As GDPR comes into force, technology firms are struggling with the EU’s new privacy rules
Several tech firms have opted to block EU residents from using their services because of concerns they are not compliant with a shake-up to the 28-nation bloc’s data privacy laws.
The General Data Protection Regulation (GDPR) comes into force today (Friday May 25). It gives the public more rights over how personal information is used and raises the amount firms can be fined.
The UK’s privacy watchdog has stressed that it accepts that some firms will have more work to do.
“It’s an evolutionary process for organisations,” blogged Information Commissioner Elizabeth Denham. “Organisations must continue to identify and address emerging privacy and security risks in the weeks, months and years beyond 2018.”
Even so, Pinterest’s news-clipping service Instapaper is one of the most high-profile services to announce that it will bar EU users from accessing its platform from Friday.
It has emailed users to say that this is a temporary measure and that it intends to “restore access as soon as possible”. “I know that it was too short notice,” tweeted the service’s chief Brian Donohue, who has not detailed in what ways the service would have been non-compliant.
“I underestimated the scope of work and it was not possible to complete by the deadline, this was the required alternative.”
The movie and TV review app Stardust has gone even further. It has removed its product from EU versions of Google Play and Apple’s App Store, and deleted all EU residents’ records.
“Without deleting EU accounts entirely, we would be storing data about EU residents and therefore would be required to adhere to GDPR laws,” it explained.
“So unfortunately, we cannot simply block access or freeze EU accounts for the time being.”
Several video games companies are also blocking EU citizens’ access to older products rather than update them, and in some cases have pulled titles offline altogether.
They include the multiplayer shooter Loadout. “We don’t have the resources to update Loadout to GDPR compliance, and a big portion of Loadout players come from the EU,” it explained via the Steam store’s website.
“Sadly, while big companies have the resources to comply with the GDPR, that’s not always the case for small businesses.”