Why can't I add a governing law to my terms of service to avoid GDPR? Announcing the arrival of Valued Associate #679: Cesar Manara Unicorn Meta Zoo #1: Why another podcast?What is the legal mechanism by which the GDPR might apply to a business with no presence in the EU?GDPR - Confirm company terms and conditions by button clickGDPR - reCAPTCHA with user's consent?Will GDPR (EU law) make bad practices in security illegal?GDPR: Receiving marketing as precondition for receiving a free service, legitimate interest?According to GDPR, do I need a contract for processing on behalf with my e-mail provider?In GDPR, who exactly are the processors and what do they have to do?Can the terms of service contain a clause that instructs a user to forfeit their rights under the GDPR?GDPR - What exactly should I do to prevent revenue loss?GDPR and hotlinked images: are they allowed?Can't GDPR compliance be trivially bypassed?
How long after the last departure shall the airport stay open for an emergency return?
Could Neutrino technically as side-effect, incentivize centralization of the bitcoin network?
Would reducing the reference voltage of an ADC have any effect on accuracy?
Trumpet valves, lengths, and pitch
c++ diamond problem - How to call base method only once
Implementing 3DES algorithm in Java: is my code secure?
I preordered a game on my Xbox while on the home screen of my friend's account. Which of us owns the game?
Why did C use the -> operator instead of reusing the . operator?
How to avoid introduction cliches
What is the term for a person whose job is to place products on shelves in stores?
Does Mathematica have an implementation of the Poisson Binomial Distribution?
France's Public Holidays' Puzzle
Are these square matrices always diagonalisable?
Why didn't the Space Shuttle bounce back into space as many times as possible so as to lose a lot of kinetic energy up there?
What do you call the part of a novel that is not dialog?
Map material from china not allowed to leave the country
Multiple options vs single option UI
A strange hotel
Did the Roman Empire have penal colonies?
How to get even lighting when using flash for group photos near wall?
Co-worker works way more than he should
"Rubric" as meaning "signature" or "personal mark" -- is this accepted usage?
Book with legacy programming code on a space ship that the main character hacks to escape
What was Apollo 13's "Little Jolt" after MECO?
Why can't I add a governing law to my terms of service to avoid GDPR?
Announcing the arrival of Valued Associate #679: Cesar Manara
Unicorn Meta Zoo #1: Why another podcast?What is the legal mechanism by which the GDPR might apply to a business with no presence in the EU?GDPR - Confirm company terms and conditions by button clickGDPR - reCAPTCHA with user's consent?Will GDPR (EU law) make bad practices in security illegal?GDPR: Receiving marketing as precondition for receiving a free service, legitimate interest?According to GDPR, do I need a contract for processing on behalf with my e-mail provider?In GDPR, who exactly are the processors and what do they have to do?Can the terms of service contain a clause that instructs a user to forfeit their rights under the GDPR?GDPR - What exactly should I do to prevent revenue loss?GDPR and hotlinked images: are they allowed?Can't GDPR compliance be trivially bypassed?
I've heard from fairly reliable sources that you can't avoid GDPR by using your website's terms of service as way to circumvent that law. From what I have seen online, if your website serves European users, it must obey that law. However, if a website is based in the US and the terms of service say that the law governing the terms is US law, how can GDPR have any affect? I'm not a lawyer, but I've signed many contracts in my life and nearly all of them have some form of "governing law" clause.
gdpr jurisdiction
asked 2 days ago
JimJim
663
New contributor
Jim is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
I've heard from fairly reliable sources that you can't avoid GDPR by using your website's terms of service as way to circumvent that law. From what I have seen online, if your website serves European users, it must obey that law. However, if a website is based in the US and the terms of service say that the law governing the terms is US law, how can GDPR have any affect? I'm not a lawyer, but I've signed many contracts in my life and nearly all of them have some form of "governing law" clause.
gdpr jurisdiction
asked 2 days ago
JimJim
663
New contributor
Jim is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
4
Possible duplicate of What is the legal mechanism by which the GDPR might apply to a business with no presence in the EU?
– BlueDogRanch
2 days ago
6
In my view, while related, this is not a duplicate. This asks specifically about a TOS provision and a Governing law clause, neither of which is mentioned in the other Q or its answers.
– David Siegel
2 days ago
add a comment |
I've heard from fairly reliable sources that you can't avoid GDPR by using your website's terms of service as way to circumvent that law. From what I have seen online, if your website serves European users, it must obey that law. However, if a website is based in the US and the terms of service say that the law governing the terms is US law, how can GDPR have any affect? I'm not a lawyer, but I've signed many contracts in my life and nearly all of them have some form of "governing law" clause.
gdpr jurisdiction
asked 2 days ago
JimJim
663
New contributor
Jim is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
I've heard from fairly reliable sources that you can't avoid GDPR by using your website's terms of service as way to circumvent that law. From what I have seen online, if your website serves European users, it must obey that law. However, if a website is based in the US and the terms of service say that the law governing the terms is US law, how can GDPR have any affect? I'm not a lawyer, but I've signed many contracts in my life and nearly all of them have some form of "governing law" clause.
gdpr jurisdiction
gdpr jurisdiction
asked 2 days ago
JimJim
663
New contributor
Jim is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
asked 2 days ago
JimJim
663
New contributor
Jim is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
asked 2 days ago
JimJim
663
New contributor
Jim is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
asked 2 days ago
JimJim
663
asked 2 days ago
JimJim
663
663
New contributor
Jim is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
Jim is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
Jim is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
4
Possible duplicate of What is the legal mechanism by which the GDPR might apply to a business with no presence in the EU?
