Britons are rejoicing today after the slew of GDPR emails clogging up their inboxes for weeks finally stopped.

Many are wishing friends 'Happy GDPR day' while others exulted in their quiet email accounts after receiving hundreds of messages in recent days as businesses rushed to meet last night's midnight EU deadline.

Social media has been swamped with people exhausted by the amount of spam they have been sent before today and now their relief that the deluge is over.

Brussels says the General Data Protection Regulation (GDPR) is the most important change to data privacy rules in 20 years.

It starts today and is meant to give people more control over how their personal information is used, find out who has their details and also new rights to ensure they are deleted.

Companies have been bombarding customers with emails - sometimes several times per day - asking them to opt in because they face fines of up to £18million.

Non-EU businesses must also comply and some have blocked customers in Europe from using their websites or shut them down completely to avoid any heavy penalties.

Britons are celebrating today as the great GDPR onslaught of 2018 ended as the EU's deadline passed

Non-EU businesses must also comply and some have blocked customers in Europe from using their websites or shut them down completely to avoid any heavy penalties

A&E Networks, which is owned by Hearst and Disney and runs history.com, has also blocked EU visitors

What is GDPR and why were we being bombarded with emails? The General Data Protection Regulation (GDPR) is the most important change to data privacy rules in 20 years, according to the EU. It was passed in 2016 and comes into effect on May 25, 2018. The rules were designed to give people more control over how their personal information is used. This means companies must ask for permission to collect and use information such as names, email addresses and internet browsing habits collected online. To update their rules firms are currently writing and emailing all the customers on their databases so anyone who no longer wnats to be contacted can opt out. Firms must also report data breaches more quickly and individuals will be able to request all the data held on them within 30 days. They also only allow businesses to send letters to the public if they have specific permission or a legitimate reason. Companies who break the rules face fines of up to £18m or 4pc of their annual turnover - whichever is higher. Advertisement

In America IT experts are cashing in on the fear GDPR has caused by offering to 'geo-block' all European customer for a fee.

Mobile advertising company Verve, which set up in Europe two years ago, is shutting down its offices in London and Munich rather than deal with the new privacy regime.

It laid off around 15 staff on May 11, according to The Drum.

Popular email unsubscription service Unroll.Me has also stopped working in Europe while it works out how to comply with the new rules.

Gamers have also been hit because of GDPR.

Online games Ragnarok and Super Monday Night Combat are shutting down servers for European users because it the cost of complying is too high to keep going.

The Tunngle Service gaming platform has also closed.

A&E Networks, which is owned by Hearst and Disney and runs history.com, has also blocked EU visitors.

Some news websites are also blocking European readers.

Titles belonging to the publishing company Tronc, which also include the Chicago Tribune and Baltimore Sun, are showing the message: 'We are currently unavailable in most European countries'.

Dozens of websites have temporarily shut down in Europe with Britons unable to access them as new data protection rules come into force today.

The new General Data Protection Regulation (GDPR) give people in the EU new powers to access and control their personal data, as well as giving regulators greater power to levy fines on firms who mishandle data or fail to be transparent in how they collect and use it.

But American news websites including the New York Daily News and Los Angeles Times are among those which have temporarily shut down in Europe as the new law is rolled out.

The page URLs include the term GDPR, referring to the new General Data Protection Regulation, which comes into effect today promising to bolster consumer rights.

Meanwhile USA Today said it was directing British users to its 'European Union Experience' which was compliant with the new data protection rules.

Meanwhile TIME magazine and the Washington Post required users in the European Union to agree to new terms of service.

The GDPR gives people in the EU new powers to access and control their personal data, and gives regulators greater power to levy fines on firms who mishandle data or fail to be transparent in how they collect and use it.

Many are wishing friends 'Happy GDPR day everyone' while others exulted in their quiet email accounts after receiving hundreds of messages in recent days

Consumers have faced a torrent of emails asking them to opt in to further messages from companies required to comply with the GDPR.

Internet companies that track users online, whether for shopping, banking or other reasons, are set to face significant scrutiny.

The new rules require that they have specific justification, such as consent, for using personal information.

Microsoft CEO Satya Nadella said on Thursday that 'with GDPR, we will now have to operate recognizing that privacy is a human right'.

Microsoft said this week it would apply European data rights to all its clients worldwide.

Facebook CEO Mark Zuckerberg, also speaking at the conference, said GDPR means adding some controls, but he insisted it is 'not a massive departure' from what Facebook does.

