This website is an independent publication about Purdue, not Purdue itself.
If you're small and running ads, I'm pretty sure you don't want to risk dealing with the significant legal pitfalls of GDPR. They EU isn't your audience, and lawyers that confirm you're in compliance (or not) are expensive.
That's a bit of an exaggeration. Those that try to collect as much data as possible data from visitors will of course find it difficult to be compliant, but many do not do this and are therefore in compliance with GDPR.
I do find the propaganda against GDPR annoying though. As an EU citizen (and someone who had to make sure we were compliant on multiple projects) I am happy about it. Is it perfect? No. But it's still waaaay better than nothing.
If you're an explicitly US website with no operations abroad, you shouldn't even give the GDPR a second thought. And if that's the case and you also have no operations in California, you should give the CCPA the same treatment.
I am not sure about Purdue and their affiliation with their student newspaper, but many US universities have operations abroad to some extent, like a recruiting office or something.
If you're small and running ads, I'm pretty sure you don't want to risk dealing with the significant legal pitfalls of GDPR. They EU isn't your audience, and lawyers that confirm you're in compliance (or not) are expensive.