The EU passed data privacy laws (General Data Protection Regulation) two years ago that asserts a principle that EU privacy regulations apply not only to businesses that engage in commerce in Europe, or have computers in EU countries, but apply to all activities conducted by residents of the EU, even if no part of the interaction occurs within the jurisdiction of the EU. Left unclear is whether a citizen of the EU not located inside the EU (think German tourist in Florida using the Streaming Radio Guide) would be entitled to the protection of the EU-GPDR.
Taking it one step further (see: cc), what if a person in the EU uses a proxy server to conceal their physical location from a web site operator? Am I still required to conform to the EU consent demands?
Between this regulation, the anti-slavery law, and Microsoft announcing it has the right to monitor “hate speech” in private communication, the world is becoming a scary place.