Popular email unsubscription service Unroll.Me has also stopped working in Europe while it works out how to comply with the new rules

The New York Daily News and other titles belonging to Tronc were among those affected

Some American news websites have temporarily shut down in Britain as GDPR takes effect

The Los Angeles Times is among the titles in the Tronc group not appearing in the UK

TIME magazine was among the websites which allowed users access if they agreed to terms

GDPR: How does it affect you? New data laws come into force in Europe today, but how will the General Data Protection Regulation (GDPR) affect businesses and the general public? What is GDPR? The General Data Protection Regulation is a new, EU-wide law that gives greater power to regulators to penalise companies who mishandle personal data or are not transparent about how their business uses it. For consumers, it brings new powers that require firms to obtain clear consent from users before processing their data, as well as grants users a right to easily access the data collected from them and transparency on how it is being used. What are the key aspects of the regulations? As well as those already mentioned, one key element is the increased jurisdiction GDPR gives regulators. Under the new rules, any company that controls or processes the data of EU citizens must adhere to the GDPR guidelines, ending territorial-based accountability used by some firms not based in the EU to previously avoid sanction. The law also states that notification of a data breach must occur within 72 hours of being first discovered, increasing transparency around such incidents. The weight of fines able to be issued will also increase under GDPR. Regulators will be able to issue penalties equivalent of up to 4% of annual global turnover or 20 million euro (£17.5 million) - whichever is greater. For tech giants such as Google and Facebook, this could mean the risk of fines running into the hundreds of millions. Will it make a difference to business? It already appears to be. Many large technology and internet companies have begun the process of making their data practices more transparent with the threat of large fines hanging. Both Facebook and Twitter have been rolling out updates to their privacy policies, adding clearer language and description of data use, and offering more tools to users to share or remove their personal data from that platform, as is required by GDPR. The recent Cambridge Analytica scandal has also increased public scrutiny on data use, with Facebook acknowledging it has received more questions from users recently on how it gathers and shares personal data. Am I likely to be affected? Yes. Whether you own a business, run a charity, or have signed up to newsletters via social media or online shopping websites, the GDPR is likely to impact us all. The Act will give individuals easier access to the information that organisations hold about them - free of charge. Currently, there's a £10 fee for a Subject Access Request (SAR), which businesses and public bodies can charge in order to release any personal information. However, the GDPR means this will be scrapped and requests for personal information can be made free-of-charge and must be released within one month. What happens if I ignore it? Everyday users have to do very little to comply with GDPR - it's more targeted at big online businesses. Many people will have already noticed emails from organisations asking whether they still want to be on the receiving end of their mailing list and other information. However, these are not necessary in every case and if you have an existing relationship with a firm from which you have purchased products or services, you do not need to give fresh consent. Advertisement

A costly victory for privacy? From today, everyone from charities to your church must have YOUR permission to contact you. But confusion already reigns, writes ROSS CLARK

Over recent weeks, millions of us have been deluged with polite begging letters and emails.

They all ask us to give them our express permission to keep bombarding us with marketing material and to continue harvesting our most personal information.

Such correspondence comes from a host of organisations — such as those which we have used to buy products (and they have subsequently kept our details), charities, farm shops, local societies which send us newsletters and internet giants such as eBay and Google.

Internet giants such as eBay and Google are among the companies deluging millions of people with polite begging letters and emails asking us to give them our express permission to keep bombarding us with marketing material, writes Ross Clark

So we may be contacted out of the blue by a small florist from which we bought Auntie Doris a birthday bouquet or from Save The Children, to whom we once gave a donation.

In essence, they are obliged by law to get us to instruct them that we wish to remain on their mailing list.

This is the result of an EU-inspired rule called the General Data Protection Regulation (GDPR), which comes into force today.

It represents the biggest shake-up in data protection rules and changes to privacy laws since the internet was conceived.

It is designed to ensure consumer protections are fit for a world where more personal data is being generated and stored by third parties than ever before.

As well as putting a curb on the ability of behemoths Google, Facebook, Apple etc to barrage us with unwanted correspondence, it offers a welcome opportunity for us all to cull the number of emails and junk letters we receive.

It represents the biggest shake-up in data protection rules and changes to privacy laws since the internet was conceived

As from today, it will be illegal for data giants to use and sell people’s information without their express consent.

The new rules also make it easier for us to access the information that organisations hold about us.

As ever with such a major piece of new legislation, there will be winners and losers.

Worryingly, many small charities fear they will lose contact with donors and therefore their income will be reduced.

Other small organisations are concerned that the extra bureaucracy involved may become intolerable.

But there will be advantages — apart from the chance to halt the flood of junk mail — such as the right to ask any company for the data it collects about us, and that includes asking our employer.

There’ll be a right, too, to be sent a copy of that personal data, free of charge, and in electronic format.

For their part, businesses have inevitably raised concerns about the costs of compliance, which include the requirement for firms with more than 250 employees to hire a data protection officer to deal with all these issues.

Those who break the rules face fines of up to €10 million, or two per cent of global turnover (whichever is higher), for small breaches of the new regulation, rising to €20 million, or four per cent of global turnover, for more serious offences.

The GDPR places a duty on every company or organisation that holds personal data — such as names, addresses, phone numbers, email addresses and IP addresses (the number assigned to individual electronic devices) — to ensure they have the consent of the owner of that data.

Hence the flurry of begging ‘opt in’ messages.

Initially, I was overjoyed to learn of the General Data Protection Regulation. This week, my email inbox has been overflowing — as always.

