Condenser (the system that powers Steemit.com) has recently been updated with the first user to invoke their GDPR right to be forgotten. It's possible that they just asked for their account to be closed — without mentioning the GDPR — but this was processed as a GDPR request. The GDPR (General Data Protection Regulation) requires that services provide users with a means of invoking their "right to be forgotten", with some exceptions (which Steemit might fall in to). Since all actions on Steem are irrecoverably and permanently stored on the blockchain, it's not really possible for a user to be "forgotten". However, Steemit can come close to deleting an account.
In PR #3058, a user was added to the Steemit GDPR list. Previously, this list was empty. When a user is added to this list, their content will not display. Their profile page 404s, their comments are not shown, their posts also show a 404, and they will not be able to login. This is done by checking if a user is part of
GDPRUserList.js whenever content from the blockchain is to be displayed.
Whether this complies with the GDPR or not has never been tested in court (to my knowledge), but in my opinion not showing the content on Steemit is a reasonable compromise. @holger80 has written about this in the past.
Since other dApps don't share this GDPR blacklist, their content is still visible on other platforms. You can see the difference on their Steemit page (a 404), compared to their Busy page (their real profile page).