Now that the General Data Protection Regulation (GDPR) is in effect companies are reacting. You may have noticed new messages on websites outlining that they are collecting information on you, or maybe you’ve received emails updating you on new privacy policies. Those notices are a result of the GDPR’s rules around how companies spy on you and use your data for profit. What GDPR is doing in practice is eliminating the business models of some corporations and we might all benefit from these sketchy companies going kaput.
For companies whose entire business model was users not really understanding the entire business model, the cost of direct sunlight may just be too high. Unroll.me, a company that offers to automatically declutter your in-box (while, uh, selling the insight it gleans from your data to companies like Uber), announced that it will no longer serve E.U. customers.
If enough companies follow this lead, one practical effect might be a split internet, with one set of GDPR-compliant websites and services for the E.U. and another set with a somewhat more, let’s say, relaxed attitude toward data for the rest of the world. But even a loosely enforced GDPR creates conditions for improving privacy protections beyond Europe. Facebook, for example, has already said it will extend GDPR-level protections to all of its users — if they opt in to them.