– BlueDogRanch
2 days ago
6
In my view, while related, this is not a duplicate. This asks specifically about a TOS provision and a Governing law clause, neither of which is mentioned in the other Q or its answers.
– David Siegel
2 days ago
add a comment |
4
Possible duplicate of What is the legal mechanism by which the GDPR might apply to a business with no presence in the EU?
– BlueDogRanch
2 days ago
6
In my view, while related, this is not a duplicate. This asks specifically about a TOS provision and a Governing law clause, neither of which is mentioned in the other Q or its answers.
– David Siegel
2 days ago
4
4
Possible duplicate of What is the legal mechanism by which the GDPR might apply to a business with no presence in the EU?
– BlueDogRanch
2 days ago
Possible duplicate of What is the legal mechanism by which the GDPR might apply to a business with no presence in the EU?
– BlueDogRanch
2 days ago
6
6
In my view, while related, this is not a duplicate. This asks specifically about a TOS provision and a Governing law clause, neither of which is mentioned in the other Q or its answers.
– David Siegel
2 days ago
In my view, while related, this is not a duplicate. This asks specifically about a TOS provision and a Governing law clause, neither of which is mentioned in the other Q or its answers.
– David Siegel
2 days ago
add a comment |
3 Answers
3
active
oldest
votes
However, if a website is based in the US and the terms of service say that the law governing the terms is US law, how can GDPR have any affect?
It is unlikely that the EU will be able to enforce financial penalties against a company with no presence in the EU. But they could for example block your website in the EU, depriving you of your EU user base. The actual measures that they could or would take against such a company are still unclear, since the GDPR is quite new, and there has been no action under the GDPR against foreign companies.
I'm not a lawyer, but I've signed many contracts in my life and nearly all of them have some form of "governing law" clause.
The governing law clause in a contract identifies the law that will be used to interpret the contract and to resolve any disputes arising from the contract. The law identified in the clause does not become the sole law governing every aspect of the relationship between the parties, however.
For example, a business in New Jersey could have a contract with a client in New York with a clause specifying New Jersey law as the governing law of the contract. But that does not mean that New York's consumer protection law doesn't apply to the transaction.
answered 2 days ago
phoogphoog
8,42611539
3
If the EU blocked me, my answer is "good riddance!"
– Joshua
2 days ago
5
@Joshua In that case perhaps you should consider refusing to display your site to users in the EU.
– phoog
2 days ago
12
@Joshua That's not an attitude a for-profit business can usually take. The EU is probably a source of enormous revenue.
– Barmar
2 days ago
9
The better response would be to figure out why GDPR exists and make your site more customer friendly by conforming to it.
– gnasher729
2 days ago
3
The EU can definitely enforce fines against US based companies- US courts can and do enforce EU judgements and vice-versa
– Dale M
2 days ago
|
show 8 more comments
What you are asking for is, in effect, an "opt out" clause. It might be framed in terms of choice of governing law, but effectively it seeks to opt you out of EU consumer protection laws.
Not surprisingly, most consumer laws just don't allow you to do that.
Otherwise a car seller would simply write onto their contract "If this car has a fault that kills anyone, you agree to hold the seller and maker harmless and not to claim damages for any reason", and similar for anything else - your unsafe or unreliable toaster, your bank transfer that's sent to the wrong place, your "unbreakable" phone that broke the first time you carried it, your unexpected exit charges on a loan or phone contract, and so on.
So consumer protection law generally doesn't permit opting out. (Much the same way as a lot of employment law, you can't just opt out of by putting it in the contract.)
If you flip it around and hypothetically suppose there was a US law and an EU website wanted an opt out, you can see why it wouldn't be fair or work well also. It that were to be legally permitted, one of 2 things may tend to happen - either
- many other websites seeking to deprive US citizens of the benefit they would get from that law, would just move overseas and also avoid giving the benefit to US users (and under market pressure others may feel they have to do likewise to compete), or
- we end up with a situation where equal US citizens are protected unequally depending on how canny their retailer is, in their hosting.
You can imagine that wouldn't be ideal either way.
But really, its worth understanding why that law is there. After all, its for reasons that affect citizens worldwide.
There has been enough in the press recently, as well as commonsense understandings, to appreciate the possible negative impact on private citizens if their data is mishandled - and that far too often it has been mishandled. Citizens trust you with their data when they visit your site. The GDPR makes clear what current standard of protection and rights they should be able to take for granted without needing to check each website's T&Cs.
Update
Also be aware that in at least some jurisdictions (the UK is one, at least, not sure about other EU countries or US states), there is a law about unfair contract terms to consider as well. The UK version of that law, which is the only one I know well enough to describe, says that if a supplier of tangible goods or of a service, has a standardised contract, and the consumer has to "take it or leave it", then the consumer can ask a court to strike out any term in it on the grounds it is an unfair contract term, essentially one where they had to accept it even though it's unfair and unreasonable, and if the court agrees, the term is replaced (if possible) with a similar but fair term, or (if not) it is struck out. This law isn't actually used very often, but is a very powerful one for addressing unequal bargaining power - think in terms of "whatever Microsoft might put in the Windows T&C" or a rogue payday lender's unfair repayments/interest, or similar. I know the argument that "they don't have to use it if they don't like it", but the reality is some will, and that's enough for an unfair business to profit from; so the law is what it is. A term that forced a person using your terms, to give up their rights as a cost of using the site within its "small print" could well find the clause struck out anyway, although in practice such cases are pretty uncommon.
answered 2 days ago
StilezStilez
1,138312
add a comment |
Imagine you export some goods to Ireland, and you put on the shrink wrap that the governing law of the goods is that of the US (or rather a specific legal country within the US). Your goods are illegal in Ireland because they don't meet Irish and EU safety standards.
Do you get to opt out of Irish law by your shrinkwrap? If not, how is this different from trying to opt your website out of GDPR?
answered 2 days ago
MarcinMarcin
1292
New contributor
Marcin is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
1
But what if it's not targeted at EU users, but just any user on the web? It seems a little unfair to expect the site owners to block access to each country/region that might have different laws. For example, what if Zimbabwe implements special internet laws for its citizens?
– Jim
2 days ago
This is a fairly good example. The counterpoint might be "I ship anywhere on money orders. I don't know if the goods are lawful in your area or not." Let others argue whether this is lawful or not. I would normally argue on the not side.
– Joshua
2 days ago
@Joshua Right but then you still did the shipping. Maybe Ireland has to figure out how to catch you, but you can't choice of law your way out of them maybe wanting to catch you (unless their law lets you do just that, of course).
– Marcin
2 days ago
2
@Jim - if you sell a product in 10 countries (or even give a product away for free), you would hardly be surprised if you have to comply with the law of each country when you sell products there. Providing services is no different, and an online service or website is still a service. If you configure your website to allow purchases or consumer usage from 10 countries, you can hardly be surprised when those 10 countries expect their law to be applied to consumers in their territory. (Stark examples: should a country freely allow websites for child brides or copyright-piracy ...
– Stilez
yesterday
1
... or fraudulently deceptive claims within its territory, as long as the website gets hosted somewhere those are legal or accepted? Of course not.) It's the website owner's choice where to market to/publish in, and to research the places they want to market to/publish in. They always have the option not to market to, or allow visitors from, places where they don't feel comfortable they can comply with the law, or where the effort required isn't worth it to them.
– Stilez
yesterday
|
show 1 more comment
Your Answer
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "617"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
noCode: true, onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Jim is a new contributor. Be nice, and check out our Code of Conduct.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2flaw.stackexchange.com%2fquestions%2f39331%2fwhy-cant-i-add-a-governing-law-to-my-terms-of-service-to-avoid-gdpr%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
3 Answers
3
active
oldest
votes
3 Answers
3
active
oldest
votes
active
oldest
votes
active
oldest
votes
However, if a website is based in the US and the terms of service say that the law governing the terms is US law, how can GDPR have any affect?
It is unlikely that the EU will be able to enforce financial penalties against a company with no presence in the EU. But they could for example block your website in the EU, depriving you of your EU user base. The actual measures that they could or would take against such a company are still unclear, since the GDPR is quite new, and there has been no action under the GDPR against foreign companies.
I'm not a lawyer, but I've signed many contracts in my life and nearly all of them have some form of "governing law" clause.
The governing law clause in a contract identifies the law that will be used to interpret the contract and to resolve any disputes arising from the contract. The law identified in the clause does not become the sole law governing every aspect of the relationship between the parties, however.
For example, a business in New Jersey could have a contract with a client in New York with a clause specifying New Jersey law as the governing law of the contract. But that does not mean that New York's consumer protection law doesn't apply to the transaction.
answered 2 days ago
phoogphoog
8,42611539
3
If the EU blocked me, my answer is "good riddance!"
– Joshua
2 days ago
5
@Joshua In that case perhaps you should consider refusing to display your site to users in the EU.
– phoog
2 days ago
12
@Joshua That's not an attitude a for-profit business can usually take. The EU is probably a source of enormous revenue.
– Barmar
2 days ago
9
The better response would be to figure out why GDPR exists and make your site more customer friendly by conforming to it.
– gnasher729
2 days ago
3
The EU can definitely enforce fines against US based companies- US courts can and do enforce EU judgements and vice-versa
– Dale M
2 days ago
|
show 8 more comments
However, if a website is based in the US and the terms of service say that the law governing the terms is US law, how can GDPR have any affect?
It is unlikely that the EU will be able to enforce financial penalties against a company with no presence in the EU. But they could for example block your website in the EU, depriving you of your EU user base. The actual measures that they could or would take against such a company are still unclear, since the GDPR is quite new, and there has been no action under the GDPR against foreign companies.
I'm not a lawyer, but I've signed many contracts in my life and nearly all of them have some form of "governing law" clause.
The governing law clause in a contract identifies the law that will be used to interpret the contract and to resolve any disputes arising from the contract. The law identified in the clause does not become the sole law governing every aspect of the relationship between the parties, however.
For example, a business in New Jersey could have a contract with a client in New York with a clause specifying New Jersey law as the governing law of the contract. But that does not mean that New York's consumer protection law doesn't apply to the transaction.
answered 2 days ago
phoogphoog
8,42611539
3
If the EU blocked me, my answer is "good riddance!"
– Joshua
2 days ago
5
@Joshua In that case perhaps you should consider refusing to display your site to users in the EU.
– phoog
2 days ago
12
@Joshua That's not an attitude a for-profit business can usually take. The EU is probably a source of enormous revenue.
– Barmar
2 days ago
9
The better response would be to figure out why GDPR exists and make your site more customer friendly by conforming to it.
