It was hard not to see the GDPR coming as everyone’s mailbox has been full of e-mails coming from various services and sites about their new privacy policies and GDPR compliance. Some of them were just informative while some required you to give them a consent in order to access the site or continue using the service.
Several sites in the US for which the GDPR and Europe traffic is probably not a top priority decided to simply block any visitor coming from the European Union, so they don’t need to comply with GDPR. As BBC and Gizmodo report this includes:
- Chicago Tribune
- LA Times
- New York Daily News
- Orlando Sentinel
- Baltimore Sun
- Arizona Daily Sun
From the statement itself, it looks like the restriction is only temporary and once the site will be compliant with the GDPR, it will re-open access to EU visitors.
We have tested some of these sites using a VPN connection from Switzerland and surprisingly we couldn’t access them. That’s clearly a misconception as Switzerland is not part of the European Union and therefore the GDPR shouldn’t be applied.
Obviously, everyone accessing these sites from any of the European Union countries is affected. Including US citizens on vacation.
The easiest way of overcoming these troubles and getting access to any site is, of course, using a VPN product and connecting to a server located in the US or any other location besides the EU. You can even use one of the free VPNs – checkout our list of free VPN services for Windows if you are not sure which one to use.
On top, VPN product will make sure your connection is 100% encrypted, so no personal data can be stolen or connected (with exception of those you will provide to the site or service yourself).
What is GDPR in a Nutshell?
In short, GDPR obliges companies and websites to clearly state which personal data they are collecting and how they are storing them. On top, it gives users a right to object for any data to be collected and right to ask collector for any personal data to be deleted.
If any personal data are revealed to the unauthorized party (e.g. data breach), companies have to inform users within the first 72 hours after such risk occurs.
GDPR has been announced back in 2016, so all parties had enough time to make sure they will be compliant.