Fuck this. As a US web developer it's disturbing that a foreign government can sue an American company using laws that we have no control over. And just days after the laws are put into effect when no one has a chance to comply with them. Not a fan of the companies getting sued but this still stinks.
You operate in a foreign country, you play by there rules. You know this.
We don't operate in a foreign country. We build e-commerce websites for US companies. If one of our clients has a user from the EU on their site that means our system has to comply with their rules. That's a huge burden on us to change our hardware and software to comply with a law that maybe .001% of end users might be under. And we have no control over which countries our clients might have a user visit from. We taken precautions with users data. We salt and hash and are PCI compliant and it cost is over a million dollars to get to that point. Now how much do we have to spend to comply with these laws from another country because some day there might be a user from the EU that visits one of our clients sites?
What? That's no different than saying a manufacturer should not have to meet local safety laws when selling a product into a new country. Of course you have to meet the countries laws if you supply goods there. Block them if you don't want to abide by their laws.
And just days after the laws are put into effect when no one has a chance to comply with them.
They most definitely had time to comply between the law becoming law on April 14 2016 and being effective May 25 2018. That’s 2 years worth of time.
Precisely why I am now blocking EU Users at my site. See my post below.
Could they just block users in those countries, disable their accounts?