Forget all the stuff out there that says the GDPR protects EU citizens. This is a question of jurisdiction and enforcement. Say I run a blog under a business registered in the US funded by advertisers in the US. A EU citizen that comments on posts issues a GDPR request that I ignore. Their government fines me. I tell them to get bent, I am out of their jurisdiction. What can they do at that point?

  • FlowVoid@kbin.social
    link
    fedilink
    arrow-up
    1
    ·
    2 years ago

    True, but it’s important to note that personal data means identifiers such as name, date of birth, location, etc. Comments on a blog, by themselves, are not personal data.