mstolpm wrote: > There is already the opposite situation: "available on iOS AppStore (except in > EU)". And that might pop up more often in the future.

We already have lots of that related to website access. "Not available due to GDPR" is a pretty common error message for me.

If anyone wants to reply that "I've just dodged a bullet thanks to EU blocking unethical websites" then all I can say is I know how to dodge bullets by myself, thanks.

>If anyone wants to reply that "I've just dodged a bullet thanks to EU blocking unethical websites" then all I can say is I know how to dodge bullets by myself, thanks.

These websites did not get blocked by the EU. These websites chose to block themselves because they did not want to put in the effort to be GDPR compliant.

Which is functionally the same? EU can’t ban websites, but the threat of very high fines is effectively the same.

Also when it comes to random news websites (especially smaller local ones) what sort risks are there? The aren’t handling your personal information and if you’re afraid about them selling your browsing history to third parties there are way to fix that locally

> what sort risks are there? The aren’t handling your personal information

The sites themselves disagree with you. They think there's risk, which is why they decided to not work in the EU. EU does not "threaten very high fines" to sites that do not collect PII. GDPR does nothing if you don't collect information. But they obviously do collect it, despite your denial.

I meant risk for consumers due to those sites not complying with GDPR.

Of course the site owners think there it introduces unnecessary risks for them, that was more or less what my initial comment was about.

> But they obviously do collect it, despite your denial.

How? are you somehow compelled to share you name and address with random local/small new-sites from the US

They very likely are just using ads and/or analytics services which technically don’t comply with GDPR..

The analytics services gather enough detail to personally identify you. You know, IP, browser fingerprint, geolocation, corroborated with other sites you visited gets you gender, age bracket, lifestyle... the noose slowly tightens. This stuff is public knowledge and has been discussed ad nauseam.

How else than technically should they comply with the GDPR? Morally? They don't do that either. They gather as much as possible and deduce as much as possible from it. Are you actually claiming services like Google Analytics aren't interested in knowing much about a site's visitors?