– gnasher729
2 days ago
3
The EU can definitely enforce fines against US based companies- US courts can and do enforce EU judgements and vice-versa
– Dale M
2 days ago
|
show 8 more comments
However, if a website is based in the US and the terms of service say that the law governing the terms is US law, how can GDPR have any affect?
It is unlikely that the EU will be able to enforce financial penalties against a company with no presence in the EU. But they could for example block your website in the EU, depriving you of your EU user base. The actual measures that they could or would take against such a company are still unclear, since the GDPR is quite new, and there has been no action under the GDPR against foreign companies.
I'm not a lawyer, but I've signed many contracts in my life and nearly all of them have some form of "governing law" clause.
The governing law clause in a contract identifies the law that will be used to interpret the contract and to resolve any disputes arising from the contract. The law identified in the clause does not become the sole law governing every aspect of the relationship between the parties, however.
For example, a business in New Jersey could have a contract with a client in New York with a clause specifying New Jersey law as the governing law of the contract. But that does not mean that New York's consumer protection law doesn't apply to the transaction.
answered 2 days ago
phoogphoog
8,42611539
However, if a website is based in the US and the terms of service say that the law governing the terms is US law, how can GDPR have any affect?
It is unlikely that the EU will be able to enforce financial penalties against a company with no presence in the EU. But they could for example block your website in the EU, depriving you of your EU user base. The actual measures that they could or would take against such a company are still unclear, since the GDPR is quite new, and there has been no action under the GDPR against foreign companies.
I'm not a lawyer, but I've signed many contracts in my life and nearly all of them have some form of "governing law" clause.
The governing law clause in a contract identifies the law that will be used to interpret the contract and to resolve any disputes arising from the contract. The law identified in the clause does not become the sole law governing every aspect of the relationship between the parties, however.
For example, a business in New Jersey could have a contract with a client in New York with a clause specifying New Jersey law as the governing law of the contract. But that does not mean that New York's consumer protection law doesn't apply to the transaction.
answered 2 days ago
phoogphoog
8,42611539
answered 2 days ago
phoogphoog
8,42611539
answered 2 days ago
phoogphoog
8,42611539
answered 2 days ago
phoogphoog
8,42611539
8,42611539
3
If the EU blocked me, my answer is "good riddance!"
– Joshua
2 days ago
5
@Joshua In that case perhaps you should consider refusing to display your site to users in the EU.
– phoog
2 days ago
12
@Joshua That's not an attitude a for-profit business can usually take. The EU is probably a source of enormous revenue.
– Barmar
2 days ago
9
The better response would be to figure out why GDPR exists and make your site more customer friendly by conforming to it.
– gnasher729
2 days ago
3
The EU can definitely enforce fines against US based companies- US courts can and do enforce EU judgements and vice-versa
– Dale M
2 days ago
|
show 8 more comments
3
If the EU blocked me, my answer is "good riddance!"
– Joshua
2 days ago
5
@Joshua In that case perhaps you should consider refusing to display your site to users in the EU.
– phoog
2 days ago
12
@Joshua That's not an attitude a for-profit business can usually take. The EU is probably a source of enormous revenue.
– Barmar
2 days ago
9
The better response would be to figure out why GDPR exists and make your site more customer friendly by conforming to it.
– gnasher729
2 days ago
3
The EU can definitely enforce fines against US based companies- US courts can and do enforce EU judgements and vice-versa
– Dale M
2 days ago
3
3
If the EU blocked me, my answer is "good riddance!"
– Joshua
2 days ago
If the EU blocked me, my answer is "good riddance!"
– Joshua
2 days ago
5
5
@Joshua In that case perhaps you should consider refusing to display your site to users in the EU.
– phoog
2 days ago
@Joshua In that case perhaps you should consider refusing to display your site to users in the EU.
– phoog
2 days ago
12
12
@Joshua That's not an attitude a for-profit business can usually take. The EU is probably a source of enormous revenue.
– Barmar
2 days ago
@Joshua That's not an attitude a for-profit business can usually take. The EU is probably a source of enormous revenue.
– Barmar
2 days ago
9
9
The better response would be to figure out why GDPR exists and make your site more customer friendly by conforming to it.
– gnasher729
2 days ago
The better response would be to figure out why GDPR exists and make your site more customer friendly by conforming to it.
– gnasher729
2 days ago
3
3
The EU can definitely enforce fines against US based companies- US courts can and do enforce EU judgements and vice-versa
– Dale M
2 days ago
The EU can definitely enforce fines against US based companies- US courts can and do enforce EU judgements and vice-versa
– Dale M
2 days ago
|
show 8 more comments
What you are asking for is, in effect, an "opt out" clause. It might be framed in terms of choice of governing law, but effectively it seeks to opt you out of EU consumer protection laws.
Not surprisingly, most consumer laws just don't allow you to do that.
Otherwise a car seller would simply write onto their contract "If this car has a fault that kills anyone, you agree to hold the seller and maker harmless and not to claim damages for any reason", and similar for anything else - your unsafe or unreliable toaster, your bank transfer that's sent to the wrong place, your "unbreakable" phone that broke the first time you carried it, your unexpected exit charges on a loan or phone contract, and so on.
So consumer protection law generally doesn't permit opting out. (Much the same way as a lot of employment law, you can't just opt out of by putting it in the contract.)
If you flip it around and hypothetically suppose there was a US law and an EU website wanted an opt out, you can see why it wouldn't be fair or work well also. It that were to be legally permitted, one of 2 things may tend to happen - either
- many other websites seeking to deprive US citizens of the benefit they would get from that law, would just move overseas and also avoid giving the benefit to US users (and under market pressure others may feel they have to do likewise to compete), or
- we end up with a situation where equal US citizens are protected unequally depending on how canny their retailer is, in their hosting.
You can imagine that wouldn't be ideal either way.
But really, its worth understanding why that law is there. After all, its for reasons that affect citizens worldwide.
There has been enough in the press recently, as well as commonsense understandings, to appreciate the possible negative impact on private citizens if their data is mishandled - and that far too often it has been mishandled. Citizens trust you with their data when they visit your site. The GDPR makes clear what current standard of protection and rights they should be able to take for granted without needing to check each website's T&Cs.
Update
Also be aware that in at least some jurisdictions (the UK is one, at least, not sure about other EU countries or US states), there is a law about unfair contract terms to consider as well. The UK version of that law, which is the only one I know well enough to describe, says that if a supplier of tangible goods or of a service, has a standardised contract, and the consumer has to "take it or leave it", then the consumer can ask a court to strike out any term in it on the grounds it is an unfair contract term, essentially one where they had to accept it even though it's unfair and unreasonable, and if the court agrees, the term is replaced (if possible) with a similar but fair term, or (if not) it is struck out. This law isn't actually used very often, but is a very powerful one for addressing unequal bargaining power - think in terms of "whatever Microsoft might put in the Windows T&C" or a rogue payday lender's unfair repayments/interest, or similar. I know the argument that "they don't have to use it if they don't like it", but the reality is some will, and that's enough for an unfair business to profit from; so the law is what it is. A term that forced a person using your terms, to give up their rights as a cost of using the site within its "small print" could well find the clause struck out anyway, although in practice such cases are pretty uncommon.
answered 2 days ago
StilezStilez
1,138312
add a comment |
What you are asking for is, in effect, an "opt out" clause. It might be framed in terms of choice of governing law, but effectively it seeks to opt you out of EU consumer protection laws.
Not surprisingly, most consumer laws just don't allow you to do that.
Otherwise a car seller would simply write onto their contract "If this car has a fault that kills anyone, you agree to hold the seller and maker harmless and not to claim damages for any reason", and similar for anything else - your unsafe or unreliable toaster, your bank transfer that's sent to the wrong place, your "unbreakable" phone that broke the first time you carried it, your unexpected exit charges on a loan or phone contract, and so on.
So consumer protection law generally doesn't permit opting out. (Much the same way as a lot of employment law, you can't just opt out of by putting it in the contract.)
If you flip it around and hypothetically suppose there was a US law and an EU website wanted an opt out, you can see why it wouldn't be fair or work well also. It that were to be legally permitted, one of 2 things may tend to happen - either
- many other websites seeking to deprive US citizens of the benefit they would get from that law, would just move overseas and also avoid giving the benefit to US users (and under market pressure others may feel they have to do likewise to compete), or
- we end up with a situation where equal US citizens are protected unequally depending on how canny their retailer is, in their hosting.
You can imagine that wouldn't be ideal either way.
But really, its worth understanding why that law is there. After all, its for reasons that affect citizens worldwide.
There has been enough in the press recently, as well as commonsense understandings, to appreciate the possible negative impact on private citizens if their data is mishandled - and that far too often it has been mishandled. Citizens trust you with their data when they visit your site. The GDPR makes clear what current standard of protection and rights they should be able to take for granted without needing to check each website's T&Cs.
Update
Also be aware that in at least some jurisdictions (the UK is one, at least, not sure about other EU countries or US states), there is a law about unfair contract terms to consider as well. The UK version of that law, which is the only one I know well enough to describe, says that if a supplier of tangible goods or of a service, has a standardised contract, and the consumer has to "take it or leave it", then the consumer can ask a court to strike out any term in it on the grounds it is an unfair contract term, essentially one where they had to accept it even though it's unfair and unreasonable, and if the court agrees, the term is replaced (if possible) with a similar but fair term, or (if not) it is struck out. This law isn't actually used very often, but is a very powerful one for addressing unequal bargaining power - think in terms of "whatever Microsoft might put in the Windows T&C" or a rogue payday lender's unfair repayments/interest, or similar. I know the argument that "they don't have to use it if they don't like it", but the reality is some will, and that's enough for an unfair business to profit from; so the law is what it is. A term that forced a person using your terms, to give up their rights as a cost of using the site within its "small print" could well find the clause struck out anyway, although in practice such cases are pretty uncommon.
answered 2 days ago
StilezStilez
1,138312
add a comment |
What you are asking for is, in effect, an "opt out" clause. It might be framed in terms of choice of governing law, but effectively it seeks to opt you out of EU consumer protection laws.
Not surprisingly, most consumer laws just don't allow you to do that.
Otherwise a car seller would simply write onto their contract "If this car has a fault that kills anyone, you agree to hold the seller and maker harmless and not to claim damages for any reason", and similar for anything else - your unsafe or unreliable toaster, your bank transfer that's sent to the wrong place, your "unbreakable" phone that broke the first time you carried it, your unexpected exit charges on a loan or phone contract, and so on.
So consumer protection law generally doesn't permit opting out. (Much the same way as a lot of employment law, you can't just opt out of by putting it in the contract.)
If you flip it around and hypothetically suppose there was a US law and an EU website wanted an opt out, you can see why it wouldn't be fair or work well also. It that were to be legally permitted, one of 2 things may tend to happen - either
- many other websites seeking to deprive US citizens of the benefit they would get from that law, would just move overseas and also avoid giving the benefit to US users (and under market pressure others may feel they have to do likewise to compete), or
- we end up with a situation where equal US citizens are protected unequally depending on how canny their retailer is, in their hosting.
You can imagine that wouldn't be ideal either way.
But really, its worth understanding why that law is there. After all, its for reasons that affect citizens worldwide.
There has been enough in the press recently, as well as commonsense understandings, to appreciate the possible negative impact on private citizens if their data is mishandled - and that far too often it has been mishandled. Citizens trust you with their data when they visit your site. The GDPR makes clear what current standard of protection and rights they should be able to take for granted without needing to check each website's T&Cs.
Update
Also be aware that in at least some jurisdictions (the UK is one, at least, not sure about other EU countries or US states), there is a law about unfair contract terms to consider as well. The UK version of that law, which is the only one I know well enough to describe, says that if a supplier of tangible goods or of a service, has a standardised contract, and the consumer has to "take it or leave it", then the consumer can ask a court to strike out any term in it on the grounds it is an unfair contract term, essentially one where they had to accept it even though it's unfair and unreasonable, and if the court agrees, the term is replaced (if possible) with a similar but fair term, or (if not) it is struck out. This law isn't actually used very often, but is a very powerful one for addressing unequal bargaining power - think in terms of "whatever Microsoft might put in the Windows T&C" or a rogue payday lender's unfair repayments/interest, or similar. I know the argument that "they don't have to use it if they don't like it", but the reality is some will, and that's enough for an unfair business to profit from; so the law is what it is. A term that forced a person using your terms, to give up their rights as a cost of using the site within its "small print" could well find the clause struck out anyway, although in practice such cases are pretty uncommon.
answered 2 days ago
StilezStilez
1,138312
What you are asking for is, in effect, an "opt out" clause. It might be framed in terms of choice of governing law, but effectively it seeks to opt you out of EU consumer protection laws.
Not surprisingly, most consumer laws just don't allow you to do that.
Otherwise a car seller would simply write onto their contract "If this car has a fault that kills anyone, you agree to hold the seller and maker harmless and not to claim damages for any reason", and similar for anything else - your unsafe or unreliable toaster, your bank transfer that's sent to the wrong place, your "unbreakable" phone that broke the first time you carried it, your unexpected exit charges on a loan or phone contract, and so on.
So consumer protection law generally doesn't permit opting out. (Much the same way as a lot of employment law, you can't just opt out of by putting it in the contract.)
If you flip it around and hypothetically suppose there was a US law and an EU website wanted an opt out, you can see why it wouldn't be fair or work well also. It that were to be legally permitted, one of 2 things may tend to happen - either
- many other websites seeking to deprive US citizens of the benefit they would get from that law, would just move overseas and also avoid giving the benefit to US users (and under market pressure others may feel they have to do likewise to compete), or
- we end up with a situation where equal US citizens are protected unequally depending on how canny their retailer is, in their hosting.
You can imagine that wouldn't be ideal either way.
But really, its worth understanding why that law is there. After all, its for reasons that affect citizens worldwide.
There has been enough in the press recently, as well as commonsense understandings, to appreciate the possible negative impact on private citizens if their data is mishandled - and that far too often it has been mishandled. Citizens trust you with their data when they visit your site. The GDPR makes clear what current standard of protection and rights they should be able to take for granted without needing to check each website's T&Cs.
Update
Also be aware that in at least some jurisdictions (the UK is one, at least, not sure about other EU countries or US states), there is a law about unfair contract terms to consider as well. The UK version of that law, which is the only one I know well enough to describe, says that if a supplier of tangible goods or of a service, has a standardised contract, and the consumer has to "take it or leave it", then the consumer can ask a court to strike out any term in it on the grounds it is an unfair contract term, essentially one where they had to accept it even though it's unfair and unreasonable, and if the court agrees, the term is replaced (if possible) with a similar but fair term, or (if not) it is struck out. This law isn't actually used very often, but is a very powerful one for addressing unequal bargaining power - think in terms of "whatever Microsoft might put in the Windows T&C" or a rogue payday lender's unfair repayments/interest, or similar. I know the argument that "they don't have to use it if they don't like it", but the reality is some will, and that's enough for an unfair business to profit from; so the law is what it is. A term that forced a person using your terms, to give up their rights as a cost of using the site within its "small print" could well find the clause struck out anyway, although in practice such cases are pretty uncommon.
answered 2 days ago
StilezStilez
1,138312
edited yesterday
answered 2 days ago
StilezStilez
1,138312
answered 2 days ago
StilezStilez
1,138312
answered 2 days ago
StilezStilez
1,138312
1,138312
add a comment |
add a comment |
Imagine you export some goods to Ireland, and you put on the shrink wrap that the governing law of the goods is that of the US (or rather a specific legal country within the US). Your goods are illegal in Ireland because they don't meet Irish and EU safety standards.
Do you get to opt out of Irish law by your shrinkwrap? If not, how is this different from trying to opt your website out of GDPR?
answered 2 days ago
MarcinMarcin
1292
New contributor
Marcin is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
1
But what if it's not targeted at EU users, but just any user on the web? It seems a little unfair to expect the site owners to block access to each country/region that might have different laws. For example, what if Zimbabwe implements special internet laws for its citizens?
– Jim
2 days ago
This is a fairly good example. The counterpoint might be "I ship anywhere on money orders. I don't know if the goods are lawful in your area or not." Let others argue whether this is lawful or not. I would normally argue on the not side.
– Joshua
2 days ago
@Joshua Right but then you still did the shipping. Maybe Ireland has to figure out how to catch you, but you can't choice of law your way out of them maybe wanting to catch you (unless their law lets you do just that, of course).
– Marcin
2 days ago
2
@Jim - if you sell a product in 10 countries (or even give a product away for free), you would hardly be surprised if you have to comply with the law of each country when you sell products there. Providing services is no different, and an online service or website is still a service. If you configure your website to allow purchases or consumer usage from 10 countries, you can hardly be surprised when those 10 countries expect their law to be applied to consumers in their territory. (Stark examples: should a country freely allow websites for child brides or copyright-piracy ...
– Stilez
yesterday
1
... or fraudulently deceptive claims within its territory, as long as the website gets hosted somewhere those are legal or accepted? Of course not.) It's the website owner's choice where to market to/publish in, and to research the places they want to market to/publish in. They always have the option not to market to, or allow visitors from, places where they don't feel comfortable they can comply with the law, or where the effort required isn't worth it to them.
– Stilez
yesterday
|
show 1 more comment
Imagine you export some goods to Ireland, and you put on the shrink wrap that the governing law of the goods is that of the US (or rather a specific legal country within the US). Your goods are illegal in Ireland because they don't meet Irish and EU safety standards.
Do you get to opt out of Irish law by your shrinkwrap? If not, how is this different from trying to opt your website out of GDPR?
answered 2 days ago
MarcinMarcin
1292
New contributor
Marcin is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
1
But what if it's not targeted at EU users, but just any user on the web? It seems a little unfair to expect the site owners to block access to each country/region that might have different laws. For example, what if Zimbabwe implements special internet laws for its citizens?
– Jim
2 days ago
This is a fairly good example. The counterpoint might be "I ship anywhere on money orders. I don't know if the goods are lawful in your area or not." Let others argue whether this is lawful or not. I would normally argue on the not side.
– Joshua
2 days ago
@Joshua Right but then you still did the shipping. Maybe Ireland has to figure out how to catch you, but you can't choice of law your way out of them maybe wanting to catch you (unless their law lets you do just that, of course).
– Marcin
2 days ago
2
@Jim - if you sell a product in 10 countries (or even give a product away for free), you would hardly be surprised if you have to comply with the law of each country when you sell products there. Providing services is no different, and an online service or website is still a service. If you configure your website to allow purchases or consumer usage from 10 countries, you can hardly be surprised when those 10 countries expect their law to be applied to consumers in their territory. (Stark examples: should a country freely allow websites for child brides or copyright-piracy ...
– Stilez
yesterday
1
... or fraudulently deceptive claims within its territory, as long as the website gets hosted somewhere those are legal or accepted? Of course not.) It's the website owner's choice where to market to/publish in, and to research the places they want to market to/publish in. They always have the option not to market to, or allow visitors from, places where they don't feel comfortable they can comply with the law, or where the effort required isn't worth it to them.
– Stilez
yesterday
|
show 1 more comment
Imagine you export some goods to Ireland, and you put on the shrink wrap that the governing law of the goods is that of the US (or rather a specific legal country within the US). Your goods are illegal in Ireland because they don't meet Irish and EU safety standards.
Do you get to opt out of Irish law by your shrinkwrap? If not, how is this different from trying to opt your website out of GDPR?
answered 2 days ago
MarcinMarcin
1292
New contributor
Marcin is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
Imagine you export some goods to Ireland, and you put on the shrink wrap that the governing law of the goods is that of the US (or rather a specific legal country within the US). Your goods are illegal in Ireland because they don't meet Irish and EU safety standards.
Do you get to opt out of Irish law by your shrinkwrap? If not, how is this different from trying to opt your website out of GDPR?
answered 2 days ago
MarcinMarcin
1292
New contributor
Marcin is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
answered 2 days ago
MarcinMarcin
1292
New contributor
Marcin is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
answered 2 days ago
MarcinMarcin
1292
answered 2 days ago
MarcinMarcin
1292
1292
New contributor
Marcin is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
Marcin is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
Marcin is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
1
But what if it's not targeted at EU users, but just any user on the web? It seems a little unfair to expect the site owners to block access to each country/region that might have different laws. For example, what if Zimbabwe implements special internet laws for its citizens?
– Jim
2 days ago
This is a fairly good example. The counterpoint might be "I ship anywhere on money orders. I don't know if the goods are lawful in your area or not." Let others argue whether this is lawful or not. I would normally argue on the not side.
– Joshua
2 days ago
@Joshua Right but then you still did the shipping. Maybe Ireland has to figure out how to catch you, but you can't choice of law your way out of them maybe wanting to catch you (unless their law lets you do just that, of course).
– Marcin
2 days ago
2
@Jim - if you sell a product in 10 countries (or even give a product away for free), you would hardly be surprised if you have to comply with the law of each country when you sell products there. Providing services is no different, and an online service or website is still a service. If you configure your website to allow purchases or consumer usage from 10 countries, you can hardly be surprised when those 10 countries expect their law to be applied to consumers in their territory. (Stark examples: should a country freely allow websites for child brides or copyright-piracy ...
– Stilez
yesterday
1
... or fraudulently deceptive claims within its territory, as long as the website gets hosted somewhere those are legal or accepted? Of course not.) It's the website owner's choice where to market to/publish in, and to research the places they want to market to/publish in. They always have the option not to market to, or allow visitors from, places where they don't feel comfortable they can comply with the law, or where the effort required isn't worth it to them.
