Abhi mine is 😁
I have a doubt. Why should people outside EU comply to EU laws ?
Abhi they don't, but unless you are using GEO location techniques you can't know the exact origin of your visiting user so the policy is enforced regardless. And hence the dual edged sword - you cannot track an EU user by their IP as this is forbidden under GDPR - regardless of where your website is located
phenomlab you cannot track an EU user by their IP as this is forbidden under GDPR - regardless of where your website is located
What if your are in US and defy it ? Logging IP has been standard practice since ages.
Abhi Then that it is scope for GDPR. If you record the IP address of a visiting user from the EU, that is classed as PII (Personally Identifiable Information).
What if a webmaster does not comply ?
Abhi then the consequences can be severe. For example, non compliance for GDPR where it can be proven - for example, your site is hacked and you have a data breach involving EU citizens - would attract fine of €20m or for times the annual turnover of any parent company - whichever is greater.
I see. But isn't people in US outside the jurisdiction of EU laws ? How can law or a court in the EU punish someone living in the US ?
Abhi If you hold data pertaining to an EU individual, you are bound by the law. GDPR covers the individual, not the country.
I don't see any software allows me to see what they have stored of me. Neither an option to delete data related to me. I am not sure about IPB, but almost all others have no such option.
What if Germany has a law. If you forgot your jacket in a stadium, the operators should find you and give it back. The same person goes to US, forgot his jacket in a stadium in the US, now the US citizens are in possession of EU jacket. Are they bound to find and return that particular jacket which they have in possession ?
I am not try to mock anyone here. I simply fail to understand other being compliant about an EU law.
admin that jacket isn't data and unless there's a name tag in it with a social security number, date of birth, email address etc, then it can't be attributed to an individual - EU citizen or not 😁
GDPR isn't a joke sadly.
My point was, a law in a distant country has no jurisdiction in the US or other countries. For eg. certain substances are legal in one country while illegal in others. Will the UK abide by a law in France ? As long as there is no specific treaty about it. EU cannot control the web and what is happening in there.
admin that really isn't so
I think you should research this subject before commenting further.
phenomlab I was not confronting you.
I thought since we have an expert here, it is better to ask directly 🙂
I like GDPR. It is a good thing and I am sad that there is no such thing in other countries.
But I haven't seen any reports of GDPR take downs yet. Not outside EU, if there are any.
Abhi It is a good thing and I am sad that there is no such thing in other country
The whole of Europe is in scope for GDPR. CCPA covers California for example. If you check, virtually every country has it's own privacy law in one form or another