Forget all the stuff out there that says the GDPR protects EU citizens. This is a question of jurisdiction and enforcement. Say I run a blog under a business registered in the US funded by advertisers in the US. A EU citizen that comments on posts issues a GDPR request that I ignore. Their government fines me. I tell them to get bent, I am out of their jurisdiction. What can they do at that point?

    • FlowVoid@kbin.social
      link
      fedilink
      arrow-up
      0
      ·
      2 years ago

      Incorrect.

      The current data agreement between the US and EU is neither a law nor a treaty. It is an executive order, which means it did not pass through Congress and simply reflects the policy of the current administration. Like any other executive order, it could be ignored or overturned by a subsequent administration.

      Furthermore, it does not mean “GDPR is actually the law in the US”. It means that the current US administration will cooperate in enforcing certain privacy rights. It does not give EU citizens the same rights they have in the EU under the GDPR. For example, it does not allow private individuals to sue US companies for damages in US courts.

    • neanderthal@lemmy.worldOP
      link
      fedilink
      arrow-up
      1
      arrow-down
      16
      ·
      2 years ago

      I am a US citizen, I know how our laws are made, and find the explanation a little condescending, but this is the best answer so far that there is a treaty about it. I couldn’t find that anywhere. Thanks.

        • neanderthal@lemmy.worldOP
          link
          fedilink
          arrow-up
          2
          ·
          2 years ago

          “You read that condescension into it by yourself. You are asking a question and that is the answer I have no idea about your context.” That is fair. I hadn’t had my coffee and have been dealing with an unusually high amount of unpleasant individuals lately, hence the short fuse.

        • Itty53@kbin.social
          link
          fedilink
          arrow-up
          1
          arrow-down
          1
          ·
          2 years ago

          No he didn’t. The context was “as a US citizen” per the post. You gave him a 6th grade civics lesson about how bills turn into laws a-la school house rock before even sort of addressing the question. The next step would’ve been explaining what laws even are.

          That’s a little condescending, assuming a citizen of a nation doesn’t know how their own laws are created. It isn’t a LOT condescending but it is a little.

          • Gryzor@lemmyfly.org
            link
            fedilink
            arrow-up
            0
            arrow-down
            1
            ·
            2 years ago

            And you are what… The random condescending inspector or what? Nowhere in the OP’s message did they convey they were familiar with the law making process. I found that particular answer the easiest to read. So there’s that. Even the OP agreed that they shouldn’t have reacted like that.

      • FlowVoid@kbin.social
        link
        fedilink
        arrow-up
        0
        arrow-down
        1
        ·
        2 years ago

        There is no treaty. And the GDPR is not “law” in the US. You cannot sue a company for damages in the US like in the EU.

        However, there is an executive order that allows you to file a complaint if you think your privacy rights have been violated.

        You can find a good explainer here.