GDPR, aka the General Data Protection Regulation, went into force on May 25th. Sites had around two years to prepare for it, and most major organizations like the Washington Post, New York Times and CNN were accessible in Europe from day one.
Sites must disclose any data collection, why it's lawful, how long it's being held and whether it's shared with third parties or outside the EU. EU citizens have a right to demand a copy of the data in a common format and to have it erased. Larger businesses like Facebook and Google that collect a lot of personal data must employ a data protection officer (DPO) to manage GDPR compliance, but that doesn't apply to most news sites.
Tronc, which owns the Chicago Tribune and LA Times among other news sites, has yet to comment. However, Lee Enterprises, which manages city newspapers from Arizona to Washington, has no intention of complying with GDPR because its sites don't draw enough EU visitors. "Internet traffic on our local news sites originating from the EU and EEA is de minimis," spokesperson Charles Arms told NiemenLab, "and we believe blocking that traffic is in the best interest of our local media clients."
The situation is particularly painful for US tourists in Europe and ex-pats, especially those paying for subscriptions. "In Portugal, there's a big community of people that not only reads the Portuguese media but reads the US press as well on a daily basis," said Lisbon journalist Flávio Nunes. "I was surprised when I saw that a couple of months after, they're still blocking our access. It's crazy because Europe is a massive market."