Comment by GTP
> I already get blocked connection (on target site) because EU regulation is too onerous
More like "we want to track every single user coming to our website without giving them the option to not be tracked".
> I already get blocked connection (on target site) because EU regulation is too onerous
More like "we want to track every single user coming to our website without giving them the option to not be tracked".
> You can serve consent form only to the connections from EU.
Why? While I get that, if tracking is part of someone's business model, they want to track as many people as possible, I doubt it would be illegal to give also people that aren't in the EU the option to not be tracked. If it really would be so expensive to be compliant while also differentiating between users connecting from the EU and users connecting from outside the EU, why not just give everyone the option to choose if they want tracking as a measure to cut compliance cost?
You can serve consent form only to the connections from EU.
I have been part of se several GDPR compliance projects and it's the other stuff that's the problem.
Data protection officer (recurring cost, even though it is only a part of a job, not full time position) , user data deletion and user data take-out. Compliance is not free. If system wasn't designed from the beginning, it's really expensive to add it.
Restore from backup after disaster recovery - make sure you anonymize/delete people who were deleted after backup was made.
BTW, IP address is PII, so...
Honestly, it would be cheaper to buy everyone in EU VPN.