[leesalminen]

When GDPR went into effect, our company had ~5 clients in the EU (out of thousands). It was cheaper to drop those 5 clients than attempt to even read and comply with the regulation. We weren’t even doing anything nefarious, it just wasn’t worth our time to spend any brainpower thinking about it.

[Aachen]

Haven't heard of the 1995 data regulation I suppose then, or that it's mostly common sense to tell what you do with other people's personal information, but sure, drop out of the entire market over this.

I think the parent commenter was complaining about things that aren't EU-wide. This was and you're saying it's still not good enough

[robertlagrant]

Er, I like GDPR, and it was EU-wide, but each member still would have to write its own framework into its legal system to implement GDPR as it saw fit. Those frameworks are all different in their detail.

E.g. Germany has the BDSG, and the UK has (had?) the DPA.

[OJFord]

Has. HMG wants UK GDPR to be stronger than (yet also somehow 'compatible with') EU GDPR.

[leesalminen]

> or that it's mostly common sense to tell what you do with other people's personal information

We had a very restrictive privacy policy. We never shared or sold any information with third parties. We contractually stated this.

But that’s not enough for GDPR.