It’s also negligible if you block EU access. The people that own the content get to decide which approach to take.

I for one am a little tired of EU citizens telling me something doesn’t have compliance costs when I’ve been in the room when outside counsel couldn’t agree if a brochure ware site was compliant because the logs contained IP addresses.

You may wish that the regulations didn’t make the choice of blocking EU citizens the more palatable but that doesn’t make it true.

GDPR seems straight up common sense to me, but ...

At times it seems like the common sense behind the GDPR is not -in fact- entirely common to American (lawyers) somehow.

That can't be entirely true though, since some US states seem to have been considering similar laws recently.

Color me confused by it all. (see also an earlier comment I made in a similar conversation https://news.ycombinator.com/item?id=29126413 )

At quick glance their page does have a login button, which you can't implement on a static site. It also has social network buttons. These are probably all useful features for them and their audience

Opt-In Social Media buttons exist.

Indeed, though that's extra work. One can also just send people to the social media site when they click on the site's button, afaik they all have dedicated pages for sharing content (they want you to share stuff on their platform). Don't need to import their javascript and run it on every visitor's system just to have links to their sites.