← Back to context

Comment by SpicyLemonZest

18 hours ago

I get why people find this hard to believe, because it is kind of a crazy rule, but I repeat once again that this does not matter. Even if you have never sold a single product to an EU resident, and never plan to do so, the EU says as my original comment detailed that you are subject to the GDPR the instant an EU resident provides you with personal data.

(And of course, it's also the case that "selling to an EU resident" is substantially broader than "doing business in the EU" - EU residents do often travel to foreign countries and provide personal data to stores they transact with while there.)

5 comments

SpicyLemonZest

Reply
oblio  12 hours ago

I've read your links and you're misreading them.

1. GDPR applies to EU residents in the EU. The protection does not apply to EU residents going on trips to the US.

2. Based on the examples they've presented, there is a SUPER clean solution to your concerns. Geo-blocking. Problem solved, bye bye GDPR. But don't go crying for EU citizen money, can't have it both ways.

Just read the examples they present, they're fairly well written.

  • roger110  10 hours ago

    I'm pretty sure this is right, except does geo-blocking legally release you from the liability of an EU citizen using a VPN?

    • inigyou  5 minutes ago

      When you talk about liability, where is that relative to? Liability means that a court will order you to pay money. Which court are you worried about? US courts won't order you to pay anything, and European courts can't take away your money if your money's in the US. Businesses break laws in other countries all the time, and nothing happens to them. Remember when Russia charged Google with a quadrillion dollar fine and nothing happened?

    • oblio  6 hours ago

      1. From you own link:

      > But the GDPR does not apply to occasional instances. Rather, regulators look for other clues to determine whether the organization set out to offer goods and services to people in the EU. To do so, they’ll look for things like whether, for example, a Canadian company created ads in German or included pricing in euros on its website. In other words, if your company is not in the EU but you cater to EU customers, then you should strive to be GDPR compliant.

      2. As a general rule Europeans are MUCH less lawsuit addicted than Americans. Plus the way the GDPR works is that generally complaints are filed with a government agency that investigates.

      You analysis starts from a position of deep fear.

      1 reply →