[whatwhatwhat]

>It clearly makes UK companies less competitive because sites we build will need to be plastered with warnings – and our competitors will not.

An American startup doing business globally and with citizens of the UK would have to abide by this law too, though, right?

[fmavituna]

In theory yes, but in practice not really. Consumer doesn't care, doesn't know.

On a side note, In theory if you are EU company you cannot use a CRM which hosts your data outside of the EU. For a USA CRM company only way to get around this "Safe Harbor Policy". Do you know how many SaaS CRMs apply Safe Harbor Policy? AFAIK Only 1, SalesForce.

But obviously there are thousands of Europan users of these CRM companies which violate this EU law.

[Silhouette]

I'm not sure about CRM specifically, but certainly various serious companies are aware of the EU data protection rules and take specific steps to comply. For example, I've been looking at off-site back-up for one of my companies recently, and while talking to Mozy they confirmed unambiguously and with specific details that any data from my company (in the UK) that was backed up using their service would be held in various protected ways in specific data centres within the protected area.

If you're in a business like that, where people are trusting you with that kind of sensitive information, I think you expect that serious customers are going to ask and they're going to need straight answers. I would agree that this is a barrier to entry for start-ups, but I think if you're trying to enter that kind of market but you aren't in a position to provide that level of service, you're already dead anyway.

[varjag]

Many would probably just not care, but the global players (Amazon, eBay..) would have to comply. Potentially it can affect everyone, just like introduction of EU RoHS directive phased out much of lead-containing products worldwide.