Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

But again I ask, why does the physical location of the data matter? Why do the laws care?

The EU has a law that said you must treat data of their citizens with respect. Fine, that's great. Any business that has a presence in the EU will need to follow that law. At that point, why does it matter where the bits are actually stored? Can the EU for some reason not enforce its privacy laws on Uber if Uber keeps its data somewhere else?

Conversely, if a business has no presence in the EU, can the EU enforce its data location laws on them?

The only thing that seems to matter for enforcement is where the company is located, so I'm really unclear what data location has to do with anything.



> Can the EU for some reason not enforce its privacy laws on Uber if Uber keeps its data somewhere else?

Yes. Even assuming these laws still work if data is in another jurisdiction (prob. not), they become unenforceable. If someone sells your data in, say, Somalia, how could EU gather evidence and start a legal process?


> Can the EU for some reason not enforce its privacy laws on Uber if Uber keeps its data somewhere else?

Maybe not, especially if they are separate corporate entities. Uber EU may choose to pay for operation of data storage by Uber US. Uber US is not under the same privacy restrictions and sells the data for profit, then what? Who sues who and for what?

This is also partly about governments - the US in particular is known for compelling access to servers that are on its soil and doing large-scale spying (not that EU powers don’t do the same, but bear with me). Companies operating in the US may not be legally able to guarantee data privacy. So having the data not enter US jurisdiction in the first place is considered safer.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: