[shittyadmin]

You don't reside there, you're not liable to abide by their laws. I run a small US company, I don't have to comply with GDPR for example. Same applies here.

I don't see why any company would implement this, perhaps appeasing regulators at the federal level.

[tzs]

You would have been right up to June 21, 2018. After that, you are wrong. See South Dakota v. Wayfair, decided by the Supreme Court on that date [1]. If your business is in the US, and your customer is in the US, you can now be required to collect taxes for your customer's jurisdiction even if you have no connection with that jurisdiction other than online or mail order customers reside therein.

[1] https://en.wikipedia.org/wiki/South_Dakota_v._Wayfair,_Inc.

[wbl]

But ideally Congress forces states to make their tax systems easy to comply with in return.

[boulos]

I assume you mean well, but it’s not about your residence (or for businesses the place where they are incorporated) but rather where you do business. Just because I’m in California doesn’t mean I can do business in the EU without complying with their laws. Same goes for Chicago.

You’re not required to do business there, but they can fine you for non-compliance if you are doing business.

Note: all of this is in reference to “software companies” as the GP said, and doesn’t touch on “corporate nexus” and stuff like that.

[thrower123]

Are you actually doing business in those places, if people from there just go to your site that is hosted in your home jurisdiction? I'm not sure that it logically follows.

Obviously, governments interpret the situation in the way that accrues them maximal power and brings the most activity into their purview.

[jazzyjackson]

A free service probably isn't going to get sued into compliance if you accept sign ups from EU, but if you accept payment from EU that definitely counts as 'doing business' and you should expect to comply with local regulations.

[bscphil]

I think the question everyone here is interested in having answered is "what if you don't?" The EU has no jurisdiction here (in my country); the law applies to the citizens of those countries. Sure, some countries might be willing to extradite you to the EU for breaking laws that apply there, but that seems rather extraordinary (in the case of a law that applies to internet sites), not to mention an outrageous abuse of power.

[ip26]

Presumably the main consequence is they shut down your business in their country, and if you dodge fines etc they don't let you come back.

Extradition would be quite reasonable if you were conducting a very large business, and/or ignoring significant laws, e.g. prohibition on human trafficking. But they aren't going to extradite you for failing to be GDPR compliant on $10 of app sales.

[shittyadmin]

I accept payments from the EU and do not comply with GDPR. They can't sue me in my country's court for violating their laws. It really is that simple.

They'd have no repercussions except to block my site - and I'm guessing they didn't intend GDPR to turn into an internet filter.

[shittyadmin]

That's factually incorrect. No one in the EU can sue a California company for failing to comply with EU laws so long as the company does not have a physical presence in the EU. They'd have to block their site or something as an EU court has no jurisdiction over a California company and would be unable to take action against them.

An explicit law would need to be made in your jurisdiction forcing you to comply with their laws. I'm not aware of any such thing.