undefined

[-]

But to know that you would have to study the laws of other countries or in this case EU which costs money and in this case is not an obviously beneficial investment.

by soopypoos2 days ago|

[-]

they blocked a continent without seeking any advice?

by forgotaccount32 days ago|

[-]

Why not? That continent is not their target audience.

It probably wasn't worth the effort to block foreign countries just from random unnecessary compute cost to serve a site to them, but when those countries start being serious about penalties you could face for serving their residents? Now it's justifiable to block non-US countries.

by soopypoos2 days ago|

[-]

the thing is "We don't want to get legal advice" is a ridiculous justification for acting on legal advice

by bombcar2 days ago|

[-]

I'm sure they (or whoever sells the product they use to publish) did get legal advice, of the "what is the cheapest way to ensure this isn't an issue for us" and the response was "block 'em all, let God VPN them out."

After all, using a VPN doesn't absolve companies of the GDPR.

[-]

Yes so the informed choice they made was "block gdpr countries" vs "be transparent about our use of personal data".

Every site that gdpr-blocks itself is saying that they intend to extract value from your data and they don't want to tell you how.

by throwaway9201021 days ago|

[-]

No, it can also be saying "I simply have too many other things to do than worry about what the correct data retention or ban appeal or DSA statement of reasons requirement or DSA statement of reasons transparency DB API or UK Ofcom age verification requirements or..."

Sometimes if you're just one person and the EU isn't a core market and you are a small business or non-profit, it's easier to just say, ok you know what, no thanks to all this for now.

[-]

The signal remains the same:

"Will you sell my data?"

"This interview is over. (I'm very busy.)"

by troad1 days ago|

[-]

That's absurd. Are you, right now, compliant with all relevant laws and regulations in Turkmenistan? Do you have legal advice to back that up? Why not? Is it because you're a criminal?

No! Of course not! It's because you don't care about Turkmenistan, to the extent you've never even bothered to look up what is and is not legal there, let alone get legal advice about it. That's a perfectly fine answer. This random Michigan newspaper doesn't care about the EU. That's a perfectly fine answer too.

[-]

Turkmen: "Will you sell my data?"

Me: "No."

by master-lincoln5 hours ago|

[-]

No Turkmen official will approach you to ask that question. You would need to anticipate what the important questions are to comply with Turkmenistan's laws (or hire somebody to figure this out).

by soopypoos2 hours ago|

[-]

Says who?

by bombcar1 days ago|

https://gdpr-info.eu/chapter-5/

[-]

If complying with the GDPR was that easy an entire industry wouldn't be needed.

Use of AWS availability zones as it applies to Article 5?

[-]

It is that easy.

by troad1 days ago|

[-]

It's pretty clear you're not a good faith interlocutor at this point.

by soopypoos21 hours ago|

[-]

Refute me or shut up.

by troad2 days ago|

[-]

European law imposes a great deal more obligations on a business than that. This claim is simplistic to the point of disingenuousness.

by embedding-shape2 days ago|

[-]

Since obviously there is no "European law" in the first place, I think it's pretty safe to assume you have no idea what you're talking about.

by troad1 days ago|

[-]

That would be rather surprising to the large number of law schools that teach European Law as a core subject, such as the Panthéon-Sorbonne (Droit européen), Bologna U (Diritto Europeo), and Humboldt U (Europarecht).

Equally surprised would be the authors of very many legal books and journals, e.g. https://www.cambridge.org/core/browse-subjects/law/european-...

by throwaway9201021 days ago|

https://en.wikipedia.org/wiki/Digital_Markets_Act

[-]

https://en.wikipedia.org/wiki/Digital_Services_Act

https://en.wikipedia.org/wiki/General_Data_Protection_Regula...

Here are three.

by Ylpertnodi2 days ago|

[-]

Interpol would like a word.

by embedding-shape2 days ago|

[-]

> Interpol would like a word.

Also not a "European law" by any measure or understanding, that's a international organization that does police cooperation across the continent (and further), it isn't even a law enforcement agency... Not exactly sure how you could confuse that with laws, but here we are.

by tzs1 days ago|

[-]

If your site is covered by GDPR and you do not have a physical presence in the EU you have to appoint someone in the EU to receive mail on your behalf, so people who want to make GDPR requests by mail can write to them. See Article 27.

There are services that will do this for you. Last I checked they were typically in the neighborhood of a couple hundred Euros a year.

Whether or not GDPR applies to a site not in the EU is somewhat subjective. It comes down to whether you envisaged serving people in the EU.

If your site does not need EU visitors it can make some sense to block them. That provides evidence that you did not envisage serving people in the EU, and then you don't have to figure out if you need to be hiring a service in the EU to receive GDPR mail.

by charcircuit2 days ago|