The GDPR stopped being a privacy law and became a tool for geopolitical protectionism the moment it was argued the U.S. does not have privacy laws so storing or processing data of EU citizens on American servers violates the GDPR. This means HTTP requests violates the GDPR.
This tweet is unavailable
3
7
3
42
The Europeans arguing with Benedict would do well to read this quote from Max Shrems, who understands that current law (if enforced) effectively bans US companies from operating in the EU.
1
1
2
Argh. Have you read the “better protections” part? *That* is the point.
1
I did read it. It extorts the US to change its laws under the threat of fines. It’s the definition of extraterritoriality and it’s never going to happen. If the fines get serious, US companies will pull out and Europeans can enjoy social networks built by SAP.
1
4
My assumption is that it will be resolved like all trade issues are, by painful and tedious negotiations. Both sides will have to give up something because neither side wants that to happen.
2
3
Replying to @stilkov @PatrickFIanagan @Carnage4Life
As I understand it, CCPA is pretty similar to GDPR, so requiring something like that for EU citizens whose data is processed in the US does not strike me as absurd at all

Feb 11, 2022 ¡ 6:40 PM UTC

2
2
Replying to @stilkov @PatrickFIanagan
The CCPA is not like the GDPR because it doesn’t require hosting data for all Californians in California because you can’t trust that the CIA or FBI won’t request user data under the Patriot Act. That is a significant difference.
1
2
The GDPR does not require that either.
1
Replying to @stilkov @Carnage4Life
That’s a fair characterization of GDPR as it started. But the Schrems court rulings have fundamentally changed the nature of the legal requirements. Schrems himself understands this and articulated the ramifications clearly. That’s why I posed the quote.
1