Hacker News new | ask | show | jobs
by icebraining 2780 days ago
If an EU citizen steps foot in the sovereign territory of another country, the EU says that all their privacy laws apply.

That's not true. The GDPR doesn't apply to citizens of the EU, but to people in the EU or services performed there.
1 comments
sbr464 2780 days ago
If I read correctly, GDPR does apply when non-EU companies market services specifically to people from the EU. For example a US based hotel deploying a targeted marketing campaign in the EU. I could be wrong.
link
icebraining 2780 days ago
Yes, you're right; the distinction I was making is that it's about their presence in the EU, not their citizenship. In fact, an American citizen living in the EU is also covered, whereas an EU citizen living in the US is not.

An in fact, it's even less than that: the site only has to care if they target people in the EU (not necessarily exclusively) or if they're tracking behaviours. Simply being accessible online doesn't mean it has to comply, whereas e.g. accepting Euro payments probably does.

link
sbr464 2780 days ago
That's interesting, didn't know that about foreign citizen coverage.
link