>And I'm really irritated that I can't access local news sites in America because they aren't compliant -- so they blanket ban European access. That's deeply problematic.
The usual answer I get when I complain about this is either "It doesn't happen to me" or "They wanted to steal your data. You're better off without being able to use their site."
I've yet to be convinced by either argument as a European. It's almost like a knee-jerk reaction by some Europeans that if Americans do something we don't like then they're automatically in the wrong.
I personally see as usual business of the internet. Every country has their rights to regulate internal markets and every company need to decide how many markets to cover.
Personally I like GDPR more than no-GDPR and think that it would be nice if the US had a GDPR compatible regulation (as in the EU and the US diplomatically agree that it is enough for US company to respect the US regulation and for European companies to respect the GDPR to be compliant under both). On the other hand as laws stands I appreciate that they take this law seriously, even if not in the way I would like most.
Overall I do not think that losing access to local US news sites warrants remaining in a GDPRless world
But it's not just local US news sites. Plenty of other businesses won't do business with Europeans as a result. Even video games shut down over this (Ragnarok online, I believe). But the real question is the signal GDPR sends - how many online businesses will simply not get created (especially in Europe) because of GDPR? The nebulousness of the situation is why I've decided to not create at least one website before. I'm sure the lack of my website is no loss for the world, but what about others?
And keep in mind that none of this will actually save your privacy. A Chinese service could steal all of your data, sell it, and nothing would happen because they're outside the jurisdiction of the EU. The only thing that will save your privacy is not giving out the information in the first place.
> A Chinese service could steal all of your data, sell it, and nothing would happen because they're outside the jurisdiction of the EU.
But now it is illegal, the thing that might happen is that the EU bans Chinese apps like India did.
> Plenty of other businesses won't do business with Europeans as a result.
I believe you, this is something to consider when making stricter regulations. The same happens with food imports regulations and many other fields.
Some of the business that will not be created are business that should have been created, many other will be legitimate business that will simply consider the risk of the nebulousness of enforcement too high.
One example early on was that it is now unclear whether industrial sensors are by accident in violation of GDPR because the resolution needed for industrial application is enough to distinguish different humans.
My uninformed opinion is that these are solvable problems and personally I blame decades of recklessness in this field that made this necessary.
The usual answer I get when I complain about this is either "It doesn't happen to me" or "They wanted to steal your data. You're better off without being able to use their site."
I've yet to be convinced by either argument as a European. It's almost like a knee-jerk reaction by some Europeans that if Americans do something we don't like then they're automatically in the wrong.