[stale2002]

If you use a VPN to access a server that does it want you to access it, then you are breaking the computer fraud and abuse act in the United States.

Shouldnt you be the one sent to jail, as you are illegally accessing a computer that you were sepecially told not to access?

[roel_v]

Maybe. That's entirely orthogonal to the question whether or not the person who's server it is, is affected by the GDPR though.

[taysic]

But if that person could get sent to jail for that, then I don't see why they would file a complaint.

[roel_v]

I don't even see in the law whether or why the dpa would disclose the identity of the complainant. Maybe there are procedural situations where it would happen, I haven't really thought about it. I think people are too hung up on a specific person making a complaint. It's the dpa that will take action, probably removed a few steps from the initial complainant(s). This is not Law and Order style legal proceedings.

[merinowool]

If they are from poor EU village that could be tempting to get to US jail to learn language and have free food and bed.