Having consulted with an attorney who will remain nameless, states cooperate in enforcing each other's laws. If you murdered an EU citizen and returned home, the US would assist the EU authorities in prosecuting you.
If you store anything resembling personal data and if there is any chance that that data could be associated with an EU national then I think business prudence demands that you assume GDPR applies to your company. Don't shoot the messenger. I'm not defending the law. I'm just calling it as I see it. Charles -----Original Message----- From: IBM Mainframe Discussion List [mailto:[email protected]] On Behalf Of Timothy Sipples Sent: Sunday, August 13, 2017 4:40 AM To: [email protected] Subject: Re: GDPR for US companies (Was: Scrubbing sensitive data in dumps) Tony Thigpen wrote: >In other words, the GDPR can claim to reach into other countries, but >legally, it can not. *Legally*, of course they can. GDPR is a set of European Union regulations. They say what they say. It's a separate question whether, when, and how the European Union and its member countries enforce GDPR. For your hypothetical bed and breakfast in Florida there's probably not much the European Union can immediately do if there's a GDPR violation. However, the B&B's proprietors might want to avoid visiting the EU. :-) Practically every country demands that other countries (and the entities within them) treat its citizens according to certain minimum standards. GDPR will soon become part of the minimum standards that EU countries demand. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
