[eesmith]

Who would use it?

Like, if you are in Germany and want to travel to the UK then you need to use a UK site to get an Electronic Travel Authorization. UK is not in the EU, so you'll need another browser.

Norway and Switzerland are also not part of the EU.

And then there's something odd about thinking that if you connect to Facebook's data center in Ireland then that interaction with Facebook is fully regulated by the EU and the data is safe.

Nor is it like EU-based servers are automatically outside the reach of the US CLOUD Act, if the server is operated by a subsidiary of a US company.

[osigurdson]

>> UK is not in the EU, so you'll need another browser.

I'm thinking it would just be a warning. The EU citizen can then decide if they want to take on the associated risks of using a non-EU compliant site.

[eesmith]

You'll end up with warning fatigue.

For example, the French Parliament at https://www.parlement.fr/ uses fonts.googleapis.com and fonts.gstatic.com . The Spanish Senate at https://www.senado.es/web/index.html uses Akamai mPulse.

Those will trigger warnings, right?

To be fair, the Spanish Congress of Deputies and the German Bundestag did not use US links, but my point is that if half of the government sites use US services, then your browser proposal will be throwing up warnings pretty often, and train people to ignore the warnings or stop using the browser.

[osigurdson]

If those are CDN urls then likely they resolve to IPs within the EU so that use case would probably be fine.

>> throwing up warnings pretty often

That is mostly the situation (globally) with cookie banners. There would be a transition period but eventually there would be fewer and fewer warnings.

[eesmith]

I'll say again: "And then there's something odd about thinking that if you connect to Facebook's data center in Ireland then that interaction with Facebook is fully regulated by the EU and the data is safe."

The EU–US Data Privacy Framework is bogus. It exists because European organizations want to use US tech under a thin fig leaf with the word "privacy" on it.

> eventually there would be fewer and fewer warnings

From what I gather, that is not true about cookie banners. The implication is these banners say the GDPR is pointless, but the actuality is European companies also want to profit from data gathering.