
Breaking US law by not extending GDPR rights to US citizens - _o_
https://www.irishtimes.com/business/net-results-many-us-tech-firms-still-dismissive-of-gdpr-1.3489504
======
_o_
“The Civil Rights Act of 1964 prohibits national origin discrimination. Often
that means banning polices that have a disproportionate advantage for people
from certain countries. If the courts accept this line of reasoning here, that
means companies are underestimating compliance obligations by orders of
magnitude,”

US, you might thank Europe later :)

~~~
craftyguy
I haven't read the full text of the GDPR, but how exactly would the EU enforce
fines like this against a company that ignores the GDPR but provides a virtual
service within their border? E.g. a social media web service that has no
physical assets in the EU. They could fine them all day long, but would have
no power to enforce, right? Blocking IPs is a cat/mouse game.

~~~
lol-lol
I dont think this will be needed, other countries are preparing similar
legislation, I remember Canada and Japan. The world is changing, there is no
point in running away from GDPR it is just the first one. Rather adapt and
profit later due to those that were running away.

~~~
jazoom
From what I'm reading, Australia is gearing up for this too.

------
craftyguy
I'm actually more curious how this will play out in China. Europeans live/work
in China and visit China. I suspect PRC will say "meh" and nothing will
happen.

~~~
gnode
My understanding is that it doesn't apply to Europeans not in the EU at the
point of processing. The GDPR would apply to Chinese companies providing
services to EU residents. I am certain the Chinese courts would not enforce
GDPR, but EU courts may enforce it against Chinese companies within their
reach by e.g. cutting them off from EU markets or confiscating assets held in
the EU.

------
fwdpropaganda
Off-topic but relating to GDPR.

In business there's this maxim that the only constant is change and its
corolary that flexibility and adaptability is key.

Morals and consumer privacy aside, every time I see a company trashing GDPR I
see a company set in their ways, a company too tired to adapt. It's (probably)
not that they have a rigorous and rational framework for evaluating what
changes are good or bad for the world, but instead they're just tired or
afraid of change and would rather be left alone.

