[kuschku]

It's not okay for websites doing this, and any website doing this from May 2018 on will end up fined hundredthousands of dollars every time they do this.

The European General Data Protection Regulation [1] is coming, and everyone that doesn't comply with it will have more than just a little problem.

No site or program is allowed to track or store anything about me, to transmit anything to a third party, or to even connect to a third party without my explicit authorization, and I have to be able to opt out of it all, and still be able to use it.

This is a simple moral principle of consent. You don't get to access anything that is mine without my explicit consent.

[1] https://en.wikipedia.org/wiki/General_Data_Protection_Regula...

[rankam]

I don't know anything about the regulation and just skimmed the Wikipedia article for a minute, but isn't this regulation unenforceable in practice? If I have a website, how am I supposed to know if a visitor is a citizen of the EU? If my company operates outside of the EU, the EU has no jurisdiction.

[matty22]

I work for an email software company based in the US, but we are required to take GDPR very seriously. Large swaths of how our application stores and handles data has to be rewritten, because if a single one of our clients' emails is sent to a citizen of the EU, and we are not compliant with the new rules, we and our client are legally liable.

How that pertains to a normal website on the internet, I am not sure.

*Edit: At least this is my understanding and my company is already making development plans on how to comply with the new law.

[kuschku]

This is an interesting thing, but, in response to the US applying their laws supraterritorially[1], the EU has decided that the EU GDPR will apply supraterritorial (aka, everywhere, globally, as soon as an EU citizen could be affected).

So, if you're outside the EU, and you violate it, you might suddenly experience that your bank accounts get frozen.

[1] Just look at the recent case where US citizen sued Saudi Arabia in a US court, and the US senate overrode a veto of President Obama to allow this to happen supraterritorially.