In its simplest form, GDPR is "setting guardrails around surveillance marketing and surveillance advertising," Fatemeh Khatibloo, an analyst at Forrester, previously told Ad Age.
That means contextual advertising—i.e. showing ads for "Gatorade" to someone visiting a football-focused website—is completely fine. What's not is tracking consumers all over the web while modeling data against personal information without consent, Khatibloo says. Most people understand that ads pay the bills for many services in a general sense, but GDPR has arrived to make sure companies track only if they have permission.
Unlike here in the U.S., consumers in the E.U. can disagree with a platform or publisher's terms of service and still have access to content or features.
Ad Age used a virtual private network, or VPN, to see what E.U. citizens are seeing across major publishing sites. A VPN can be used to make the internet think you're in Brussels, for example, instead of Chicago, or wherever you actually are. Ad Age went with Luxembourg.
Yahoo: Oath's Yahoo provides a clear explanation of how it is managing data and allows users to easily toggle among the companies that can capture information.
The Los Angeles Times: The website does not appear ready for the EU's GDPR deadline. Publishers had more than two years to prepare for the regime change, but many didn't finish the job. Roughly 40 percent to 60 percent of companies aren't ready for GDPR as it becomes effective, experts say.
The New York Daily News: The publication, which is owned by the same company as the Los Angeles Times (Tronc), also isn't ready.
The New York Times: The Times has a slew of explanations on why it uses cookies, varying from improving site performance to advertising and social media. This information only appears if an EU user wants to learn more about the publication's tracking policies.
USA Today: The Gannett-owned publication had no ads on its website Friday for a visitor who appeared to arrive from Luxembourg. "Welcome to USA Today Network's new European Union Experience," the site reads. The publisher isn't collecting any personally identifiable information from readers to use in advertising.
Salon: EU visitors are greeted with a vague disclosure and encouragement to agree, along with a smaller link offering to show "all options."
Honorable mention: EU readers who visit the websites of the NSA, FBI or CIA won't be greeted with any consent applications. Guess they're not being tracked.
