In Croatia you get fines for not having a valid fire extinguisher even though there is one in the corner right there. Why? Because "they went out of their office and cannot return empty handed, so let's write this small fine at least".

Also, public companies (those owned partially by the state) are exempt from GDPR...

That is why GDPR sucks, it is just another tool in almost despotic government.

Although I dislike this solution for 99% of websites out there, there are valid short term reasons to use this solution.

Imagine e.g. a user survey on a US University which saves data not in a GDPR compliant format. Why should this very local small group website be GDPR compliant when it's almost 100% sure it's only used from the US?

OK, but now I ask myself what happens if a Europe exchange student also participates...

This is a massive overreaction. As somebody in the EU I hope this GPDR hysteria that the tech industry seems to be experiencing passes quickly.

This is a great canary to weed out shady businesses and websites which cannot account for how they treat their users data.

Meanwhile other businesses which takes the GDPR seriously gets a massive boost in trust and reputation.

Guess which ones are going to get meaningful new business and which ones will be deemed unreliable and untrustworthy?

Re: messe - the massive overreaction seems to be from Americans in this thread insisting that since their perception of government regulators is as inefficient, a drag on business, and intent on vindictively fining people contrary to the provisions of their enabling legislation. (To me) seems like hand-wavy alarmism about the threat of international law and supranationalism to perceived individual freedom.

Blocking EU visitors doesn't actually make you GDPR compliant.

This is almost spite from US companies that don't want to conform to EU regulations