[Lacram]

Quote:

Originally Posted by piopio1949

The key point here is whether getDare and its administrators are outside the EU.

If both the website and the administrators are outside the EU, then whether they fulfil the requirements laid in European law is irrelevant. Even if they go against European law, they wouldn't be prosecuted for that. European law applies in Europe, not abroad.

Technically, I imagine they could be liable to extradition, but that would be extremely unlikely. Even ignoring all the legal and political requirements involving a citizen's extradition, no judge in any EU member state is ever going to request extradition of a forum's administrators simply because they refused to delete someone's posts in a forum. That's a lot of work and something they only do for serious crimes.

"The GDPR not only applies to organisations located within the EU but it will also apply to organisations located outside of the EU if they offer goods or services to, or monitor the behaviour of, EU data subjects. It applies to all companies processing and holding the personal data of data subjects residing in the European Union, regardless of the company’s location."

The servers could be in Tobago, doesn't matter. Let's be honest, it's a complex topic and there are more questions to answer than i have characters left - only a lawyer could say whether or not those laws apply to gD. I'm pretty sure they do but i'm not a lawyer after all.

Also, some interesting side notes:
"According to the PwC survey, 68 percent of U.S.-based companies expect to spend $1 million to $10 million to meet GDPR requirements. Another 9 percent expect to spend more than $10 million."