Neither do you want to normalise organisations violating the rights of a given state's citizens with impunity because they operate from outside of their jurisdiction and refuse to engage. If there's no other recourse than to arrest the members of the (for all intents and purposes) criminal organisation if they step foot in the affected state then so be it.
Why not? Sends a strong message; and also forces employees to think about what they are doing instead of passing the buck.
This is also not like some stupid patent dispute or DMA compliance argument. These employees are directly responsible for stockpiling personal identities of millions of people for the express purposes of making the surveillance efforts of their government easier. That's a very political action, which is directly aggressive against a country's citizens, and they should feel that.
There are 27 countries in EU with different motives, morals, interests, etc. Just because you agree with the decision of one country in one instance it doesn't mean you would agree with them all. But once you give them the powers it's impossible to take them back. It's a bad slippery slope.
Just to be clear here, your issue is with the number of member states in the EU?
In other words you would be fine with Canada arresting employees of Clearview if they tried to enter the country after Canada deemed them profiting members of an organization that was breaking the law in Canada?
If I go to Saudi Arabia after having called for their leader to be executed on X for his treatment of women, yeah, probably not a good idea to go.
If I go to Iran after saying Khamenei deserves a rocket to his mansion, yeah, probably not a good idea to go.
If I go to Europe after having run a multi-million dollar scheme affecting European countries by white-labelling services from North Korea (legal in Brazil), and I'm a Brazilian citizen and know Brazil almost never extradites, yeah, probably not a good idea to go.
If I go to the US with my two 12 year old brides from Niger, yeah, probably not a good idea to go.
In addition to the examples you mention, if you become involved in doping at an international competition in which US American athletes were competing, it's probably not a good idea to travel there: https://en.wikipedia.org/wiki/Rodchenkov_Anti-Doping_Act_of_...
Is it really so unreasonable to expect that countries prosecute people who commit crimes against their citizens with expectation of impunity the next time they visit their country?
You're proposing an alternative where people can just commit crimes with no recourse from the victims simply because a border exists somewhere and they commit the crimes on one side of the border.
Would you expect it to be reasonable for Canadian citizens to be shooting at Americans on the border and it unreasonable for American authorities to arrest them if they came to America?
> Would you expect it to be reasonable for Canadian citizens to be shooting at Americans on the border and it unreasonable for American authorities to arrest them if they came to America?
Physical violence is incomparable to working at a company that did something that would be illegal in a certain jurisdiction. Should the person maintaining Clearview's website be arrested in the EU simply because they work there?
What do you suggest as an alternative? That we live in a world where people can evade legal prosecution simply by incorporating or working for a company that incorporated?
Why isn't violent crime comparable to stalking crime? Why is it socially acceptable to hoard personal information about someone and pictures of them as long as someone does it under the auspices of a business but it's creepy and weird to do it as a lone-wolf stalker type? Maybe they're both terrible and creepy business models and the EU is right to prosecute anyone who does it, articles of incorporation or not.
I'm not sure, but I don't think "I did it from abroad" should just make it OK. The whole point of the GDPR is that personal data is valuable and important. Would you feel the same if Clearview were instead taking people's money?
I think you'll find most people would be more than happy to see a few scummy C-suites landing behind bars. I certainly welcome it and can't wait for the day when these psychopaths actually get punished for their greedy behaviour.
You're getting downvoted, but it's an interesting idea. Violating the GDPR is illegal.
You can break your home country's laws when you go abroad and it's usually OK. You can smoke cannabis when you visit the Netherlands* from Ireland, for instance, and go back home to Ireland without worry.
Violating GDPR is illegal. It's acceptable to arrest people who do things that are against the law. And if, say, I write a lambda that runs hourly and violates the GDPR from my home in California, and then take a holiday to the Netherlands while the lambda is still running, should I be immune from arrest? The offense is still ongoing in that instance.
If we truly take privacy seriously then this should be treated like a crime. If I had something that scammed people in Europe and then holidayed in Europe I'd expect to risk arrest. Or is that somehow less important than violating people's privacy?
* (It's actually technically still illegal but that's a different story). Gedoofd is weird.
Arresting tourists for crimes they did not commit is hostage taking and could be considered an act of war.
The US is willing to prison swap terrorists with Russia, we definitely wouldn’t tolerate some EU country (that we spend billions of dollars defending) arbitrarily arresting tourists so they can hold a foreign company hostage.
Anyway I think you're right that the US would strongarm EU governments in to getting their way (look at privacy shield, etc.) but I still think "you're allowed to continue breaking our laws that affect people in our country while you visit us because it happens to be running on a computer you left at home" is a weak defence.
We’re talking about xx million dollar dispute between allied countries, it’s not a reasonable method of conflict resolution to start throwing people in cages that work for x company until the EU gets their way.
> what do you mean “did not commit”
It’s standard around the world that employees are not held personally responsible for the crimes of the corporation they work for.
Edit: if we’re talking about an individual US citizen that’s found guilty in the EU, then the EU will go through the extradition process to have them arrested.
This isn't a dispute between the two countries, it's a dispute between the law enforcement of one country, and the people they're accusing of breaking the law from another country.
> It’s standard around the world that employees are not held personally responsible for the crimes of the corporation they work for.
Is it really so simple? Is all that the cartels missing to avoid persecution from the US gov't simply incorporating in their home state? Of course not.
Imagine that offered death by drones. You tell 'em who you want killed and they mail a package containing a drone that pops out and kills the person when it's delivered. Would it be reasonable to say "Yeah we can't arrest anyone from that company when they come to our country because they incorporated in another jurisdiction?"
If the EU wants to arrest someone they can submit an extradition request which the US will approve or deny after reviewing. The EU can also already arrest individuals whom are found to be criminals.
You are suggesting a totally new weapon for EU law enforcement which is to imprison individuals who are not found guilty of a crime because they work for a company that owes the EU money. That sounds a bit insane to me, I think if the EU wants to collect their fine they should find a more diplomatic approach that does not equate to a literal war crime [1]