There were definitely publishers who had to block EU traffic while working on compliance. Additionally, people at companies like mine had to rush out features to allow users to view all of their saved data retained by us and optionally save or delete it. Additionally there are lawsuits out already for non-compliance, which cost money to deal with even if you win. So it had a big impact to companies' bottom lines and was worth the press in my opinion. Definitely penalizes startups who couldn't throw a couple engineers at GDPR compliance for a couple months as well like we did.
They would not need to block access. They needed to set up a time-plan on how they would get compliant to show in case they get a complaint. This is not US law, it's EU :)
Seriously, that is my impression of all conversations here, US companies trying to understand a law written in EU. I imagine this to be very hard.
> They would not need to block access. They needed to set up a time-plan
Exactly. And that is part of my point. Everyone acting as if something dreadful would happen if the timeline was not met RIGHT AWAY!!!. It would not. The EU might bring an action after initial outreach to the companies legal department. The legal dept would do a dance and explain why they need more time. The EU would then agree to the time line. Any any case would go to some court and would also involve appeals and some form of due process. During that time lawyers would work back and forth. Any fine would almost certainty not approach the worse case scenario. Not going to happen. And certainly not to a small fish or anything close to that.
