Many news agencies are today reporting the effect GDPR is having as it came into force today.
Some of the headlines:-
“Sites block users, shut down activities and flood inboxes as GDPR rules loom”
‘Major websites offline as GDPR comes into force.
“Major websites offline and Facebook and Google accused of breaching new GDPR rules as deadline chaos strikes”
“The LA Times has taken its website offline for UK and European audiences due to GDPR”
GDPR has been called the “The biggest update in data protection laws since the 1990s is posing major challenges for developers and businesses – while giving substantial new powers to consumers.”
Many websites have completely shut down their activities . Many consumer inboxes have been flooded with emails asking for consent to continue.
The UK news channels are running many stories not just about this but also how many companies are struggling with the jargon contained in the GDPR and what they actually need to do.
In an interview with the Guardian newspaper, Margot James, the digital minister, said “Of the eight guiding principles that governed the use of personal information under the old act, we have made an important addition – accountability. In the wake of the Cambridge Analytica scandal, UK citizens more than ever need reassurances their data is as safe as it can be and that organisations are accountable for it.”
“Except in certain, limited instances, organisations now must demonstrate they have our explicit consent to process our sensitive personal data. Generally, we’ve also given greater control to the British public over how their data is used. No doubt, like me, you’ll have received a flurry of emails in recent weeks from the organisations currently holding your data, and perhaps some you weren’t even aware did, asking for you to re-submit this consent.”
Steve Wood, the deputy information commissioner, wrote on the ICO website earlier this month “Some of the myths we’ve heard are, ‘GDPR means I won’t be able to send my newsletter out anymore’ or ‘GDPR says I’ll need to get fresh consent for everything I do. I can say categorically that these are wrong … You do not need to automatically refresh all existing consents in preparation for the new law.”
It was reported that websites run by Oath, received a blanket request on Thursday morning, asking users for consent “to use your … data to understand your interests and personalise and measure ads”. Users could click ok to move on or follow a chain of further links to discover that the consent granted involved sharing data with more than a hundred ad networks. Oath is a media firm formed through the merger of Yahoo! and AOL and another site run by Oath, Tumblr, placed a similar clickthrough for users.
NPR, the US media network took a simpler approach. Users could either agree to the new terms, or decline and be taken to a plain text version of the site.
And, it wasn’t just websites. PC hardware maker Razer issued an update to one of its computer mice, warning that users may find their devices weren’t working if they didn’t update.
Chinese smart-home manufacturer Yeelight, disabled inter-connected lightbulbs, because of the data protection regulation.
And a growing number of companies are taking the nuclear option to ensure compliance: blocking all European users from their servers.
Other companies are disconnecting EU users.
Instapaper, a service owned by the US firm Pinterest which enables users to save articles to read at a later date, became the latest to disconnect European customers on Thursday. It said the cutoff was temporary while it made the required changes, and told users: “We apologise for any inconvenience, and we intend to restore access as soon as possible.” Pinterest did not respond to a request for comment.
Some companies are making the move permanent. Unroll.me, an inbox management firm, announced it was completely withdrawing services for EU companies due to an inability to offer its product in a way that was compatible with EU law. The company told EU users, “We are truly sorry that we are unable to offer our service to you.” Unroll.me makes its money by selling insights gleaned from reading user’s emails
American media network A+E has blocked EU visitors from all its websites, including History.com , and some multiplayer online games, including Ragnarok Online, have switched off their EU servers.
Unfortunately, even going to the extremes of blocking every user based in the EU might not be enough to inure companies from the consequences of GDPR: the law applies to data processed on EU citizens wherever they are based in the world.