There were the never-ending requests from companies and organisations I have used only once or never heard of.

One asked, for example, whether I was having ‘complications’ after my hernia surgery. However, I have never had hernia surgery.

God knows how the firm got my email address. Another, bizarrely addressing me as ‘Judith’, wanted to sell me property in Dubai.

No wonder I thought the introduction of the GDPR would be a once-and-for-all opportunity to ignore emails and never be contacted again.

And yet, this new EU legislation has a downside.

I run the cricket club in the Cambridgeshire village where I live, and regularly send emails to a list of 40 players of varying involvement and enthusiasm.

Under the GDPR, I will have to get the consent of everyone to keep sending them correspondence, or potentially face a fine.

Similar sports clubs all over the country have the same problem.

ArcheryGB, an umbrella organisation for dozens of clubs across Britain, has had to give advice to its members.

It says they’ll need to comply with the regulations ‘or penalties could be imposed, including very big fines’.

It explained that the GDPR will apply ‘whether you pay staff or are all volunteers, whether you have a clubhouse or not, whether you have ten or 1,000 members … there are no exemptions!’

And it’s not just sports clubs.

A churchwarden, who puts together a list of volunteers to read the liturgy at his parish church, worries he will be breaking the law.

He says he will not be able to include anyone in a rota unless they have given him their express consent.

Forlornly, he says: ‘The wonderful European Union has produced a regulation, directly enforceable in English law, which decrees I can be fined up to €20 million.

‘I do not understand why we all just give in to this sort of appalling nonsense. Do we really object to continuing to receive emails from people with whom we have been happily communicating for years?’

The responsibility for incorporating the new regulation into law has been delegated to Britain’s Information Commissioner’s Office (ICO).

Naturally worried about my village cricket club correspondence, I referred to its website.

But it is full of vague statements, such as: ‘You should document what personal data you hold, where it came from and who you share it with. You may need to organise an information audit.’

How are church volunteers, local cricket club secretaries and anyone else who helps run a community organisation expected to carry out an ‘information audit’?

The Information Commissioner’s Office website went on: ‘You should review your current privacy notices and put a plan in place for making any necessary changes in time for GDPR implementation.’

But there is no clear explanation what those ‘necessary changes’ are.

Confused, I rang the ICO, seeking reassurance with a series of hypothetical issues that I might confront with my fellow cricketers.

A spokeswoman told me: ‘We don’t answer theoretical questions.’

Instead, she sent me more guidance. An online questionnaire, which I completed, concluded: ‘Yes, you do need to get ready for the new law.’

Separately, a statement by Steve Wood, the deputy information commissioner, set out to dispel a number of myths and misunderstandings surrounding GDPR.

Contrary to the advice of the questionnaire, he said that clubs were not necessarily prevented from sending out newsletters without the permission of recipients.

So much for clearing up misunderstandings!

Also, Mr Wood’s statement added: ‘Where you have an existing relationship with customers who have purchased goods or services from you, it may not be necessary to obtain fresh consent.’

Facebook CEO Mark Zuckerberg being questioned in Washington last month about the social network's use of data

Surely this negates a key aim of the GDPR?

In any case, the word ‘may’ is hardly reassuring when breaches can lead to heavy penalties.

So I rang the ICO again and asked: ‘If I got someone’s email address five years ago, do I now need to seek their permission to send them emails?’

They couldn’t answer, but told me: ‘We’re not going to come after people who organise church rotas. As for large firms, our advice is not to panic.’

At least they’re promising to show a bit of common sense.

But that doesn’t change the fact we are about to have a powerful piece of new law, with provision for huge fines, and yet few seem to know what it means.

Meanwhile, unwanted emails keep dropping into my inbox — such as a firm inviting me to enlarge my breasts.

Will the new regulation do anything to stop them?

Probably not, as there is already a law which is meant to cover the sending of unwanted marketing emails — the Privacy and Electronic Communication Regulations of 2010.

Although many firms have been fined heavily for breaching these, the regulations seem to have had little impact on the amount of unwanted emails we all receive.

Indeed, a lot of these messages, especially the fraudulent emails asking me to transfer money from my bank account in return for a large financial reward, come from abroad and are therefore beyond the regulations’ remit.

Of course, commercial firms are busy trying to find loopholes in the General Data Protection Regulation and will undoubtedly exploit the fact it only covers what happens in Europe.

In fact, I bet you €20 million that all the big Silicon Valley-based data giants who make such handsome profits by plundering our information will find a way to duck the rules.

Facebook, for example, has already changed the territory where about 70 per cent of its users are registered — from Ireland to the U.S. — and thus away from the reaches of European authorities.

It doesn’t take a genius to realise that billionaire data company bosses and fraudsters will carry on pretty much as before, while the lives of church volunteers and village club secretaries are made much more difficult.

I would ask you to send me your tale of woe about these new regulations — but it would probably get lost among the avalanche of unwanted nonsense already bunging up my inbox.