Hacker Newsnew | past | comments | ask | show | jobs | submitlogin
Breaking US law by not extending GDPR rights to US citizens (irishtimes.com)
27 points by _o_ on May 15, 2018 | hide | past | favorite | 11 comments


“The Civil Rights Act of 1964 prohibits national origin discrimination. Often that means banning polices that have a disproportionate advantage for people from certain countries. If the courts accept this line of reasoning here, that means companies are underestimating compliance obligations by orders of magnitude,”

US, you might thank Europe later :)


I haven't read the full text of the GDPR, but how exactly would the EU enforce fines like this against a company that ignores the GDPR but provides a virtual service within their border? E.g. a social media web service that has no physical assets in the EU. They could fine them all day long, but would have no power to enforce, right? Blocking IPs is a cat/mouse game.


I dont think this will be needed, other countries are preparing similar legislation, I remember Canada and Japan. The world is changing, there is no point in running away from GDPR it is just the first one. Rather adapt and profit later due to those that were running away.


From what I'm reading, Australia is gearing up for this too.


Don't underestimate the persistence of the US when it comes to ignoring international norms for 'freedom'. "Guns rights" comes to mind, among other things.


I’ve read that competent EU judgements can be enforced in the US through treaties and have full weight and sway as a US judgement, and vice verse, but I can’t find a source.


How does GDPR work for EU users using a vpn ? Looks like this entire GDPR business is bureaucratic mastbation.


I'm actually more curious how this will play out in China. Europeans live/work in China and visit China. I suspect PRC will say "meh" and nothing will happen.


My understanding is that it doesn't apply to Europeans not in the EU at the point of processing. The GDPR would apply to Chinese companies providing services to EU residents. I am certain the Chinese courts would not enforce GDPR, but EU courts may enforce it against Chinese companies within their reach by e.g. cutting them off from EU markets or confiscating assets held in the EU.


China/India etc. does not give much damn about EU laws any ways.


Off-topic but relating to GDPR.

In business there's this maxim that the only constant is change and its corolary that flexibility and adaptability is key.

Morals and consumer privacy aside, every time I see a company trashing GDPR I see a company set in their ways, a company too tired to adapt. It's (probably) not that they have a rigorous and rational framework for evaluating what changes are good or bad for the world, but instead they're just tired or afraid of change and would rather be left alone.




Consider applying for YC's Winter 2026 batch! Applications are open till Nov 10

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: