zlacker

[return to "Imgur pulls out of UK as data watchdog threatens fine"]
1. elAhmo+ld[view] [source] 2025-09-30 14:12:39
>>ANewbu+(OP)
> The ICO also confirmed that companies could not avoid accountability by withdrawing their services in the UK.

This is quite a slippery slope. If I host a website in one country, I do not necessarily care where people access my website from. It is not like I actively provide a service to them - they just use internet (decentralised network) to access it. What if I publish a newspaper here, someone takes it where the contents are illegal, am I accountable?

◧◩
2. wiethe+Zf[view] [source] 2025-09-30 14:25:58
>>elAhmo+ld
It appears that you are mixing things here.

It's not about "hosting a website", it's about providing services.

If you provide services, like selling a newspaper, in the UK, you need to respect their laws, or you will suffer the legal implications of not doing so.

And regarding the accountability, it refers to the fact that imgur USED TO provide services in the UK:

> We have been clear that exiting the UK does not allow an organisation to avoid responsibility for any prior infringement of data protection law, and our investigation remains ongoing.

Companies providing services outside the UK can infringe all the UK laws they want, the UK doesn't care.

But as soon as you decide to provide services in the UK, you have to follow the law. And, as they explain in the article, if you break the law, stopping to provide services in the UK will not absolve you for your past wrongdoings.

◧◩◪
3. lurk2+ak1[view] [source] 2025-09-30 19:19:21
>>wiethe+Zf
> that imgur USED TO provide services in the UK

Meaning that the servers were located in the UK, or that the users were, or both?

◧◩◪◨
4. ryandr+qr1[view] [source] 2025-09-30 19:54:48
>>lurk2+ak1
It's so ambiguous. Let's say I'm a citizen of country A, currently residing in country B. I'm using a VPN headquartered in country C to make my traffic appear to originate from country D. I access a web site with servers physically located in country E, that uses a load balancer / cache hosted in country F. The company that runs the web site is headquartered in country G but has employees in countries H, I, and J.

Whose laws need to be followed?

◧◩◪◨⬒
5. Kaiser+2F1[view] [source] 2025-09-30 21:08:47
>>ryandr+qr1
> Whose laws need to be followed?

The ones where you reasonably believe your customers are based, and where your employees are based.

Lets be honest, 1% of your customer base using a VPN is not going to cause you issues, unless those people are uploading something that would cause the state to act (ie CSAM, fraud, drugs, terrorism, you know the big four.) Given that this is the ICO, and nor OFCOM, we know its to do with GDPR violations, not moderation.

its not like the ICO just sent an email saying "lol you're being fined, bye". They will have had a series of communications, warnings asking for reasonable changes, time lines for change.

The ICO has discovered that Imgur are breaking GDPR in a fairly big way and in a way that can be easily detected by an understaffed and over worked semi-independent organisation.

moreover breaking GDPR in a way that is obvious enough in a court of law[1], bearing in mind that the UK, just about has a working independent and largely neutral judiciary that isn't easily intimated into doing the governments whipping.

[1] the ICO doesn't tend to be showy.

[go to top]