A study shows that 67% of U.S. websites fail to comply with Europe’s GDPR.

A new study announced by PYMTS shows that a strong majority of U.S. based websites violate the privacy regulations of the European Union.

The EU has passed several laws aimed at providing digital identity protection, among them the General Data Protection Regulation (GDPR), which went into effect in 2018.

American websites have been found repeatedly to violate these laws. According to one study, 67% of the top 1,000 websites in the United States were in violation of the GDPR.

The violations fall into several categories. For example, 43% of websites do not offer users the ability to opt out of selling data, 55% fail to notify users of cookies when they visit the site for the first time, and 32% of sites contain ad trackers. All of these things are forbidden under the GDPR.

Relevance outside the EU

The study also pointed out that while GDPR exclusively concerns Europe, websites originating in the U.S. still sell goods and services to EU customers. This lack of compliance could have significant implications for companies unless they agree to modify their practices for European visitors. Fines for violations of the GDPR range from $80,000 to $120,000.

To help smaller app developers make sure they’re complying with the GDPR — and thus avoiding penalties they may not be able to afford — Google has launched a new platform called Checks, designed to automate GDPR compliance.

Developed by Google’s in-house incubator program, Area 120, Checks leverages artificial intelligence (AI) to scan code bases and evaluate them for privacy and other areas in which they may fall short of GDPR’s standards. In addition, the platform performs scans for compliance in the U.S. and Brazil, ensuring a significant portion of the world’s app developers are avoiding regulatory penalties.