Not under US law & I say this as a Brit, the UK is massively overstepping their authority at this point.
Actually they do if they serves traffic to the UK.
Hansae@lemmy.dbzer0.com 4 days ago
xyro@lemmy.ca 4 days ago
US law does not cover privacy like GDPR, however compagnies still have to comply with GDPR if they process EU data. Same logic apply here
Hansae@lemmy.dbzer0.com 4 days ago
In strict legal definitions that’s slightly different due to it handling defined personal data, how its processed and where its located rather than merely “Significant number of UK users accessing the site”. GDPR is also very well written and quite clear unlike the OSA which is vague, with a enforcer that’s already pretty infamous in the UK for being somewhat loopy in how they operate. Under US law and frankly international business law ofcom has pretty much zero mandate to demand what they are demanding of a entirely US domiciled company. Most matters of GDPR in regards to a foreign company will apply to companies with infra and a presence in the EU anyways.
What the UK says here pretty much doesn’t matter in any way shape or form, and if they’re going to ban it then ban it already rather than chasing around with fines and paperwork. I’d still rather this wasn’t happening as the OSA is a massive steaming turd of a law that’ll merely be used to suppress speech.
But yes technically if Hiroyuki Nishimura stepped foot in the UK he might wind up with some flak from it but beyond that this is just posturing.
xyro@lemmy.ca 4 days ago
They say comply or get blocked, we know what is the next step
artyom@piefed.social 4 days ago
It doesn't matter where they "serve traffic". They do not operate in the EU and thus are not subject to EU law.
Honytawk@feddit.nl 4 days ago
The UK is not EU.
They were very clear about that.
artyom@piefed.social 4 days ago
Great, they don't operate in the UK either.
xyro@lemmy.ca 4 days ago
In case of GDPR, this is not true and compagnies are subject to this EU law if they process EU citizens’ personal data. Wether they comply or can be prosecuted is another thing gdpr.eu/companies-outside-of-europe/
artyom@piefed.social 4 days ago
The EU can publish all the laws and articles they want. They have no authority to enforce them.
xyro@lemmy.ca 4 days ago
It’s another debate, but countries do have the authority to enforce their laws on their sovereign scope, which include network infrastructure located in the country, used to transport traffic from foreign compagnies.
ShellMonkey@lemmy.socdojo.com 4 days ago
By that token, I could start my own private Island nation, make some batty rules, log into a sight, and demand a bajillion dollars because my laws say so.
Internet doesn’t work that way, access is not presence of operations.
xyro@lemmy.ca 4 days ago
Some countries already do (See fines from Russia to Google), but the compagnies don’t have to operate in those countries and can choose to not serve traffic to IPs from that country.
ShellMonkey@lemmy.socdojo.com 4 days ago
GeoIP fencing is an eternal whack-a-mole, I’ve had to track down issues where a site owned by MS was blocked because they bought some public IP space previously owned by countries the client blocks.
In the end you have countries trying to get a piece of the pie from a company that they have no ties to but being unwilling to upset the people living there by taking an effort to block it. If they think the company is behaving incorrectly then it’s on them to deny access to their citizens that they have to answer to.
A company can’t reasonably decide which jurisdictions and IPs it should serve at any given time. If I don’t want a site in my house I don’t petition them to block my IP.
xyro@lemmy.ca 4 days ago
Yes they can, intelligence/network compagnies like spur even sell this service, but I give it to you that as an individual it may not be a trivial task.
Korhaka@sopuli.xyz 4 days ago
4chan can also tell the UK to get fucked