It's a shame the Omaha World Herald is too lazy to make its website GDPR compliant.
Complete thread drift, but it's my specialist subject these days so...
Becoming GDPR compliant can range from the doing almost nothing, to undertaking a huge investment in consultation and time. It depends on the nature and geography of your databases (those containing private EU individual data sets) and especially on the range and geography of your sub-processors, together with a ton of other factors I would not dream of further boring you with.
Bottom line, it's nowt to do with laziness and everything to do with determining the return on investment (ROI) like the vast majority of business decisions in the commercial world.
Apologies...nobody likes a smartass, I'll get my coat.