[hnbad]

That's also a sovereign citizen level of legalese. It doesn't matter what omg.lol states it believes. If anything, this demonstrates clear intent to violate users' privacy and be non-compliant with international data protection laws.

This is largely a moot point as long as omg.lol remains some guy's side project but given that the ToS explicitly mentions the possibility of a merger or buyout, this feels like it's poisoning the well a bit. If there's any upside to this, it's that this makes a buyout far less likely because he's essentially saying "yeah, we collect a ton of personal information but we don't have the legal consent for any of it and explicitly told users we're not complying with their regional data protection laws when it comes to gathering, processing or storing their personal information". Fair enough for the MySpace era of Web 2.0 privacy abuse but no longer workable in a world with the GDPR and its many regional equivalents.

[agos]

your comment is spot on. an acquisition is also the perfect time to have someone trigger an investigation by the local privacy authority for breach of GDPR and I can tell with reasonable certainty that the wording on that ToS is enough to get fined. Until they have a legal presence in the EU they might get away with it, though.