> If you're legit doing the rest as you say then congratulations you're already GDPR compliant, you're just being stubborn. Seems a waste of brain cycles.
How many jurisdictions exchange packets on the internet with your country of residence?
How confident are you that your web service is compliant with all of them simultaneously? Are you compliant with Saudi Arabia’s laws? India? Pakistan? Russia? China? Argentina? Nicaragua? Cuba?
I’m suggesting that conducting business in a jurisdiction without first ensuring you’re compliant with the laws of that jurisdiction is a bad way to conduct business. Making sure I’m compliant with EU law is a waste of brain cells right now. Making sure I’m compliant with U.S. law is taxing enough.
I’m also suggesting that you probably shouldn’t be liable for a random country’s law just because one of their citizens misrepresented themselves and tricked you into exchanging packets under a different set of laws than you know how to operate in.
How many jurisdictions exchange packets on the internet with your country of residence?
How confident are you that your web service is compliant with all of them simultaneously? Are you compliant with Saudi Arabia’s laws? India? Pakistan? Russia? China? Argentina? Nicaragua? Cuba?
I’m suggesting that conducting business in a jurisdiction without first ensuring you’re compliant with the laws of that jurisdiction is a bad way to conduct business. Making sure I’m compliant with EU law is a waste of brain cells right now. Making sure I’m compliant with U.S. law is taxing enough.
I’m also suggesting that you probably shouldn’t be liable for a random country’s law just because one of their citizens misrepresented themselves and tricked you into exchanging packets under a different set of laws than you know how to operate in.