[ffgjgf1]

I meant risk for consumers due to those sites not complying with GDPR.

Of course the site owners think there it introduces unnecessary risks for them, that was more or less what my initial comment was about.

> But they obviously do collect it, despite your denial.

How? are you somehow compelled to share you name and address with random local/small new-sites from the US

They very likely are just using ads and/or analytics services which technically don’t comply with GDPR..

[lucianbr]

The analytics services gather enough detail to personally identify you. You know, IP, browser fingerprint, geolocation, corroborated with other sites you visited gets you gender, age bracket, lifestyle... the noose slowly tightens. This stuff is public knowledge and has been discussed ad nauseam.

How else than technically should they comply with the GDPR? Morally? They don't do that either. They gather as much as possible and deduce as much as possible from it. Are you actually claiming services like Google Analytics aren't interested in knowing much about a site's visitors?