It would leave them open to potentially devastating legal consequences if an affected EU citizen can prove in court that reddit makes money of his content, which he deleted. Also the “right to be forgotten” as in the GDPR formulated would be violated.
IF reddit really goes that way, they’d have to anonymize at least the usernames. Which would make it extremely hard to prove that something is “your content” and not someone elses.
According to WP: The GDPR also applies to data controllers and processors outside of the European Economic Area (EEA) if they are engaged in the “offering of goods or services” (regardless of whether a payment is required) to data subjects within the EEA, or are monitoring the behaviour of data subjects within the EEA (Article 3(2)). The regulation applies regardless of where the processing takes place.
What’s stopping Reddit from checking your IP and seeing that you’re not from the EU and restoring your data from a backup
It would leave them open to potentially devastating legal consequences if an affected EU citizen can prove in court that reddit makes money of his content, which he deleted. Also the “right to be forgotten” as in the GDPR formulated would be violated.
IF reddit really goes that way, they’d have to anonymize at least the usernames. Which would make it extremely hard to prove that something is “your content” and not someone elses.
IANAL, but how the GDPR is formulated. Reddit would need to prove that you are not an EU citizen, iirc.
So it’s not enough to prove that the IP used is not from the EU and that therefore it’s (supposedly) not under EU jurisdiction?
It covers EU citizens traveling abroad?
If so, dang that’s a good law
According to WP: The GDPR also applies to data controllers and processors outside of the European Economic Area (EEA) if they are engaged in the “offering of goods or services” (regardless of whether a payment is required) to data subjects within the EEA, or are monitoring the behaviour of data subjects within the EEA (Article 3(2)). The regulation applies regardless of where the processing takes place.
Source: https://en.wikipedia.org/wiki/General_Data_Protection_Regulation#Applicability_outside_of_the_European_Union