywhere, is enough to get you in trouble with the EU if you do not disclose every bit of it.

What I have read on the EU's help site, about the law, seems very vague.

schoolslave · May 29, 2018

BSmith said:
No, it means there are companies out there who are terrified of the loose wording of the law which allows the EU to just go after anyone that does not disclose every bit of data and why it is being stored. Like I said before, there are companies who are not willing to pay the legal fees to put up an EU approved type of privacy notice when all they are doing is storing a cookie on the customers system for the purposes of configuring the site to what the customre wants.

There are also companies who have security concerns about exposing data which could aid hackers (game companies who collect data for the use of banning hackers, for example).

The wording and explanations from the EU are vague. Terms are not being exposed in detail. Companies are putting themselves at risk if they do anything at all with any data at all given the current wording.

It is not just about data being exposed.

It's not vague, it's generic on purpose to protect all data -- not just some subset in a small set of situations.
This is exactly as it should be: companies should be afraid of even touching data unless they are absolutely 150% sure they are legally allowed to do so.

US Websites Block Netizens in Europe Due to GDPR

24-bit/48kHz

[H]ard|Gawd

2[H]4U

[H]F Junkie

Supreme [H]ardness

[H]ard|Gawd

Gawd

Extremely [H]

[H]ard|Gawd

[H]F Junkie

[H]ardened

[H]ard|Gawd

[H]ard|Gawd

[H]ardened

Weaksauce

Gawd

[H]ard|Gawd

[H]F Junkie

2[H]4U

Gawd

Gawd

n00b

Weaksauce

2[H]4U

Supreme [H]ardness

[H]ard|Gawd

Weaksauce

2[H]4U

100% Irish

[H]ard|Gawd

Limp Gawd

[H]ard|Gawd

[H]ard|Gawd

Deleted member 222586

Guest

[H]F Junkie

Extremely [H]

2[H]4U

2[H]4U

[H]ard|Gawd

[H]ard|Gawd