(Disclaimer – this is an observational opinion and does not constitute legal advice)
Unless you have been living under a rock in the last few weeks (May 2018) you have heard of GDPR in the IT sector, or as I am going to call it “GDPRmageddon”. In the light of other major forced internet changes like mobilegeddon (caused by Google declaring it will not show non-mobile friendly websites in search results on certain phones and devices) the internet largely complied and adapted. I see no reason why GDPR will not have mostly the same result, however there will likely be other consequences that may not have been intentional.
Currently as of the time of this particular post, the US Government, ICANN, the FCC and other oversight organizations have made no statements, even when prodded for one, about any potential shielding from GDPR fines and lawsuits related to privacy concerns from the EU or other countries for that matter. The result of which will be one of several possibilities:
Software updates in major OS and Server packages will make that last item easier. cPanel has recently updated their software and one of the basic updates is a major request from many years ago; the ability to block certain countries. (cPanel link)
WordPress and GeoIP functionality also make these possible and will likely result in more websites simply blocking EU visitors to prevent future issues.
Privacy laws that vary by territory is going to be an issue in the coming days. Who has the right to sue for violations? The country or the individual?
In some cases both do.
Anyone that has used the common practice of using a throw-away email address to sign up for something or download something that you have no intention of ever wanting legitimate email from that website knows this. Personally I use a very old AOL email address for this purpose. email@example.com is the target for tons and tons of spam that get through AOL.com extreme filter. Sign up for one download – get spammed for the rest of eternity. It has happened and no one is happy about it but the spammers. Change was needed. However what was standard practice to harvest potential sales targets is now getting the brunt of the attack and backlash for the legal issues now faced.
Change was needed but the GDPR seems broad sweeping and targeted at everyone everywhere. The US needs to protect US interests in these areas to prevent abuse on small to medium companies and organizations. There is nothing in place to do so. (Forbes Article – US will be affected with GDPR)
Organizations or companies that abuse privacy data, should have been the target for such legal changes, but there is little to no discrimination or flexibility in these terms expressed.
Granted some websites are in certain languages already and some separation occurs as a result. However at the moment living in Texas, I can access the website for the cell phone company in India and ask them to sell me a phone and chip because I may be traveling there soon. That is the nature of the internet. That all may be about to change.
The last few weeks have seen an uptick in spammy emails AND legit emails spamming their users with “please agree and resubscribe” emails. Panic to a certain extent has set in and as most feel, rightly so. It is a bit like facing down a shotgun barrel and being threatened if you so much as blink.
Data is big business and has been for years, a bit like how banks like debt more than money. Facebook does not charge for the bulk of their service. You are the product. Data mining and sales of your personal data, habits and conversations has been their money making source since they started. This is one of the main reasons why “there is no such thing as a free lunch” rule still applies today.
Will we see sweeping changes to the internet as a result to the GDPR? No. Spammers will still spam, big companies will still get sued, and the little guy has to work harder to keep from being hit by the broad sweeping sword of legal changes on a government side and private litigation side. The only winners here are the law firms and the abusers.
We will likely see isolation, blocking and separate sites for territories increase, and as I fear… a less international internet.