IANAL, but: if you are an entity that provides free services to citizens of the EU, and you process PII (e-mail address), you are subject to the GDPR's rules.
"Monitoring" is also a qualifier for whether the rules apply, so it could be HN will simply say this disqualifies them, and require someone to take them to court (which YC can afford). But HN does install cookies on your computer, so I think you could still win such a case.
> IANAL, but: if you are an entity that provides free services to citizens of the EU, and you process PII (e-mail address), you are subject to the GDPR's rules.
"Monitoring" is also a qualifier for whether the rules apply, so it could be HN will simply say this disqualifies them, and require someone to take them to court (which YC can afford). But HN does install cookies on your computer, so I think you could still win such a case.
https://ec.europa.eu/info/law/law-topic/data-protection/refo...