The European Union’s digital privacy law, known as the General Data Protection Regulation (GDPR), officially went into effect today. But some websites in the U.S. have decided to block their services entirely rather than adhere to the new regulations. Dozens of American newspapers are currently blocked in Europe and web services like Instapaper have suspended operations in the European Union for the foreseeable future.
First reported by the BBC, news sites owned by media companies like Tronc and Lee Enterprises are now totally dark in European Union countries. Some of those sites include the Los Angeles Times, the New York Daily News, the St. Louis Dispatch, the Chicago Tribune, and the Orlando Sentinel. Gizmodo was able to confirm that the websites were being blocked in Europe by using a VPN service that routed internet traffic through various European countries.
Internet users who visit sites like the L.A. Times receive a notification like the one below, explaining:
Unfortunately, our website is currently unavailable in most European countries. We are engaged on the issue and committed to looking at options that support our full range of digital offerings to the EU market. We continue to identify technical compliance solutions that will provide all readers with our award-winning journalism.
Attempting to reach a site like the Arizona Daily Sun from Europe gives you this notice:
We recognise you are attempting to access this website from a country belonging to the European Economic Area (EEA) including the EU which enforces the General Data Protection Regulation (GDPR) and therefore cannot grant you access at this time.
The reaction to the blocks in Europe has been mixed, with some people blaming the European Union for enacting a law that they see as too burdensome on companies, while others wondered what these newspapers were doing with everyone’s data that would put them in violation of the GDPR in the first place.
Instapaper, a service that allows you to store newspaper articles in its app, announced earlier this week that it would be ceasing operations in Europe but said that it would “restore access as soon as possible.”
The GDPR was legislation passed in April of 2016 to ensure that internet users had more control over how their information was being used. Companies face enormous fines if they’re not in compliance with the data protection rules that have been laid out, which include providing more information to consumers on how data is being collected on them, and forcing companies to delete old data that’s no longer being used. At its most drastic, the EU’s Information Commissioner’s Office (ICO) has the power to fine large companies up to 4 percent of the company’s global annual turnover after the second offense. For large companies like Google and Amazon that’s in the billions of dollars. Under the new rules, lengthy user license agreements also must be in plain language and easy to understand.
And it’s not just tech companies that must comply with the law. Every organization that handles data on EU citizens, including banks, airlines, and insurance companies, must be in compliance. Today was the deadline for all companies to be in compliance with GDPR, but surveys show that anywhere from 60 to 85 percent of companies say that they’re not ready to be compliant today. It’s unclear how EU regulators will react, but so far they’ve showed no signs of being lenient. The companies did have over two years since the law’s passage to get their acts together.
Mark Zuckerberg, currently embroiled in scandal over Facebook’s mishandling of private user information, told members of European Parliament on Tuesday that his company would be ready to comply with the GDPR by today. But we really won’t know until these companies face some kind of audit. Best of luck with that, EU. Judging from Zuck’s performance earlier this week, Facebook doesn’t care too much about transparency.
Update, 7:55am: NPR appears to be giving Europeans a choice of either still being tracked with cookies and other tracking technologies, or just viewing NPR online in plain text.
Here’s what it looks like when you visit NPR.org from the UK:
And here’s what the website looks like if you opt out:
That fixes that, I suppose.