Comment by drstewart
5 years ago
>Every time I read about GDPR compliance, it feels like a very well-designed set of guidelines that are easy to follow ... IF you aren't stalking users.
There's a difference between being compliant and being _in compliance_. There's a real cost to the latter. Why should sites that primarily serve non-European readers bother with it? The assumption that they don't because they're all greedily stalking users is a misguided, but popular, cynical take.
I'm not sure what the distinction is between the two. Is one of those having a verified system to ensure that you are compliant, while the other is merely being compliant but unprovably so?