[99ps]

It’s my understanding that GDPR protects the personal data of EU citizens. Regardless of whether you do business in the EU, if you process this data GDPR applies to you.

My guess is that this company has no way to verify that they don’t process EU citizen data. They almost certainly do if they’re scraping so pervasively. And I don’t think they can credibly claim users gave consent let alone all the other rules they need to follow.

Looking forward to someone challenging them on this and hopefully the EU taking action. This feels like exactly what GDPR should protect against.

[perl4ever]

If a US multinational is handling data ostensibly subject to EU regulations, and using employees in developing countries for the lowest possible cost, they may or may not abide by the letter of EU law, but I think they evade the spirit of the law as a matter of course. There are some senseless "fig leaf" procedures that they use.

[pinkfoot]

The EU might want that, but just today my company collected and passed the personal details of a number of EU citizens to colleagues without their consent.

Since the company doesn't do business in the EU, the GDPR can go get knotted.

PS. My gay mates have also not decided to go straight just because Uganda outlaws it.

[alwayseasy]

>> Since the company doesn't do business in the EU, the GDPR can go get knotted.

That's not how international law works though, especially when wielded by a large economic block. If the EU wants to put pressure on a company the pain is harsh. For instance they can blacklist the company and it's C-suite from international banking and ask any in-treaty country to extradite or arrest employees.

Also are you admitting to breaking EU law and moral/ethical codes on HN ?

[pinkfoot]

The first yes, the latter no.

I also freely admit to breaking a lot of blasphemy laws.

None of them are laws where I live, so I won't ever get extradited.