– Stilez
yesterday
|
show 1 more comment
1
But what if it's not targeted at EU users, but just any user on the web? It seems a little unfair to expect the site owners to block access to each country/region that might have different laws. For example, what if Zimbabwe implements special internet laws for its citizens?
– Jim
2 days ago
This is a fairly good example. The counterpoint might be "I ship anywhere on money orders. I don't know if the goods are lawful in your area or not." Let others argue whether this is lawful or not. I would normally argue on the not side.
– Joshua
2 days ago
@Joshua Right but then you still did the shipping. Maybe Ireland has to figure out how to catch you, but you can't choice of law your way out of them maybe wanting to catch you (unless their law lets you do just that, of course).
– Marcin
2 days ago
2
@Jim - if you sell a product in 10 countries (or even give a product away for free), you would hardly be surprised if you have to comply with the law of each country when you sell products there. Providing services is no different, and an online service or website is still a service. If you configure your website to allow purchases or consumer usage from 10 countries, you can hardly be surprised when those 10 countries expect their law to be applied to consumers in their territory. (Stark examples: should a country freely allow websites for child brides or copyright-piracy ...
– Stilez
yesterday
1
... or fraudulently deceptive claims within its territory, as long as the website gets hosted somewhere those are legal or accepted? Of course not.) It's the website owner's choice where to market to/publish in, and to research the places they want to market to/publish in. They always have the option not to market to, or allow visitors from, places where they don't feel comfortable they can comply with the law, or where the effort required isn't worth it to them.
– Stilez
yesterday
1
1
But what if it's not targeted at EU users, but just any user on the web? It seems a little unfair to expect the site owners to block access to each country/region that might have different laws. For example, what if Zimbabwe implements special internet laws for its citizens?
– Jim
2 days ago
But what if it's not targeted at EU users, but just any user on the web? It seems a little unfair to expect the site owners to block access to each country/region that might have different laws. For example, what if Zimbabwe implements special internet laws for its citizens?
– Jim
2 days ago
This is a fairly good example. The counterpoint might be "I ship anywhere on money orders. I don't know if the goods are lawful in your area or not." Let others argue whether this is lawful or not. I would normally argue on the not side.
– Joshua
2 days ago
This is a fairly good example. The counterpoint might be "I ship anywhere on money orders. I don't know if the goods are lawful in your area or not." Let others argue whether this is lawful or not. I would normally argue on the not side.
– Joshua
2 days ago
@Joshua Right but then you still did the shipping. Maybe Ireland has to figure out how to catch you, but you can't choice of law your way out of them maybe wanting to catch you (unless their law lets you do just that, of course).
– Marcin
2 days ago
@Joshua Right but then you still did the shipping. Maybe Ireland has to figure out how to catch you, but you can't choice of law your way out of them maybe wanting to catch you (unless their law lets you do just that, of course).
– Marcin
2 days ago
2
2
@Jim - if you sell a product in 10 countries (or even give a product away for free), you would hardly be surprised if you have to comply with the law of each country when you sell products there. Providing services is no different, and an online service or website is still a service. If you configure your website to allow purchases or consumer usage from 10 countries, you can hardly be surprised when those 10 countries expect their law to be applied to consumers in their territory. (Stark examples: should a country freely allow websites for child brides or copyright-piracy ...
– Stilez
yesterday
@Jim - if you sell a product in 10 countries (or even give a product away for free), you would hardly be surprised if you have to comply with the law of each country when you sell products there. Providing services is no different, and an online service or website is still a service. If you configure your website to allow purchases or consumer usage from 10 countries, you can hardly be surprised when those 10 countries expect their law to be applied to consumers in their territory. (Stark examples: should a country freely allow websites for child brides or copyright-piracy ...
– Stilez
yesterday
1
1
... or fraudulently deceptive claims within its territory, as long as the website gets hosted somewhere those are legal or accepted? Of course not.) It's the website owner's choice where to market to/publish in, and to research the places they want to market to/publish in. They always have the option not to market to, or allow visitors from, places where they don't feel comfortable they can comply with the law, or where the effort required isn't worth it to them.
– Stilez
yesterday
... or fraudulently deceptive claims within its territory, as long as the website gets hosted somewhere those are legal or accepted? Of course not.) It's the website owner's choice where to market to/publish in, and to research the places they want to market to/publish in. They always have the option not to market to, or allow visitors from, places where they don't feel comfortable they can comply with the law, or where the effort required isn't worth it to them.
– Stilez
yesterday
|
show 1 more comment
Jim is a new contributor. Be nice, and check out our Code of Conduct.
Jim is a new contributor. Be nice, and check out our Code of Conduct.
Jim is a new contributor. Be nice, and check out our Code of Conduct.
Jim is a new contributor. Be nice, and check out our Code of Conduct.
Thanks for contributing an answer to Law Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2flaw.stackexchange.com%2fquestions%2f39331%2fwhy-cant-i-add-a-governing-law-to-my-terms-of-service-to-avoid-gdpr%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
4
Possible duplicate of What is the legal mechanism by which the GDPR might apply to a business with no presence in the EU?
– BlueDogRanch
2 days ago
6
In my view, while related, this is not a duplicate. This asks specifically about a TOS provision and a Governing law clause, neither of which is mentioned in the other Q or its answers.
– David Siegel
2 days ago