[cstross]

<em>The fact is, unless Klout is hosted or incorporated in the UK or EU, the latter have no jurisdiction over the company, and such their laws don't apply.</em>

Try telling that to the US government, which hounds internet gambling sites wherever they're based.

The issue of territorial jurisdiction and law on the internet is a really complex one, and much more so when you deal with a fundamental mis-match between legal systems (the EU constitutional-level right to privacy vs. the US lack of same).

[randallsquared]

Try telling that to the US government, which hounds internet gambling sites wherever they're based.

So, in effect, you're arguing that it's perfectly legitimate for the US government to do this?

[Tuna-Fish]

I'd say he isn't. But the US government will do it all the same, and at least some of the EU governments would probably also apply the privacy laws on companies dealing with their citizens. (Probably not UK, but France is a good candidate, and Germany is also reasonably rabid about it's privacy laws as of late.)

Law gets really complicated when you cross international boundaries, and usually everyone involved will assert their right to impose laws on you, and whether they actually do this mostly depends on how easy it would be for them to do it.

If you base legal decisions about your business on abstract principles, you might just get detained the next time you route through an airport that belongs to someone you've mightily pissed off. Generally, it's smarter to strive for not offending anyone, or if you cannot manage that, strictly not visiting or in any way depending on countries whose laws you might have broken. For example, if your site is not strictly legal under US law, don't host in under .com.