[citilife]

5) People like myself who are annoyed that people think GDPR is enforceable to non-EU entities.

It's not... You cannot enforce GDPR on any person / company who doesn't have a presence in the EU.

That annoys me, because _although I'm willing and do comply_ many people reach out to me regarding their personal data with a lot of arrogance. However, my company isn't based on the EU and I don't have to comply (which I cleared with a lawyer already). Their method of their approach makes me not want to comply.

[kyriakos]

I understand your problem with arrogance but as long as you service users in EU you are still liable. There are legal ways they can get to you and at best you may avoid fines but be banned from offering your service to EU citizens. Of course that's an option you already have I.e stop servicing EU

[citilife]

> as long as you service users in EU you are still liable.

Not true, I am not required to not offer to EU citizens. They simply can choose to visit my U.S. servers and use U.S. dollars.

Laws aren't global. Laws are based on jurisdiction. EU doesn't have said jurisdiction, unless I am hosting services or have a presence in the EU. Customers from the EU effectively travel to the U.S. (via the internet) to get to said service. The U.S. could force us to follow EU laws, then sure. However, that's not the case today.

You can think of it as: if I call a vendor in China to purchase some widgets. The vendor in China is not required to validate you're following the laws of your land - that's your job. The Chinese vendor just needs to make sure they are following China's laws.

[kyriakos]

Laws are not global but US has agreements with EU about personal data.

Read this article for more details http://www.mjilonline.org/fines-under-eu-gdpr-in-non-eu-juri...

[CompanionCuuube]

I've seen comments on GDPR topic here where arrogant posters complained of sites that just banned EU visitors rather than take on the increased resource burden.