US websites block netizens in Europe: Why are they ghosting EU? It's not you, it's GDPR
Because two years wasn't enough time to prepare
Folks trying to read the NY Daily News, say, or the Chicago Tribune – the third-biggest US daily newspaper – online from a location within the EU have been blocked from visiting the websites due to new data protection laws.
Visitors in the bloc trying to load articles from the Tribune, or stablemates the Los Angeles Times – the fifth-biggest daily – and the Orlando Sentinel are shown the same error message from publisher Tronc:
"Unfortunately, our website is currently unavailable in most European countries," it reads.
"We are engaged on the issue and committed to looking at options that support our full range of digital offerings to the EU market. We continue to identify technical compliance solutions that will provide all readers with our award-winning journalism."
The finger is pointed at Europe's General Data Protection Regulation (GDPR), which, although it is only just being enforced today, was adopted on 14 April 2016 – meaning organisations have had more than two years to prepare.
However, that doesn't seem to have been enough time for Tronc, with all of its sites directing to URLs: http://www.tronc.com/gdpr/latimes.com/ etc (with requisite paper name appended).
A similar message is going out to users trying to visit sites owned by media and entertainment brand A+E, including A&E (Arts & Entertainment), Lifetime and History. The organization's response is more succinct, with the redirect sending you to https://eunotice.aenetworks.com, and stating simply: "This content is not available in your area."
Much-loved American public radio org NPR, meanwhile, decided to provide another option: send anyone who doesn't agree to cookies and the like for personalised content to a plain-text site – or back in time to 1996.
These publishers are not alone in their black-and-white approach to compliance. Over the past few weeks a number of companies that believed they were going to fail to meet the bar appear to have decided it was easier to pull the plug on EU users.
That includes Pinterest-owned Instapaper – the app to save and read articles – this week announced it would be unavailable for users in the EU "as it makes changes" in light of GDPR. Boss Brian Donohue apologised on Twitter.
Yeah... I can't comment on specifics other than to say that I'm actively working on resolving it. Sorry. :-\— Brian Donohue (@bthdonohue) May 23, 2018
Email unsubscribing service Unroll.Me has also said it is stopping its services for EU residents on 23 May – a move it says is temporary until it can be sure it is compliant.
"For our customers in the EU and in the European Economic Area, the Unroll.Me team is committed to re-introducing our service as quickly as possible so please stay tuned for updates," the company said.
However, the site seems to be happy to take users' word for it, with a banner asking if they live in the EU and European Economic Area. Your London-based correspondent clicked "No" and was sent through to the normal site (yes, it gives you a pop-up saying the service is temporarily unavailable).
Meanwhile, some firms have decided to call it a day: social media reputation score site Klout went kaput today, with its owner deciding that shuttering it was the best route to compliance.
Other companies seem content with making consent for cookies as arduous as possible.
Take Verizon-owned Oath – parent company of HuffPo, Yahoo! and more – which offers users the chance to decide which of its advertising and tracking partners they are happy to share their info with, doing so by offering them a list of quite literally hundreds of organisations, all of which appear to have a default opt-in.
Christ, I thought the cookie warning was bad but this GDPR nonsense is next level pic.twitter.com/5XTvmav0ZD— ⚡️ Owen (@ow) May 23, 2018
One Reg reader told us that until yesterday, there wasn't even a "deselect all" button, with others writing to tell us about trawling through pages and pages of advertisers clicking on every button. Which at least evens the playing field between companies beginning with "A" and those with "Z".
Meanwhile, we've seen evidence of internet-connected fridges and lightbulbs, and even mouse drivers, and more, pop up messages on screens asking for punters to accept updated GDPR-friendly privacy policies.
Is there a site you can no longer visit because the firm has had its head in the sand for the last two years? Let us know. ®
Sponsored: Becoming a Pragmatic Security Leader