Hacker News new | past | comments | ask | show | jobs | submit login

You can do the scraping in a jurisdiction where it is legal.



Importing (in the geographical sense) the data would still be infringing, you've just scraped it in a convoluted way -- legal systems in my limited experience take account of such things.


> You can do the scraping in a jurisdiction where it is legal.

No such thing with GDPR.

Why do you think so many US websites take the lazy-ass approach and block EU visitors to their websites ?

Simple, its because either you comply with GDPR or you don't process the information of citizens of GDPR covered countries. End of story.


Well, no, only if you’re under the jurisdiction of the EU courts. They can rule against you as much as they like, but it’s not enforceable outside of the EU or a jurisdiction that chooses to enforce EU judgements.


> Well, no, only if you’re under the jurisdiction of the EU courts.

That is an awfully naïve argument my friend.

If it were that simple then there would, for example, be no need for a 68 page document entitled "The Sedona Conference Commentary on the Enforceability in U.S. Courts of Orders and Judgments Entered under GDPR"[1].

Allow me to quote from the Conclusion on page 68:

"As the Commentary shows, the enforceability of GDPR orders and judgments in a U.S. court will depend on several factors, including the nature of the relief sought through the order or judgment, the nature of the underlying violation and the process through which the order or judgment was initially obtained in the EU, and the U.S. organization’s contacts with the EU."

I would say that makes it pretty darn clear that it's far from being a simple argument about the jurisdiction in which the defendant is based.

[1]https://www.dorsey.com/~/media/files/newsresources/publicati...


It's not about jurisdiction in which the defendant is based, of course, but rather in jurisdiction where it has presence.

If foreign laws were enforceable against actors who never operated in those other countries, we'd have to enforce Saudi laws against atheism and Russian laws against "gay propaganda".


There are literally millions of US companies with no EU presence, but who have online ordering of digital products. To the parent: Good luck enforcing GDPR on them. They won’t even abide by an EU subpoena that asks “what PII are you storing?” And right to delete? Haha, good luck.


Why should they? What happens when, say, an Arab state passes a law that selling pornography gets a body part chopped off.


Good example. In the US, We thank our circumstances that we were not born in Saudi Arabia. And that’s about it. We buy porn and keep our body parts. The parent traceroute66 has no idea what he’s talking about.


If I'm in China and I scrape/collect data I don't think the GDPR is going to do anything to me. This really only affects businesses that some the EU has some means of reaching.




Consider applying for YC's Summer 2025 batch! Applications are open till May 13

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: