This article is more than 1 year old

GDPR forgive us, it's been one month since you were enforced…

… and we still aren’t accepting EU users

A month after the enforcement date of the General Data Protection Regulation – a law that businesses had two years to prepare for – many websites are still locking out users in the European Union as a method of compliance.

To celebrate the milestone, El Reg is casting a vulture's eye over the sites that are giving a new meaning to the phrase "barrier protection".

Among the sites that Reg readers have moaned to us about are talk show podcast, vintage clothes outlet ModCloth and American sports shop Dick's Sporting Goods.

Another retailer that failed to get its house in order is posh homeware store Pottery Barn, whose notice says that "due to technical challenges caused by new regulations in Europe" it can't accept orders from the EU.

"The pace of global regulations is hard to predict," the shop complains about the legislation, which was adopted on 14 April 2016. "But we have the ultimate goal of being able to offer our products everywhere."

There are also a whole host of local media outlets that are shying away from dealing with the matter, including Narcity, Fredericksburg, The Advocate and the Hutchinson Leader. No doubt some smaller outfits lack the resources to justify serving what's likely to be a small number of readers in the bloc.

Less understandable – though not vastly unsurprising – is the news that major US publisher Tronc, which owns a number of the US's top-selling outlets such as The LA Times, the Chicago Tribune and the New York Daily News, remains blocked for those on the wrong side of the Pond.

Although its redirect message still states that the firm is "engaged on the issue and committed to looking at options that support our full range of digital offerings to the EU market", the blocking might hint that its efforts either haven't been in earnest or the firm isn't that bothered about EU readers (we asked the publisher for a progress update but are yet to receive a response).

Similarly, Instapaper and have yet to restore EU access to their services.

However, if you were thinking that compliance should be simple, there's plenty of evidence to the contrary – a great example being Forbes, which manages to make tracking-free access to its site so difficult you'd be forgiven for giving up.

Once users click the (much less prominent) button to change their preferences, they're offered a set of clear, granular options for cookies. However, those who choose "required cookies" only are faced with a wait while Forbes tries to handle your request – which some report can last for days...

Other sites, meanwhile, have taken an altogether different approach, running separate versions that are stripped of tracking – and thus actually allow people quicker access.

Outside of traditional publishing, Twitter also ran into hot water thanks to over-eager attempts to comply with rules in the GDPR that say kids must be 13 in order to be able to consent to using online services.

While trying to lock down the site, it also ended up automatically locking out people who were under 13 when they set up their account – regardless of how old they are now. The biz said earlier this month that it was working to fix the problem and restore those users' access.

Perhaps the best of all the GDPR fails, however, is the person who claimed it had caused him to get locked out of his hotel room.

Are there any sites you used to rely on but now can't access? Let us know. ®

More about

More about

More about


Send us news

Other stories you might like