@kingannoy If only it were that simple...most of my clients chose to work toward compliance, but some took this tack. They weren't (and aren't) crazy, and there's nothing wrong with blaming the EU for making this choice. It has consequences - some they'll like (fewer cookies) and some they won't (further neutering the possibility of a European Silicon Valley). This one falls somewhere in between.
I could understand your argument if we were talking about a company has a reason for handling private data, like say, Fit Bit. And if they said something like: "We got caught with our pants down, we'll be back with you as soon as we figured it out".
Instead it's a company with no excuse for gathering anything but your address, low-key insulting our government. They aren't crazy, they are the target of this law and I love their precious little snowflake response.
@kingannoy In actual dollars-and-cents terms, putting up a blocker like this is a net gain compared to spending the resources to achieve full GDPR compliance for many US companies. They just don't sell enough of their products/services in Europe to justify the transaction cost and additional risk.
That is because the negative externalities are never connected to the companies. If companies were held accountable for the damage all this stored data does when (not if) it leaks, they would think twice about hoarding it.
I really like @doctorow comparison to a oily rag business. It is inherently dangerous to hold on to all this data. These companies can only profit from it because those dangers will never hit them but only their customers.
So I understand that it's in this companies best interest to just not do business in the EU. In dollars-and-cents terms it's better for them if they can keep being as un-responsible with their customers' data as they want. They prefer it if those possible negative externalities don't get connected to them.
Totally reasonable free market response.
A Mastodon instance for info/cyber security-minded people.