| The problem with your example is that the internet does not work exactly like meat space. Why not compare it to tourists shopping while on vacation in China and purchasing items that could not be sold in the US, then bringing them back in their luggage? In that case, either the tourist who bought it is the one in the wrong and will need to forfeit it at the border, or the law does not apply. I see no reason why the conclusion about the GDPR cannot be "EU companies on EU soil need to comply, but EU citizens touring the internet via non EU sites are on their own and proceed at their own risk, without protection from the GDPR." IANAL, but I have had a couple of law classes. Also, one of the things I do know is that we have no world government and laws regarding international internet stuff are breaking new ground daily because it is an unprecedented circumstance that doesn't one-for-one compare to historical legal precedents. I imagine if we ever get a world government, it will be an emergent event and it will grow out of the current trend of multiple countries joining together to form blocks like the EU. But I see absolutely no reason why any country outside the EU should be presumed to be subject to EU laws just because EU citizens are capable of accessing their sites via internet. If someone has an article that shows this has been established as a precedent the world accepts, I would be interested in seeing it. But I am not aware of any established precedent suggesting the EU will by default be accepted as having the authority to dictate standards across the globe. |