“I’ve seen so many people I know on the app, it's crazy,” said one user of Tea, which topped the Apple App Store charts this week — shortly before the app was hacked.
If you think about it: The GDPR applies to all data of EU citizens regardless of where they are or where you are. There is no way that this app is not having some EU guy in New York in it and therefore totally in violation of GDPR
The treaties and international laws between these countries absolutely allow the EU to enforce GDPR against companies and individuals outside of the EU if it involves an EU citizen as the victim. I know this because I have to work with it every day and I’m from the US.
That’s the big part of what makes GDPR so wide-reaching and impactful. It protects European residents, not European IP addresses. If you’re a resident of Europe, you’re covered under GDPR. Even if you’re visiting the US. That’s why even Americans get GDPR questions when visiting sites, because the site can’t just filter by IP location to determine whether or not you need to be shown the GDPR prompt.
Enforcement can be trickier, sure. But to be clear, GDPR does cover non-European companies as long as they’re interacting with a European resident.
If you think about it: The GDPR applies to all data of EU citizens regardless of where they are or where you are. There is no way that this app is not having some EU guy in New York in it and therefore totally in violation of GDPR
The treaties and international laws between these countries absolutely allow the EU to enforce GDPR against companies and individuals outside of the EU if it involves an EU citizen as the victim. I know this because I have to work with it every day and I’m from the US.
No European law applies outside Europe. That’s kind of the nature of laws.
That’s the big part of what makes GDPR so wide-reaching and impactful. It protects European residents, not European IP addresses. If you’re a resident of Europe, you’re covered under GDPR. Even if you’re visiting the US. That’s why even Americans get GDPR questions when visiting sites, because the site can’t just filter by IP location to determine whether or not you need to be shown the GDPR prompt.
Enforcement can be trickier, sure. But to be clear, GDPR does cover non-European companies as long as they’re interacting with a European resident.