Companies Respond To The GDPR By Blocking All EU Users
from the the-splinternet dept
We’ve talked a bunch about the GDPR recently. While the effort is well-meaning (some may disagree with this) and does have some good ideas concerning data control and transparency, we still feel that it was put in place by people who had little idea of the impact it would actually have, and will have disastrous consequences on online speech, in particular. And, since the GDPR has a long-arm aspect that will impact people across the globe (not just in the EU), there has been plenty of scrambling by companies to “become compliant” with the GDPR. This is almost certainly going to lead to a huge number of lawsuits over the next few years, with an awful lot of uncertainty. While some consultants have cleaned up in helping companies become what they hope is “compliant” (hence you probably receiving dozens of updated privacy agreements and terms of service notices lately), some companies have realized it’s just too much of a hassle and decided to block all access to EU users.
Hypponen also notes the very different reactions to all of this from EU readers and US readers. EU folks seem to be generally supportive of the GDPR and think that companies shutting down service are either stupid & ignorant or evil and thus should shut down. On the US side, he notes people are smug about how this serves the EU right and will harm the EU.
It’s entirely possible both are right.
But the larger issue to me is how this is increasingly splintering the internet, and doing so in a way that we’re not entirely prepared for. The GDPR has significant problems — even if it does also have some good stuff. The fact that it feels like supporters of the GDPR refuse to fix the problems seems troubling. It’s going to have quite an impact and there seems to be little concern among those who support it. They automatically default to the idea that opposing the GDPR means that you want to do something bad, no matter how inaccurate that statement is.
It would have been much better if those crafting the GDPR had actually bothered to listen to the wider concerns. And, barring that, if they hadn’t made the reach of the law go so far beyond EU borders where it will rule over the internet and the rest of us have to deal with. They could have preserved some of the good ideas concerning control and transparency, without creating so much of a mess for everything else. But they chose not to, and now we’re all going to leap off the cliff together and see how everyone ends up.