undefined | Better HN

0 pointsglobuous8y ago0 comments

Wait, I don't understand, this is blocking traffic from EU continent. I thought GDPR was applicable for all EU citizens regardless of where they physically are. And I may be wrong, but I thought it did not apply to non-EU citizens surfing the web from the EU (although I may be wrong about that).

A more effective way might be to ask on page load if the user is an EU citizen. You know, like some financial website asking you if you are a US citizen on page load [0] (i remember marshall wace's old website doing it, it looks like they do not anymore).

And EU traffic being the "most malicious" ? Is this satire, irony, or something else ? Seriously, if I go on website W and they go through all the dark patterns possible to collect and share my data without me knowing about it and I'm the malicious one ? Better read that than being blind...

[0] https://www.quora.com/All-of-a-sudden-Bank-of-America-is-ask...

0 comments

3 comments · 2 top-level

Bromskloss8y ago· 1 in thread

> I thought GDPR was applicable for all EU citizens regardless of where they physically are.

Do you mean a company and its customer, both located outside the European union, would still fall under this law if the customer happens to be a citizen of a EU country?

mickronome8y ago

That's how some US tax/banking codes already work, so it's not without precedent. I don't remember exactly what it's called. But allegedly it's a hassle for everyone involved, both banks and customers.

Ah, found it: "... is the Foreign Account Tax Compliance Act (FATCA), which was passed in 2010 and will go into effect in January of 2013. The act requires all foreign banks to identify and report on US citizens with accounts holding more than $50,000 in an effort to clamp down on tax evasion. If banks refuse to comply, they could face a punitive 30 percent withholding tax on all payments from the US."

stordoff8y ago

> Wait, I don't understand, this is blocking traffic from EU continent. I thought GDPR was applicable for all EU citizens regardless of where they physically are. And I may be wrong, but I thought it did not apply to non-EU citizens surfing the web from the EU (although I may be wrong about that).

I believe you have that the wrong way round. The territorial scope (as it applies to processors outside the EU) is defined as "processing of personal data of data subjects who are in the Union".

https://gdpr-info.eu/art-3-gdpr/

j / k navigate · click thread line to collapse