Ask HN: Should a startup block EU countries at first?
I previously lived in the EU and was instrumental in bringing a 100ish employee B2B SaaS company into GDPR compliance. We weren’t in the business of disrespecting personal information, but compliance nonetheless took and continues to take a lot of time and money.
I am now outside the EU and looking to create a new B2B SaaS. It doesn’t really seem viable for a single founder to create a GDPR compliant operation.
Does it make sense to simply block all EU countries until a business has grown big enough that the benefit of access to the EU market outweighs the costs and risk?
8 comments
[ 3.1 ms ] story [ 35.3 ms ] threadWhat worries me is that it’s still early days for enforcement, but they’ve already handed out something like US$1.6B in fines. I assume they will only get more aggressive with this over time.
You cannot be expected to comply with the laws of every country in the world.
Do comply with Australian laws and relevant laws and regulations of countries to specifically target and ignore the rest.
If you see traction in the EU then you can start paying attention to the GDPR.
Unfortunately our government advice appears to be that we should comply if we "offer goods and services in the EU", or "monitor the behaviour of individuals in the EU.": https://www.oaic.gov.au/privacy/guidance-and-advice/australi...
I have no idea what would actually happen if they decided to fine an Australian entity.
Just look at how ridiculous the statistics are: https://www.enforcementtracker.com/?insights