eDiscovery Daily Blog
Here’s One Way to Comply with GDPR – Block All EU Users: Data Privacy Trends
Believe it or not, Europe’s General Data Protection Regulation (GDPR) is set to go into effect in one just one week(!), on May 25th. Many organizations are scrambling to comply with the new regulation and a lot of them won’t have compliance sorted out in the next week. As a result, some companies have realized it’s just too much of a hassle and decided to block all access to EU users.
According to Above the Law (Companies Respond To The GDPR By Blocking All EU Users, written by “Techdirt”), F-Secure’s Mikko Hypponen has tracked a bunch of examples of sites that give you some simple javascript to block EU visitors. Hypponen highlighted one site (currently offline, but can be seen at the Internet Archive) called GDPR Shield that does that (assuming the requestor has Javascript turned on, and their location is determined accurately — both of which may be big assumptions). Hypponen also noted several other sites cutting off EU users, including: Ragnarok Online, Verve, Brent Ozar, Unroll.me, SMNC, Tunngle, Drawbridge and Steel Root.
Hypponen also noted the very different reactions to all of this from EU readers and US readers. EU folks seem to be generally supportive of the GDPR and think that companies shutting down service are either stupid & ignorant or evil and thus should shut down. On the US side, he noted people are smug about how this serves the EU right and will harm the EU.
I can understand the prospects of a penalty of €20 million or 4% of worldwide revenue (whichever is greater) can cause organizations to take drastic steps. But, should those steps include blocking EU users altogether? Seems like a great way to cut off a lot of potential revenue. What’s better: to be penalized for not complying with GDPR or to give up potential business in a drastic attempt to avoid the penalty?
Back in February, Tom O’Connor and I discussed the aspects of GDPR and steps to comply in a webcast we conducted on the topic (and we didn’t advocate shutting out the EU users). It’s not too late to check it out! One week to go!
So, what do you think? Are you ready for GDPR? Please share any comments you might have or if you’d like to know more about a particular topic.
Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.
Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.