Hacker News new | past | comments | ask | show | jobs | submit login

AWS is owned by a US company subject to subpeonas, so yes, regardless of where you are, you are technically not allowed to receive EU PII (including residential IP addresses) without prior consent or unless it's necessary for the performance of a contract or to take steps requested by the Data Subject.



Sounds like FUD to me. The Internet would cease to operate if you could not "receive" IP addresses. It is logging that is the "concern."


Well, apart from IP addresses. Say I am running a service in Europe, GDPR compliant etc. All the PII are in some database running on AWS, in one of the European regions of course. If what is said here about CLOUD act etc. is true, then it looks like I'm in a breach of GDPR in this scenario - which sounds afwul to me frankly.


No, the processing of personal information is a concern too.


No amount of legislation is going to stop IPs from being logged or processed. That's just "how it works."

The only solution is to educate users and have them use a VPN.




Consider applying for YC's Summer 2025 batch! Applications are open till May 13

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: