I have to disagree. As someone who is grappling with the impact of these laws on US business I'm acutely aware of the non-existent privacy we all have and how our information is abused and resold.

The GDPR, while a pain, are a response to decades of an industry that should have known better.

We need a domestic version of GDPR with penalties just as severe. GDPR is a much-needed godsend for privacy.

Right, because it's the poor poor companies who are being abused and targeted. Oh will you just think of the companies! Companies are people too! What would we do without our exalted job creators?

Companies which abuse the public trust so severely and unethically should be forced to shape up or fined into the ground.

So when the EU does it, it's protectionism.

But we get to "protect our companies" as a matter of policy.

Cool.

We should protect our citizens, which is sometimes achieved by helping companies and sometimes achieved by harming them.

On what do you base that statement?

Just because many companies and startups are U.S.-based, does not mean that universal privacy laws/rights are targeting U.S. companies.

From my understanding, the GDPR applies equally to all companies, regardless of where they are founded.

That is your opinion. Just because you think so doesn't make it true.

I've posted this before, I'll post it again:

I wonder if you know that the US passed legislation a few weeks back that lets the US government request any data on any user of an American company even if that user and their data are not on American soil. (Possibly thanks to GDPR) companies may object to that request if it contradicts local laws.

But yeah. Go on pretending that the EU lives to target American companies. From a European's point of view, American companies are not fined enough as they view privacy, data, sovereignty etc. as some abstract concepts that don't apply to them.

Are you certain it’s protectionism and not simply believing human beings have a right to privacy?

Facebook might be known as a US company, but they pay taxes in Ireland (amongst other low tax territories) and hold most of their assets there to avoid paying taxes in US.

It is not US corporate profits when it is from advertisements bought by Europeans for Europeans. Would you also suggest that the EU should not tax those profits?

Are you serious? Do you really think nations don't have any right to tax economic activity happening in their borders because one of the entities involved has one of their numerous sub companies headquartered in another country?

I think GDPR will harm European companies and tax payers much more than any US company. Any European company processing personal data will be liable even as a subcontractor. US multinationals can easily avoid liability for non-Europeans as demonstrated. A European startup or even government organization (like also a European universities) will be bound and have much higher cost due to legal and thus monetary risk.

"piece of legislation intended to cripple US corporations and supplement EU budgets with US corporate profits".

The most ignorant fucking statement I have read on HN in a long time. The 2016 GDPR is an update to the 2002 EU Data Protection Regulation. It has nothing to do with taxes, profits or crippling any company. It is an enforcement of the EU Charter of Fundamental Rights.

Fines without teeth won't produce the desired effect. Privacy matters more than profit.

>... all of which are targeting US companies.

Clearly not true, but exquisite in the context of the FB factory dodging tax via the Irish loopholes, and now moving away from Ireland as a base.