Instapaper is temporarily shutting off access for European users due to GDPR

Popular read-it-later app Instapaper informed all European users today that its service would be temporarily unavailable starting Thursday, May 24th while it continues to make changes to ensure it’s compliant with the General Data Protection Regulation, or GDPR. The privacy rule, which sets new restrictions on how companies operating in the EU manage and share personal data, goes into effect on Friday, May 25th. News of the shutdown was reported first by writer and technologist Owen Williams.

Here’s Instapaper’s message in full:

Starting tomorrow May 24, 2018, access to the Instapaper service will be temporarily unavailable for residents in Europe as we continue to make changes in light of the General Data Protection Regulation (GDPR), which goes into effect May 25, 2018. We apologize for any inconvenience, and we intend to restore access as soon as possible.

If you have any questions about your account, would like us to generate an export of your saves, or want to check in on our progress, please let us know at support@help.instapaper.com. We look forward to having the same Instapaper service you know and love accessible in Europe in the very near future. Thanks for your patience.

While we don’t know exactly what’s holding up Instapaper, it’s more than likely to be the GDPR’s data subject access request, which allows any EU resident to request any and all data collected and stored about them. As The Verge reported yesterday, that’s causing companies trouble because it’s not entirely clear right now what information residents will request, what format that information needs to be in, how to locate it and package it, and whether new infrastructure needs to be created to manage this request pipeline. Personal info is a somewhat nebulous concept, and the fact that experts are describing the GDPR as “staggeringly complex” is not making it easy to cover all the bases. (Granted, companies have had two years to prepare for this.)

It’s clear that few companies, if any, will be 100 percent compliant when the law goes into effect. But because the fines are so steep — violating GDPR will cost a company 4 percent of its global turnover or $20 million, whichever is larger — no one really wants to be caught non-compliant. So that’s why companies are rushing and, in the case of Instapaper, literally shutting down.

Instapaper happens to be owned by Pinterest as of 2016, which does add a bit of a wrinkle to the situation as it’s not entirely clear what type of data on users’ reading habits or any other behaviors Pinterest may have gleaned from its subsidiary. When questioned by Williams on Twitter about the subject, Brian Donohue, a product engineering manager at Pinterest, said, “I can’t comment on specifics other than to say that I’m actively working on resolving it.”

Needless to say, Instapaper users in the EU should be prepared to lose access to their archive starting tomorrow. It may perhaps be a good time to switch over to Pocket.

Comments

Maybe all the tech companies should shut off service to the EU for a couple of days beginning May 25, just to give them a taste of what will happen when their regulatory overreach goes too far (Maybe GDPR is already too far?)

It’s very hard to see how GDPR is going to provide any significant benefit to the daily activity of EU citizens that outweighs the pain in the ass it is to comply with it, especially for small companies. At the end of the day, it’s going to force online enterprises to add a bunch of text to their TOS and sign up pages, which no one will ever read, and force companies to build a bunch of infrastructure for the very small group of users who want to see what data a company is holding, or move that data elsewhere.

If you want to understand why Europe is a relative backwater of tech innovation, GDPR is a great example of what the EU values – regulation over creativity.

cry me a river

The thing is too complicated. Regulatory uncertainty will cause European startups to disappear more than they already have. It’s a great piece of legislation that tried to tackle all the edge cases, which turned it into a scary behemoth to be avoided if at all possible.

I like the "data subject access request" essentially google takeout for all companies… but that’s really all we needed. Give it to us in the same format it is stored. I don’t care what sort of processing you do on the data, we should just expect the worst. It’s an anti lock-in system… something that would make it easier to leave walled gardens like the App Store and Slack.

If you want to understand why Europe is a relative backwater of tech innovation, GDPR is a great example of what the EU values – regulation over creativity.

Bad gobermint! Free the corporations!

Oh? Let’s all get on board, then. How about a 4% of global revenue fine against EU companies that don’t comply with complicated laws we pass in the US without publishing all the advisories and guidelines? Turnabout being such fair play.

Exactly. We could fine Spotify, and . . . and . . . [are there any other consumer tech companies of note in Europe?]

Maybe all the tech companies should shut off service to the EU for a couple of days beginning May 25, just to give them a taste of what will happen when their regulatory overreach goes too far (Maybe GDPR is already too far?)

sure yeah, I wonder why they’re not doing that…

It’s not because they’re afraid their European competitors will capture all of their business, that’s for sure.

what the EU values – regulation over creativity.

The EU values its citizens rights and freedom over that of corporations. Imagine that, a government actually serving its people. Crazy concept.

I know that can be a tough to grasp for somebody living in the United States, where laws are created based on whichever corporate lobbyist gave the lawmakers the most money.

As for competition, Eu countries eat most states alive financially.

Lol. You can’t believe such bs. The last thing the EU representatives value are their citizens, as is clear from GDPR itself or for example all those immigration issues.

You forgot to add "MAGA!" to the end of your post.

Freedom to be regulated and taxed, perhaps.

As for European competitiveness, EU per capita GDP isn’t even half of the per capita GDP of the US, and that’s before you take the UK out of the EU. You can’t regulate your way to innovation and prosperity.

US GDP mainly comes from a few specific states and natural resources. Ironically for the largest part from the most heavily regulated state – California. Another highly regulated state, New York is right up there.

Your regulation /= innovation and prosperity argument is false

You may be right, so how do you explain Europe’s dearth of innovative tech companies?

