The extremist approach to GDPR: Some US publishers consider blocking European visitors
The General Data Protection Regulation is looming, and for many publishers, it’s a mad scramble to get their sites compliant before the enforcement date on May 25. That’s when they have to start asking European visitors for permission to collect and use their data, or risk running afoul of the EU privacy law.
Some U.S. publishers with small European audiences and businesses are considering dealing with the issue by just blocking European IP addresses outright from accessing their sites. The thought: Why even bother with the risk of fines that could total 4 percent of global revenue.
“There’s a lot of things within GDPR that are kind of vague,” Roberts said. “Seeing what our competitors are doing will be helpful to seeing what is absolutely necessary. Blocking gives us some time.”
It’s an option Chris Tolles, CEO of entertainment news site Topix, is also considering. With a monthly reach of 22.3 million unique visitors, Topix gets more than 10 percent of its revenue from the U.K., revenue he doesn’t want to lose. But the rest of Europe isn’t necessarily worth the cost because high ad-blocking rates in countries like Germany make it hard to monetize those audiences. “It’s a rounding error for a lot of people,” he said.
Tolles admitted that blocking Europeans is a “pretty extreme” step, but he has some experience here. “It’s easy to block people by IP address,” Tolles said. “I’ve blocked most of Africa, Asia, most of the nations that cause me problems legally or from a spam or scam standpoint already. I’ve already blocked most of the former Soviet Union.”
Tom Sly, svp of digital revenue at local broadcaster E.W. Scripps Co., said Scripps has been working for the past eight months to get compliant with GDPR. But if Scripps doesn’t think it can get compliance across the board, it’ll block EU IP addresses. GDPR has sowed a lot of uncertainty about what it means to be compliant, and “the back-end data piece is a little scary,” he said. “Some would look at it as an extreme step, but we’re serious about compliance.”
Even here, though, there are unknowns. Some think publishers that sell programmatically will be required by their ad networks to be GDPR-compliant, as Google has said. “Every ad network is saying, ‘Here are set of things you have to do,’” Tolles said. Another view is that no vendor could really argue that publishers would need to get consent on non-EU traffic, though. Another concern is that filtering out EU IP addresses could slow down site speed and cut into audience, even if the impact is slight.
Some of these publishers are resting on the widely accepted assumption that if they’re not marketing directly to visitors in the EU, they shouldn’t have to comply. Chris Pedigo, svp of government affairs at Digital Content Next, a trade association for digital publishers, sees this approach as plausible, but not a long-term solution. It comes down to publishers’ business models and what “marketing” means to the EU enforcers.
“It’s an interesting approach, but I don’t think it’s long-term strategy,” he said. “Because long term, you wouldn’t want to shut out your ability to be in that marketplace. Also, other countries will follow suit; they tend to follow suit.”
Download Digiday’s official guide to GDPR for checklists, research and more that you’ll need to know before May 25.
Here’s what’s behind the rise of custom algorithms for digital ad decisions
As advertisers ingest more campaign data and demand more control over it, custom algorithms are getting more attention. Here's why.
Gannett relaunches CTV streaming channels as ‘home’ for original, long-form videos
Gannett is relaunching its CTV streaming channels with more long-form programming and on additional distribution platforms after a rise in views and time spent watching.
Member ExclusiveMedia Briefing: As student athletes begin signing brand deals, sports publishers want in
Sports publishers are building new franchises that will connect the newly available student athletes with advertisers.
SponsoredHow the ad industry can use its borrowed time to future-proof first-party data solutions
Trent Lloyd, co-founder and head of brand solutions, Eyeota Google’s updated timeline for its Privacy Sandbox rollout, including its two-year delay of third-party cookie deprecation on Chrome, didn’t come as a surprise to many industry observers, given the limited utility of Google’s FLoC and the slow momentum of the Privacy Sandbox in the World Wide […]
Exclusive: Substack continues its acquisition streak with public correspondence startup Letter
The acquisition comes as Substack’s biggest, newest competitors are trying to position newsletters as one hub in a larger relationship between creators and their audience.
Now hiring: The FTC seeks ad tech and social media experts as it shifts its approach to investigating data abuses
The FTC's chief technologist aims to shift away from reliance on legalistic remedies to stop data abuses and wants technologists who understand ad tech and algorithms to help.