There is no regulation in Europe prohibiting innovative companies. That’s a silly argument.

How do you explain Kentucky’s dearth of innovative companies? Is it because they have more prohibitive regulation vs California?

Silicon valley is a self fullfilling cycle that’s been developing since the 60’s. They have the workers and VC funding. The best tech workers go where the best work and people are and the cycle continues. An Indian superstar coder doesn’t head to Austria, he heads to Silicon valley.

Europe does have tech industry, but not at the scale of the US, where certain tech giants created a very good industry around tech decades ago, the same way China has monopolized manufacturing. All the workers and know how is just centered there.

Surely the market will provide an endless supply of "innovation," "disruption," and other life-sustaining buzzwords.

GDP stat represent nothing, it’s a relic from the last century. It’s not a representation of how wealthy a NATION is.
One person can have $1m, a thousand people can have $1 each. Statistically all of them have $1000. In reallity the majority barely have anything. Pretty much what you see in the US these days. On one hand you have people who have no idea what to do with their money and on the other young people with $200k debt which doesn’t even include mortgage or car loan. I challenge you to find the latter in ANY European country.

There’s a pretty nice indicator to measure what you’re talking about: the Gini coefficient.

This measures the deviation to a perfectly equal distribution of wealth (basically everyone having the exact same income). It goes from 0 to 1 where zero is that perfectly equal distribution and 1 is the exact opposite: 1 person accounting for the global wealth of the country.

Looking at the OECD’s data for this indicator, the USA, with a score of around 0.4, are pretty close to… Turkey. And other datasets put Russia in the same ballpark. When compared to EU countries that’s worse than all of those included in the data set. To name a few: Lituania, Letonia, Estonia, Spain, Portugal and… Greece. Meanwhile, western and northern european countries are all roughly in the 0.25 – 0.3 range. With the notable exception of… the UK. Which also fares worse than Greece.

So yeah, it’s pretty easy to cherry pick an indicator to make a country look bad.
If you want a correct assessment of the actual wealth of a population you need to combine a few different indicators. You’d need at the very least to consider: overall income, income distribution and cost of life.

+1

75% of the people in US live paycheck to paycheck and on average Americans have nearly 3 credit cards.
The only country in Europe where this is somewhat normal and acceptable is the UK. Most Europeans probably don’t have a single credit card.

In the US, regulation is painted as an evil to be endured; in the EU it’s a protection to be enjoyed.

Instapaper must have a truly ghastly tarball of code and data to gnaw through if they can’t make this work. It’s not like some ranty little site "going dark in protest". The post-mortem should be a good one for coding horror stories. Maybe as a listicle: "10 ways we screwed up with your data and couldn’t fix it in plenty of time: #7 will SHOCK you!"

I’m kind of impressed that you know the term tarball but still think GDPR is easy to implement; perhaps because you never read it, certainly because you never had to.

Maybe all the tech companies should shut off service to the EU for a couple of days beginning May 25, just to give them a taste of what will happen when their regulatory overreach goes too far (Maybe GDPR is already too far?)

Sheesh. Bring it on?!

If you want to understand why Europe is a relative backwater of tech innovation GDPR is a great example of what the EU values – regulation over creativity.

Says who? You?
My company is using an IT ticketing system developed in Finland, monitoring tools from Latvia, CRM from Norway
US tech will be officially overtaken by Asia in couple of years.

Sheesh. Bring it on?!

It takes two to tango, but it only takes one person to trip the other one during the dance… or something.

You want 4% of the global revenue of companies based in other countries. It’s a creative way out of austerity, to be sure, but why do you think Asia is more willing to do this than America?

You want 4% of the global revenue of companies based in other countries

LOL

A. Yes, it was passed 2 years ago. But they STILL don’t have the full list of advisories for companies published yet.
B. Many of the guidances and advisories were only published within the last 6 months or less!
C. The small business advice support line has been effectively unavailable since it was announced.
D. The GDPR does not just have privacy implications. It also requires immense cross-service integration. Are you a blogger with a store, and you use Cloudflare for DDOS protection? Bet you didn’t know you not only need to revise your store privacy policy, you must also sign an agreement with Cloudflare.
E. The rules also include absolutely nonsense stuff like data portability. Services are supposed to build out abilities to port your data to other services. Nevermind the fact that the data might be incompatible, or that you’re now potentially legally liable for making network connections to companies you cannot ensure are secure, you also have to spend insane developer hours maintaining it!
F. Think that last rule is too draconian? So did the GDPR. That’s why it’s required, but "only when sensible to do so". What does that mean? No one knows. So now you have to do it, unless you feel like hiring legal counsel in the EU to defend yourself if you get penalized for it!
G. Certain organizations like nonprofits are exempt. I guess nonprofits are universally flawless and never do anything wrong?
H. The right to be forgotten/deleted is an absolute mess. If you buy something from a store, that store is legally required to keep those financial records, even if you request they be forgotten. So then the store has to make a determination on their own on what records they need to keep. Oh, and they have to keep records and paperwork to justify each instance. Oh, and you better hope the GDPR doesn’t disagree with your assessment. This gets even MORE fun when you’re an international store and, say, your home country has more strict record keeping policies. You basically have to document what the laws say in every case. God help you if you’re a small company.

Long story short, just TRYING to comply with this law is a joke. There’s so many things that aren’t explained or answered, and so many things that just threatens small business for no benefit to the user or their privacy.

View All Comments
Back to top ↑